Java Code Examples for org.keycloak.representations.AccessTokenResponse#getRefreshToken()

The following examples show how to use org.keycloak.representations.AccessTokenResponse#getRefreshToken() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: KeycloakSpringAdapterUtils.java    From smartling-keycloak-extras with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a new {@link RefreshableKeycloakSecurityContext} from the given {@link KeycloakDeployment} and {@link AccessTokenResponse}.
 *
 * @param deployment the <code>KeycloakDeployment</code> for which to create a <code>RefreshableKeycloakSecurityContext</code> (required)
 * @param accessTokenResponse the <code>AccessTokenResponse</code> from which to create a RefreshableKeycloakSecurityContext (required)
 *
 * @return a <code>RefreshableKeycloakSecurityContext</code> created from the given <code>accessTokenResponse</code>
 * @throws VerificationException if the given <code>AccessTokenResponse</code> contains an invalid {@link IDToken}
 */
public static RefreshableKeycloakSecurityContext createKeycloakSecurityContext(KeycloakDeployment deployment, AccessTokenResponse accessTokenResponse) throws VerificationException {
    String tokenString = accessTokenResponse.getToken();
    String idTokenString = accessTokenResponse.getIdToken();
    AccessToken accessToken = RSATokenVerifier
            .verifyToken(tokenString, deployment.getRealmKey(), deployment.getRealmInfoUrl());
    IDToken idToken;

    try {
        JWSInput input = new JWSInput(idTokenString);
        idToken = input.readJsonContent(IDToken.class);
    } catch (JWSInputException e) {
        throw new VerificationException("Unable to verify ID token", e);
    }

    // FIXME: does it make sense to pass null for the token store?
    return new RefreshableKeycloakSecurityContext(deployment, null, tokenString, accessToken, idTokenString, idToken, accessTokenResponse.getRefreshToken());
}
 
Example 2
Source File: ProductServiceAccountServlet.java    From keycloak with Apache License 2.0 6 votes vote down vote up
private void setTokens(HttpServletRequest req, KeycloakDeployment deployment, AccessTokenResponse tokenResponse) throws IOException, VerificationException {
    String token = tokenResponse.getToken();
    String refreshToken = tokenResponse.getRefreshToken();
    AdapterTokenVerifier.VerifiedTokens parsedTokens = AdapterTokenVerifier.verifyTokens(token, tokenResponse.getIdToken(), deployment);
    AccessToken tokenParsed = parsedTokens.getAccessToken();
    req.getSession().setAttribute(TOKEN, token);
    req.getSession().setAttribute(REFRESH_TOKEN, refreshToken);
    req.getSession().setAttribute(TOKEN_PARSED, tokenParsed);
}
 
Example 3
Source File: KcinitDriver.java    From keycloak with Apache License 2.0 6 votes vote down vote up
public String readRefreshToken(String client) throws Exception {
    String json = getTokenResponse(client);
    if (json == null) return null;


    if (json != null) {
        try {
            AccessTokenResponse tokenResponse = JsonSerialization.readValue(json, AccessTokenResponse.class);
            return tokenResponse.getRefreshToken();
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            File tokenFile = getTokenFilePath(client);
            if (tokenFile.exists()) {
                tokenFile.delete();
            }

            return null;
        }
    }
    return null;

}
 
Example 4
Source File: KeycloakInstalled.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private void parseAccessToken(AccessTokenResponse tokenResponse) throws VerificationException {
    this.tokenResponse = tokenResponse;
    tokenString = tokenResponse.getToken();
    refreshToken = tokenResponse.getRefreshToken();
    idTokenString = tokenResponse.getIdToken();

    AdapterTokenVerifier.VerifiedTokens tokens = AdapterTokenVerifier.verifyTokens(tokenString, idTokenString, deployment);
    token = tokens.getAccessToken();
    idToken = tokens.getIdToken();
}
 
Example 5
Source File: UmaGrantTypeTest.java    From keycloak with Apache License 2.0 2 votes vote down vote up
@Test
public void testRefreshRpt() {
    AccessTokenResponse accessTokenResponse = getAuthzClient().obtainAccessToken("marta", "password");
    AuthorizationResponse response = authorize(null, null, null, null, accessTokenResponse.getToken(), null, null, new PermissionRequest("Resource A", "ScopeA", "ScopeB"));
    String rpt = response.getToken();

    assertNotNull(rpt);

    AccessToken accessToken = toAccessToken(rpt);
    AccessToken.Authorization authorization = accessToken.getAuthorization();

    assertNotNull(authorization);

    Collection<Permission> permissions = authorization.getPermissions();

    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());

    String refreshToken = response.getRefreshToken();

    assertNotNull(refreshToken);

    AccessToken refreshTokenToken = toAccessToken(refreshToken);

    assertNotNull(refreshTokenToken.getAuthorization());

    Client client = ClientBuilder.newClient();
    UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
    URI uri = OIDCLoginProtocolService.tokenUrl(builder).build(REALM_NAME);
    WebTarget target = client.target(uri);

    Form parameters = new Form();

    parameters.param("grant_type", OAuth2Constants.REFRESH_TOKEN);
    parameters.param(OAuth2Constants.REFRESH_TOKEN, refreshToken);

    AccessTokenResponse refreshTokenResponse = target.request()
            .header(HttpHeaders.AUTHORIZATION, BasicAuthHelper.createHeader("resource-server-test", "secret"))
            .post(Entity.form(parameters)).readEntity(AccessTokenResponse.class);

    assertNotNull(refreshTokenResponse.getToken());
    refreshToken = refreshTokenResponse.getRefreshToken();
    refreshTokenToken = toAccessToken(refreshToken);

    assertNotNull(refreshTokenToken.getAuthorization());

    AccessToken refreshedToken = toAccessToken(rpt);
    authorization = refreshedToken.getAuthorization();

    assertNotNull(authorization);

    permissions = authorization.getPermissions();

    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());

    refreshTokenResponse = target.request()
            .header(HttpHeaders.AUTHORIZATION, BasicAuthHelper.createHeader("resource-server-test", "secret"))
            .post(Entity.form(parameters)).readEntity(AccessTokenResponse.class);

    assertNotNull(refreshTokenResponse.getToken());
    refreshToken = refreshTokenResponse.getRefreshToken();
    refreshTokenToken = toAccessToken(refreshToken);

    assertNotNull(refreshTokenToken.getAuthorization());

    refreshedToken = toAccessToken(rpt);
    authorization = refreshedToken.getAuthorization();

    assertNotNull(authorization);

    permissions = authorization.getPermissions();

    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());
}