Validating jwt attributes from REST API request
80 views
Skip to first unread message
Mark Jayson Gonzaga
Apr 26, 2021, 3:53:00 PM4/26/21
to kogito-de...@googlegroups.com
Hi Team,
I've been playing around with this example
kogito-examples/process-usertasks-with-security-oidc-quarkus at stable · kiegroup/kogito-examples (github.com)
as it is kind of near on what i'm looking for. However, I would like to check if there is a way for me to get the jwt or the Principal or even the claim from the request?
kogito-examples/process-usertasks-with-security-oidc-quarkus at stable · kiegroup/kogito-examples (github.com)
as it is kind of near on what i'm looking for. However, I would like to check if there is a way for me to get the jwt or the Principal or even the claim from the request?
My implementation would be like to get the principal details then hand it over to the next task for further checking?
Thanks,
Nieves Miras Chueca
Apr 28, 2021, 5:16:48 AM4/28/21
to kogito-de...@googlegroups.com
Hello Mark,
Regarding this example is including OpenID Connector, you can inject directly the JsonWebToken jwt in case you need extra checks;
you'll find here the details: https://quarkus.io/guides/security-openid-connect#accessing-jwt-claims.
The current implementation just provide a way to connect @RolesAllowed("user") check with the security provider, in this case Keycloak.
If you need to do extra checks using that JSON web token, maybe you can intercept the request something like is done here: https://github.com/kiegroup/kogito-examples/blob/6bb8000e3c3e45a70b8944970f64825d3667e079/kogito-travel-agency/extended/travels/src/main/java/org/kie/kogito/app/VertxRouter.java#L36
and add there the extra checks.
Hope this helps,
Neus.
----- Original Message -----
From: "Mark Jayson Gonzaga" <markjayson...@gmail.com>
To: kogito-de...@googlegroups.com
Sent: Monday, 26 April, 2021 9:52:47 PM
Subject: Validating jwt attributes from REST API request
Hi Team,
I've been playing around with this example
kogito-examples/process-usertasks-with-security-oidc-quarkus at stable ·
kiegroup/kogito-examples (github.com)
<https://github.com/kiegroup/kogito-examples/tree/stable/process-usertasks-with-security-oidc-quarkus>
as it is kind of near on what i'm looking for. However, I would like to
check if there is a way for me to get the jwt or the Principal or even the
claim from the request?
My implementation would be like to get the principal details then hand it
over to the next task for further checking?
Thanks,
--
You received this message because you are subscribed to the Google Groups "Kogito development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kogito-developm...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kogito-development/CADNbDsBAFc378NcWzoj3tCAQp3EB%2BsR_U%3DO107bA5PoWpa0Auw%40mail.gmail.com.
Regarding this example is including OpenID Connector, you can inject directly the JsonWebToken jwt in case you need extra checks;
you'll find here the details: https://quarkus.io/guides/security-openid-connect#accessing-jwt-claims.
The current implementation just provide a way to connect @RolesAllowed("user") check with the security provider, in this case Keycloak.
If you need to do extra checks using that JSON web token, maybe you can intercept the request something like is done here: https://github.com/kiegroup/kogito-examples/blob/6bb8000e3c3e45a70b8944970f64825d3667e079/kogito-travel-agency/extended/travels/src/main/java/org/kie/kogito/app/VertxRouter.java#L36
and add there the extra checks.
Hope this helps,
Neus.
----- Original Message -----
From: "Mark Jayson Gonzaga" <markjayson...@gmail.com>
To: kogito-de...@googlegroups.com
Sent: Monday, 26 April, 2021 9:52:47 PM
Subject: Validating jwt attributes from REST API request
Hi Team,
I've been playing around with this example
kogito-examples/process-usertasks-with-security-oidc-quarkus at stable ·
kiegroup/kogito-examples (github.com)
as it is kind of near on what i'm looking for. However, I would like to
check if there is a way for me to get the jwt or the Principal or even the
claim from the request?
My implementation would be like to get the principal details then hand it
over to the next task for further checking?
Thanks,
You received this message because you are subscribed to the Google Groups "Kogito development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kogito-developm...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kogito-development/CADNbDsBAFc378NcWzoj3tCAQp3EB%2BsR_U%3DO107bA5PoWpa0Auw%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages