How can i decode JWT using Keycloak

spring-boot spring-cloud keycloak
14,461

Solution 1

You have to include keycloak's core library into your dependencies.
Gradle: compileOnly 'org.keycloak:keycloak-core:3.4.2.Final'

Then use the org.keycloak.TokenVerifier to parse the token.
Example:

try
{
  // deprecated: AccessToken token = RSATokenVerifier.create(tokenString).getToken();
  AccessToken token = TokenVerifier.create(tokenString, AccessToken.class).getToken();
  System.out.printf("iss = %s%n", token.getIssuer());
  System.out.printf("sub = %s%n", token.getSubject());
  System.out.printf("typ = %s%n", token.getType());
}
catch (VerificationException e)
{
  // some error handling
}

You can also activate various verifications on the RSATokenVerifier and in particular the signature validation by setting the public key:

RSATokenVerifier.create(tokenString).checkActive(true).publicKey(key).verify().getToken()

Solution 2

As i am using keycloak to authenticate jwt, it decodes jwt and puts details into SecurityContextHolder and I just pulled the details from there it self. here is the code.

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null) {
        if (authentication.getPrincipal() instanceof KeycloakPrincipal) {
            KeycloakPrincipal<KeycloakSecurityContext> kp = (KeycloakPrincipal<KeycloakSecurityContext>) authentication.getPrincipal();
            // retrieving username here
            String username = kp.getKeycloakSecurityContext().getToken().getPreferredUsername();
            }
      }

this solved it for me.

Share:
14,461
arjunagarwal
Author by

arjunagarwal

Code for living. Love to solve problems.

Updated on June 04, 2022

Comments

  • arjunagarwal
    arjunagarwal almost 2 years

    I am using Keycloak with Spring-Boot in my application. My browser client request keycloak to generate JWT and then sends this JWT to my ZUUL server which validates JWT using keycloak-spring adapter and then i have written a pre-filter to decodes JWT payload and extract username. I am using com.auth0.java-jwt library to decode JWT like in below snippet

     DecodedJWT dJWT=JWT.decode(header);
 String username=dJWT.getClaim("preferred_username").asString();

    I was wondering if there is anyway i can do this without using external library. I want to use keycloak library to decode JWT explicitly. How can i achieve this?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Spring @FeignClient with OAuth2FeignRequestInterceptor not working
How can I use multiple Oauth2 SSO Servers on a single Spring boot application with Spring Cloud Security Oauth2?
Eureka replicas unavailable
SpringBoot: FeignClient with SSL (p12)
Spring cloud: Ribbon and HTTPS
Spring Boot - KeyCloak directed to 403 forbidden
Settings in application.yml for spring.cloud.config aren't used when app is executing
How to create a custom Spring PropertySource that depends on a Spring Bean
spring cloud stream 'bindingService' error
Zuul with web socket