Java Code Examples for org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken#getAccount()

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {

    KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) super.authenticate(authentication);
    String username;
    UserDetails userDetails;

    if (token == null) {
        return null;
    }

    username = this.resolveUsername(token);
    userDetails = userDetailsService.loadUserByUsername(username);

    return new KeycloakUserDetailsAuthenticationToken(userDetails, token.getAccount(), token.getAuthorities());
}
 

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) super.authenticate(authentication);
    String username;
    UserDetails userDetails;

    if (token == null) {
        return null;
    }

    username = this.resolveUsername(token);
    userDetails = userDetailsService.loadUserByUsername(username);

    return new KeycloakUserDetailsAuthenticationToken(userDetails, token.getAccount(), token.getAuthorities());
}
 

@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    KeycloakAuthenticationToken token = (KeycloakAuthenticationToken) authentication;
    List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();

    for (String role : token.getAccount().getRoles()) {
        grantedAuthorities.add(new KeycloakRole(role));
    }
    return new KeycloakAuthenticationToken(token.getAccount(), token.isInteractive(), mapAuthorities(grantedAuthorities));
}
 

/**
 * Returns the username from the given {@link KeycloakAuthenticationToken}. By default, this method
 * resolves the username from the token's {@link KeycloakPrincipal}'s name. This value can be controlled
 * via <code>keycloak.json</code>'s
 * <a href="http://docs.jboss.org/keycloak/docs/1.2.0.CR1/userguide/html/ch08.html#adapter-config"><code>principal-attribute</code></a>.
 * For more fine-grained username resolution, override this method.
 *
 * @param token the {@link KeycloakAuthenticationToken} from which to extract the username
 *
 * @return the username to use when loading a user from the this provider's {@link UserDetailsService}.
 *
 * @see UserDetailsService#loadUserByUsername
 * @see OidcKeycloakAccount#getPrincipal
 */
protected String resolveUsername(KeycloakAuthenticationToken token) {

    Assert.notNull(token, "KeycloakAuthenticationToken required");
    Assert.notNull(token.getAccount(), "KeycloakAuthenticationToken.getAccount() cannot be return null");
    OidcKeycloakAccount account = token.getAccount();
    Principal principal = account.getPrincipal();

    return principal.getName();
}
 

/**
 * Returns the username from the given {@link KeycloakAuthenticationToken}. By default, this method
 * resolves the username from the token's {@link KeycloakPrincipal}'s name. This value can be controlled
 * via <code>keycloak.json</code>'s
 * <a href="http://docs.jboss.org/keycloak/docs/1.2.0.CR1/userguide/html/ch08.html#adapter-config"><code>principal-attribute</code></a>.
 * For more fine-grained username resolution, override this method.
 *
 * @param token the {@link KeycloakAuthenticationToken} from which to extract the username
 *
 * @return the username to use when loading a user from the this provider's {@link UserDetailsService}.
 *
 * @see UserDetailsService#loadUserByUsername
 * @see OidcKeycloakAccount#getPrincipal
 */
protected String resolveUsername(KeycloakAuthenticationToken token) {

    Assert.notNull(token, "KeycloakAuthenticationToken required");
    Assert.notNull(token.getAccount(), "KeycloakAuthenticationToken.getAccount() cannot be return null");
    OidcKeycloakAccount account = token.getAccount();
    Principal principal = account.getPrincipal();

    return principal.getName();
}