[keycloak-user] [spring-boot-adapter] get token/principal/etc.

Niko Köbler niko at n-k.de
Fri Dec 28 06:16:22 EST 2018 

As you can see, the bean definition ist Request-scoped.
This leads to a new bean instance for every request, and thus for each and every user :)



> Am 28.12.2018 um 11:46 schrieb Pavel Maslov <pavel.masloff at gmail.com>:
> 
> Hey Niko,
> 
> Excellent, this is exactly what I was looking for! 
> In your example does the accessToken injected field return a token for each and every user respectively (not the same)? 
> Thank you very "many" (much) :))
> 
> Regards,
> Pavel Maslov, MS
> 
> 
> On Fri, Dec 28, 2018 at 11:38 AM Niko Köbler <niko at n-k.de <mailto:niko at n-k.de>> wrote:
> Hi Pavel,
> 
> that's quite easy (as most things with Spring Boot).
> 
> You can get the AccessToken object through the HttpServletRequest, KeycloakPrincipal and KeycloakSecurityContext.
> In my projects, I do some bean definitions like here: https://github.com/dasniko/keycloak-springboot-demo/blob/master/src/main/java/dasniko/customer/KeycloakSpringbootDemoApplication.java <https://github.com/dasniko/keycloak-springboot-demo/blob/master/src/main/java/dasniko/customer/KeycloakSpringbootDemoApplication.java>
> Then, you can just inject the AccessToken or KeycloakSecurityContext where you want, like this: https://github.com/dasniko/keycloak-springboot-demo/blob/master/src/main/java/dasniko/customer/CrmController.java <https://github.com/dasniko/keycloak-springboot-demo/blob/master/src/main/java/dasniko/customer/CrmController.java>
> 
> Instead of the AccessToken, you can also get the IdentityToken, of course.
> 
> HTH,
> - Niko
> 
> 
> > Am 28.12.2018 um 11:22 schrieb Pavel Maslov <pavel.masloff at gmail.com <mailto:pavel.masloff at gmail.com>>:
> > 
> > Hi, guys. Haven't been here for quite a while :)
> > 
> > 
> > I'm using the Springboot Keycloak adapter
> > (org.keycloak:keycloak-spring-boot-starter:4.6.0.Final) to secure my REST
> > API via bearer token [1]. And it works! Cool.
> > 
> > Now, I would like to get the access token in my @RestController, or even
> > better some information about the user. Is it possible?
> > 
> > Thanks in advance.
> > 
> > Regards,
> > Pavel Maslov, MS
> > 
> > [1] https://github.com/maslick/barkoder <https://github.com/maslick/barkoder>
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>
>

More information about the keycloak-user mailing list