[英]How to create keycloak client role programmatically and assign to user
我想以編程方式創建keycloak客戶端角色並分配給動態創建的用戶。 以下是我創建用戶的代碼
UserRepresentation user = new UserRepresentation();
user.setEmail("xxxxx@xxx.com");
user.setUsername("xxxx");
user.setFirstName("xxx");
user.setLastName("m");
user.setEnabled(true);
Response response = kc.realm("YYYYY").users().create(user);
這是您的請求的解決方案(不是很漂亮,但它的工作原理):
// Get keycloak client
Keycloak kc = Keycloak.getInstance("http://localhost:8080/auth",
"master", "admin", "admin", "admin-cli");
// Create the role
RoleRepresentation clientRoleRepresentation = new RoleRepresentation();
clientRoleRepresentation.setName("client_role");
clientRoleRepresentation.setClientRole(true);
kc.realm("RealmID").clients().findByClientId("ClientID").forEach(clientRepresentation ->
kc.realm("RealmID").clients().get(clientRepresentation.getId()).roles().create(clientRoleRepresentation)
);
// Create the user
UserRepresentation user = new UserRepresentation();
user.setUsername("test");
user.setEnabled(true);
Response response = kc.realm("RealmID").users().create(user);
String userId = getCreatedId(response);
// Assign role to the user
kc.realm("RealmID").clients().findByClientId("ClientID").forEach(clientRepresentation -> {
RoleRepresentation savedRoleRepresentation = kc.realm("RealmID").clients()
.get(clientRepresentation.getId()).roles().get("client_role").toRepresentation();
kc.realm("RealmID").users().get(userId).roles().clientLevel(clientRepresentation.getId())
.add(asList(savedRoleRepresentation));
});
// Update credentials to make sure, that the user can log in
UserResource userResource = kc.realm("RealmID").users().get(userId);
userResource.resetPassword(credential);
使用幫助方法:
private String getCreatedId(Response response) {
URI location = response.getLocation();
if (!response.getStatusInfo().equals(Response.Status.CREATED)) {
Response.StatusType statusInfo = response.getStatusInfo();
throw new WebApplicationException("Create method returned status " +
statusInfo.getReasonPhrase() + " (Code: " + statusInfo.getStatusCode() + "); expected status: Created (201)", response);
}
if (location == null) {
return null;
}
String path = location.getPath();
return path.substring(path.lastIndexOf('/') + 1);
}
以編程方式創建 keycloak 客戶端並從其他客戶端分配角色
[英]Create keycloak client and assign role from other client programmatically
使用 keycloak 管理客戶端以編程方式為具有訪問類型 public 的客戶端創建用戶
[英]create user programmatically using keycloak admin client for a client that has acces-type public
通過keycloak管理客戶端在keycloak中創建用戶返回400
[英]Create user in keycloak through keycloak admin client returns 400
通過keycloak管理客戶端在keycloak中創建用戶返回IllegalArgumentException
[英]Create user in keycloak through keycloak admin client returns IllegalArgumentException
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.