@Override protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) { RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext(); Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext); final KeycloakAccount account = new SimpleKeycloakAccount(principal, roles, securityContext); logger.debug("Completing bearer authentication. Bearer roles: {} ",roles); SecurityContextHolder.getContext().setAuthentication(new KeycloakAuthenticationToken(account, false)); request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext); }
/** * Create a successful result. * * @param authentication valid credentials */ public AuthResults(Authentication authentication) { Object username = null; Object details = null; if (authentication.getDetails() instanceof SimpleKeycloakAccount) { details = (SimpleKeycloakAccount) authentication.getDetails(); assert ((SimpleKeycloakAccount) details).getPrincipal() instanceof KeycloakPrincipal; final KeycloakPrincipal principal = (KeycloakPrincipal) ((SimpleKeycloakAccount) details).getPrincipal(); username = principal.getName(); if (principal.getKeycloakSecurityContext().getIdToken() != null) { username = principal.getKeycloakSecurityContext().getIdToken().getPreferredUsername(); } } else { username = authentication.getPrincipal(); details = authentication.getDetails(); } this.authentication = new UsernamePasswordAuthenticationToken( username, authentication.getCredentials(), authentication.getAuthorities()); ((UsernamePasswordAuthenticationToken) this.authentication).setDetails(details); this.challenge = null; }
@Override protected void completeOAuthAuthentication(final KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal) { final RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext(); final Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext); final OidcKeycloakAccount account = new SimpleKeycloakAccount(principal, roles, securityContext); request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext); this.tokenStore.saveAccountInfo(account); }