Re: [keycloak-user] Getting the user id from the access token

It is injected into the bean - sorry, might not have been enough code before. A small example: import javax.annotation.Resource; import javax.annotation.security.RolesAllowed; import javax.ejb.SessionContext; import javax.ejb.Stateless; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.keycloak.KeycloakPrincipal; import org.keycloak.KeycloakSecurityContext; import org.keycloak.representations.IDToken; @Path("/user") @Stateless public class UserService { private static final Log log = LogFactory.getLog(UserService.class); @Resource private SessionContext sessionContext; @Path("/getCurrentUserInfo") @Produces({ MediaType.APPLICATION_JSON }) @GET @RolesAllowed({"someRole"}) public Response getCurrentUser() { @SuppressWarnings("unchecked") KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal()); IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken(); log.debug( "email from token is \"" + idToken.getEmail() + "\"" ); // your return is likely something more useful return Response.ok().build(); } } Your use case might be different but this is how it is working for me. Again, there may be a better way. On 07/10/2015 05:01 PM, Juan Diego wrote: Where do you get sessionContext from? On Fri, Jul 10, 2015 at 5:54 PM, Scott Dunbar <scott(a)xigole.com&gt; wrote: > I use something like: > > import org.keycloak.KeycloakPrincipal; > import org.keycloak.KeycloakSecurityContext; > import org.keycloak.representations.IDToken; > > ... > > @Resource > private SessionContext sessionContext; > > ... > > @SuppressWarnings("unchecked") > KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal()); > IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken(); > > log.debug( "email from token is \"" + idToken.getEmail() + "\"" ); > > > Not sure if that's the recommended way but it works well. > > > On 07/10/2015 04:48 PM, Juan Diego wrote: > > Hi > > I want to be able to update the user password and some preferences from > my web app, in order to update some of the user info from my portal i can > see in the rest api that you need the user ID. > I have a backend with java that should connect to my keycloak server > once it gets the token > > KeycloakSecurityContext securityContext = (KeycloakSecurityContext) > httpRequest > .getAttribute(KeycloakSecurityContext.class.getName()); > > AccessToken accessToken = securityContext.getToken(); > > I dont know how to get info from the accesToken, or does the access > token class already has methods to do that. I know this is more of a > question of design. This part is not really clear for me. > > Thanks > > > > _______________________________________________ > keycloak-user mailing listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user > > > -- > Scott Dunbar > Xigole Systems, Inc. > Enterprise consulting, development, and hosting > 303·667·6343 > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user > -- Scott Dunbar Xigole Systems, Inc. Enterprise consulting, development, and hosting 303·667·6343