public Optional<String> getUserPlatformUsername(final Principal user, final Platform platform) { if (platform != Platform.GITHUB) { throw new RuntimeException("only github is supported for now"); } return keycloakRepository.getUserIdentities(user.getName()) .filter(i -> i.getProvider().name().equalsIgnoreCase(platform.toString())) .findFirst() .map(UserIdentity::getUsername); } }
private String getProfileAccessToken(@NonNull KeycloakAuthenticationToken token, @NonNull Provider provider) { HttpClient httpclient = HttpClientBuilder.create().build(); // the http-client, that will send the request HttpGet httpGet = new HttpGet(keycloakUrl + "/realms/fundrequest/broker/" + provider.name().toLowerCase() + "/token"); // the http GET request httpGet.addHeader("Authorization", "Bearer " + token.getAccount().getKeycloakSecurityContext().getTokenString()); try { HttpResponse response = httpclient.execute(httpGet); if (response.getStatusLine().getStatusCode() != 200) { throw new RuntimeException("An error occurred when contacting IDP"); } return getProviderAccessToken(provider, response); } catch (IOException e) { throw new RuntimeException(e); } }
@Override public String createSignupLink(HttpServletRequest request, Principal principal, Provider providerEnum, String redirectUrl) { String provider = providerEnum.name().toLowerCase(); AccessToken token = ((KeycloakAuthenticationToken) principal).getAccount().getKeycloakSecurityContext().getToken(); String clientId = token.getIssuedFor(); String nonce = UUID.randomUUID().toString(); MessageDigest md; try { md = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } String input = nonce + token.getSessionState() + clientId + provider; byte[] check = md.digest(input.getBytes(StandardCharsets.UTF_8)); String hash = Base64Url.encode(check); request.getSession().setAttribute("hash", hash); return KeycloakUriBuilder.fromUri(keycloakUrl) .path("/realms/{realm}/broker/{provider}/link") .queryParam("nonce", nonce) .queryParam("hash", hash) .queryParam("client_id", clientId) .queryParam("redirect_uri", getRedirectUrl(request, provider, redirectUrl)).build("fundrequest", provider).toString(); }