[keycloak-user] accessing client JWT token in token mapper when using signed JWT authenticator.
Billiet Tom
Tom.Billiet at technicolor.com
Fri Aug 17 02:28:24 EDT 2018
Hi,
I'm currently trying to create a Mapper for a client that uses "Signed JWT" as the client authenticator. In the mapper I would like to access some fields from the JWT token that's used to authenticate the client.
I cannot figure out a way to do so. I've tried to create a custom mapper that extends AbstractOIDCProtocolMapper, but I don't seem to be able to access the client JWT token anywhere.
When digging somewhat deeper, I think the JWTClientAuthenticator (https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java) should expose this if I want to be able to use it later in a mapper. If the JsonWebToken would be stored on the userSession note object that would be possible.
But that would require a feature request to have this exposed. Is there another way to make this possible?
Thanks,
Tom
More information about the keycloak-user
mailing list