Keycloak 为现有领域创建用户?
Keycloak creating user for an existing realm?
我正在尝试为现有领域和客户端创建用户。下面,是我试过的。 URL、领域、用户名、密码、clientId 和 clientSecret 是正确的。但是它在 var response = keycloak.realm( realm ).users().create( user ); 行抛出 NotAuthorization 异常 我也尝试使用授权令牌获取它,但它抛出了同样的错误。我做错了什么?
Keycloak keycloak = Keycloak.getInstance( serverUrl, realm, username, password, clientId, clientSecret );
var user = new UserRepresentation();
user.setEnabled( true );
user.setUsername( "test" );
user.setAttributes(Collections.singletonMap("origin", Collections.singletonList( "demo" ) ));
CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
credentialRepresentation.setTemporary( false );
credentialRepresentation.setType( CredentialRepresentation.PASSWORD );
credentialRepresentation.setValue( "1234" );
user.setCredentials( Collections.singletonList( credentialRepresentation ) );
try {
var response = keycloak.realm( realm ).users().create( user );
System.out.println( "Response: " + response.getStatus() );
System.out.println( "Response: " + response.getMetadata() );
} catch ( Exception e ) {
e.printStackTrace();
}
错误堆栈跟踪:
javax.ws.rs.ProcessingException: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.filterRequest(ClientInvocation.java:603)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:440)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invokeSync(ClientInvoker.java:149)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:112)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76)
at com.sun.proxy.$Proxy26.create(Unknown Source)
at io.heist.keycloak.user.generator.KeycloakGen.main(KeycloakGen.java:27)
Caused by: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.handleErrorStatus(ClientInvocation.java:221)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.extractResult(ClientInvocation.java:195)
at org.jboss.resteasy.client.jaxrs.internal.proxy.extractors.BodyEntityExtractor.extractEntity(BodyEntityExtractor.java:62)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invokeSync(ClientInvoker.java:151)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:112)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76)
at com.sun.proxy.$Proxy16.grantToken(Unknown Source)
at org.keycloak.admin.client.token.TokenManager.grantToken(TokenManager.java:90)
at org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.java:70)
at org.keycloak.admin.client.token.TokenManager.getAccessTokenString(TokenManager.java:65)
at org.keycloak.admin.client.resource.BearerAuthFilter.filter(BearerAuthFilter.java:52)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.filterRequest(ClientInvocation.java:590)
... 6 more
Process finished with exit code 0
相关依赖项:
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>10.0.2</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-admin-client</artifactId>
<version>11.0.1</version>
</dependency>
显然它似乎不接受我的登录用户 admin 作为经过身份验证的用户。所以我添加了一个新用户并赋予它正确的管理员角色,如下所示:
完成这些之后,我就可以添加用户了。
我正在尝试为现有领域和客户端创建用户。下面,是我试过的。 URL、领域、用户名、密码、clientId 和 clientSecret 是正确的。但是它在 var response = keycloak.realm( realm ).users().create( user ); 行抛出 NotAuthorization 异常 我也尝试使用授权令牌获取它,但它抛出了同样的错误。我做错了什么?
Keycloak keycloak = Keycloak.getInstance( serverUrl, realm, username, password, clientId, clientSecret );
var user = new UserRepresentation();
user.setEnabled( true );
user.setUsername( "test" );
user.setAttributes(Collections.singletonMap("origin", Collections.singletonList( "demo" ) ));
CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
credentialRepresentation.setTemporary( false );
credentialRepresentation.setType( CredentialRepresentation.PASSWORD );
credentialRepresentation.setValue( "1234" );
user.setCredentials( Collections.singletonList( credentialRepresentation ) );
try {
var response = keycloak.realm( realm ).users().create( user );
System.out.println( "Response: " + response.getStatus() );
System.out.println( "Response: " + response.getMetadata() );
} catch ( Exception e ) {
e.printStackTrace();
}
错误堆栈跟踪:
javax.ws.rs.ProcessingException: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.filterRequest(ClientInvocation.java:603)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:440)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invokeSync(ClientInvoker.java:149)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:112)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76)
at com.sun.proxy.$Proxy26.create(Unknown Source)
at io.heist.keycloak.user.generator.KeycloakGen.main(KeycloakGen.java:27)
Caused by: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.handleErrorStatus(ClientInvocation.java:221)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.extractResult(ClientInvocation.java:195)
at org.jboss.resteasy.client.jaxrs.internal.proxy.extractors.BodyEntityExtractor.extractEntity(BodyEntityExtractor.java:62)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invokeSync(ClientInvoker.java:151)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:112)
at org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76)
at com.sun.proxy.$Proxy16.grantToken(Unknown Source)
at org.keycloak.admin.client.token.TokenManager.grantToken(TokenManager.java:90)
at org.keycloak.admin.client.token.TokenManager.getAccessToken(TokenManager.java:70)
at org.keycloak.admin.client.token.TokenManager.getAccessTokenString(TokenManager.java:65)
at org.keycloak.admin.client.resource.BearerAuthFilter.filter(BearerAuthFilter.java:52)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.filterRequest(ClientInvocation.java:590)
... 6 more
Process finished with exit code 0
相关依赖项:
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-core</artifactId>
<version>10.0.2</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-admin-client</artifactId>
<version>11.0.1</version>
</dependency>
显然它似乎不接受我的登录用户 admin 作为经过身份验证的用户。所以我添加了一个新用户并赋予它正确的管理员角色,如下所示:
完成这些之后,我就可以添加用户了。