New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating User firstname and lastname when working with keycloak #7398
Comments
I think it needs to be done in keycloak so it sync up in the app |
Yes you should do it in Keycloak - then if that's not enough you could have your own "domain table" locally |
Two ways:
|
If you make the change in Keycloak, it should be reflected in the |
The discussion is closed, but I think that would be interesting for users approaching an application like jhipster for the first time, which can be based upon an external identity provider, how to update an user correctly. Probably it's something that can be easily found in keycloak docs, but it would be nice to have two lines in jhipster documentation maybe! |
From the backend application to identity provider, it's doable. You need to use <dependency>
<artifactId>keycloak-admin-client</artifactId>
<groupId>org.keycloak</groupId>
<version>${keycloak.version}</version>
</dependency> Then, you need to code all the API + logic in your business code. |
Thanks! I was looking for that. What about mentioning it in the documentation? Is out of the scope of jHipster? |
Not sure as I think it's out of the scope of JHipster, and it's very specific. But if you want to code this part in a JHipster application, it's possible with keycloak-admin-client library. |
Thanks for your help @pascalgrimaud, really appreciated. Actually I've managed to connect to keycloak and update an user, the problem now is that UserService is syncing User's data from the OAuth2 Token details, which is not updated until let's say a logout / login. I'm thinking about the best way to proceed now. Maybe invalidate the access token, to trigger a refresh on client side, and consequently have an updated token coming from the next request? Alternatively I can keep the updated user data stored somewhere (eg. database), waiting for the next token refresh, but it doesn't make me really happy, that means that the Security context is not in sync with the IdP (until next token refresh). I will study the topic to find a better solution... regarding the doc, I agree, it's a bit too far from jHipster...maybe it's a good candidate for the "Tips'n'tricks" section though :) Cheers! Edit: Probably I'll keep this as is for the moment, data kept on keycloak is more intended for exchange with other providers (eg. when you login through a Social, and it returns the user e-mail). Luckily since the project start, I've created another table on the Db to keep more user info, I will use that table as the main reference, keeping the "User" table updated with the same data, but more as a representation of what is on the Identity Provider. In case of doubt, if the last update of "UserProfile", is more recent than the one for "User", I will know that probably a refresh has to be done. Unfortunately I've got no more time to think a better solution, but it will do for the moment :-) |
Overview of the issue
Earlier without keycloak, we used to have User settings page, where one can change user firstname/lastname.
But with keycloak integration, that is when using OAuth, I do not see option to update user firstname/lastname.
Motivation for or Use Case
User might want to change his/her lastname/firstname any time.
JHipster Version(s)
4.14.0
JHipster configuration
{
"generator-jhipster": {
"promptValues": {
"packageName": "com.test"
},
"jhipsterVersion": "4.14.0",
"baseName": "test",
"packageName": "com.test",
"packageFolder": "com/test",
"serverPort": "8080",
"authenticationType": "oauth2",
"cacheProvider": "ehcache",
"enableHibernateCache": true,
"websocket": false,
"databaseType": "sql",
"devDatabaseType": "h2Disk",
"prodDatabaseType": "mysql",
"searchEngine": false,
"messageBroker": false,
"serviceDiscoveryType": false,
"buildTool": "maven",
"enableSocialSignIn": false,
"enableSwaggerCodegen": false,
"clientFramework": "angularX",
"useSass": false,
"clientPackageManager": "yarn",
"applicationType": "monolith",
"testFrameworks": [],
"jhiPrefix": "jhi",
"enableTranslation": false
}
}
Browsers and Operating System
Safari, MacOS
The text was updated successfully, but these errors were encountered: