/
UserDetailsArgumentResolver.java
47 lines (37 loc) · 1.84 KB
/
UserDetailsArgumentResolver.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package de.slackspace.keycloaktutorial.security.web.resolver;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.representations.AccessToken;
import org.springframework.core.MethodParameter;
import org.springframework.web.bind.support.WebArgumentResolver;
import org.springframework.web.bind.support.WebDataBinderFactory;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.method.support.ModelAndViewContainer;
import de.slackspace.keycloaktutorial.security.domain.CurrentUser;
import de.slackspace.keycloaktutorial.security.domain.UserDetails;
public class UserDetailsArgumentResolver implements HandlerMethodArgumentResolver {
@Override
public Object resolveArgument(MethodParameter methodParameter, ModelAndViewContainer mavContainer,
NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
if (supportsParameter(methodParameter)) {
return createUserDetails(webRequest);
}
else {
return WebArgumentResolver.UNRESOLVED;
}
}
@SuppressWarnings("unchecked")
private Object createUserDetails(NativeWebRequest webRequest) {
KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal =
(KeycloakPrincipal<RefreshableKeycloakSecurityContext>) webRequest.getUserPrincipal();
AccessToken token = principal.getKeycloakSecurityContext().getToken();
return new UserDetails(token.getId(), token.getGivenName(), token.getFamilyName(), token.getEmail(),
token.getRealmAccess().getRoles());
}
@Override
public boolean supportsParameter(MethodParameter methodParameter) {
return methodParameter.getParameterAnnotation(CurrentUser.class) != null
&& methodParameter.getParameterType().equals(UserDetails.class);
}
}