CODEWITHSUNDEEP
keycloakkeycloak-servicestoken-exchange
Stormenet
Stormenet

Reputation: 26468

Custom Keycloak TokenExchangeProvider is not being used

My custom Keycloak TokenExchangeProvider is not being used by Keycloak v25.

The kc.sh BUILD does show that it found the provider:

 WARN  [org.key.services] (build-3) KC-SERVICES0047: custom-token-exchange-provider (pxtokenexchange.CustomTokenExchangeProviderFactory) is implementing the internal SPI oauth2-token-exchange. This SPI is internal and may change without notice

Also the startup of keycloak logs it's existence:

WARN  [org.key.services] (build-42) KC-SERVICES0047: custom-token-exchange-provider (pxtokenexchange.CustomTokenExchangeProviderFactory) is implementing the internal SPI oauth2-token-exchange. This SPI is internal and may change without notice

I've tried adding the following arguments to the build:

kc.bat build --spi-token-exchange-provider--enabled=true --spi-token-exchange-provider-default-enabled=false

Upvotes: 0

Views: 101

Answers (1)

Stormenet
Stormenet

Reputation: 26468

The order returned by the CutomTokenExchangeProviderFactory needs to be higher than the default TokenExchangeProviderFactory, see full Factory below.
The build arguments are not needed and can be omitted.

package pxtokenexchange;

import org.jboss.logging.Logger;
import org.keycloak.models.KeycloakSession;
import org.keycloak.protocol.oidc.TokenExchangeProvider;
import org.keycloak.protocol.oidc.TokenExchangeProviderFactory;

public class CustomTokenExchangeProviderFactory implements TokenExchangeProviderFactory {
    private static final Logger logger = Logger.getLogger(CustomTokenExchangeProviderFactory.class);
    @Override
    public TokenExchangeProvider create(KeycloakSession session) {
        return new CustomTokenExchangeProvider();
    }

    @Override
    public String getId() {
        return "custom-token-exchange-provider";
    }

    @Override
    public void init(org.keycloak.Config.Scope config) {
    }

    @Override
    public void postInit(org.keycloak.models.KeycloakSessionFactory factory) {
    }

    @Override
    public void close() {
        // No resources to close for the factory
    }

    @Override
    public int order() {
        // important that this value is higher than the default TokenExchangeProvider, otherwise it won't use this one.
        return 1000;
    }
}

Upvotes: 0

Related Questions