@Override public Optional<String> accessToken() { KeycloakSecurityContext ksc = (KeycloakSecurityContext) sr .getAttribute(KeycloakSecurityContext.class.getName()); if (ksc == null) { return Optional.empty(); } return Optional.of(ksc.getTokenString()); } }
public Optional<String> token() { return Optional.ofNullable(contextHolder.get()).map(c -> c.getTokenString()); }
@Override public String getTokenString() { refreshExpiredToken(true); return super.getTokenString(); }
@Override public String getAccessTokenString() { return getKCSessionContext().getTokenString(); }
@Override public String getAccessTokenString() { return getKCSessionContext().getTokenString(); }
private String getProfileAccessToken(@NonNull KeycloakAuthenticationToken token, @NonNull Provider provider) { HttpClient httpclient = HttpClientBuilder.create().build(); // the http-client, that will send the request HttpGet httpGet = new HttpGet(keycloakUrl + "/realms/fundrequest/broker/" + provider.name().toLowerCase() + "/token"); // the http GET request httpGet.addHeader("Authorization", "Bearer " + token.getAccount().getKeycloakSecurityContext().getTokenString()); try { HttpResponse response = httpclient.execute(httpGet); if (response.getStatusLine().getStatusCode() != 200) { throw new RuntimeException("An error occurred when contacting IDP"); } return getProviderAccessToken(provider, response); } catch (IOException e) { throw new RuntimeException(e); } }
public KeycloakLoggedInUser(HttpServletRequest httpServletRequest) { try { KeycloakSecurityContext keycloakSecurityContext = (KeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName()); if(keycloakSecurityContext == null) { handleAuthenticationProblem("KeycloakSecurityContext not available in the HttpServletRequest."); } else { this.auth = keycloakSecurityContext.getToken(); this.tokenString = keycloakSecurityContext.getTokenString(); } } catch (NoClassDefFoundError ncdfe) { handleAuthenticationProblem(ncdfe.getMessage(), ncdfe); } }
@Override public void apply(RequestTemplate template) { ensureTokenIsStillValid(); // We use the Access-Token of the current user to call the service // Authorization: Bearer // eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJMT0Rx.... template.header(HttpHeaders.AUTHORIZATION, "Bearer " + keycloakSecurityContext.getTokenString()); }
@Override protected void postProcessHttpRequest(HttpUriRequest request) { KeycloakSecurityContext context = this.getKeycloakSecurityContext(); request.setHeader(AUTHORIZATION_HEADER, "Bearer " + context.getTokenString()); }
HttpGet get = new HttpGet(url); KeycloakSecurityContext session = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName()); get.addHeader("Authorization", "Bearer " + session.getTokenString());
@Override public ClientHttpResponse intercept(HttpRequest httpRequest, byte[] bytes, ClientHttpRequestExecution clientHttpRequestExecution) throws IOException { KeycloakSecurityContext context = this.getKeycloakSecurityContext(); httpRequest.getHeaders().set(AUTHORIZATION_HEADER, "Bearer " + context.getTokenString()); return clientHttpRequestExecution.execute(httpRequest, bytes); } }
return Arrays.asList(securityContext.getTokenString());
/** * @see io.apicurio.hub.api.security.ILinkedAccountsProvider#deleteLinkedAccount(io.apicurio.hub.api.beans.LinkedAccountType) */ @Override public void deleteLinkedAccount(LinkedAccountType type) throws IOException { try { KeycloakSecurityContext session = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName()); String authServerRootUrl = config.getKeycloakAuthUrl(); String realm = config.getKeycloakRealm(); String provider = type.alias(); session.getToken().getSessionState(); String url = KeycloakUriBuilder.fromUri(authServerRootUrl) .path("/realms/{realm}/account/federated-identity-update") .queryParam("action", "REMOVE").queryParam("provider_id", provider).build(realm) .toString(); logger.debug("Deleting identity provider using URL: {}", url); HttpGet get = new HttpGet(url); get.addHeader("Accept", "application/json"); get.addHeader("Authorization", "Bearer " + session.getTokenString()); try (CloseableHttpResponse response = httpClient.execute(get)) { if (response.getStatusLine().getStatusCode() != 200) { logger.debug("HTTP Response Status Code when deleting identity provider: {}", response.getStatusLine().getStatusCode()); } } } catch (Exception e) { throw new IOException("Error deleting linked account.", e); } }
@Before public void setup() throws Exception { when(request.getAttribute(KeycloakSecurityContext.class.getName())).thenReturn(context); when(request.getSession()).thenReturn(session); when(session.getAttribute(KeycloakSecurityContext.class.getName())).thenReturn(context); when(context.getTokenString()).thenReturn("token1"); when(context.getRealm()).thenReturn("realm1"); this.tested = new KCAdapterContextTokenManager(request); }
@Before public void setup() throws Exception { when(request.getAttribute(KeycloakSecurityContext.class.getName())).thenReturn(context); when(request.getSession()).thenReturn(session); when(session.getAttribute(KeycloakSecurityContext.class.getName())).thenReturn(context); when(context.getTokenString()).thenReturn("token1"); when(context.getRealm()).thenReturn("realm1"); this.tested = new KCAdapterContextTokenManager(request); }
@Override public void onStartWithServer(ExecutionContext<HttpClientRequest<ByteBuf>> context, ExecutionInfo info) throws AbortExecutionException { KeycloakSecurityContext securityContext = KeycloakSecurityContextAssociation.get(); if (securityContext != null) { HttpClientRequest<ByteBuf> request = context.getRequest(); request.withHeader("Authorization", "Bearer " + securityContext.getTokenString()); context.put(KeycloakSecurityContextAssociation.class.getName(), securityContext); } else { KeycloakSecurityContextAssociation.disassociate(); } }
protected void queryBearerToken() { log.debugv("queryBearerToken {0}",facade.getRequest().getURI()); if (abortTokenResponse()) return; facade.getResponse().setStatus(200); facade.getResponse().setHeader("Content-Type", "text/plain"); try { facade.getResponse().getOutputStream().write(facade.getSecurityContext().getTokenString().getBytes()); } catch (IOException e) { throw new RuntimeException(e); } facade.getResponse().end(); }
auth.setType(StudioConfigAuthType.token); auth.setLogoutUrl(((HttpServletRequest) request).getContextPath() + "/logout"); auth.setToken(session.getTokenString()); auth.setTokenRefreshPeriod(expirationToRefreshPeriod(session.getToken().getExpiration())); httpSession.setAttribute(RequestAttributeKeys.AUTH_KEY, auth);
/** * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpReq = (HttpServletRequest) request; KeycloakSecurityContext session = getSession(httpReq); if (session != null) { // Fabricate a User object from information in the access token and store it in the security context. AccessToken token = session.getToken(); if (token != null) { User user = new User(); user.setEmail(token.getEmail()); user.setLogin(token.getPreferredUsername()); user.setName(token.getName()); ((SecurityContext) security).setUser(user); ((SecurityContext) security).setToken(session.getTokenString()); } } chain.doFilter(request, response); }
String accessTokenString = securityContext.getTokenString(); KeycloakDeployment deployment = getPolicyEnforcer().getDeployment(); AccessToken accessToken = securityContext.getToken();