get RealmResource using KeycloakDeployment

Question

We have a Spring service running on Tomcat using the Tomcat Keycloak adapter and authentication is working fine.

The problem we are having is that we want to query a RealmResource using client parameters defined in the keycloak.json file.

In order to create a Keycloak object and grab the realm, I need the information provided by the keycloak.json file (realm, resource, auth-server-url, client secret, keystore/truststore). I can grab much of the info using the KeycloakDeployment instance from the Keycloak context, but the client-secret is private and I don't see an SSLContext or keystore parameters.

Is there a way to leverage existing objects from the context that were created by the Keycloak adapter for use in the admin client or do I need to manually read the keystore.json to get the client secret and keystore properties?

I want to use the client secret and not AuthToken since the logged in user may not have permissions to query/view realm data.

Thank You.

score 0 · Answer 1 · answered Feb 23 '18 at 22:44

I was able to get the contents of keycloak.json using the following code:

HttpServletRequest req = ((ServletRequestAttributes) RequestContextHolder
    .currentRequestAttributes()).getRequest();
String cfgPath = req.getServletContext().getRealPath(
    "/WEB-INF/keycloak.json");
try (BufferedInputStream bis = new BufferedInputStream(
        new FileInputStream(cfgPath))) {
    adapterConfig = KeycloakDeploymentBuilder
        .loadAdapterConfig(bis);
}

It works for us under Tomcat 8, not sure about other servers.

get RealmResource using KeycloakDeployment

1 Answers1