springboot Keycloak Admin添加角色或重置密码报错
Springboot Keycloak Admin add role or reset password error
我尝试使用管理客户端在我的 keycloak 中创建一个新用户
使用此代码:
package br.com.fabioebner.surfpp.api.serivce;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.*;
import org.keycloak.representations.idm.*;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.event.EventListener;
import org.springframework.stereotype.Service;
import javax.ws.rs.core.Response;
import java.util.*;
@Service
@Slf4j
public class KeycloakService {
private final RealmResource realm;
private final Keycloak keycloak;
public KeycloakService() {
this.keycloak = Keycloak.getInstance(
"https://myKey/auth/",
"master",
"admin",
"myPass",
"admin-cli");
this.realm = keycloak.realm("myRealm");
}
@EventListener(ApplicationReadyEvent.class)
public void addUser(){
UsersResource users = realm.users();
ClientResource api = realm.clients().get("api");
// RoleResource usuario = api.roles().get("USUARIO");
UserRepresentation novoUsuario = new UserRepresentation();
novoUsuario.setUsername("joao");
novoUsuario.setEmail("joao@s.com");
novoUsuario.setEnabled(true);
novoUsuario.setFirstName("Joao");
novoUsuario.setLastName("da Silva");
novoUsuario.setEmailVerified(true);
Response response = users.create(novoUsuario);
String idCriado = response.getLocation().toString().substring(response.getLocation().toString().indexOf("/users/")+7);
updatePassword(idCriado, "1234"); //HERE RETURN 400 ERROR
assignRealmRoles(this.realm, idCriado, Collections.singletonList("USUARIO")); //HERE RETURN 404 ERROR
System.out.println("ss");
}
private void updatePassword(String id,String pass){
CredentialRepresentation cred = new CredentialRepresentation();
cred.setType(CredentialRepresentation.PASSWORD);
cred.setValue(pass);
cred.setTemporary(false);
realm.users().get(id).resetPassword(cred);
}
public static void assignRealmRoles(RealmResource realm, String userId, List<String> roles) {
String realmName = realm.toRepresentation().getRealm();
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles) {
RoleRepresentation role = realm.clients().get("f3fcd887-6b7d-497b-b344-248143542202").roles().get(roleName).toRepresentation();
roleRepresentations.add(role);
}
UserResource userResource = realm.users().get(userId);
userResource.roles().clientLevel("api").add(roleRepresentations);
}
}
所以我尝试使用角色和密码创建用户但没有成功,现在用户已创建但我无法向该用户添加角色并更新密码。
更新密码:
您将收到 400,因为用户 ID 无效。尝试以下操作:
Response response = users.create(novoUsuario);
String idCriado = users.list().stream()
.filter(user -> user.getUsername().equals("joao"))
.findFirst()
.map(UserRepresentation::getId)
.orElseThrow();
updatePassword(idCriado, "1234");
添加角色
而不是
userResource.roles().clientLevel("api").add(roleRepresentations);
您需要将 clientID 传递给 clientLevel 方法,在您的情况下:
userResource.roles().clientLevel("f3fcd887-6b7d-497b-b344-248143542202").add(roleRepresentations);
我尝试使用管理客户端在我的 keycloak 中创建一个新用户
使用此代码:
package br.com.fabioebner.surfpp.api.serivce;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.*;
import org.keycloak.representations.idm.*;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.event.EventListener;
import org.springframework.stereotype.Service;
import javax.ws.rs.core.Response;
import java.util.*;
@Service
@Slf4j
public class KeycloakService {
private final RealmResource realm;
private final Keycloak keycloak;
public KeycloakService() {
this.keycloak = Keycloak.getInstance(
"https://myKey/auth/",
"master",
"admin",
"myPass",
"admin-cli");
this.realm = keycloak.realm("myRealm");
}
@EventListener(ApplicationReadyEvent.class)
public void addUser(){
UsersResource users = realm.users();
ClientResource api = realm.clients().get("api");
// RoleResource usuario = api.roles().get("USUARIO");
UserRepresentation novoUsuario = new UserRepresentation();
novoUsuario.setUsername("joao");
novoUsuario.setEmail("joao@s.com");
novoUsuario.setEnabled(true);
novoUsuario.setFirstName("Joao");
novoUsuario.setLastName("da Silva");
novoUsuario.setEmailVerified(true);
Response response = users.create(novoUsuario);
String idCriado = response.getLocation().toString().substring(response.getLocation().toString().indexOf("/users/")+7);
updatePassword(idCriado, "1234"); //HERE RETURN 400 ERROR
assignRealmRoles(this.realm, idCriado, Collections.singletonList("USUARIO")); //HERE RETURN 404 ERROR
System.out.println("ss");
}
private void updatePassword(String id,String pass){
CredentialRepresentation cred = new CredentialRepresentation();
cred.setType(CredentialRepresentation.PASSWORD);
cred.setValue(pass);
cred.setTemporary(false);
realm.users().get(id).resetPassword(cred);
}
public static void assignRealmRoles(RealmResource realm, String userId, List<String> roles) {
String realmName = realm.toRepresentation().getRealm();
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles) {
RoleRepresentation role = realm.clients().get("f3fcd887-6b7d-497b-b344-248143542202").roles().get(roleName).toRepresentation();
roleRepresentations.add(role);
}
UserResource userResource = realm.users().get(userId);
userResource.roles().clientLevel("api").add(roleRepresentations);
}
}
所以我尝试使用角色和密码创建用户但没有成功,现在用户已创建但我无法向该用户添加角色并更新密码。
更新密码:
您将收到 400,因为用户 ID 无效。尝试以下操作:
Response response = users.create(novoUsuario);
String idCriado = users.list().stream()
.filter(user -> user.getUsername().equals("joao"))
.findFirst()
.map(UserRepresentation::getId)
.orElseThrow();
updatePassword(idCriado, "1234");
添加角色
而不是
userResource.roles().clientLevel("api").add(roleRepresentations);
您需要将 clientID 传递给 clientLevel 方法,在您的情况下:
userResource.roles().clientLevel("f3fcd887-6b7d-497b-b344-248143542202").add(roleRepresentations);