从Keyrock Fiware API获取Auth-Token
[英]Obtain Auth-Token from Keyrock Fiware API
问题描述
I am running Keyrock Fiware locally on my laptop in docker. 
我在docker的笔记本电脑上本地运行Keyrock Fiware。 I know this is working because I can visit http://localhost:8000 and http://localhost:8000/sign_up through my browser and they respond correctly. 我知道这是http://localhost:8000/sign_up因为我可以通过浏览器访问http://localhost:8000和http://localhost:8000/sign_up ,并且它们可以正确响应。
I am having trouble when it comes to creating API calls. 创建API调用时遇到麻烦。 I am trying to use Postman, but I am having trouble with obtaining an auth-token, which is required to make some api calls. 我正在尝试使用Postman,但在获取auth令牌时遇到了麻烦,这需要进行一些api调用。
Following this guide I am trying to create a POST request to http:/localhost:8000/oauth2/tokens 按照本指南,我尝试创建对http:/localhost:8000/oauth2/tokens的POST请求
This by itself doesn't seem to work and I need to add other information like 这本身似乎不起作用,我需要添加其他信息,例如
grant_type=password&username=YOUR_USERNAME&password=YOUR_PASSWORD
&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET`
I don't know where this information is supposed to go in my Postman request. 我不知道在邮递员的请求中该信息应该放在哪里。 I have the field Authorization , Headers , Body , and in Headers I have the field key , value and description but, I don't understand which of these is the right one. 我有字段Authorization , Headers , Body ,在Headers有字段key , value和description但是我不知道其中哪一个是正确的。
1 个解决方案
解决方案1
4 已采纳 2017-09-07 16:12:31
Short answer: 简短答案:
The IdM Keyrock API requires authentication for most of its endpoints, so you should actually generate a token. IdM Keyrock API需要对其大多数端点进行身份验证,因此您实际上应该生成一个令牌。 How to generate a token is something more complicated that needs some background to be explained. 如何生成令牌比较复杂,需要一些背景知识进行解释。 If you are using the official IdM keyrock GE I totally recommend you to watch this tutorial about this component in Fiware Academy. 如果您使用的是官方的IdM keyrock GE,我完全建议您在Fiware Academy中观看有关此组件的本教程 。 It explains among other things how to generate an OAuth2 token using an OAuth2 client and the IdM keyrock. 它解释了如何使用OAuth2客户端和IdM密钥库生成OAuth2令牌。
Long answer: 长答案:
The GE IdM Keyrock consists of two projects: Horizon and Keystone. GE IdM Keyrock包含两个项目:Horizon和Keystone。 Both are forks of Openstack projects that you can find in Github. 两者都是可以在Github中找到的Openstack项目的分支。 When you consume services to port 8000 you are calling Horizon services which is the frontend component. 当您使用端口8000的服务时,您将调用Horizon服务,这是前端组件。 On the other hand when you consume services to port 5000 you are calling Keystone services which is the backend component. 另一方面,当您使用端口5000的服务时,您正在调用Keystone服务,这是后端组件。 By the way if you are looking for more info about this APIs you could find it here: 顺便说一句,如果您正在寻找有关此API的更多信息,可以在这里找到:
The tricky part is that while keystone handles its own internal tokens (keystone tokens), FIWARE uses OAuth2 tokens to integrate with other GEs. 棘手的部分是,虽然Keystone处理其自己的内部令牌(Keystone令牌),但FIWARE使用OAuth2令牌与其他GE集成。 For this reason you will find OAuth2 extensions within the keyrock APIs. 因此,您会在keyrock API中找到OAuth2扩展。 So, depending on which API you want to consume, what kind of token you will need: Keystone token or OAuth2 token. 因此,取决于您要使用的API,将需要哪种令牌:Keystone令牌或OAuth2令牌。
For example, if you want to retrieve the existing users using the following service, you will need a Keytone token. 例如,如果您想使用以下服务来检索现有用户,则将需要一个Keytone令牌。
GET http://localhost:5000/v3/users
Finally, to generate a keystone token you could use the following service of the keystone API: 最后,要生成梯形标记,可以使用梯形API的以下服务:
POST http://[keyrock_host]:5000/v3/auth/tokens
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": [ADMIN_USER],
"domain": { "name": "default" },
"password": [ADMIN_PWD]
}
}
}
}
}
If you installed Keyrock from Docker Hub image or even from the official source code repository try with "idm" for ADMIN_USER and ADMIN_PWD. 如果您是从Docker Hub映像甚至从官方源代码存储库安装Keyrock的,请尝试对ADMIN_USER和ADMIN_PWD使用“ idm”。
I hope I have been helpful. 希望对您有所帮助。 Good luck with the tesis! 祝您好运!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.