避免keycloak默认登录页面，使用项目登录页面

Question

I am working on creating an angular.js web application and looking for how to integrate keycloak into the project. I have read and watched many tutorials and I see that most of them have users logging/registering through the default login page of keycloak which then redirects to the app.

I have designed my own login and registration page which I want to use. How do I use them instead of keycloak default. Are there any API that I can call or may be my backend would do that? I also read there are spring adapters available for keycloak, can I use them? Any link to any example would be good.

The second question I have is while registering can I add more user details like address, dob, gender in keycloak ? Because my registration page requires those information.

Answer 1

Expanding on the API roles

POST to your/keycloak/url/auth/realms/master/protocol/openid-connect/token

with data:

{

    client_id : 'Id_of_your_client',

    username : 'your_username',
    password : '@#$%^&',
    grant_type : "password"

}

will give you the initial access token and refresh token

and

POST to the same URL with

data:

{

    client_id : 'Id_of_your_client',

   // client_secret : 'optional depending on the type of client',

    grant_type : "refresh_token" ,

    refresh_token : refresh_token_you_got_earlier 

}

will give the new refresh and access tokens .These tokens are what keycloak checks for authorization/authentication.

You could make your own login and send the credentials to keycloak via a REST API and once you have the access token , just put it in the header of any ongoing request to a keycloak protected resource as

headers :{

  Authorization : 'Bearer ' +  access_token_you_got

}

Answer 2

3 steps:

1. In the keycloak/themes/ directory create folder with name eg. myTheme .

2. In the myTheme folder place your custom login page

   (the structure must be same as base or keycloak themes, my advice is to copy the base theme, rename it and customize it).

3. Go to the admin console of keycloak into Realm Settings > Themes > Login Theme and select myTheme .

Answer 3

Use the below code if you want to hit the Keycloak login page through Java and get the response:

String uri = "http://localhost:7080/auth/realms/{RealmName}/protocol/openid-connect/token";

            HttpClient client = HttpClientBuilder.create().build();
            HttpPost post = new HttpPost(uri);
            post.setHeader("User-Agent",
                    "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36");
            List<BasicNameValuePair> urlParameters = new ArrayList<BasicNameValuePair>();
            urlParameters.add(new BasicNameValuePair("grant_type", "password"));
            urlParameters.add(new BasicNameValuePair("client_id", {ClientName}));
            urlParameters.add(new BasicNameValuePair("username", {UserName}));
            urlParameters.add(new BasicNameValuePair("password", {Password}));
            post.setEntity(new UrlEncodedFormEntity(urlParameters));
            HttpResponse response = client.execute(post);
            System.out.println("Response Code : " + response.getStatusLine().getStatusCode());
            BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
            StringBuffer result = new StringBuffer();
            String line1 = "";
            while ((line1 = rd.readLine()) != null) {
                result.append(line1);
            }
            System.out.println(result);

If your username and password are valid, response.getStatusLine().getStatusCode() will give the value as HTTP 200 along with AccessToken and RefreshToken . Otherwise response.getStatusLine().getStatusCode() will give the value as HTTP 403 and data as: {"error":"invalid_grant","error_description":"Invalid user credentials"}

Answer 4

• You probably should stick with the Keycloack's forms. They bring nice features (SSO, pw reset, etc.) and are fully customizable (via themes). However, there it is possible to obtain the Access Token via so called Direct Access Grant . It can be done via Keycloak REST API .
• Storing the custom user info (gender, job, etc.) is done by User Attributes

Both topics are more or less covered in the official Keycloak Docs .

Answer 5

Put your login theme in keycloak themes directory and by admin loging change login theme setting and choose your theme from drop-down. Your login theme must in keycloak default theme formate so to create your's please refer keycloak default theme and design your's according to that.

You can refer following Keycloak theme configuration

Answer 6

我创建了一个使用 Angular 13（不使用 FTL）创建自定义登录页面主题的示例： https<\/a> : \/\/github.com\/alexthelion\/keycloak-login-theme-angular<\/a>

"

Answer 7

From the docs, it seems that you extend themes or override individual resources (templates, stylesheets, etc.): https://www.keycloak.org/docs/latest/server_development/#creating-a-theme

Regarding the additional user details, again from the docs: https://www.keycloak.org/docs/latest/server_development/#_custom_user_attributes

Answer 8

You can write your custom inline css in

keycloak/themes/base/template.ftl

And

keycloak/themes/base/login.ftl

then you will be able to use keycloak login page but ui like project login page