猿问

客户端策略的keycloak SPI?

我正在尝试实施SPI一个客户端策略来替换我在js.


我实现PolicyProvider了类似于this和PolicyProviderFactorylike this ,然后按照实现 SPI中的说明将我的复制jar到standalone/deployments


我可以在日志中看到 jar 已部署:


08:17:02,647 INFO  [stdout] (MSC service thread 1-3) about to start org.keycloak.services.util.JsonConfigProvider$JsonScope@266abf6d                                                                             

08:17:02,682 WARN  [org.keycloak.services] (MSC service thread 1-3) KC-SERVICES0047: myEvListener (example.myProvider.EvListenerProviderFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice                                                                                                                                                                               

08:17:02,692 WARN  [org.keycloak.services] (MSC service thread 1-3) KC-SERVICES0047: myRolePolicy (example.myProvider.MyPolicyProviderFactory) is implementing the internal SPI policy. This SPI is internal and may change without notice                                                                                                                                                                                         

08:17:02,814 INFO  [org.jboss.as.server] (DeploymentScanner-threads - 2) WFLYSRV0010: Deployed "myPolicyProvider.jar" (runtime-name : "myPolicyProvider.jar")  

现在我找不到使用我的实际创建客户端策略的方法SPI

在服务器信息中,我可以看到策略提供程序中列出的策略(my-role-policy和):my-js-policy

http://img3.mukewang.com/62d7e9440001043504340222.jpg

如果有人能指出我正确的方向,我将不胜感激。




慕姐4208626
浏览 110回答 1
1回答

紫衣仙女

为了创建策略,需要向以下位置发出 POST 请求:http://${host}:${port}/auth/realms/${realm}/clients/${clientId}/authz/resource-server/policy/${policyId}在哪里policyId指定PolicyProviderFactorypublic String getId() {    return "myId";}您的帖子正文应该是 json{    "decisionStrategy": "AFFIRMATIVE",    "logic": "POSITIVE",    "name": "policyName",    .... // other fields required in your policy implementation}卷曲请求示例:curl --request POST \  --url http://${host}:${port}/auth/admin/realms/${realm}/clients/${clientId}/authz/resource-server/policy/${policyId} \  --header 'authorization: Bearer ${token}' \  --header 'content-type: application/json' \  --data '{"decisionStrategy": "AFFIRMATIVE","logic": "POSITIVE","name": "is-admin","role": "admin"}'
随时随地看视频慕课网APP

相关分类

Java
我要回答