Recently I have enabled Github as an identity provider to login through Keycloak. I am somehow trying to get access to the Github access_token that is stored in Keycloak after successful login by the user. This token is stored in FEDERATED_ENTITY table I have found out.
The use case that I have is the following: as soon as the user is registered in Keycloak with Github, I want to get the Github token and store it in my own MongoDB.
To monitor these events (EventType.REGISTER for example) I have created an SPI, using EventLIstenerProvider.
I have not found any type of documentation on how to do this exactly and in the best way and where I can grab this Github ‘access_token’ during registration and login events.
This has been bugging me for 3 days in a row now and I am really stuck. Does anyone know what is the best way forward on doing this. Any help would be really appreciated. Thanks in advance.
This is not the scenario that I am looking for. Because this approach can only be done if User X is logged in, and through User X’ their own Keycloak Token I can retrieve that information.
This approach I cannot use from a custom event listener either I would think.
From an EventListener you can get it from the session. E.g.:
@Override
public void onEvent(Event event) {
RealmModel realm = session.realms().getRealm(event.getRealmId());
UserModel user = session.users().getUserById(realm, event.getUserId());
String token = session.users().getFederatedIdentity(realm, user, "github").getToken();
// now do something with the token
}
Ahh that really helps, thanks a lot. I have been looking through some code like this. How do I obtain the session object here exactly? This is what I haven’t been able to figure out so far.