CODEWITHSUNDEEP
spring-bootspring-securitykeycloak
mifol68042
mifol68042

Reputation: 331

KeyCloak Spring Boot - Add custom code on auth success

I am using KeyCloak integration with Spring Boot as in this guide. I have my security config like below:

class KeycloakSecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.authorizeRequests().antMatchers("/**").authenticated()
            .anyRequest().permitAll();
    }
}

I want to add some custom code for onAuthenticationSuccess before KeyCloak redirects me to the actual resource. I tried implementing a custom class with AuthenticationSuccessHandler and do formLogin().successHandler(...). This didn't work. How can I get this working??

Upvotes: 1

Views: 1940

Answers (1)

Yeshwanth V Shenoy
Yeshwanth V Shenoy

Reputation: 385

If you still prefer to use Spring Boot KeyCloak, something like this will work.

public class KeyCloakAuthSuccessHandler extends KeycloakAuthenticationSuccessHandler {


    public KeyCloakAuthSuccessHandler(AuthenticationSuccessHandler fallback) {
        super(fallback);
    }

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        if (authentication.getPrincipal() instanceof KeycloakPrincipal) {
            AccessToken token = ((KeycloakPrincipal<?>) authentication.getPrincipal()).getKeycloakSecurityContext().getToken();
        }
        super.onAuthenticationSuccess(request, response, authentication);
    }
}

And in your security config or similar file that extends KeyCloakWebSecurityConfigurerAdapter do the following:

@Bean
@Override
protected KeycloakAuthenticationProcessingFilter keycloakAuthenticationProcessingFilter() throws Exception {
    KeycloakAuthenticationProcessingFilter filter = new KeycloakAuthenticationProcessingFilter(authenticationManagerBean());
    filter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy());
    filter.setAuthenticationSuccessHandler(successHandler());
    return filter;
}


@NotNull
@Bean
public KeyCloakAuthSuccessHandler successHandler() {
    return new KeyCloakAuthSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler());
}

Upvotes: 4

Related Questions