KEYCLOAK-2297
This commit is contained in:
parent
e2287188a8
commit
d0b17a0aea
3 changed files with 33 additions and 4 deletions
|
@ -10,6 +10,7 @@ import org.keycloak.adapters.OIDCHttpFacade;
|
|||
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
|
||||
import org.keycloak.adapters.RequestAuthenticator;
|
||||
import org.keycloak.adapters.spi.KeycloakAccount;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
@ -68,13 +69,33 @@ public class FilterRequestAuthenticator extends RequestAuthenticator {
|
|||
}
|
||||
|
||||
@Override
|
||||
protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) {
|
||||
RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext();
|
||||
Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext);
|
||||
protected void completeBearerAuthentication(final KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal, String method) {
|
||||
final RefreshableKeycloakSecurityContext securityContext = principal.getKeycloakSecurityContext();
|
||||
final Set<String> roles = AdapterUtils.getRolesFromSecurityContext(securityContext);
|
||||
if (log.isLoggable(Level.FINE)) {
|
||||
log.fine("Completing bearer authentication. Bearer roles: " + roles);
|
||||
}
|
||||
request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
|
||||
OidcKeycloakAccount account = new OidcKeycloakAccount() {
|
||||
|
||||
@Override
|
||||
public Principal getPrincipal() {
|
||||
return principal;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getRoles() {
|
||||
return roles;
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeycloakSecurityContext getKeycloakSecurityContext() {
|
||||
return securityContext;
|
||||
}
|
||||
|
||||
};
|
||||
// need this here to obtain UserPrincipal
|
||||
request.setAttribute(KeycloakAccount.class.getName(), account);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -35,7 +35,10 @@ public class OIDCFilterSessionStore extends FilterSessionStore implements Adapte
|
|||
|
||||
public HttpServletRequestWrapper buildWrapper() {
|
||||
HttpSession session = request.getSession();
|
||||
KeycloakAccount account = (KeycloakAccount)session.getAttribute((KeycloakAccount.class.getName()));
|
||||
KeycloakAccount account = (KeycloakAccount)session.getAttribute(KeycloakAccount.class.getName());
|
||||
if (account == null) {
|
||||
account = (KeycloakAccount)request.getAttribute(KeycloakAccount.class.getName());
|
||||
}
|
||||
return buildWrapper(session, account);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,11 +1,14 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.junit.Assert;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.security.Principal;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
|
@ -18,6 +21,8 @@ public class CustomerDatabaseServlet extends HttpServlet {
|
|||
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
|
||||
resp.setContentType("text/html");
|
||||
PrintWriter pw = resp.getWriter();
|
||||
Principal principal = req.getUserPrincipal();
|
||||
Assert.assertNotNull(principal);
|
||||
pw.printf("<html><head><title>%s</title></head><body>", "Customer Portal");
|
||||
pw.println("Stian Thorgersen");
|
||||
pw.println("Bill Burke");
|
||||
|
|
Loading…
Reference in a new issue