diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java index cb9ddcd064..2c9876eace 100755 --- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java +++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java @@ -19,6 +19,9 @@ package org.keycloak.adapters.springsecurity.facade; import org.keycloak.KeycloakSecurityContext; import org.keycloak.adapters.OIDCHttpFacade; +import org.keycloak.adapters.spi.KeycloakAccount; +import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount; +import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.util.Assert; @@ -57,7 +60,8 @@ public class SimpleHttpFacade implements OIDCHttpFacade { SecurityContext context = SecurityContextHolder.getContext(); if (context != null && context.getAuthentication() != null) { - return (KeycloakSecurityContext) context.getAuthentication().getDetails(); + KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) context.getAuthentication(); + return authentication.getAccount().getKeycloakSecurityContext(); } return null; diff --git a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java new file mode 100644 index 0000000000..28c6ce8eaf --- /dev/null +++ b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java @@ -0,0 +1,41 @@ +package org.keycloak.adapters.springsecurity.facade; + +import org.junit.Before; +import org.junit.Test; +import org.keycloak.adapters.RefreshableKeycloakSecurityContext; +import org.keycloak.adapters.spi.KeycloakAccount; +import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount; +import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken; +import org.mockito.internal.util.collections.Sets; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; + +import java.security.Principal; +import java.util.Set; + +import static org.junit.Assert.assertNotNull; +import static org.mockito.Mockito.mock; + +public class SimpleHttpFacadeTest { + + @Before + public void setup() { + SecurityContext springSecurityContext = SecurityContextHolder.createEmptyContext(); + SecurityContextHolder.setContext(springSecurityContext); + Set roles = Sets.newSet("user"); + Principal principal = mock(Principal.class); + RefreshableKeycloakSecurityContext keycloakSecurityContext = mock(RefreshableKeycloakSecurityContext.class); + KeycloakAccount account = new SimpleKeycloakAccount(principal, roles, keycloakSecurityContext); + KeycloakAuthenticationToken token = new KeycloakAuthenticationToken(account); + springSecurityContext.setAuthentication(token); + } + + @Test + public void shouldRetrieveKeycloakSecurityContext() { + SimpleHttpFacade facade = new SimpleHttpFacade(new MockHttpServletRequest(), new MockHttpServletResponse()); + + assertNotNull(facade.getSecurityContext()); + } +}