8:53 a.m.
Hi all,
I'm managing the keycloak authentication-authorization for my Android
app. I do it manually since there's no adapter still available as far as
I know. Currently I am able to log in from a webview, retrieve the
access token using the code and refresh the token when it's necessary
and retrieve the user info using the openid-connect compliant endpoints.
However, I would like to grab the roles available for the token too, in
order to show/hide specific operations in the screen.
How to achieve it?
Thanks in advance.
--
Aritz Maeztu Otaño
Departamento Desarrollo de Software
<https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
<http://www.tesicnor.com>
Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
Telf.: 948 21 40 40
Fax.: 948 21 40 41
Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
medioambiente es cosa de todos.
10:16 a.m.
Hello Aritz,
couldn't you just use a JWT parser library to parse the AccessToken string?
http://jwt.io/ lists quite a few usable ones:
I created a gist with a quick example for parsing a keycloak AccessToken
with jjwt:
https://gist.github.com/thomasdarimont/23a80208c1ef529169be
To get the roles for a particular application (acme-petclinic) in this
case, you could do the following:
((Map<String,Object)((Map<String,Object>)claimsJws.getBody().get("resource_access")).get("acme-petclinic")).get("roles")
Cheers,
Thomas
2016-03-07 15:53 GMT+01:00 Aritz Maeztu <amaeztu(a)tesicnor.com>:
Hi all,
I'm managing the keycloak authentication-authorization for my Android app.
I do it manually since there's no adapter still available as far as I know.
Currently I am able to log in from a webview, retrieve the access token
using the code and refresh the token when it's necessary and retrieve the
user info using the openid-connect compliant endpoints. However, I would
like to grab the roles available for the token too, in order to show/hide
specific operations in the screen.
How to achieve it?
Thanks in advance.
--
Aritz Maeztu Otaño
Departamento Desarrollo de Software
<https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
<http://www.tesicnor.com>
Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
Telf.: 948 21 40 40
Fax.: 948 21 40 41
Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
medioambiente es cosa de todos.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1:11 a.m.
Many thanks Thomas! I'll give it a try ;-)
07/03/2016 17:16(e)an, Thomas Darimont igorleak idatzi zuen:
Hello Aritz,
couldn't you just use a JWT parser library to parse the AccessToken
string?
http://jwt.io/ lists quite a few usable ones:
I created a gist with a quick example for parsing a keycloak
AccessToken with jjwt:
https://gist.github.com/thomasdarimont/23a80208c1ef529169be
To get the roles for a particular application (acme-petclinic) in this
case, you could do the following:
((Map<String,Object)((Map<String,Object>)claimsJws.getBody().get("resource_access")).get("acme-petclinic")).get("roles")
Cheers,
Thomas
2016-03-07 15:53 GMT+01:00 Aritz Maeztu <amaeztu(a)tesicnor.com
<mailto:amaeztu@tesicnor.com>>:
Hi all,
I'm managing the keycloak authentication-authorization for my
Android app. I do it manually since there's no adapter still
available as far as I know. Currently I am able to log in from a
webview, retrieve the access token using the code and refresh the
token when it's necessary and retrieve the user info using the
openid-connect compliant endpoints. However, I would like to grab
the roles available for the token too, in order to show/hide
specific operations in the screen.
How to achieve it?
Thanks in advance.
--
Aritz Maeztu Otaño
Departamento Desarrollo de Software
<https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
<http://www.tesicnor.com>
Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
Telf.: 948 21 40 40
Fax.: 948 21 40 41
Antes de imprimir este e-mail piense bien si es necesario hacerlo:
El medioambiente es cosa de todos.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Aritz Maeztu Otaño
Departamento Desarrollo de Software
<https://www.linkedin.com/profile/preview?vpa=pub&locale=es_ES>
<http://www.tesicnor.com>
Pol. Ind. Mocholi. C/Rio Elorz, Nave 13E 31110 Noain (Navarra)
Telf.: 948 21 40 40
Fax.: 948 21 40 41
Antes de imprimir este e-mail piense bien si es necesario hacerlo: El
medioambiente es cosa de todos.
3228
days inactive
3229
days old
2 comments
2 participants
participants (2)
-
Aritz Maeztu -
Thomas Darimont