stackoom
  简体   繁体   中英

Obtain Auth-Token from Keyrock Fiware API

 原文  2017-09-07 14:27:01       oauth/ fiware

Question

I am running Keyrock Fiware locally on my laptop in docker. I know this is working because I can visit http://localhost:8000 and http://localhost:8000/sign_up through my browser and they respond correctly.

I am having trouble when it comes to creating API calls. I am trying to use Postman, but I am having trouble with obtaining an auth-token, which is required to make some api calls.

Following this guide I am trying to create a POST request to http:/localhost:8000/oauth2/tokens

This by itself doesn't seem to work and I need to add other information like 

grant_type=password&username=YOUR_USERNAME&password=YOUR_PAS‌​SWORD
&client_id=YOUR‌​_CLIENT_ID&client_se‌​cret=YOUR_CLIENT_SEC‌​RET`

I don't know where this information is supposed to go in my Postman request. I have the field Authorization , Headers , Body , and in Headers I have the field key , value and description but, I don't understand which of these is the right one.

1 answers

solution1
 4 ACCPTED  2017-09-07 16:12:31

Short answer:

The IdM Keyrock API requires authentication for most of its endpoints, so you should actually generate a token. How to generate a token is something more complicated that needs some background to be explained. If you are using the official IdM keyrock GE I totally recommend you to watch this tutorial about this component in Fiware Academy. It explains among other things how to generate an OAuth2 token using an OAuth2 client and the IdM keyrock.

Long answer:

The GE IdM Keyrock consists of two projects: Horizon and Keystone. Both are forks of Openstack projects that you can find in Github. When you consume services to port 8000 you are calling Horizon services which is the frontend component. On the other hand when you consume services to port 5000 you are calling Keystone services which is the backend component. By the way if you are looking for more info about this APIs you could find it here:

The tricky part is that while keystone handles its own internal tokens (keystone tokens), FIWARE uses OAuth2 tokens to integrate with other GEs. For this reason you will find OAuth2 extensions within the keyrock APIs. So, depending on which API you want to consume, what kind of token you will need: Keystone token or OAuth2 token.

For example, if you want to retrieve the existing users using the following service, you will need a Keytone token.

GET http://localhost:5000/v3/users

Finally, to generate a keystone token you could use the following service of the keystone API: 

POST http://[keyrock_host]:5000/v3/auth/tokens 
{ "auth": {
    "identity": {
      "methods": ["password"],
      "password": {
        "user": {
          "name": [ADMIN_USER],
          "domain": { "name": "default" },
          "password": [ADMIN_PWD]
        }
      }
    }
  }
}

If you installed Keyrock from Docker Hub image or even from the official source code repository try with "idm" for ADMIN_USER and ADMIN_PWD.

I hope I have been helpful. Good luck with the tesis!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unable to authenticate users for an app in Fiware Lab KeyRock instance How to obtain oauth 2.0 token from google plus api in android? Web API Validate JWT Bearer Token from Custom Auth Provider Get auth token from URL Using the OAuth Access Token from django-social-auth with Google data api (calendar) Using Auth0.WinformsWPF, how do I obtain and use a refresh token? Auth token from dialog to bot class Not returning refresh token from auth code Fetching Access token using Auth token from service in C# Auth0 - get id_token from refresh_token
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM