Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-5925

add a way to dump/log the tokens that are passed to the clients

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 3.4.1.CR1
    • Component/s: None
    • Labels:
      None

      Description

      I am working with a customer that is trying to pass custom attributes from RH-SSO to the client application.

      To troubleshoot this, I need to verify that the token contains the custom attribute. To accomplish this, I need to see the token.

      At the moment, I have to ask the customer to add code to the application to dump the token:

      KeycloakSecurityContext session = (KeycloakSecurityContext) httpServletRequest.getAttribute(KeycloakSecurityContext.class.getName());
      String accessTokenString = session.getTokenString();
      System.err.println(tokenString);

      We need a way to see the tokens that are getting passed around.

      The token should be logged with a trace level logger and should not include the token signature.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor
                Reporter:
                pcraveiro Pedro Igor
                Tester:
                Mark True
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: