Is your REST service using our adapters? If so, then you can obtain the
token from either typecasting the user Principal to KeycloakPrincipal
and navigating to the KeycloakSecurityContext interface. The
KeycloakSecurityContext interface is also available within the
HttpServletRequest attribute
KeycloakSecurityContext session = (KeycloakSecurityContext)
request.getAttribute(KeycloakSecurityContext.class.getName());
On 2/18/2015 9:13 AM, Mike Love wrote:
Thank you Stian.
RSATokenVerifier.verifyToken has done the trick
Regards,
Mike Love
On 2015/02/18, 15:38, "Stian Thorgersen" <stian(a)redhat.com> wrote:
>
>
> ----- Original Message -----
>> From: "Mike Love" <mike.love(a)symbiotics.co.za>
>> To: keycloak-user(a)lists.jboss.org
>> Sent: Wednesday, February 18, 2015 2:33:14 PM
>> Subject: [keycloak-user] Extract Subjectid from token in JaxRS Service
>>
>> Hi,
>>
>> I am successfully authenticating an AngularJS client calling REST
>> Services.
>>
>> The token is validated as expected after login. On calling the REST
>> service,
>> the authorization hearer (Bearer token) is available as HTTP Header as
>> expected.
>>
>> Now, in the REST Service processing I want to extract the UserId
>> (SubjectId)
>> so that I can lookup additional information before continuing with
>> processing.
>>
>> I have seen that the JS adapter has a keycloak object that provides
>> access
>> the this information, is there a similar Java helper class to extract
>> this
>> information?
>
> You can either use one of our adapters or
> org.keycloak.RSATokenVerifier.verifyToken
>
>>
>>
>> Regards,
>> Mike Love
>>
>>
>>
>> *************************************************************************
>> *******
>> This email and any accompanying attachments may contain confidential and
>> proprietary information. This information is private and protected by
>> law
>> and, accordingly, if you are not the intended recipient, you are
>> requested
>> to delete this entire communication immediately and are notified that
>> any
>> disclosure, copying or distribution of or taking any action based on
>> this
>> information is prohibited.
>>
>> Emails cannot be guaranteed to be secure or free of errors or viruses.
>> The
>> sender does not accept any liability or responsibility for any
>> interception,
>> corruption, destruction, loss, late arrival or incompleteness of or
>> tampering or interference with any of the information contained in this
>> email or for its incorrect delivery or non-delivery for whatsoever
>> reason or
>> for its effect on any electronic device of the recipient.
>>
>>
>> *************************************************************************
>> *******
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-user