Hi,
I am using the token exchange feature of Keycloak 3.4, which is really
great and useful in my REST backoffice (before the only way i found was to
do a lot of 302 in browser to get needed access tokens).
Everything is documented for server configuration, but in java client is
there a new function to exchange a token ?
I wrote some code extending the current AuthzClient if anybody is looking
for the same thing :
public AccessTokenResponse exchangeAccessToken(String bearer, String
bearerIdpName) {
return
this.http.<AccessTokenResponse>post(authzClient.getServerConfiguration().getTokenEndpoint())
.authentication()
.client()
.param("grant_type",
"urn:ietf:params:oauth:grant-type:token-exchange")
.param("subject_token", bearer)
.param("subject_issuer", bearerIdpName)
.param("subject_token_type",
"urn:ietf:params:oauth:token-type:access_token")
.param("audience",
authzClient.getConfiguration().getResource())
.response()
.json(AccessTokenResponse.class)
.execute();
}
Thanks