Login/Register
How to get the details of the user deleted in keycloak using AdminEvent
Asked Answered
javaspringredhatkeycloakkeycloak-services
A

1

8

i have below code that gets executed when an admin is creating or deleting a user in the keycloak UI. Through the help of the adminEvent: http://www.keycloak.org/docs/3.0/server_admin/topics/events/admin.html Creating a user returns the user details via adminEvent.getRepresentation(). However when deleting a user returns me a null.

This is also the same when deleting a role, deleting a group or deleting a user_session.(ResourceTypes)

My question is how can i retrieve the deleted details?

import org.keycloak.events.admin.AdminEvent;
import org.keycloak.models.UserModel;

public void handleResourceOperation(AdminEvent adminEvent, UserModel user) {

        MQMessage queueMessage = new MQMessage();
        queueMessage.setIpAddress(adminEvent.getAuthDetails().getIpAddress());
        queueMessage.setUsername(user.getUsername());

        switch (adminEvent.getOperationType()) {
        case CREATE:
            LOGGER.info("OPERATION : CREATE USER");
            LOGGER.info("USER Representation : " + adminEvent.getRepresentation());
            String[] split = adminEvent.getRepresentation().split(",");
            queueMessage.setTransactionDetail("Created user " + split[0].substring(12));
            sendQueueMessage(adminEvent, queueMessage);
            break;
        case DELETE:
            LOGGER.info("OPERATION : DELETE USER");
            LOGGER.info("USER Representation : " + adminEvent.getRepresentation());
            queueMessage.setTransactionDetail("User has been deleted.");
            sendQueueMessage(adminEvent, queueMessage);
            break;
}
Anetta answered 22/3, 2018 at 6:42 Comment(0)
B
2

I'm not sure you got the answer by now. Sharing the solution that may be helpful for others. User details can be captured in postInit method of EventListenerProviderFactory as below,

public class UserEventListenerProviderFactory implements EventListenerProviderFactory {

@Override
public EventListenerProvider create(KeycloakSession keycloakSession) {
    return new UserEventListenerProvider(keycloakSession);
}

@Override
public void init(Config.Scope scope) {
}

@Override
public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
    
    keycloakSessionFactory.register(
            (event) -> {
                if (event instanceof UserModel.UserRemovedEvent) {
                    UserModel.UserRemovedEvent dEvent = (UserModel.UserRemovedEvent) event;
                    //TODO YOUR LOGIC WITH `dEvent.getUser()`
                }
            });
}

@Override
public void close() {

}

@Override
public String getId() {
    return "sample_event_listener";
}

}

Banking answered 29/3, 2022 at 15:46 Comment(1)
Unfortunately getFirstAttribute method doesn't work correctly. When user delete himself everything is correct, I can check his email and all of his custom attributes. The problem is when user is deleted by the admin panel or admin API. Then I can see his email or id but for some reason not attributes.Forensics

© 2022 - 2024 — McMap. All rights reserved.