AppConfig.java

@Configuration
public class AppConfig{
  

  @Bean
  public KeycloakConfigResolver KeycloakConfigResolver(KeycloakSpringBootProperties props) {
    return new SimpleKcConfigResolver(props);
  }


}

gistfile1.txt

This gist explains setting up an API application (stateless) using bearer authentication with keycloak (v 4.5.0).

AppConfig.java is required as a workaround for the issue described here - https://issues.jboss.org/browse/KEYCLOAK-8444 

Below are the important dependencies -

<dependency>
			<groupId>org.keycloak</groupId>
			<artifactId>keycloak-spring-boot-starter</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
			<version>2.0.4.RELEASE</version>
		</dependency>

KeycloakSecurityConfig.java

import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

/**
 *
 */

@KeycloakConfiguration
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

  /**
   * Registers the KeycloakAuthenticationProvider with the authentication manager.
   */
  @Autowired
  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    final KeycloakAuthenticationProvider authenticationProvider = keycloakAuthenticationProvider();
    authenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
    auth.authenticationProvider(authenticationProvider);
  }

  /**
   * Defines the session authentication strategy.
   */
  @Bean
  @Override
  protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new NullAuthenticatedSessionStrategy();
  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    super.configure(http);

    http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .sessionAuthenticationStrategy(sessionAuthenticationStrategy()).and()
        .authorizeRequests().antMatchers("/resrc/unprotected/**")
        .permitAll()
        .and()
        .authorizeRequests()
        .anyRequest().authenticated();


  }

}

SimpleKcConfigResolver.java

import org.keycloak.adapters.KeycloakConfigResolver;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.KeycloakDeploymentBuilder;
import org.keycloak.adapters.spi.HttpFacade.Request;
import org.keycloak.adapters.springboot.KeycloakSpringBootProperties;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;

/**
 *
 */
public class SimpleKcConfigResolver implements KeycloakConfigResolver, ApplicationContextAware {

  private final KeycloakDeployment deployment;
  public SimpleKcConfigResolver(KeycloakSpringBootProperties props) {
    deployment = KeycloakDeploymentBuilder
        .build(props);

  }

  @Override
  public KeycloakDeployment resolve(Request facade) {
    return deployment;
  }

  @Override
  public void setApplicationContext(ApplicationContext ctx)
      throws BeansException {
  }
}