[keycloak-user] /protocol/openid-connect/userinfo
Remi Cartier
remi.cartier at imetrik.com
Wed Oct 7 15:51:04 EDT 2015
Hey guys,
I created a token with /protocol/openid-connect/token and got a JWT token back.
Now I am trying to get the username of the logged user from the token via /userinfo.
I get the 403 error code.
When I was doing that request with the admin user, it worked.
I am wondering if I have to set some roles to every user that want to be able to get back their info via /userinfo
public User getUserFromToken(String iToken) {
HttpClient httpClient = buildHttpClient();
HttpGet httpGet = new HttpGet(getKeycloakServerURL() + "/realms/" + getKeycloakRealm() + "/protocol/openid-connect/userinfo");
httpGet.addHeader("Authorization", "Bearer " + iToken);
try {
HttpResponse httpResponse = httpClient.execute(httpGet);
if (httpResponse.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
throw new IllegalStateException(httpGet.toString() + " returned " + httpResponse.getStatusLine().toString());
}
String json = IOUtils.toString(httpResponse.getEntity().getContent());
UserInfo userInfo = JsonSerialization.readValue(json, UserInfo.class);
return getUser(userInfo.getName(), getKeycloakRealm());
} catch (IOException e) {
throw new IllegalStateException(e);
}
}
java.lang.IllegalStateException: GET http://m4ib-idm:8080/auth/realms/imetrik/protocol/openid-connect/userinfo HTTP/1.1 returned HTTP/1.1 403 Forbidden
anything I am missing ?
cheers !
________________________________
REMI CARTIER
B.O.S.S. (Business & Operation Support Systems) P.O (Product Owner)
IMETRIK GLOBAL INC.
T : +1 514 448-6407 x2009
T : +1 866 276-5382 (toll free)
F : +1 514 904-0611
740 Notre Dame St. West, Suite 1575
Montreal, Quebec, Canada H3C 3X6
imetrik.com<http://www.imetrik.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151007/4e8bb8e6/attachment.html
More information about the keycloak-user
mailing list