BAEL-4441: Custom User Attributes with Keycloak and Spring (#9966)

2020-09-02 21:16:52 +05:30 · 2020-09-02 21:16:52 +05:30 · 473b453a1f
commit 473b453a1f
parent a82d2bf9e0
3 changed files with 62 additions and 1 deletions
--- a/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/CustomUserAttrController.java
@ -0,0 +1,46 @@
 package com.baeldung.keycloak;
 import java.security.Principal;
 import java.util.Map;
 import org.keycloak.KeycloakPrincipal;
 import org.keycloak.KeycloakSecurityContext;
 import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
 import org.keycloak.representations.IDToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
@Controller
 public class CustomUserAttrController {
    @GetMapping(path = "/users")
    public String getUserInfo(Model model) {
        KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) SecurityContextHolder.getContext()
            .getAuthentication();
        final Principal principal = (Principal) authentication.getPrincipal();
        String dob = "";
        if (principal instanceof KeycloakPrincipal) {
            KeycloakPrincipal<KeycloakSecurityContext> kPrincipal = (KeycloakPrincipal<KeycloakSecurityContext>) principal;
            IDToken token = kPrincipal.getKeycloakSecurityContext()
                .getIdToken();
            Map<String, Object> customClaims = token.getOtherClaims();
            if (customClaims.containsKey("DOB")) {
                dob = String.valueOf(customClaims.get("DOB"));
            }
        }
        model.addAttribute("username", principal.getName());
        model.addAttribute("dob", dob);
        return "userInfo";
    }
 }
--- a/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/SecurityConfig.java
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/java/com/baeldung/keycloak/SecurityConfig.java
@ -44,7 +44,7 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.authorizeRequests()
-            .antMatchers("/customers*")
+            .antMatchers("/customers*", "/users*")
            .hasRole("user")
            .anyRequest()
            .permitAll();
--- a/spring-boot-modules/spring-boot-keycloak/src/main/resources/templates/userInfo.html
+++ b/spring-boot-modules/spring-boot-keycloak/src/main/resources/templates/userInfo.html
@ -0,0 +1,15 @@
 <!DOCTYPE html>
 <html xmlns:th="http://www.thymeleaf.org">
 <head th:include="layout :: headerFragment">
 </head>
 <body>
 	<div id="container">
 		<h1>
 			Hello, <span th:text="${username}">--name--</span>.
 		</h1>
 		<h3>
 			Your Date of Birth as per our records is <span th:text="${dob}" />.
 		</h3>
 	</div>
 </body>
 </html>