diff --git a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java
index cb9ddcd..2c9876e 100755
--- a/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java
+++ b/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacade.java
@@ -19,6 +19,9 @@ package org.keycloak.adapters.springsecurity.facade;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.OIDCHttpFacade;
+import org.keycloak.adapters.spi.KeycloakAccount;
+import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount;
+import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.Assert;
@@ -57,7 +60,8 @@ public class SimpleHttpFacade implements OIDCHttpFacade {
SecurityContext context = SecurityContextHolder.getContext();
if (context != null && context.getAuthentication() != null) {
- return (KeycloakSecurityContext) context.getAuthentication().getDetails();
+ KeycloakAuthenticationToken authentication = (KeycloakAuthenticationToken) context.getAuthentication();
+ return authentication.getAccount().getKeycloakSecurityContext();
}
return null;
diff --git a/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java
new file mode 100644
index 0000000..28c6ce8
--- /dev/null
+++ b/adapters/oidc/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/SimpleHttpFacadeTest.java
@@ -0,0 +1,41 @@
+package org.keycloak.adapters.springsecurity.facade;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
+import org.keycloak.adapters.spi.KeycloakAccount;
+import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount;
+import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
+import org.mockito.internal.util.collections.Sets;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import java.security.Principal;
+import java.util.Set;
+
+import static org.junit.Assert.assertNotNull;
+import static org.mockito.Mockito.mock;
+
+public class SimpleHttpFacadeTest {
+
+ @Before
+ public void setup() {
+ SecurityContext springSecurityContext = SecurityContextHolder.createEmptyContext();
+ SecurityContextHolder.setContext(springSecurityContext);
+ Set<String> roles = Sets.newSet("user");
+ Principal principal = mock(Principal.class);
+ RefreshableKeycloakSecurityContext keycloakSecurityContext = mock(RefreshableKeycloakSecurityContext.class);
+ KeycloakAccount account = new SimpleKeycloakAccount(principal, roles, keycloakSecurityContext);
+ KeycloakAuthenticationToken token = new KeycloakAuthenticationToken(account);
+ springSecurityContext.setAuthentication(token);
+ }
+
+ @Test
+ public void shouldRetrieveKeycloakSecurityContext() {
+ SimpleHttpFacade facade = new SimpleHttpFacade(new MockHttpServletRequest(), new MockHttpServletResponse());
+
+ assertNotNull(facade.getSecurityContext());
+ }
+}
