英文:
Keycloak - Best/easiest way to add the client's IP address to the JWT token?
问题
我希望将认证用户的 IP 地址添加到 JWT 令牌中,以便稍后在中间件中使用。实现这一目标最简单的方法是什么?
Keycloak v6.0.1
英文:
I'm hoping to add the authenticating user's IP address to the JWT token for later use in the middleware. What is the easiest way to accomplish this?
Keycloak v6.0.1
答案1
得分: 2
Client Address在用户会话注释中不可用,除非用户是服务账户(私有客户端)- 相关文档。
最简单的方法是为Keycloak编写一个插件,在用户登录/令牌刷新时添加事件监听器,以将其添加到用户会话注释中。
我创建了这个快速示例 - https://github.com/CharlyRipp/keycloak-user-details-provider。
请注意,此示例适用于Keycloak 15(在本回答时)- 将POM的父级更改为所需版本,然后可能需要修复getRealm和getUserSession调用,因为这些调用在最近的版本中已更改。
英文:
Client Address is not available in the user session note, unless the user is a Service Account (private client) - Relevant Documentation.
Easiest way to achieve this is to write a plugin for keycloak, adding an event listener on user login/token refresh to add to the user session notes.
Created this quick example - https://github.com/CharlyRipp/keycloak-user-details-provider.
Note this example is for keycloak 15 (at the time of this answer) - changing the POM parent to the desired version, then may need to fix getRealm and getUserSession calls as those have changed in recent versions.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论