锘??xml version="1.0" encoding="utf-8" standalone="yes"?>91午夜精品,日韩一级免费观看,亚洲成人在线免费http://www.aygfsteel.com/paulwong/category/55364.htmlzh-cnThu, 21 Apr 2022 21:40:01 GMTThu, 21 Apr 2022 21:40:01 GMT60KEYCLOAK鎺堟潈妯″紡涓庡疄鏂?/title><link>http://www.aygfsteel.com/paulwong/archive/2022/04/21/450723.html</link><dc:creator>paulwong</dc:creator><author>paulwong</author><pubDate>Thu, 21 Apr 2022 07:32:00 GMT</pubDate><guid>http://www.aygfsteel.com/paulwong/archive/2022/04/21/450723.html</guid><wfw:comment>http://www.aygfsteel.com/paulwong/comments/450723.html</wfw:comment><comments>http://www.aygfsteel.com/paulwong/archive/2022/04/21/450723.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>http://www.aygfsteel.com/paulwong/comments/commentRss/450723.html</wfw:commentRss><trackback:ping>http://www.aygfsteel.com/paulwong/services/trackbacks/450723.html</trackback:ping><description><![CDATA[<br /><a target="_blank">https://stackoverflow.com/questions/42186537/resources-scopes-permissions-and-policies-in-keycloak</a><br /><img src ="http://www.aygfsteel.com/paulwong/aggbug/450723.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="http://www.aygfsteel.com/paulwong/" target="_blank">paulwong</a> 2022-04-21 15:32 <a href="http://www.aygfsteel.com/paulwong/archive/2022/04/21/450723.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>KEYCLOA+DMariaDB 鍦↙INUX涓婄殑瀹夎http://www.aygfsteel.com/paulwong/archive/2022/04/14/450717.htmlpaulwongpaulwongThu, 14 Apr 2022 07:15:00 GMThttp://www.aygfsteel.com/paulwong/archive/2022/04/14/450717.htmlhttp://www.aygfsteel.com/paulwong/comments/450717.htmlhttp://www.aygfsteel.com/paulwong/archive/2022/04/14/450717.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/450717.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/450717.htmlhttps://www.janua.fr/how-to-install-keycloak-with-mariadb/

鍚姩鏃墮厤緗笉閫氳繃localhost璁塊棶鎺у埗鍙幫細
#! /bin/bash

BIN_PATH=$(cd `dirname $0`; pwd)
IP=10.10.27.69
KEYCLOAK_OPT="-b ${IP} -Djboss.bind.address.management=${IP} -Dkeycloak.profile.feature.upload_scripts=enabled"
KEYCLOAK_OPT="${KEYCLOAK_OPT} -Djboss.socket.binding.port-offset=100 -Dkeycloak.frontendUrl=http://${IP}:81/auth "
#-Dkeycloak.hostname=${IP} -Dkeycloak.httpPort=81 -Dkeycloak.httpsPort=82

nohup ${BIN_PATH}/bin/standalone.sh ${KEYCLOAK_OPT} > /dev/null &

鏇存敼KEYCLOAK鐨凞ATASOURCE鏃訛紝鍙洿鎺ユ洿鏀歸粯璁ょ殑鑰屾棤闇閲嶆柊閰嶇疆錛?br />https://medium.com/@pratik.dandavate/setting-up-keycloak-standalone-with-mysql-database-7ebb614cc229

KEYCLOAK鐨凧BOSS綆$悊鐣岄潰鍦板潃鏀逛負闈濴OCALHOST錛?br />
-Djboss.bind.address.management=${IP}

濡傛灉鏄敱NGINX榪囨潵鐨勮闂紝榪欐牱鍓嶇鐨勫湴鍧鏄拰榛樿鐨勪笉涓鏍鳳紝闇閰嶇疆鍓嶇URL錛?br />
-Dkeycloak.frontendUrl=http://${IP}:81/auth

鏇存敼JVM澶у皬standalone.conf錛?br />
#
# Specify options to pass to the Java VM.
#

JBOSS_JAVA_SIZING="-server -Xms3G -Xmx3G -Xmn512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m"

REFERENCE:
https://www.keycloak.org/docs/latest/server_installation/index.html#_hostname


paulwong 2022-04-14 15:15 鍙戣〃璇勮
]]>Easily Secure your Microservices with Keycloakhttp://www.aygfsteel.com/paulwong/archive/2022/01/03/438645.htmlpaulwongpaulwongMon, 03 Jan 2022 02:03:00 GMThttp://www.aygfsteel.com/paulwong/archive/2022/01/03/438645.htmlhttp://www.aygfsteel.com/paulwong/comments/438645.htmlhttp://www.aygfsteel.com/paulwong/archive/2022/01/03/438645.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/438645.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/438645.htmlhttps://www.doag.org/formes/pubfiles/11143470/2019-NN-Sebastien_Blanc-Easily_Secure_your_Microservices_with_Keycloak-Praesentation.pdf



paulwong 2022-01-03 10:03 鍙戣〃璇勮
]]>OIDC - KEYCLOAK - 鑷畾涔塁LIENT SCOPEhttp://www.aygfsteel.com/paulwong/archive/2021/12/22/436242.htmlpaulwongpaulwongWed, 22 Dec 2021 03:15:00 GMThttp://www.aygfsteel.com/paulwong/archive/2021/12/22/436242.htmlhttp://www.aygfsteel.com/paulwong/comments/436242.htmlhttp://www.aygfsteel.com/paulwong/archive/2021/12/22/436242.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/436242.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/436242.html
"resource_access": {
    "app-springboot-confidential": {
      "roles": [
        "user"
      ]
    },
    "test-employee-service": {
      "roles": [
        "READ_EMPLOYEE"
      ]
    },
    "service-springboot": {
      "roles": [
        "READ_PRODUCTS"
      ]
    },
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links"
      ]
    },
    "test-department-service": {
      "roles": [
        "READ_DEPARTMENT"
      ]
    }
  }

  • 闇瑕佸皢鏉冮檺鐨勪俊鎭緭鍑哄埌涓涓狵EY涓紝榪欐椂鍙互鏂板鑷畾涔塁LIENT SCOPE銆侻apper涓柊澧濳EYCLOAK宸插唴緗殑銆恟ealm roles/client roles銆戯紝瀹氫箟杈撳嚭鍒癑TW鐨勫瓧孌靛悕錛歮y-roles銆?/li>
  • 鎺堟潈鍝簺CLIENT鍙互璇誨彇姝LIENT SCOPE.
  • 鍦ㄧ櫥褰曞弬鏁皊cope涓紝鍔犲叆姝ゅ鹼細my-roles錛岃繖鏍峰湪杈撳嚭鐨凧WT灝變細浠ュ鉤闈㈢殑鏂瑰紡杈撳嚭鎵鏈塺oles
"my-roles": [
    "user",
    "READ_EMPLOYEE",
    "READ_PRODUCTS",
    "manage-account",
    "manage-account-links",
    "READ_DEPARTMENT",
    "offline_access",
    "user"
  ]

  • SPRING SECURITY涓彇鍑烘潈闄愪俊鎭細

@Bean
    public ReactiveJwtAuthenticationConverter jwtAuthenticationConverter(ObjectMapper objectMapper) {
        
        JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
        jwtGrantedAuthoritiesConverter.setAuthorityPrefix("ROLE_");
        jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName("my-roles");
        
//        KeycloakRealmRoleConverter keycloakRealmRoleConverter = new KeycloakRealmRoleConverter(objectMapper);
        
        ReactiveJwtGrantedAuthoritiesConverterAdapter reactiveJwtGrantedAuthoritiesConverterAdapter = 
                new ReactiveJwtGrantedAuthoritiesConverterAdapter(
//                        new KeycloakRealmRoleConverter(objectMapper);
                        jwtGrantedAuthoritiesConverter
                    );
        
        ReactiveJwtAuthenticationConverter jwtConverter = new ReactiveJwtAuthenticationConverter();
        jwtConverter.setJwtGrantedAuthoritiesConverter(reactiveJwtGrantedAuthoritiesConverterAdapter);
        
        return jwtConverter;
    }

  • 鍒ゆ柇鏄惁鏈夋潈闄?/li>

ServerHttpSecurity
            .authorizeExchange(
                a -> a.pathMatchers("/", "/error").permitAll()
                      .matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
                      .pathMatchers(HttpMethod.GET, "/protected/**").hasRole("READ_DEPARTMENT")
                      .anyExchange()
                      .authenticated()
             )


paulwong 2021-12-22 11:15 鍙戣〃璇勮
]]>浣跨敤REST API涓嶬EYCLOAK榪涜OUATH2鍗忚鐨勭櫥褰曡璇?/title><link>http://www.aygfsteel.com/paulwong/archive/2021/10/12/436009.html</link><dc:creator>paulwong</dc:creator><author>paulwong</author><pubDate>Tue, 12 Oct 2021 06:40:00 GMT</pubDate><guid>http://www.aygfsteel.com/paulwong/archive/2021/10/12/436009.html</guid><wfw:comment>http://www.aygfsteel.com/paulwong/comments/436009.html</wfw:comment><comments>http://www.aygfsteel.com/paulwong/archive/2021/10/12/436009.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>http://www.aygfsteel.com/paulwong/comments/commentRss/436009.html</wfw:commentRss><trackback:ping>http://www.aygfsteel.com/paulwong/services/trackbacks/436009.html</trackback:ping><description><![CDATA[KEYCLOAK鏄竴濂楃敤鎴楓乄EB API鐧誨綍綆$悊錛屾巿鏉冪鐞嗙殑WEB搴旂敤銆?br />濡傛灉瑕佽闂彈KEYCLOAK淇濇姢鐨凴EST API鏈嶅姟錛屽垯闇瑕佸す甯︿竴涓狝CCESS_TOKEN銆?br /><br />鍓嶇欏甸潰錛?br /><ul><li>鍓嶇欏甸潰涓鑸槸緇欑敤鎴蜂嬌鐢ㄧ殑錛屽垯闇瑕佺敤鎴瘋緭鍏ュ湪KEYCLOAK涓湁鏁堢殑鐢ㄦ埛鍚嶅拰瀵嗙爜錛屽茍鎻愪緵CALL BAK鐨刄RL錛屾彁浜ょ粰KEYCLOAK<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/auth?client_id=app-springboot-confidential<span style="color: #FF0000; ">&redirect_uri</span>=http://10.80.27.69:8183/<span style="color: #FF0000; ">&response_type</span>=code<span style="color: #FF0000; ">&scope</span>=openid</div></li><li>濡傛灉KEYCLOAK楠岃瘉閫氳繃錛屽垯閫氱煡欏甸潰閲嶅鍚戝洖璋冪殑URL錛屽茍闄勪笂code=xxx錛屾code鍒欐槸AUTHORIZATION_CODE<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http://10.80.27.69:8183/?session_state=2ad9ab98-6c39-43a8-872f-2112c27b74df<span style="color: #FF0000; ">&code</span>=3f48ce19-58f9-45d9-8c09-30d492bf4b24.2ad9ab98-6c39-43a8-872f-2112c27b74df.bd7526ef-b1bf-447f-baef-b7dfd6f0df93</div></li><li>鍥炶皟鐨刄RL瀵瑰簲鐨凷ERVELET錛屽彇寰桝UTHORIZATION_CODE錛屽茍鍔犱笂client_id鍜宑lient_secrect錛岃皟鐢↘EYLOAK鐨勫彇ACCESS_TOKEN鐨凥TTP API錛屽彇寰桝CCESS_TOKEN錛岃繑鍥炵粰欏甸潰<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token<br />client_id=app-springboot-confidential<span style="color: #FF0000; ">&client_secret</span>=3acf7692-49cb-4c45-9943-6f3dba512dae<span style="color: #FF0000; ">&redirect_uri</span>=http://10.80.27.69:8183/<span style="color: #FF0000; ">&grant_type</span>=authorization_code<span style="color: #FF0000; ">&code</span>=cc7ac566-90f9-404e-b88e-fa28037b07d1.591311e1-5380-46a2-9363-834f17337922.bd7526ef-b1bf-447f-baef-b7dfd6f0df93</div></li><li>欏甸潰淇濆瓨姝CCESS_TOKEN錛屽氨鍙互璋冪敤鍚庡彴鐨勫悇縐岮PI鑾峰彇鏁版嵁<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->{<br />    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJGSjg2R2NGM2pUYk5MT2NvNE52WmtVQ0lVbWZZQ3FvcXRPUWVNZmJoTmxFIn0.eyJleHAiOjE2MzQwMjA4ODksImlhdCI6MTYzNDAyMDU4OSwianRpIjoiNDAwOTQ4ZmQtMGU0MS00YWRjLTlhY2MtMzczZWM2NDVhNzM5IiwiaXNzIjoiaHR0cDovLzEwLjgwLjI3LjY5OjgxODAvYXV0aC9yZWFsbXMvcXVpY2tzdGFydCIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiJkZGVkMDA2YS0xY2QxLTRjODUtOTQ1MS0wMjFlZmY3OTFiMmUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhcHAtc3ByaW5nYm9vdC1jb25maWRlbnRpYWwiLCJzZXNzaW9uX3N0YXRlIjoiYzRlN2QzYTgtMDg2My00OTAwLTkxZmEtMGExYmFmYmRlNGU3IiwiYWNyIjoiMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYXBwLXNwcmluZ2Jvb3QtY29uZmlkZW50aWFsIjp7InJvbGVzIjpbInVtYV9wcm90ZWN0aW9uIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6InByb2ZpbGUgZW1haWwiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoiYXBwLXNwcmluZ2Jvb3QtY29uZmlkZW50aWFsIiwiY2xpZW50SG9zdCI6IjEwLjEwLjIwLjU3IiwidXNlcl9uYW1lIjoic2VydmljZS1hY2NvdW50LWFwcC1zcHJpbmdib290LWNvbmZpZGVudGlhbCIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1hcHAtc3ByaW5nYm9vdC1jb25maWRlbnRpYWwiLCJjbGllbnRBZGRyZXNzIjoiMTAuMTAuMjAuNTcifQ.Ut6aZ6E1d4Esz0gRv2ubxdvrxmGvZLHHZepD5pnGxlqb_yZ4Q82TdGTG0iL4JJn2NH3QAU501dhzzuv6-OT9BUBKP-4ufyKv2DxSvt3GgdN30au5JsATHFyOWuuZGRBd3iWcynf9u3OJnSkHEnrIwRYatgndLzy8dy3AeqF12CI",<br />    "expires_in": 300,<br />    "refresh_expires_in": 600,<br />    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2MTlhMmJjOS0yMWIwLTRmNGMtODI4OC1kNTJmMjA3OWEzY2EifQ.eyJleHAiOjE2MzQwMjExODksImlhdCI6MTYzNDAyMDU4OSwianRpIjoiYTM0NTQ1MTYtMzc3NC00YmRlLTgzOTMtN2QyMTdkZjdkZmJkIiwiaXNzIjoiaHR0cDovLzEwLjgwLjI3LjY5OjgxODAvYXV0aC9yZWFsbXMvcXVpY2tzdGFydCIsImF1ZCI6Imh0dHA6Ly8xMC44MC4yNy42OTo4MTgwL2F1dGgvcmVhbG1zL3F1aWNrc3RhcnQiLCJzdWIiOiJkZGVkMDA2YS0xY2QxLTRjODUtOTQ1MS0wMjFlZmY3OTFiMmUiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoiYXBwLXNwcmluZ2Jvb3QtY29uZmlkZW50aWFsIiwic2Vzc2lvbl9zdGF0ZSI6ImM0ZTdkM2E4LTA4NjMtNDkwMC05MWZhLTBhMWJhZmJkZTRlNyIsInNjb3BlIjoicHJvZmlsZSBlbWFpbCJ9.QhjkJBGz5UvwBF7xHM7_V_yjfF0lrA_EWzAVdFf-BRI",<br />    "token_type": "bearer",<br />    "not-before-policy": 0,<br />    "session_state": "c4e7d3a8-0863-4900-91fa-0a1bafbde4e7",<br />    "scope": "profile email"<br />}</div></li><li>榪欏氨鏄痑uthorization_code嫻佺▼</li></ul><br />鍚庣鏈嶅姟錛?br /><ul><li>濡傛灉鏄湪涓涓狝PI涓璇鋒眰鍙﹀涓涓狝PI鐨勬暟鎹紝涓嶅瓨鍦ㄥ叿浣撶敤鎴風殑鎯呭喌</li><li>闇鎻愪緵濡備笅鍙傛暟錛歝lient_id銆乧lient_secrect鍜実rant_type錛屼笖grant_type=client_credentials錛岃皟鐢↘EYLOAK鐨勫彇ACCESS_TOKEN鐨凥TTP API錛屽彇寰桝CCESS_TOKEN<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http:<span style="color: #008000; ">//</span><span style="color: #008000; ">10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token</span><span style="color: #008000; "><br /></span>client_id=app-springboot-confidential&client_secret=3acf7692-49cb-4c45-9943-6f3dba512dae&grant_type=client_credentials</div></li><li>鍐嶅皢姝CCESS_TOKEN浠earer TOKEN鐨勬柟寮忚皟鐢ㄥ埆鐨勭殑API</li><li>榪欏氨鏄痗lient_credentials嫻佺▼</li></ul><br />楠岃瘉Access Token鍜岃幏鍙朤oken鍏冧俊鎭細<br /><ul><li><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http:<span style="color: #008000; ">//</span><span style="color: #008000; ">10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token/introspect</span><span style="color: #008000; "><br /></span>client_id=app-springboot-confidential&client_secret=3acf7692-49cb-4c45-9943-6f3dba512dae</div></li><li>Access Token鏃犳晥鏃惰繑鍥烇細<br /><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->{<br />    "active": <span style="color: #0000FF; ">false</span><br />}</div></li></ul><br />鍒鋒柊Token錛?br /><ul><li><div style="background-color:#eeeeee;font-size:13px;border:1px solid #CCCCCC;padding-right: 5px;padding-bottom: 4px;padding-left: 4px;padding-top: 4px;width: 98%;word-break:break-all"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->http:<span style="color: #008000; ">//</span><span style="color: #008000; ">10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token</span><span style="color: #008000; "><br /></span>client_id=app-springboot-confidential&client_secret=3acf7692-49cb-4c45-9943-6f3dba512dae&grant_type=refresh_token&refresh_token=asdfasd</div></li><li>榪斿洖<br /><div style="background-color: #eeeeee; font-size: 13px; border: 1px solid #cccccc; padding: 4px 5px 4px 4px; width: 98%; word-break: break-all;"><!--<br /><br />Code highlighting produced by Actipro CodeHighlighter (freeware)<br />http://www.CodeHighlighter.com/<br /><br />-->{<br />    "access_token": "eyJhbGciOiJSUzI1NiIsIn",<br />    "expires_in": 300,<br />    "refresh_expires_in": 1800,<br />    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOi",<br />    "token_type": "Bearer",<br />    "not-before-policy": 1610728470,<br />    "session_state": "c1273eb5-f922-420c-b23a-854be9735c1d",<br />    "scope": "profile email"<br />}</div></li></ul><br /><br /><br />Reference:<br /><a target="_blank">https://blog.csdn.net/nklinsirui/article/details/112706006</a><br /><br /><a target="_blank">https://www.baeldung.com/?s=keycloak</a><br /><br /><a target="_blank">https://www.doag.org/formes/pubfiles/11143470/2019-NN-Sebastien_Blanc-Easily_Secure_your_Microservices_with_Keycloak-Praesentation.pdf</a><br /><br /><br /><br /><br /><img src ="http://www.aygfsteel.com/paulwong/aggbug/436009.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="http://www.aygfsteel.com/paulwong/" target="_blank">paulwong</a> 2021-10-12 14:40 <a href="http://www.aygfsteel.com/paulwong/archive/2021/10/12/436009.html#Feedback" target="_blank" style="text-decoration:none;">鍙戣〃璇勮</a></div>]]></description></item><item><title>鍩轟簬Spring Cloud鐨勫揩閫熷紑鍙戣剼鎵嬫灦&鏈浣沖疄璺墊葷粨http://www.aygfsteel.com/paulwong/archive/2020/10/09/435685.htmlpaulwongpaulwongFri, 09 Oct 2020 02:48:00 GMThttp://www.aygfsteel.com/paulwong/archive/2020/10/09/435685.htmlhttp://www.aygfsteel.com/paulwong/comments/435685.htmlhttp://www.aygfsteel.com/paulwong/archive/2020/10/09/435685.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/435685.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/435685.html Spring Cloud 浣犳噦鐨?/td> Keycloak 寰湇鍔¤璇佹巿鏉?/td> Jenkins 鎸佺畫闆嗘垚 SonarQube 浠g爜璐ㄩ噺鎺у埗

https://gitee.com/itmuch/spring-cloud-yes

paulwong 2020-10-09 10:48 鍙戣〃璇勮
]]>Keycloak鍒濇帰http://www.aygfsteel.com/paulwong/archive/2020/10/08/435683.htmlpaulwongpaulwongThu, 08 Oct 2020 05:56:00 GMThttp://www.aygfsteel.com/paulwong/archive/2020/10/08/435683.htmlhttp://www.aygfsteel.com/paulwong/comments/435683.htmlhttp://www.aygfsteel.com/paulwong/archive/2020/10/08/435683.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/435683.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/435683.html
鏈夋彁渚涗竴濂梂EB鐣岄潰緇存姢鐢ㄦ埛銆佸簲鐢ㄤ笌瑙掕壊銆?br />
Ream鍒欏彲璁や負鏄縐熸埛錛屾瘡涓鎴風殑搴旂敤鍜岀敤鎴鋒暟鎹槸闅旂鐨勩?br />
http://10.80.27.69:8180/auth/realms/quickstart/.well-known/openid-configuration 鎻愪緵褰撳墠鎵鏈夌殑API鑺傜偣銆?br />
get_access_token_from_public_client:
curl --location --request POST 'http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=alice' \
--data-urlencode 'password=123456' \
--data-urlencode 'client_id=app-springboot-public' \
--data-urlencode 'grant_type=password' \
| jq

./get_access_token_from_confidential_client.sh
curl --location --request POST 'http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=app-springboot-confidential' \
--data-urlencode 'client_secret=3acf7692-49cb-4c45-9943-6f3dba512dae' \
--data-urlencode 'grant_type=client_credentials' \
| jq

璁塊棶涓涓狝CCESS TYPE涓築are only鐨勫簲鐢ㄧ殑涓涓狝PI錛?br />
access_token=$(curl \
-d "client_id=app-springboot-public" \
-d "username=alice" \
-d "password=123456" \
-d "grant_type=password" \
"http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token" \
| jq -r '.access_token')

#echo $access_token

curl -H "Authorization: Bearer $access_token" 'http://10.80.27.69:8182/products' | jq

璁塊棶鐢ㄦ埛淇℃伅錛?br />
access_token=$(curl \
-d "client_id=app-springboot-public" \
-d "username=alice" \
-d "password=123456" \
-d "grant_type=password" \
"http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token" | jq -r '.access_token')


curl -H "Authorization: Bearer $access_token" http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/userinfo | jq
















paulwong 2020-10-08 13:56 鍙戣〃璇勮
]]>keycloak 璧勬簮http://www.aygfsteel.com/paulwong/archive/2020/09/25/435675.htmlpaulwongpaulwongFri, 25 Sep 2020 07:46:00 GMThttp://www.aygfsteel.com/paulwong/archive/2020/09/25/435675.htmlhttp://www.aygfsteel.com/paulwong/comments/435675.htmlhttp://www.aygfsteel.com/paulwong/archive/2020/09/25/435675.html#Feedback0http://www.aygfsteel.com/paulwong/comments/commentRss/435675.htmlhttp://www.aygfsteel.com/paulwong/services/trackbacks/435675.html
Keycloak鏀寔OpenID銆丱Auth 2.0鍜孲AML 2.0鍗忚錛涙敮鎸佺敤鎴鋒敞鍐屻佺敤鎴風鐞嗐佹潈闄愮鐞嗭紱鏀寔OTP錛屾敮鎸佷唬鐞哋penID銆丼AML 2.0 IDP錛屾敮鎸丟itHub銆丩inkedIn絳夌涓夋柟鐧誨綍錛屾敮鎸佹暣鍚圠DAP鍜孉ctive Directory錛涙敮鎸佽嚜瀹氫箟璁よ瘉嫻佺▼銆佽嚜瀹氫箟鐢ㄦ埛鐣岄潰錛屾敮鎸佸浗闄呭寲銆?br />
鏈夌敤鎴風鐞嗙晫闈紝鍙敤浜嶢PI鐨勮璇佸拰鐢ㄦ埛鐨勮璇侊紝鐢ㄦ埛璁よ瘉闇浜轟負杈撳叆鐢ㄦ埛鍚嶄笌瀵嗙爜錛孉PI鍒欏嚟BARE TOKEN鍗沖彲璁よ瘉銆?br />
Spring Boot/Angular鏁村悎Keycloak瀹炵幇鍗曠偣鐧誨綍
https://blog.51cto.com/7308310/2446368

鍍呭崄鍒嗛悩鍗沖彲鎺ュ叆Spring Boot/Vue鍓嶅緦绔垎闆㈡噳鐢ㄥ鐝維SO鍠粸鐧婚寗
https://kknews.cc/code/a6am5pj.html

SpringBoot鏁村悎KeyCloak鏉冮檺綆$悊
https://qianmoq.com/fuwuduan/springboot/springbootzhenghekeycloakquanxianguanli.html

浣跨敤Spring Gateway鍜孠eyCloak鏋勫緩涓涓狾IDC璁よ瘉緋葷粺
https://zhuanlan.zhihu.com/p/138578359

A Quick Guide to Using Keycloak with Spring Boot
https://www.baeldung.com/spring-boot-keycloak

Keycloak涓庡井鏈嶅姟鐨勬暣鍚?br />https://gitee.com/itmuch/spring-cloud-yes/blob/master/doc/keycloak-learn/Keycloak%E6%90%AD%E5%BB%BA%E6%89%8B%E6%8A%8A%E6%89%8B%E6%93%8D%E4%BD%9C%E6%8C%87%E5%8D%97.md

RedHat
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/securing_applications_and_services_guide/openid_connect_3

https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html-single/authorization_services_guide/index

https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/


paulwong 2020-09-25 15:46 鍙戣〃璇勮
]]> 主站蜘蛛池模板: 永吉县| 分宜县| 临颍县| 香港| 大荔县| 吉木萨尔县| 江华| 蒙阴县| 正定县| 西吉县| 龙山县| 抚顺市| 阳山县| 健康| 兴文县| 张家口市| 会同县| 大厂| 大邑县| 左贡县| 巍山| 西乌| 麻阳| 翁源县| 五莲县| 泰州市| 桦川县| 张北县| 华宁县| 育儿| 平罗县| 永宁县| 灵璧县| 石城县| 梁平县| 孝义市| 阜阳市| 昌邑市| 嘉黎县| 佛教| 新巴尔虎右旗|