Java 避免使用keycloak默认登录页面并使用项目登录页面
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/39356300/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Avoid keycloak default login page and use project login page
提问by krs8888
I am working on creating an angular.js web application and looking for how to integrate keycloakinto the project. I have read and watched many tutorials and I see that most of them have users logging/registering through the default login page of keycloakwhich then redirects to the app.
我正在创建一个 angular.js Web 应用程序并寻找如何集成keycloak到项目中。我阅读并观看了许多教程,我看到其中大多数都有用户通过默认登录页面登录/注册keycloak,然后重定向到应用程序。
I have designed my own login and registration page which I want to use. How do I use them instead of keycloakdefault. Are there any API that I can call or may be my backend would do that? I also read there are spring adapters available for keycloak, can I use them ? Any link to any example would be good.
我设计了自己的登录和注册页面,我想使用它。我如何使用它们而不是keycloak默认值。有没有我可以调用的 API 或者我的后端会这样做?我还读到有可用于 keycloak 的弹簧适配器,我可以使用它们吗?任何示例的任何链接都会很好。
The second question I have is while registering can I add more user details like address, dob, gender in keycloak? Because my registration page requires those information.
我的第二个问题是在注册时我可以添加更多用户详细信息,例如地址、出生日期、性别keycloak吗?因为我的注册页面需要这些信息。
回答by Yuri
- You probably should stick with the Keycloack's forms. They bring nice features (SSO, pw reset, etc.) and are fully customizable (via themes). However, there it is possible to obtain the Access Tokenvia so called Direct Access Grant. It can be done via Keycloak REST API.
- Storing the custom user info (gender, job, etc.) is done by User Attributes
- 您可能应该坚持使用 Keycloack 的表格。它们带来了不错的功能(SSO、密码重置等)并且完全可定制(通过主题)。但是,可以通过所谓的Direct Access Grant获得访问令牌。它可以通过Keycloak REST API 完成。
- 存储自定义用户信息(性别、工作等)由用户属性完成
Both topics are more or less covered in the official Keycloak Docs.
官方Keycloak Docs或多或少涵盖了这两个主题。
回答by Aman Jaiswal
Put your login theme in keycloak themes directory and by admin loging change login theme setting and choose your theme from drop-down. Your login theme must in keycloak default theme formate so to create your's please refer keycloak default theme and design your's according to that.
将您的登录主题放在 keycloak 主题目录中,然后通过管理员登录更改登录主题设置并从下拉列表中选择您的主题。您的登录主题必须在 keycloak 默认主题格式中,因此要创建您的主题,请参考 keycloak 默认主题并根据该主题设计您的主题。
You can refer following Keycloak theme configuration
您可以参考以下 Keycloak 主题配置
回答by Tomas Marik
3 steps:
3个步骤:
- In the keycloak/themes/directory create folder with name eg. myTheme.
- 在keycloak/themes/目录中创建名为 eg 的文件夹。我的主题。
In the myThemefolder place your custom login page
(the structure must be same as base or keycloak themes, my advice is to copy the base theme, rename it and customize it).
Go to the admin console of keycloak into Realm Settings > Themes > Login Themeand select myTheme.
在myTheme文件夹中放置您的自定义登录页面
(结构必须与 base 或 keycloak 主题相同,我的建议是复制 base 主题,重命名并自定义它)。
转到 keycloak 的管理控制台进入Realm Settings > Themes > Login Theme并选择myTheme。
回答by UchihaItachi
Expanding on the API roles
扩展 API 角色
POST to your/keycloak/url/auth/realms/master/protocol/openid-connect/token
POST to your/keycloak/url/auth/realms/master/protocol/openid-connect/token
with data:
有数据:
{
client_id : 'Id_of_your_client',
username : 'your_username',
password : '@#$%^&',
grant_type : "password"
}
will give you the initial access token and refresh token
将为您提供初始访问令牌和刷新令牌
and
和
POST to the same URL with
POST 到相同的 URL
data:
数据:
{
client_id : 'Id_of_your_client',
// client_secret : 'optional depending on the type of client',
grant_type : "refresh_token" ,
refresh_token : refresh_token_you_got_earlier
}
will give the new refresh and access tokens .These tokens are what keycloak checks for authorization/authentication.
将提供新的刷新和访问令牌。这些令牌是 keycloak 检查授权/身份验证的内容。
You could make your own login and send the credentials to keycloak via a REST API and once you have the access token , just put it in the header of any ongoing request to a keycloak protected resource as
您可以进行自己的登录并通过 REST API 将凭据发送到 keycloak,一旦您获得访问令牌,只需将其放在对 keycloak 受保护资源的任何正在进行的请求的标头中
headers :{
Authorization : 'Bearer ' + access_token_you_got
}
回答by whywake
Use the below code if you want to hit the Keycloak login page through Java and get the response:
如果您想通过 Java 访问 Keycloak 登录页面并获得响应,请使用以下代码:
String uri = "http://localhost:7080/auth/realms/{RealmName}/protocol/openid-connect/token";
HttpClient client = HttpClientBuilder.create().build();
HttpPost post = new HttpPost(uri);
post.setHeader("User-Agent",
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36");
List<BasicNameValuePair> urlParameters = new ArrayList<BasicNameValuePair>();
urlParameters.add(new BasicNameValuePair("grant_type", "password"));
urlParameters.add(new BasicNameValuePair("client_id", {ClientName}));
urlParameters.add(new BasicNameValuePair("username", {UserName}));
urlParameters.add(new BasicNameValuePair("password", {Password}));
post.setEntity(new UrlEncodedFormEntity(urlParameters));
HttpResponse response = client.execute(post);
System.out.println("Response Code : " + response.getStatusLine().getStatusCode());
BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
StringBuffer result = new StringBuffer();
String line1 = "";
while ((line1 = rd.readLine()) != null) {
result.append(line1);
}
System.out.println(result);
If your username and password are valid, response.getStatusLine().getStatusCode()will give the value as HTTP 200 along with AccessTokenand RefreshToken. Otherwise response.getStatusLine().getStatusCode()will give the value as HTTP 403 and data as: {"error":"invalid_grant","error_description":"Invalid user credentials"}
如果您的用户名和密码有效,response.getStatusLine().getStatusCode()则将值为 HTTP 200 以及AccessToken和RefreshToken。否则response.getStatusLine().getStatusCode()将把值作为 HTTP 403 和数据作为:{"error":"invalid_grant","error_description":"Invalid user credentials"}
