trigger msg to webhook when user create and update in README

Author: ohdoking

README.md

@@ -3,6 +3,19 @@
 ## TLDR
 A Keycloak extension that listens for user events (create/register) and forwards them to your webhook.
 
+## Additional Information
+We customize the project for our purpose.
+
+### Parameter
+
+```
+-e KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_URL=http://host.docker.internal:8000/sb/api/v1/user/event \
+-e KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_ISSUER=https://service-name/auth \
+-e KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_CLIENT_ID={client_id}} \
+-e KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_CLIENT_SECRET={client_secret}} \
+-e KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_REALM={realm_name}} \
+```
+
 ## Quick Start
 ```bash
 # Clone the repository

src/main/java/com/cevher/keycloak/Client.java

@@ -2,8 +2,12 @@
 
 import org.jboss.logging.Logger;
 
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+
 import java.io.BufferedReader;
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.OutputStream;
 import java.net.HttpURLConnection;
@@ -12,7 +16,17 @@
 
 public class Client {
     private static final Logger log = Logger.getLogger(Client.class);
-    private static final String WEBHOOK_URL = "WEBHOOK_URL";
+    private static final String WEBHOOK_URL = "KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_URL";
+
+    private static final String WEBHOOK_KEYCLOAK_ISSUER = "KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_ISSUER";
+    private static final String WEBHOOK_KEYCLOAK_CLIENT_ID= "KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_CLIENT_ID";
+    private static final String WEBHOOK_KEYCLOAK_CLIENT_SECRET= "KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_CLIENT_SECRET";
+    private static final String WEBHOOK_KEYCLOAK_REALM= "KC_SPI_EVENT_LISTENER_KEYCLOAK_EVENTS_WEBHOOK_KEYCLOAK_REALM";
+//     KEYCLOAK_ISSUER=https://infrapal.serverlesssalad.com/auth
+// KEYCLOAK_CLIENT_ID=ss-backend
+// KEYCLOAK_CLIENT_SECRET=lx2kfVGrqRJgwxqpFEc4ot5MTSYyh8A4
+
+
 
     public static void postService(String data) throws IOException {
         try {
@@ -23,8 +37,11 @@ public static void postService(String data) throws IOException {
                 throw new IllegalArgumentException("Environment variable WEBHOOK_URL is not set or is empty.");
             }
 
+            String token = getAuthToken(); 
+                        
             URL url = URI.create(urlString).toURL();
             HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+            conn.setRequestProperty("Authorization", "Bearer " + token); // Add token to header
             conn.setDoOutput(true);
             conn.setRequestMethod("POST");
             conn.setRequestProperty("Content-Type", "application/json; utf-8");
@@ -50,4 +67,50 @@ public static void postService(String data) throws IOException {
             throw new IOException("Failed to post service: " + e.getMessage(), e);
         }
     }
+
+    private static String getAuthToken() {
+        // Example: Use Keycloak's Admin Client API to get a token
+        String issuer = System.getenv(WEBHOOK_KEYCLOAK_ISSUER);
+        String clientId = System.getenv(WEBHOOK_KEYCLOAK_CLIENT_ID);
+        String clientSecret = System.getenv(WEBHOOK_KEYCLOAK_CLIENT_SECRET);
+        String realm = System.getenv(WEBHOOK_KEYCLOAK_REALM);
+
+        if (issuer == null || issuer.isEmpty() || clientId == null || clientId.isEmpty() || clientSecret == null || clientSecret.isEmpty() || realm == null || realm.isEmpty()) {
+            throw new IllegalArgumentException("Environment variable WEBHOOK_KEYCLOAK_ISSUER or WEBHOOK_KEYCLOAK_CLIENT_ID or WEBHOOK_KEYCLOAK_CLIENT_SECRET or WEBHOOK_KEYCLOAK_REALM is not set or is empty.");
+        }
+        
+        String authUrl = issuer + "/realms/" + realm + "/protocol/openid-connect/token";
+        try {
+            URL url = new URL(authUrl);
+            HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+            connection.setRequestMethod("POST");
+            connection.setDoOutput(true);
+            connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
+    
+            String body = "grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
+            try (OutputStream os = connection.getOutputStream()) {
+                os.write(body.getBytes("utf-8"));
+            }
+    
+            if (connection.getResponseCode() == 200) {
+                try (InputStream is = connection.getInputStream();
+                    BufferedReader reader = new BufferedReader(new InputStreamReader(is))) {
+                    StringBuilder response = new StringBuilder();
+                    String line;
+                    while ((line = reader.readLine()) != null) {
+                        response.append(line);
+                    }
+    
+                    // Parse the token from the response
+                    String responseBody = response.toString();
+                    JsonObject jsonResponse = JsonParser.parseString(responseBody).getAsJsonObject();
+                    return jsonResponse.get("access_token").getAsString();
+                }
+            } else {
+                throw new RuntimeException("Failed to get token: " + connection.getResponseCode());
+            }
+        } catch (Exception e) {
+            throw new RuntimeException("Error while obtaining auth token", e);
+        }
+    }
 }

src/main/java/com/cevher/keycloak/CustomEventListenerProvider.java

@@ -7,10 +7,12 @@
 import org.keycloak.events.admin.AdminEvent;
 import org.keycloak.events.admin.OperationType;
 import org.keycloak.events.admin.ResourceType;
+import org.keycloak.models.AuthenticatedClientSessionModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.RealmProvider;
 import org.keycloak.models.UserModel;
+import org.keycloak.models.UserSessionModel;
 
 import java.util.StringJoiner;
 
@@ -39,7 +41,10 @@ public void onEvent(Event event) {
 
             RealmModel realm = this.model.getRealm(event.getRealmId());
             UserModel user = this.session.users().getUserById(realm, event.getUserId());
+
+            System.out.println("trigger to update new user in target : user_name" + user.getUsername());
             sendUserData(user);
+            
         }
 
     }
@@ -56,20 +61,20 @@ public void onEvent(AdminEvent adminEvent, boolean b) {
             RealmModel realm = this.model.getRealm(adminEvent.getRealmId());
             UserModel user = this.session.users().getUserById(realm, adminEvent.getResourcePath().substring(6));
 
+            System.out.println("trigger to update new user in target : user_name" + user.getUsername());
             sendUserData(user);
         }
     }
 
     private void sendUserData(UserModel user) {
         String data = """
                 {
-                    "id": "%s",
+                    "external_id": "%s",
                     "email": "%s",
-                    "userName": "%s",
-                    "firstName": "%s",
-                    "lastName": "%s"
+                    "first_name": "%s",
+                    "last_name": "%s"
                 }
-                """.formatted(user.getId(), user.getEmail(), user.getUsername(), user.getFirstName(), user.getLastName());
+                """.formatted(user.getId(), user.getEmail(), user.getFirstName(), user.getLastName());
         try {
             Client.postService(data);
             log.debug("A new user has been created and post API");
@@ -136,4 +141,18 @@ private String toString(AdminEvent event) {
         return joiner.toString();
     }
 
+    public String getAccessTokenForUserSession(UserSessionModel userSession, String clientUUID) {
+        // Get the client session for the specified client UUID
+        AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessionByClient(clientUUID);
+    
+        if (clientSession != null) {
+            // Get the access token from the client session
+            String accessToken = clientSession.getNote("access_token");
+            return accessToken;
+        } else {
+            // If client session is not found
+            return null;
+        }
+    }
+
 }