Hi,

i suppose you've to set cookies from response and keycloak automagically made the things for you.

I resolved the problem to call impersonation API from our back-office panel applying the following modifications to keycloak.js file.

After processInit function definition add the following lines of code:

            /**
             * Append methods to keycloak object
             */
            
            adapter.impersonate = function(options) {
                var url = kc.createImpersonationUrl(options);                        
                var req = new XMLHttpRequest();
                req.open('POST', url, true);
                req.setRequestHeader('Accept', 'application/json');
                req.setRequestHeader('Authorization', 'bearer ' + kc.token);
                req.withCredentials = true;                                               
                
                var promise = createPromise();

                req.onreadystatechange = function () {
                    if (req.readyState == 4) {
                        if (req.status == 200) {
                            promise.setSuccess();
                        } else {
                            promise.setError();
                        }
                    }
                }

                req.send(null);

                return promise.promise;
            };
            
            kc.impersonate = function(options) {
            	return adapter.impersonate(options);
            };

            kc.createImpersonationUrl = function(user) {
                return getRealmUrl().replace('/auth/', '/auth/admin/') + '/users/' + user + '/impersonation';
            };

Then define your impersonate method that calls keycloak.impersonate where you manage local session refresh, like that:

        function impersonate(user) {
            var deferred = $.Deferred();
            keycloak.impersonate(user).success(function() {
                console.log('user ' + user + ' impersonated');

		// clear local session user informations

                clearSession();
		
		// refresh logged user

                keycloak.login();
                deferred.resolve();
            });
            return deferred.promise();
        }

Hope this helps! ;)

Daniele Bonetto



Il 12/05/2016 00:29, Anshul Malpani ha scritto:
Hi,

I am trying to use impersonate feature using my java client. When I call impersonate api using admin access grant. I get back the cookies. How can I get the access token for the impersonate user.



HttpPost post = new HttpPost(
                    KeycloakUriBuilder.fromUri(authServerUrl).path(/admin/realms/{realm}/users/{id}/impersonation").build(realmaccountKeycloakId));

This is returning me cookies. In next step I would like to get the access token of impersonate user.

Thanks
A


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user