BAEL-4441: Custom User Attributes with Keycloak and Spring (#9966)

2020-09-02 21:16:52 +05:30 · 2020-09-02 21:16:52 +05:30 · 473b453a1f
commit 473b453a1f
parent a82d2bf9e0
3 changed files with 62 additions and 1 deletions
--- a/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
@ -0,0 +1,46 @@
+package com.baeldung.keycloak;
+
+import java.security.Principal;
+import java.util.Map;
+
+import org.keycloak.KeycloakPrincipal;
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
+import org.keycloak.representations.IDToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class CustomUserAttrController {
+
+    @GetMapping(path = "/users")
+    public String getUserInfo(Model model) {
+
+        KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) SecurityContextHolder.getContext()
+            .getAuthentication();
+
+        final Principal principal = (Principal) authentication.getPrincipal();
+
+        String dob = "";
+
+        if (principal instanceof KeycloakPrincipal) {
+
+            KeycloakPrincipal<KeycloakSecurityContext> kPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>) principal;
+            IDToken token = kPrincipal.getKeycloakSecurityContext()
+                .getIdToken();
+
+            Map<String, Object> customClaims = token.getOtherClaims();
+
+            if (customClaims.containsKey("DOB")) {
+                dob = String.valueOf(customClaims.get("DOB"));
+            }
+        }
+
+        model.addAttribute("username", principal.getName());
+        model.addAttribute("dob", dob);
+        return "userInfo";
+    }
+
+}
--- a/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/SecurityConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/SecurityConfig.java
@ -44,7 +44,7 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.authorizeRequests()
-            .antMatchers("/customers*")
+            .antMatchers("/customers*", "/users*")
            .hasRole("user")
            .anyRequest()
            .permitAll();
--- a/spring-boot-modules/spring-boot-keycloak/src/main/resources/templates/userInfo.html
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/resources/templates/userInfo.html
@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head th:include="layout :: headerFragment">
+</head>
+<body>
+	<div id="container">
+		<h1>
+			Hello, <span th:text="${username}">--name--</span>.
+		</h1>
+		<h3>
+			Your Date of Birth as per our records is <span th:text="${dob}" />.
+		</h3>
+	</div>
+</body>
+</html>