[keycloak-user] Getting the user id from the access token

Juan Diego juandiego83 at gmail.com
Fri Jul 10 19:27:19 EDT 2015


Are you identifying you user mainly by the email?

On Fri, Jul 10, 2015 at 6:24 PM, Scott Dunbar <scott at xigole.com> wrote:

>  It is injected into the bean - sorry, might not have been enough code
> before.  A small example:
>
> import javax.annotation.Resource;
> import javax.annotation.security.RolesAllowed;
> import javax.ejb.SessionContext;
> import javax.ejb.Stateless;
> import javax.ws.rs.GET;
> import javax.ws.rs.Path;
> import javax.ws.rs.Produces;
> import javax.ws.rs.core.MediaType;
> import javax.ws.rs.core.Response;
>
> import org.apache.commons.logging.Log;
> import org.apache.commons.logging.LogFactory;
>
> import org.keycloak.KeycloakPrincipal;
> import org.keycloak.KeycloakSecurityContext;
> import org.keycloak.representations.IDToken;
>
>  @Path("/user")
> @Stateless
> public class UserService {
>     private static final Log log = LogFactory.getLog(UserService.class);
>
>     @Resource
>     private SessionContext sessionContext;
>
>     @Path("/getCurrentUserInfo")
>     @Produces({ MediaType.APPLICATION_JSON })
>     @GET
>     @RolesAllowed({"someRole"})
>     public Response getCurrentUser() {
>
> 	@SuppressWarnings("unchecked")
>         KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal());
>         IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken();
>
>         log.debug( "email from token is \"" + idToken.getEmail() + "\"" );
>
>         // your return is likely something more useful
>         return Response.ok().build();
>     }
> }
>
>
> Your use case might be different but this is how it is working for me.
> Again, there may be a better way.
>
>
>
>
> On 07/10/2015 05:01 PM, Juan Diego wrote:
>
> Where do you get sessionContext from?
>
> On Fri, Jul 10, 2015 at 5:54 PM, Scott Dunbar <scott at xigole.com> wrote:
>
>>  I use something like:
>>
>> import org.keycloak.KeycloakPrincipal;
>> import org.keycloak.KeycloakSecurityContext;
>> import org.keycloak.representations.IDToken;
>>
>> ...
>>
>> @Resource
>> private SessionContext sessionContext;
>>
>> ...
>>
>> @SuppressWarnings("unchecked")
>> KeycloakPrincipal<KeycloakSecurityContext> kcPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>)(sessionContext.getCallerPrincipal());
>> IDToken idToken = kcPrincipal.getKeycloakSecurityContext().getIdToken();
>>
>> log.debug( "email from token is \"" + idToken.getEmail() + "\"" );
>>
>>
>> Not sure if that's the recommended way but it works well.
>>
>>
>> On 07/10/2015 04:48 PM, Juan Diego wrote:
>>
>>    Hi
>>
>>  I want to be able to update the user password and some preferences from
>> my web app, in order to update some of the user info from my portal i can
>> see in the rest api that you need the user ID.
>>  I have a backend with java that should connect to my keycloak server
>> once it gets the token
>>
>> KeycloakSecurityContext securityContext = (KeycloakSecurityContext)
>> httpRequest
>>                 .getAttribute(KeycloakSecurityContext.class.getName());
>>
>> AccessToken accessToken = securityContext.getToken();
>>
>>  I dont know how to get info from the accesToken, or does the access
>> token class already has methods to do that.  I know this is more of a
>> question of design.  This part is not really clear for me.
>>
>>  Thanks
>>
>>
>>
>>  _______________________________________________
>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>> --
>> Scott Dunbar
>> Xigole Systems, Inc.
>> Enterprise consulting, development, and hosting
>> 303·667·6343
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
> --
> Scott Dunbar
> Xigole Systems, Inc.
> Enterprise consulting, development, and hosting
> 303·667·6343
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150710/6e083e44/attachment.html 


More information about the keycloak-user mailing list