Created
August 8, 2016 07:55
-
-
Save thomasdarimont/d82c4478df997556a9d16afb79787459 to your computer and use it in GitHub Desktop.
Keycloak client with support for externally provided AccessTokens
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
String realm = "acme-dev"; | |
String clientId = "some-app"; | |
String serverUrl = "https://sso.acme.com/auth"; | |
String accessToken = "Some token"; | |
Keycloak keycloakWithAccessToken = Keycloak.getInstance(serverUrl, realm, clientId, accessToken); | |
String userId = "041d3213-1284-4331-958d-69611f9c8cbf"; | |
System.out.println(keycloakWithAccessToken.realm(realm).users().get(userId).toRepresentation().getUsername()); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* Copyright 2016 Red Hat, Inc. and/or its affiliates | |
* and other contributors as indicated by the @author tags. | |
* | |
* Licensed under the Apache License, Version 2.0 (the "License"); | |
* you may not use this file except in compliance with the License. | |
* You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, software | |
* distributed under the License is distributed on an "AS IS" BASIS, | |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
* See the License for the specific language governing permissions and | |
* limitations under the License. | |
*/ | |
package org.keycloak.admin.client; | |
import org.jboss.resteasy.client.jaxrs.ResteasyClient; | |
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder; | |
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget; | |
import org.keycloak.admin.client.resource.BearerAuthFilter; | |
import org.keycloak.admin.client.resource.RealmResource; | |
import org.keycloak.admin.client.resource.RealmsResource; | |
import org.keycloak.admin.client.resource.ServerInfoResource; | |
import org.keycloak.admin.client.token.TokenManager; | |
import java.net.URI; | |
import static org.keycloak.OAuth2Constants.PASSWORD; | |
/** | |
* Provides a Keycloak client. By default, this implementation uses a {@link ResteasyClient RESTEasy client} with the | |
* default {@link ResteasyClientBuilder} settings. To customize the underling client, use a {@link KeycloakBuilder} to | |
* create a Keycloak client. | |
* | |
* @author rodrigo.sasaki@icarros.com.br | |
* @see KeycloakBuilder | |
*/ | |
public class Keycloak { | |
private final Config config; | |
private final TokenManager tokenManager; | |
private final ResteasyWebTarget target; | |
private final ResteasyClient client; | |
Keycloak(String serverUrl, String realm, String username, String password, String clientId, String clientSecret, String grantType, ResteasyClient resteasyClient, String accessToken) { | |
config = new Config(serverUrl, realm, username, password, clientId, clientSecret, grantType); | |
client = resteasyClient != null ? resteasyClient : new ResteasyClientBuilder().connectionPoolSize(10).build(); | |
tokenManager = new TokenManager(config, client); | |
target = client.target(config.getServerUrl()); | |
if (accessToken == null) { | |
target.register(new BearerAuthFilter(tokenManager)); | |
} else { | |
target.register(new BearerAuthFilter(accessToken)); | |
} | |
} | |
public static Keycloak getInstance(String serverUrl, String realm, String username, String password, String clientId, String clientSecret) { | |
return new Keycloak(serverUrl, realm, username, password, clientId, clientSecret, PASSWORD, null, null); | |
} | |
public static Keycloak getInstance(String serverUrl, String realm, String username, String password, String clientId) { | |
return new Keycloak(serverUrl, realm, username, password, clientId, null, PASSWORD, null, null); | |
} | |
public static Keycloak getInstance(String serverUrl, String realm, String clientId, String accessTokenString) { | |
return new Keycloak(serverUrl, realm, null, null, clientId, null, PASSWORD, null, accessTokenString); | |
} | |
public RealmsResource realms() { | |
return target.proxy(RealmsResource.class); | |
} | |
public RealmResource realm(String realmName) { | |
return realms().realm(realmName); | |
} | |
public ServerInfoResource serverInfo() { | |
return target.proxy(ServerInfoResource.class); | |
} | |
public TokenManager tokenManager() { | |
return tokenManager; | |
} | |
/** | |
* Create a secure proxy based on an absolute URI. | |
* All set up with appropriate token | |
* | |
* @param proxyClass | |
* @param absoluteURI | |
* @param <T> | |
* @return | |
*/ | |
public <T> T proxy(Class<T> proxyClass, URI absoluteURI) { | |
return client.target(absoluteURI).register(new BearerAuthFilter(tokenManager)).proxy(proxyClass); | |
} | |
/** | |
* Closes the underlying client. After calling this method, this <code>Keycloak</code> instance cannot be reused. | |
*/ | |
public void close() { | |
client.close(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment