You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/src/main/asciidoc/security-openid-connect.adoc
+35Lines changed: 35 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -139,6 +139,41 @@ public class AdminResource {
139
139
}
140
140
----
141
141
142
+
Injection of the `SecurityIdentity` is supported in both `@RequestScoped` and `@ApplicationScoped` contexts.
143
+
144
+
=== Accessing JWT claims
145
+
146
+
If you need to access `JsonWebToken` claims, you may simply inject the token itself:
147
+
148
+
[source,java]
149
+
----
150
+
package org.acme.security.openid.connect;
151
+
152
+
import org.eclipse.microprofile.jwt.JsonWebToken;
153
+
154
+
import javax.annotation.security.RolesAllowed;
155
+
import javax.ws.rs.GET;
156
+
import javax.ws.rs.Path;
157
+
import javax.ws.rs.Produces;
158
+
import javax.ws.rs.core.MediaType;
159
+
160
+
@Path("/api/admin")
161
+
public class AdminResource {
162
+
163
+
@Inject
164
+
JsonWebToken jwt;
165
+
166
+
@GET
167
+
@RolesAllowed("admin")
168
+
@Produces(MediaType.TEXT_PLAIN)
169
+
public String admin() {
170
+
return "Access for subject " + jwt.getSubject() + " is granted";
171
+
}
172
+
}
173
+
----
174
+
175
+
Injection of the `JsonWebToken` is supported in both `@RequestScoped` and `@ApplicationScoped` contexts.
176
+
142
177
== Configuring the application
143
178
144
179
The OpenID Connect extension allows you to define the adapter configuration using the `application.properties` file which should be located at the `src/main/resources` directory.
0 commit comments