[keycloak-user] Grabbing Keycloak user roles from Android app
Thomas Darimont
thomas.darimont at googlemail.com
Mon Mar 7 11:16:07 EST 2016
Hello Aritz,
couldn't you just use a JWT parser library to parse the AccessToken string?
http://jwt.io/ lists quite a few usable ones:
I created a gist with a quick example for parsing a keycloak AccessToken
with jjwt:
https://gist.github.com/thomasdarimont/23a80208c1ef529169be
To get the roles for a particular application (acme-petclinic) in this
case, you could do the following:
((Map<String,Object)((Map<String,Object>)claimsJws.getBody().get("resource_access")).get("acme-petclinic")).get("roles")
Cheers,
Thomas
2016-03-07 15:53 GMT+01:00 Aritz Maeztu <amaeztu at tesicnor.com>:
> Hi all,
>
> I'm managing the keycloak authentication-authorization for my Android app.
> I do it manually since there's no adapter still available as far as I know.
> Currently I am able to log in from a webview, retrieve the access token
> using the code and refresh the token when it's necessary and retrieve the
> user info using the openid-connect compliant endpoints. However, I would
> like to grab the roles available for the token too, in order to show/hide
> specific operations in the screen.
>
> How to achieve it?
>
> Thanks in advance.
> --
> Aritz Maeztu Otaño
> Departamento Desarrollo de Software
> <https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
> <http://www.tesicnor.com>
>
> Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
> Telf.: 948 21 40 40
> Fax.: 948 21 40 41
> Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
> medioambiente es cosa de todos.
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160307/bf938bd8/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linkdin.gif
Type: image/gif
Size: 1295 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20160307/bf938bd8/attachment-0001.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo.png
Type: image/png
Size: 2983 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20160307/bf938bd8/attachment-0001.png
More information about the keycloak-user
mailing list