如何在 Android 中测试 SAML RestAPI?

huangapple go评论74阅读模式
英文:

How can I test SAML RestAPI in Android?

问题

我已经尝试了使用 openid-connect,它是有效的。我希望对于 SAML 也能做同样的事情。供参考,我正在使用 Keycloak 进行演示。因此,我已经在 Keycloak 控制台/仪表板内将协议从 openid-connect 更改为了 SAML。

代码:

@Override
protected Boolean doInBackground(String... params) {
    try {
        OkHttpClient client = new OkHttpClient().newBuilder()
                .build();
        MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");

        /*对于 openid-connect*/
        //RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test@123&grant_type=password&client_secret=c89b1eed-136d-445f-bfb0-e7e2bdac89ee");


        /*对于 SAML*/
        RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test@123&grant_type=password");

        /*URL 根据协议手动更改*/
        Request request = new Request.Builder()
                .url("http://10.0.2.2:8080/auth/realms/Lifetrenz/protocol/saml/token")
                .method("POST", body)
                .addHeader("Content-Type", "application/x-www-form-urlencoded")
                .build();
        Response response = client.newCall(request).execute();
        data = "CODE: " + response.code() + "\n" + "MESSAGE: " + response.message() + "\n" + "BODY: " + response.body().string();
        return true;
    } catch (Exception ex) {
        ex.printStackTrace();
        return false;
    }
}
英文:

I tried this with openid-connect, and it is working. I want same thing for SAML. FYI, I'm doing demo with Keycloak. So I already changed protocol from openid-connet to SAML inside Keycloak console/dashboard.

Code:

@Override
    protected Boolean doInBackground(String... params) {
        try {
            OkHttpClient client = new OkHttpClient().newBuilder()
                    .build();
            MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
            
            /*For openid-connect*/
            //RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test@123&grant_type=password&client_secret=c89b1eed-136d-445f-bfb0-e7e2bdac89ee");


            /*For SAML*/
            RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test@123&grant_type=password");


            /*URL is changing manually accoridng to protocol*/
            Request request = new Request.Builder()
                    .url("http://10.0.2.2:8080/auth/realms/Lifetrenz/protocol/saml/token")
                    .method("POST", body)
                    .addHeader("Content-Type", "application/x-www-form-urlencoded")
                    .build();
            Response response = client.newCall(request).execute();
            data = "CODE: " + response.code() + "\n" + "MESSAGE: " + response.message() + "\n" + "BODY: " + response.body().string();
            return true;
        } catch (Exception ex) {
            ex.printStackTrace();
            return false;
        }
    }

Please guide me. And please answer in Java instead of Kotlin.

答案1

得分: 1

你不能仅仅将协议更改为SAML,然后发送OpenID Connect参数。

这里是一个SAML请求的示例。参数完全不同。

而且你不能使用REST API。SAML使用浏览器重定向。

虽然我不是Keycloak专家,但你的应用程序需要一个客户端SAML堆栈

英文:

You can't just change the protocol to SAML and then send OpenID Connect parameters.

Here's an example of a SAML request. The parameters are completely different.

And you can't use REST API. SAML uses browser redirects.

Not a Keycloak expert but your application needs a client-side SAML stack.

huangapple
  • 本文由 发表于 2020年9月28日 01:04:31
  • 转载请务必保留本文链接:https://go.coder-hub.com/64091125.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定