I’m in the following scenario :
A Java backend with a REST API, authentication is done by the keycloak adapter (tomcat in my case)
A keycloak client of type Confidential, with Service Access activated
The client as Service Access so that it can make modifications on the keycloak side that my users are not allowed to do on their own, mainly edit other users informations to a certain extent controlled by the java backend.
I’m relatively new to keycloak, so this design maybe flawed, feel free to tell me (in particular i thougth about creating a specific confidential client for calls from the backend to the keycloak api, and use a bearer-only to authenticate calls to the backend)
Now here is how a retrieve the informations of the keycloak.json file :
// this dummy object returns null or void everywhere, except on getRequest which returns a similar DummyRequest HttpFacade facade = new DummyHttpFacadeToResolveKeycloakConfig(); AdapterDeploymentContext deploymentContext = (AdapterDeploymentContext) servletContext.getAttribute(AdapterDeploymentContext.class.getName()); KeycloakDeployment keycloakDeployment = deploymentContext.resolveDeployment(facade); Keycloak keycloakApi = KeycloakBuilder.builder() .serverUrl(keycloakDeployment.getAuthServerBaseUrl()) .realm(keycloakDeployment.getRealm()) .clientId(keycloakDeployment.getResourceName()) .clientSecret((String)keycloakDeployment.getResourceCredentials().get("secret")) .grantType(CLIENT_CREDENTIALS) .build();
So far so good, but it feels i’m missing something, especially with this DummyHttpFacade objet i had to create. Is their a better way to retrieve the adapter’s config ? Thanks