我正在尝试实施SPI一个客户端策略来替换我在js.我实现PolicyProvider了类似于this和PolicyProviderFactorylike this ,然后按照实现 SPI中的说明将我的复制jar到standalone/deployments我可以在日志中看到 jar 已部署:08:17:02,647 INFO [stdout] (MSC service thread 1-3) about to start org.keycloak.services.util.JsonConfigProvider$JsonScope@266abf6d 08:17:02,682 WARN [org.keycloak.services] (MSC service thread 1-3) KC-SERVICES0047: myEvListener (example.myProvider.EvListenerProviderFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice 08:17:02,692 WARN [org.keycloak.services] (MSC service thread 1-3) KC-SERVICES0047: myRolePolicy (example.myProvider.MyPolicyProviderFactory) is implementing the internal SPI policy. This SPI is internal and may change without notice 08:17:02,814 INFO [org.jboss.as.server] (DeploymentScanner-threads - 2) WFLYSRV0010: Deployed "myPolicyProvider.jar" (runtime-name : "myPolicyProvider.jar") 现在我找不到使用我的实际创建客户端策略的方法SPI在服务器信息中,我可以看到策略提供程序中列出的策略(my-role-policy和):my-js-policy如果有人能指出我正确的方向,我将不胜感激。
1 回答
紫衣仙女
TA贡献1839条经验 获得超15个赞
为了创建策略,需要向以下位置发出 POST 请求:
http://${host}:${port}/auth/realms/${realm}/clients/${clientId}/authz/resource-server/policy/${policyId}
在哪里policyId指定PolicyProviderFactory
public String getId() {
return "myId";
}
您的帖子正文应该是 json
{
"decisionStrategy": "AFFIRMATIVE",
"logic": "POSITIVE",
"name": "policyName",
.... // other fields required in your policy implementation
}
卷曲请求示例:
curl --request POST \
--url http://${host}:${port}/auth/admin/realms/${realm}/clients/${clientId}/authz/resource-server/policy/${policyId} \
--header 'authorization: Bearer ${token}' \
--header 'content-type: application/json' \
--data '{"decisionStrategy": "AFFIRMATIVE","logic": "POSITIVE","name": "is-admin","role": "admin"}'
添加回答
举报
0/150
提交
取消