admin管理员组

文章数量:1356273

In reference to Keycloak's documentation for account linking, I need to fetch user session id and client session id from the access token.

However, I only find something they call session_state on the token which apparently is the same as sessionId by looking at their javascript adapter source code.

I reckon that this is the user session id they are referring to? If so, where do I find this so called client session id?

In reference to Keycloak's documentation for account linking, I need to fetch user session id and client session id from the access token.

However, I only find something they call session_state on the token which apparently is the same as sessionId by looking at their javascript adapter source code.

I reckon that this is the user session id they are referring to? If so, where do I find this so called client session id?

  • javascript
  • openid-connect
  • keycloak
Share Improve this question asked Oct 13, 2017 at 13:03 PetterPetter 7832 gold badges9 silver badges19 bronze badges 2
  • Got the same problem. Did you find a solution? – noircc Commented Jan 25, 2018 at 13:57
  • 1 Yup! Turned out it as the client id. So something like this should work: Extract user session id and client session id ("aud" is the client id) from access token: const { session_state, aud } = JSON.parse(decodeURIComponent(escape(atob(accessToken.split('.') [1])))) Create base64 hash: Base64.stringify(sha256(nonce + session_state + aud + 'facebookOrWhatever')) You also need make the resulting base64 encoded hash url friendly (i.e. '+' and '/' are replaced with '-' and '_' also remove any trailing '=' characters) – Petter Commented Jan 26, 2018 at 12:28
Add a ment  | 

1 Answer 1

Reset to default 5

Turned out it as the client id. So something like this should work:

Extract user session id and client session id ("aud" is the client id) from access token: 

const { session_state, aud } = JSON.parse(decodeURIComponent(escape(atob(accessToken.split(‌​'.') [1]))))

Create base64 hash:

Base64.stringify(sha256(nonce + session_state + aud + 'facebookOrWhatever'))

You also need make the resulting base64 encoded hash url friendly (i.e. '+' and '/' are replaced with '-' and '_' also remove any trailing '=' characters)

本文标签: javascriptGet client session id from Keycloak access tokenStack Overflow

版权声明:本文标题:javascript - Get client session id from Keycloak access token - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743965397a2569792.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。