Springboot Keycloak Admin添加角色或重置密码错误
Posted
技术标签:
【中文标题】Springboot Keycloak Admin添加角色或重置密码错误【英文标题】:Springboot Keycloak Admin add role or reset password error 【发布时间】:2021-05-24 05:51:23 【问题描述】:我尝试使用管理员客户端在我的密钥斗篷中创建一个新用户
使用此代码:
package br.com.fabioebner.surfpp.api.serivce;
import lombok.extern.slf4j.Slf4j;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.*;
import org.keycloak.representations.idm.*;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.event.EventListener;
import org.springframework.stereotype.Service;
import javax.ws.rs.core.Response;
import java.util.*;
@Service
@Slf4j
public class KeycloakService
private final RealmResource realm;
private final Keycloak keycloak;
public KeycloakService()
this.keycloak = Keycloak.getInstance(
"https://myKey/auth/",
"master",
"admin",
"myPass",
"admin-cli");
this.realm = keycloak.realm("myRealm");
@EventListener(ApplicationReadyEvent.class)
public void addUser()
UsersResource users = realm.users();
ClientResource api = realm.clients().get("api");
// RoleResource usuario = api.roles().get("USUARIO");
UserRepresentation novoUsuario = new UserRepresentation();
novoUsuario.setUsername("joao");
novoUsuario.setEmail("joao@s.com");
novoUsuario.setEnabled(true);
novoUsuario.setFirstName("Joao");
novoUsuario.setLastName("da Silva");
novoUsuario.setEmailVerified(true);
Response response = users.create(novoUsuario);
String idCriado = response.getLocation().toString().substring(response.getLocation().toString().indexOf("/users/")+7);
updatePassword(idCriado, "1234"); //HERE RETURN 400 ERROR
assignRealmRoles(this.realm, idCriado, Collections.singletonList("USUARIO")); //HERE RETURN 404 ERROR
System.out.println("ss");
private void updatePassword(String id,String pass)
CredentialRepresentation cred = new CredentialRepresentation();
cred.setType(CredentialRepresentation.PASSWORD);
cred.setValue(pass);
cred.setTemporary(false);
realm.users().get(id).resetPassword(cred);
public static void assignRealmRoles(RealmResource realm, String userId, List<String> roles)
String realmName = realm.toRepresentation().getRealm();
List<RoleRepresentation> roleRepresentations = new ArrayList<>();
for (String roleName : roles)
RoleRepresentation role = realm.clients().get("f3fcd887-6b7d-497b-b344-248143542202").roles().get(roleName).toRepresentation();
roleRepresentations.add(role);
UserResource userResource = realm.users().get(userId);
userResource.roles().clientLevel("api").add(roleRepresentations);
所以我尝试使用角色和密码创建用户但没有成功,现在用户已创建但我无法向该用户添加角色并更新密码。
【问题讨论】:
【参考方案1】:更新密码:
您收到 400,因为用户 ID 无效。请尝试以下操作:
Response response = users.create(novoUsuario);
String idCriado = users.list().stream()
.filter(user -> user.getUsername().equals("joao"))
.findFirst()
.map(UserRepresentation::getId)
.orElseThrow();
updatePassword(idCriado, "1234");
添加角色
代替
userResource.roles().clientLevel("api").add(roleRepresentations);
在您的情况下,您需要将 clientID 传递给 clientLevel 方法:
userResource.roles().clientLevel("f3fcd887-6b7d-497b-b344-248143542202").add(roleRepresentations);
【讨论】:
以上是关于Springboot Keycloak Admin添加角色或重置密码错误的主要内容,如果未能解决你的问题,请参考以下文章
Spring Boot 和 Keycloak - 仅适用于 get 方法