![](/img/trans.png)
[英]How to get Bearer Token from KeyCloak Service using Rest Assured
[英]How to get username and uuid by bearer token from keycloak programmaticaly (Spring)?
我有帶有keycloak依賴項的Spring應用程序。 前端發送到我的后端承載令牌,我想使用此令牌從密鑰斗篷獲取用戶名和他的UUID。
這是我的密鑰斗篷配置。
@Configuration
@ComponentScan(
basePackageClasses = KeycloakSecurityComponents.class,
excludeFilters = @ComponentScan.Filter(type = FilterType.REGEX, pattern = "org.keycloak.adapters.springsecurity.management.HttpSessionManager"))
@EnableWebSecurity
class KeycloakConfig extends KeycloakWebSecurityConfigurerAdapter {
@Bean
public KeycloakConfigResolver keycloakConfigResolver() {
return new KeycloakSpringBootConfigResolver();
}
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new NullAuthenticatedSessionStrategy();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(keycloakAuthenticationProvider());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http
.csrf().disable()
.sessionManagement()
.and()
.authorizeRequests()
.antMatchers("/admin/**").hasRole("ADMINS")
.antMatchers("/user/**").hasRole("USER")
.anyRequest().permitAll();
}
}
在此端點中,我獲得了授權標頭:
@PostMapping(value = "/save/{title}")
@ResponseBody
public ResponseEntity uploadFile(@RequestParam("file") MultipartFile file, @PathVariable("title") String title, @RequestHeader("Authorization") String authHeader) {
//get user by token?
}
不久,我確實解析了公共密鑰和訪問令牌以獲得AccessToken類,該類具有您所需的全部內容(accessToken.getId()和accessToken.getPreferredUsername())。
@Autowired
private KeycloakSpringBootProperties keycloakProperties;
public String getRealm() {
return keycloakProperties.getRealm();
}
public String getAuthServerUrl() {
return keycloakProperties.getAuthServerUrl();
}
public String getRealmUrl() {
return getAuthServerUrl()
+ "/realms/"
+ getRealm();
}
public String getOpenIdConnectUrl() {
return getRealmUrl() + "/protocol/openid-connect";
}
public String getOpenIdConnectCertsUrl() {
return getOpenIdConnectUrl() + "/certs";
}
public AccessToken loadAccessToken(String accessToken) throws TokenNotActiveException, VerificationException, NoSuchFieldException {
PublicKey publicKey = new KeyCloakRsaKeyLoader().getPublicKeyFromKeyCloak(getOpenIdConnectCertsUrl());
String realmUrl = keyCloakConnectionProvider.getRealmUrl();
AccessToken token =
RSATokenVerifier.verifyToken(
accessToken,
publicKey,
realmUrl,
true,
true);
return token;
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.