h6. What
To provide client side access control in the mobile app, we will first require knowledge of the users roles. During the OpenID Connect authentication flow, an access token will be made available to the application. An array of roles for the user can be retrieved from the access token, which is just a JWT.
h6. Why
Prerequisite to provide access control on the client side.
h6. How
The access token can be retrieved easily from the AppAuth AuthState class. This need to be decoded from base64, and then the user roles will be available in a JSON array. The data should be returned as an arraylist a collection of strings Role objects .
Note: This should include retrieving both realm roles and client roles. |
|
