3:42 a.m.
You need to have "Store tokens" enabled for your identity provider in
keycloak admin console. We also have some twitter example for showing
this. It's maybe not working and needs some changes (it's not part of
the official example distribution), but hopefully you can take a look at
sources and have some inspiration from it :
https://github.com/keycloak/keycloak/tree/master/examples/broker/twitter-...
Btv. I would try to have first working setup locally and then move to
AWS later. Just to eliminate that AWS is not the thing, which is causing
issues here.
Marek
On 16/05/16 19:41, Brooks Isoldi wrote:
Hi all,
I'm having trouble getting access to the oauth tokens that should be
returned from the user authenticating with Twitter via the Keycloak
login page.
FYI, this is cross-posted on SO
(http://stackoverflow.com/questions/37257623/accessing-user-oauth-tokens-r...).
-----
I have a Keycloak (standalone) v1.9.4.Final install setup using
Wildfly 10 on an AWS instance and am trying to use keycloak (via
keycloak's login page) and Twitter4j to authenticate a user with
Twitter and then obviously have my application authenticate and view
the users timeline, etc.
I have configured the Identity Provider (Twitter), the realm and my
client application.
I also have a Twitter application setup at apps.twitter.com and the
keys put into my twitter4j.properties file.
So far, I am able to:
1. Go to my application's JSF webpage and get redirected to
Keycloak's /auth login page
2. Click the Twitter logo and login with my Twitter account (separate
account from the account that owns the Twitter application)
3. Complete the user information that Keycloak asks for
4. After completing the user information, Keycloak successfully
directs the user back to the client application (in this case, a
JSF page).
The problem is, I can't figure out how to get access to the users
OAuth AccessToken and AccessTokenSecret to combine with the Twitter
application's ConsumerKey and ConsumerKeySecret.
I'm trying to get the tokens from the FacesContext, but I suspect that
context would not have it.
|HttpSessionhttpSession
=(HttpSession)facesContext.getExternalContext().getSession(false);KeycloakSecurityContextkeycloakContext
=(RefreshableKeycloakSecurityContext)httpSession.getAttribute(KeycloakSecurityContext.class.getName());-------
|
Taking a page from the twitter broker demo, we used the
KeyCloakSecurityContext held in the FacesContext's HTTPSession to get
the Bearer token, dropped the demo's TwitterOAuthResponse class into
our project and made a REST call to the realm's twitter token endpoint
using the, but then we got a permission denied saying the client did
not have access to the identity providers token.
Any help would be greatly appreciated!
--
Brooks Isoldi, Software Developer
Traversed
7164 Columbia Gateway Drive, Suite 120A
Columbia, MD 21046
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev