private Optional<AccessToken> token() { KeycloakSecurityContext ksc = (KeycloakSecurityContext) sr .getAttribute(KeycloakSecurityContext.class.getName()); if (ksc == null) { return Optional.empty(); } return Optional.of(ksc.getToken()); }
public KeycloakLoggedInUser(HttpServletRequest httpServletRequest) { try { KeycloakSecurityContext keycloakSecurityContext = (KeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName()); if(keycloakSecurityContext == null) { handleAuthenticationProblem("KeycloakSecurityContext not available in the HttpServletRequest."); } else { this.auth = keycloakSecurityContext.getToken(); this.tokenString = keycloakSecurityContext.getTokenString(); } } catch (NoClassDefFoundError ncdfe) { handleAuthenticationProblem(ncdfe.getMessage(), ncdfe); } }
/** * @see io.apiman.manager.api.security.impl.DefaultSecurityContext#getFullName() */ @Override public String getFullName() { HttpServletRequest request = DefaultSecurityContext.servletRequest.get(); org.keycloak.KeycloakSecurityContext session = (org.keycloak.KeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName()); if (session != null) { return session.getToken().getName(); } else { return null; } }
@Override public AccessToken getToken() { refreshExpiredToken(true); return super.getToken(); }
/** * @see io.apiman.manager.api.security.impl.DefaultSecurityContext#getEmail() */ @Override public String getEmail() { HttpServletRequest request = DefaultSecurityContext.servletRequest.get(); org.keycloak.KeycloakSecurityContext session = (org.keycloak.KeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName()); if (session != null) { return session.getToken().getEmail(); } else { return null; } }
@Override public String getName() { return securityContext.getToken().getName(); }
/** * @see io.apiman.manager.api.security.impl.DefaultSecurityContext#getFullName() */ @Override public String getFullName() { HttpServletRequest request = DefaultSecurityContext.servletRequest.get(); org.keycloak.KeycloakSecurityContext session = (org.keycloak.KeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName()); if (session != null) { return session.getToken().getName(); } else { return null; } }
/** * @see io.apiman.manager.api.security.impl.DefaultSecurityContext#getEmail() */ @Override public String getEmail() { HttpServletRequest request = DefaultSecurityContext.servletRequest.get(); org.keycloak.KeycloakSecurityContext session = (org.keycloak.KeycloakSecurityContext) request.getAttribute(org.keycloak.KeycloakSecurityContext.class.getName()); if (session != null) { return session.getToken().getEmail(); } else { return null; } }
@Override public String getEmail() { return keycloakSecurityContext.getToken().getEmail(); }
@Override public String getLastName() { return keycloakSecurityContext.getToken().getFamilyName(); }
private User getKeycloakUser() { if (!keycloakIsLoggedIn()) { throw new IllegalStateException( "Cannot call getKeycloakUser if not logged in through Keycloak."); } if (keycloakUser == null) { keycloakUser = createKeycloakUser(keycloakSecurityContext.getToken()); } return keycloakUser; }
@Override public Set<String> getRoles() { return Collections.unmodifiableSet(keycloakSecurityContext.getToken().getRealmAccess().getRoles()); }
private Set<String> selectRealmRoles() { Set<String> roles = new HashSet<>(); AccessToken.Access realmAccess = securityContext.getToken().getRealmAccess(); if (realmAccess != null && realmAccess.getRoles() != null) { roles.addAll(realmAccess.getRoles()); } return Collections.unmodifiableSet(roles); }
private Set<String> selectResourceRoles(KeycloakResource keycloakResource) { Set<String> roles = new HashSet<>(); AccessToken.Access resourceAccess = securityContext.getToken().getResourceAccess(keycloakResource.getResource()); if (resourceAccess != null && resourceAccess.getRoles() != null) { roles.addAll(resourceAccess.getRoles()); } return Collections.unmodifiableSet(roles); }
@Nonnull @Override protected SimpleSessionInfo newSessionInfo() { final OidcKeycloakAccount account = _authService.getAccount(); final String userID = account.getKeycloakSecurityContext().getToken().getId(); final String sessionID = UUID.randomUUID().toString(); return new SimpleSessionInfo( userID, sessionID ); } }
private boolean doesUserMatchSession( @Nonnull final String sessionId, @Nonnull final OidcKeycloakAccount account ) { final String userID = account.getKeycloakSecurityContext().getToken().getPreferredUsername(); final ReplicantSession session = getSessionManager().getSession( sessionId ); return null != session && Objects.equals( session.getUserID(), userID ); }
@Nonnull @Override protected ReplicantSession newReplicantSession() { final OidcKeycloakAccount account = getAuthService().findAccount(); final String userId = null == account ? null : account.getKeycloakSecurityContext().getToken().getPreferredUsername(); final String sessionId = UUID.randomUUID().toString(); return new ReplicantSession( userId, sessionId ); } }
@Override public void saveAccountInfo(OidcKeycloakAccount account) { RefreshableKeycloakSecurityContext securityContext = (RefreshableKeycloakSecurityContext) account.getKeycloakSecurityContext(); Set<String> roles = account.getRoles(); SerializableKeycloakAccount sAccount = new SerializableKeycloakAccount(roles, account.getPrincipal(), securityContext); HttpSession httpSession = request.getSession(); httpSession.setAttribute(KeycloakAccount.class.getName(), sAccount); httpSession.setAttribute(KeycloakSecurityContext.class.getName(), sAccount.getKeycloakSecurityContext()); if (idMapper != null) idMapper.map(account.getKeycloakSecurityContext().getToken().getSessionState(), account.getPrincipal().getName(), httpSession.getId()); //String username = securityContext.getToken().getSubject(); //log.fine("userSessionManagement.login: " + username); }
public String createAccountLinkWithBacklink(String backlinkUri) { UriComponentsBuilder accountUri = UriComponentsBuilder .fromHttpUrl(keycloakSecurityContext.getToken().getIssuer()).path("/account") .queryParam("referrer", keycloakProperties.getResource()).queryParam("referrer_uri", backlinkUri); return accountUri.toUriString(); } }
public String createAccountLinkWithBacklink(String backlinkUri) { UriComponentsBuilder accountUri = UriComponentsBuilder // .fromHttpUrl(keycloakSecurityContext.getToken().getIssuer()) // .path("/account") // .queryParam("referrer", keycloakProperties.getResource()) // .queryParam("referrer_uri", backlinkUri) // ; return accountUri.toUriString(); } }