Configure webflux oauth2 client with keycloak

Question

I'm trying to secure my microservice's endpoint using webflux oauth2 client and I use keycloak as an authorization & resource server. Api receives Bearer JWT token and it should send the token to keycloak to check whether user has access to this resource. I could configure this scenario using keycloak adapter but I cannot find how to do it with webflux oauth2 client.

application.yml

spring:
 security:
    oauth2:
      client:
        provider:
          keycloak:
            token-uri: KEYCLOAK_TOKEN_URL
        registration:
          keycloak:
            provider: keycloak
            client-id: client-id
            client-secret: xxx
            authorization-grant-type: client_credentials
            scope: openid

configuration class:

@EnableWebFluxSecurity
public class SecurityContextWebFlux {
    @Bean
    public ReactiveOAuth2AuthorizedClientManager authorizedClientManager(
            ReactiveClientRegistrationRepository clientRegistrationRepository,
            ReactiveOAuth2AuthorizedClientService authorizedClientService) {

        ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
                ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
                        .clientCredentials()
                        .build();

        AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager =
                new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
                        clientRegistrationRepository, authorizedClientService);
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

        return authorizedClientManager;
    }

    @Bean
    public WebClient webClient(ReactiveOAuth2AuthorizedClientManager authorizedClientManager) {
        ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
        return WebClient.builder().filter(oauth).build();
    }

    @Bean
    public SecurityWebFilterChain configure(ServerHttpSecurity http) {
        return http.cors().and()
                .httpBasic().disable()
                .authorizeExchange()
                .anyExchange()
                .authenticated()
                .and()
                .oauth2Client()
                .and()
                .build();
    }
}

Here are logs showing following message:

Request 'GET /v1/products' doesn't match 'POST /logout

more:

2022-02-16T18:08:23.169Z [trace_id= span_id= trace_sampled=] - DEBUG http-nio-8181-exec-2 athPatternParserServerWebExchangeMatcher : Request 'GET /v1/products' doesn't match 'null /oauth2/authorization/{registrationId}'
2022-02-16T18:08:23.205Z [trace_id= span_id= trace_sampled=] - DEBUG parallel-1 o.s.s.w.s.u.m.OrServerWebExchangeMatcher : Trying to match using PathMatcherServerWebExchangeMatcher{pattern='/logout', method=POST}
2022-02-16T18:08:23.205Z [trace_id= span_id= trace_sampled=] - DEBUG parallel-1 athPatternParserServerWebExchangeMatcher : Request 'GET /v1/products' doesn't match 'POST /logout'
2022-02-16T18:08:23.205Z [trace_id= span_id= trace_sampled=] - DEBUG parallel-1 o.s.s.w.s.u.m.OrServerWebExchangeMatcher : No matches found

Can someone explain how I can configure webflux oauth2 client with keycloak?