0

I'm working on securing a legacy monolith webapp with Keycloak (I'm pretty new to Keycloak) and am trying to figure out how best to retrieve the JWT token so I can extract some attributes from it. I've been playing around with it for a couple of days now, and the authentication portion works fine, but once authenticated, I need to extract some application specific attributes from the JWT token so I can handle authorization in the target app. I have not been able to figure out how to easily do that.

Any help would be greatly appreciated as I'm sure I'm just missing something super obvious.

EDIT: I'm using the keycloak-servlet-filter-adapter to handle the authentication with Keycloak.

EDIT2: I've been playing around some with the AuthzClient and from there I can get the access token. Is there something I can do to retrieve the "user attributes" for the user that has this access token? In Keycloak I have some custom user attributes that are being fetched from an external user store, and I need to be able to programmatically retrieve those after logging the user in.

cloudwalker
  • 2,346
  • 1
  • 31
  • 69
  • You mean to get the access token? Do you use some kind of adapter library in your java application? – Aritz May 20 '19 at 15:10
  • @XtremeBiker - yeah, I'm using the Servlet Filter (keycloak-servlet-filter-adapter). Basically, just want to be able to extract the attributes for the specific JWT token as this contains some metadata about the user (database GUIDs, etc.) that I will need to use to extract permission information. – cloudwalker May 20 '19 at 15:22
  • I have never used the servlet filter adapter myself, but it should somehow map the user info in the current server session. Then you should be able to get the extra claims you have (you might find this useful: https://stackoverflow.com/a/32890003/1199132 ) – Aritz May 22 '19 at 08:16

0 Answers0