Java Springboot密钥斗篷管理员添加角色或重置密码错误
我尝试使用管理客户端在我的KeyClope中创建一个新用户 使用此代码:Java Springboot密钥斗篷管理员添加角色或重置密码错误,java,spring-boot,oauth-2.0,keycloak,spring-security-oauth2,Java,Spring Boot,Oauth 2.0,Keycloak,Spring Security Oauth2,我尝试使用管理客户端在我的KeyClope中创建一个新用户 使用此代码: package br.com.fabioebner.surfpp.api.serivce; import lombok.extern.slf4j.Slf4j; import org.keycloak.OAuth2Constants; import org.keycloak.admin.client.Keycloak; import org.keycloak.admin.client.KeycloakBuilder; im
package br.com.fabioebner.surfpp.api.serivce;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.*;
import org.keycloak.representations.idm.*;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.event.EventListener;
import org.springframework.stereotype.Service;
import javax.ws.rs.core.Response;
import java.util.*;
@Service
@Slf4j
public class KeycloakService {
private final RealmResource realm;
private final Keycloak keycloak;
public KeycloakService() {
this.keycloak = Keycloak.getInstance(
"https://myKey/auth/",
"master",
"admin",
"myPass",
"admin-cli");
this.realm = keycloak.realm("myRealm");
}
@EventListener(ApplicationReadyEvent.class)
public void addUser(){
UsersResource users = realm.users();
ClientResource api = realm.clients().get("api");
// RoleResource usuario = api.roles().get("USUARIO");
UserRepresentation novoUsuario = new UserRepresentation();
novoUsuario.setUsername("joao");
novoUsuario.setEmail("joao@s.com");
novoUsuario.setEnabled(true);
novoUsuario.setFirstName("Joao");
novoUsuario.setLastName("da Silva");
novoUsuario.setEmailVerified(true);
Response response = users.create(novoUsuario);
String idCriado = response.getLocation().toString().substring(response.getLocation().toString().indexOf("/users/")+7);
updatePassword(idCriado, "1234"); //HERE RETURN 400 ERROR
assignRealmRoles(this.realm, idCriado, Collections.singletonList("USUARIO")); //HERE RETURN 404 ERROR
System.out.println("ss");
}
private void updatePassword(String id,String pass){
CredentialRepresentation cred = new CredentialRepresentation();
cred.setType(CredentialRepresentation.PASSWORD);
cred.setValue(pass);
cred.setTemporary(false);
realm.users().get(id).resetPassword(cred);
}
public static void assignRealmRoles(RealmResource realm, String userId, List<String> roles) {
String realmName = realm.toRepresentation().getRealm();
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles) {
RoleRepresentation role = realm.clients().get("f3fcd887-6b7d-497b-b344-248143542202").roles().get(roleName).toRepresentation();
roleRepresentations.add(role);
}
UserResource userResource = realm.users().get(userId);
userResource.roles().clientLevel("api").add(roleRepresentations);
}
}
package br.com.fabioebner.surfpp.api.serivce;
导入lombok.extern.slf4j.slf4j;
导入org.keydape.OAuth2Constants;
导入org.keydove.admin.client.keydove;
导入org.keydepot.admin.client.keydeposebuilder;
导入org.keydape.admin.client.resource.*;
导入org.keydeport.representations.idm.*;
导入org.springframework.boot.context.event.ApplicationReadyEvent;
导入org.springframework.context.event.EventListener;
导入org.springframework.stereotype.Service;
导入javax.ws.rs.core.Response;
导入java.util.*;
@服务
@Slf4j
公共类密钥管理服务{
私有最终领域资源领域;
私人最终密钥斗篷;
公钥密码服务(){
this.keydove=keydove.getInstance(
"https://myKey/auth/",
“主人”,
“管理员”,
“我的通行证”,
“管理cli”);
this.realm=keydape.realm(“myRealm”);
}
@EventListener(ApplicationReadyEvent.class)
public void addUser(){
UsersResource users=realm.users();
ClientResource api=realm.clients().get(“api”);
//RoleResource usuario=api.roles().get(“usuario”);
UserRepresentation novoUsuario=新的UserRepresentation();
novoUsuario.setUsername(“joao”);
novoUsuario.setEmail(“joao@s.com");
novoUsuario.setEnabled(真);
novoUsuario.setFirstName(“Joao”);
novoUsuario.setLastName(“达席尔瓦”);
novoUsuario.setEmailVerified(真);
响应=users.create(novoUsuario);
字符串idCriado=response.getLocation().toString().substring(response.getLocation().toString().indexOf(“/users/”)+7);
updatePassword(idCriado,“1234”);//此处返回400错误
assignRealmRoles(this.realm、idCriado、Collections.singletonList(“USUARIO”);//此处返回404错误
系统输出打印号(“ss”);
}
私有void updatePassword(字符串id,字符串传递){
CredentialRepresentation cred=新的CredentialRepresentation();
cred.setType(CredentialRepresentation.PASSWORD);
信用设定值(通过);
临时工(假);
realm.users().get(id).resetPassword(cred);
}
公共静态void assignRealmRoles(RealmResource领域、字符串用户ID、列表角色){
字符串realmName=realm.toRepresentation().getRealm();
List roleRepresentations=new ArrayList();
for(字符串roleName:角色){
RoleRepresentation role=realm.clients().get(“f3fcd887-6b7d-497b-b344-24814354202”).roles().get(roleName.torerepresentation();
添加(角色);
}
UserResource UserResource=realm.users().get(userId);
userResource.roles().clientLevel(“api”).add(roleRepresentations);
}
}
因此,我尝试使用角色和密码创建用户,但没有成功,现在用户已创建,但我无法向该用户添加角色并更新密码。更新密码: 由于用户ID无效,您将获得400。请尝试以下操作:
Response response = users.create(novoUsuario);
String idCriado = users.list().stream()
.filter(user -> user.getUsername().equals("joao"))
.findFirst()
.map(UserRepresentation::getId)
.orElseThrow();
updatePassword(idCriado, "1234");
添加角色
而不是
userResource.roles().clientLevel("api").add(roleRepresentations);
在您的情况下,需要将clientID传递给clientLevel
方法:
userResource.roles().clientLevel("f3fcd887-6b7d-497b-b344-248143542202").add(roleRepresentations);