The SpringSec Adapter offers a KeycloakRestTemplate that will do all the
magic for you ;)
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/spring-sec...
Check an usage example here :
https://github.com/foo4u/keycloak-spring-demo/blob/master/product-app/src...
To get the token "manually", you can try to access the
KeycloakSecurityContext and extract the token from there, look at this
method that does this :
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/spring-sec...
Hope these pointers will help you
Sebi
On Fri, Nov 25, 2016 at 4:38 PM, java_os <java(a)neposoft.com> wrote:
What's the best practice on this scenario:
--
SPA (has the token from keycloak.js) -->Rest call--> Bearer_1 -->Rest call
--> Bearer_2
Bearer_1 and Bearer_2 are spring sec/boot enabled.
Rest calls between Bearer_1 and Bearer_2 using resttemplates and injecting
into "Authorization" header the "Bearer token_long_string"
Bearer_1 has the KeycloakAuthenticationToken object.
Bearer_2 needs to be feed in with a valid non-expired token somehow - but
how? Not sure if one can get this out from KeycloakAuthenticationToken and
pass it in onto the header calls to bearer_2.
Is this the right approach for in-flight rest calls between 2 bearers?
What's the best practice on this scenario?
Anyone has done this for real?
- thx.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user