Ok, I was using getId() ok got it

On Sat, Jul 11, 2015 at 3:54 AM, Marek Posolda <mposolda@redhat.com> wrote:
I suggest to look into our demo, which handles this well and shows various info about user: https://github.com/keycloak/keycloak/tree/master/examples/demo-template

By default, the User ID can be obtained directly from the principal (unless you're configure "principal-attribute" in your keycloak.json ) :

String userId = kcPrincipal.getName();

From access token it can be obtained as well:

String userId = accessToken.getSubject()

See the example on how to retrieve more user data (but it's pretty straightforward from the getter methods. Like getter for email as Scott pointed)

Marek


On 11.7.2015 01:27, Juan Diego wrote:
Are you identifying you user mainly by the email?

On Fri, Jul 10, 2015 at 6:24 PM, Scott Dunbar <scott@xigole.com> wrote:
It is injected into the bean - sorry, might not have been enough code before.  A small example:
import javax.annotation.Resource;
import javax.annotation.security.RolesAllowed;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.representations.IDToken;
 
@Path("/user")
@Stateless
public class UserService {
    private static final Log log = LogFactory.getLog(UserService.class);
    @Resource
    private SessionContext sessionContext;

    @Path("/getCurrentUserInfo")
    @Produces({ MediaType.APPLICATION_JSON })
    @GET
    @RolesAllowed({"someRole"})
    public Response getCurrentUser() {

	@SuppressWarnings("unchecked")
        KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal());
        IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken();

        log.debug( "email from token is \"" + idToken.getEmail() + "\"" );        
        // your return is likely something more useful
        return Response.ok().build();
    }
}

Your use case might be different but this is how it is working for me.  Again, there may be a better way.




On 07/10/2015 05:01 PM, Juan Diego wrote:
Where do you get sessionContext from?

On Fri, Jul 10, 2015 at 5:54 PM, Scott Dunbar <scott@xigole.com> wrote:
I use something like:

import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.representations.IDToken;

...

@Resource
private SessionContext sessionContext;

...

@SuppressWarnings("unchecked")
KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal());
IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken();

log.debug( "email from token is \"" + idToken.getEmail() + "\"" );

Not sure if that's the recommended way but it works well. 


On 07/10/2015 04:48 PM, Juan Diego wrote:
Hi

I want to be able to update the user password and some preferences from my web app, in order to update some of the user info from my portal i can see in the rest api that you need the user ID. 
I have a backend with java that should connect to my keycloak server once it gets the token

KeycloakSecurityContext securityContext = (KeycloakSecurityContext) httpRequest
                .getAttribute(KeycloakSecurityContext.class.getName());
 
AccessToken accessToken = securityContext.getToken();

I dont know how to get info from the accesToken, or does the access token class already has methods to do that.  I know this is more of a question of design.  This part is not really clear for me.

Thanks



_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user

--
Scott Dunbar
Xigole Systems, Inc.
Enterprise consulting, development, and hosting
303·667·6343

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user


--
Scott Dunbar
Xigole Systems, Inc.
Enterprise consulting, development, and hosting
303·667·6343



_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user