springboot 获取令牌以调用另一个服务
[英]springboot get token to call another service
问题描述
I want to make GET request from SpringBoot.
我想从 SpringBoot 发出 GET 请求。 Can I use org.keycloak.admin.client.Keycloak only to get and refresh token to access an API in another microservice?我可以仅使用org.keycloak.admin.client.Keycloak来获取和刷新令牌以访问另一个微服务中的 API 吗? I thouth it is only for manage, for adding roles etc. Not for authorization.我虽然它仅用于管理,用于添加角色等。不用于授权。
keycloak = KeycloakBuilder
.builder()
.serverUrl(serverUrl)
.grantType(OAuth2Constants.PASSWORD)
.realm(realm)
.clientId(clientId)
.username(userName)
.password(pass)
.build();
AccessTokenResponse accessToken = keycloak.tokenManager().getAccessToken();
It works but still I have bad feeling about using admin client here.它有效,但我仍然对在这里使用管理客户端有不好的感觉。 For the Angular client, this is a similar way, but not from the admin package.对于 Angular 客户端,这是类似的方式,但不是来自管理员 package。
1 个解决方案
解决方案1
0 已采纳 2021-02-25 14:32:52
Was this action started by an user?此操作是否由用户启动? Usually you want to use the same token that came from your front-end and pass it along on your request, this way you can trace your request all the way back to who started it.通常,您希望使用来自前端的相同令牌并将其传递给您的请求,这样您就可以将您的请求一直追溯到发起者。
Using a token for your service means it can acess other services without being prompted by a human, maybe you want this, but typically you don't.为您的服务使用令牌意味着它可以在没有人提示的情况下访问其他服务,也许您想要这个,但通常您不需要。
If you still want to get a token for your client you can use service accounts as described here:如果您仍想为您的客户获取令牌,您可以使用此处所述的服务帐户:
https://github.com/keycloak/keycloak-documentation/blob/master/server_admin/topics/clients/oidc/service-accounts.adoc https://github.com/keycloak/keycloak-documentation/blob/master/server_admin/topics/clients/oidc/service-accounts.adoc
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.