Is there any way to get a set of resources detailed information from Keycloak server by using Keycloak rest endpoints

huangapple go评论69阅读模式
英文:

Is there any way to get a set of resources detailed information from Keycloak server by using Keycloak rest endpoints

问题

我们有一个用于从Keycloak服务器获取资源信息的REST端点。

  • http://{host}:{port}/auth/realms/{realm}/authz/protection/resource_set/{resource_id}

从这个端点上,我只能获取一个资源的信息。

  • {
    "name": "/TestResource",
    "type": "customer",
    "ownerManagedAccess": false,
    "displayName": "testresource",
    "_id": "资源ID",
    "icon_uri": "testIconUri",
    "uris": [
    "/uri2",
    "/uri1"
    ],
    "resource_scopes": [
    {
    "name": "GET"
    }
    ]
    }

但是,在我的情况下,我需要加载超过25个资源到我的应用程序菜单中。

如果我使用上面的端点,我需要调用同一个服务超过25次。所以我需要其他方法来使用单一端点获取一组资源信息。

我期待有一个解决方案,提前谢谢。

英文:

we have rest point to get the resource information from keycloak server.

  • http://{host}:{port}/auth/realms/{realm}/authz/protection/resource_set/{resource_id}

from this endpoint I can get only one resource information.

-{
    "name": "/TestResource",
    "type": "customer",
    "ownerManagedAccess": false,
    "displayName": "testresource",
    "_id": "****resource id****",
    "icon_uri": "testIconUri",
    "uris": [
        "/uri2",
        "/uri1"
    ],
    "resource_scopes": [
        {
            "name": "GET"
        }
    ]
 }

But, In my case i have more than 25 resources to be loaded in my menu of application.

If i go with above endpoint, i need to call the same service for more than 25 times . so i need some other way to get set of resources information using single endpoint.

I expect a solution for this,
thankyou in advance.

答案1

得分: 1

我找到了解决方案。
我们可以使用Keycloak提供的以下链接获取所有与授权相关的详细信息:

http://{host}:{port}/auth/admin/realms/{realmname}/clients/{clientId}/authz/resource-server/settings

  • 我们必须使用管理员凭据。
  • {clientId} 不是您提供的客户端名称。它由Keycloak为每个客户端生成。
英文:

I found the solution.
we can get all the authorization related details using

http://{host}:{port}/auth/admin/realms/{realmname}/clients/{clientId}/authz/resource-server/settings

provided by keycloak.

  • we have to use admin credentials
  • {clientId} is not the Client Name given by you. it is generated by keycloak for each client

答案2

得分: 1

deep=true 会起作用

firstmax 参数可用于分页

first 类似于 SQL 中的 OFFSET

max 类似于 SQL 中的 LIMIT

响应应该如下所示:

[
    {
        "name": "默认资源",
        "type": "urn:my-client:resources:default",
        "owner": {
            "id": "f6474c23-65d7-4ac4-9921-e3abe17feb87",
            "name": "my-client"
        },
        "ownerManagedAccess": false,
        "attributes": {},
        "_id": "ff243bb5-8b00-4c57-8b18-3604cc687da5",
        "uris": [
            "/*"
        ]
    }
]
英文:

Keycloak 21

/realms/{realm}/authz/protection/resource_set?first=0max=25&deep=true

deep=true does the trick

first and max parameters can be used for pagination

first like OFFSET in SQL

max like LIMIT in SQL

Response should look like:

[
    {
        "name": "Default Resource",
        "type": "urn:my-client:resources:default",
        "owner": {
            "id": "f6474c23-65d7-4ac4-9921-e3abe17feb87",
            "name": "my-client"
        },
        "ownerManagedAccess": false,
        "attributes": {},
        "_id": "ff243bb5-8b00-4c57-8b18-3604cc687da5",
        "uris": [
            "/*"
        ]
    }
]

huangapple
  • 本文由 发表于 2020年1月3日 15:35:40
  • 转载请务必保留本文链接:https://go.coder-hub.com/59574807.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定