客户端获取 keycloak token 信息
包括: accessToken、refreshToken、idToken
pom.xml
keycloak-admin-client
或者quarkus-keycloak-admin-client
任选其一即可。
注意:
目前版本貌似有bug:RESTEASY004635: Resteasy Client Proxy for : org.keycloak.admin.client.resource.RealmResource
<!-- Keycloak Admin REST Client -->
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-admin-client</artifactId>
<!-- 版本应保持与实际情况一致 -->
<version>22.0.1</version>
</dependency>
<!-- quarkus-keycloak-admin-client -->
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-keycloak-admin-client</artifactId>
<version>3.3.0</version>
</dependency>
获取普通用户的token信息(Xxx.java)
String serverUrl = "http://localhost:8090/";
String realm = "realm-01";
String clientId = "web-client";
String clientSecret = "8MwGl8X9DfMkk0mmzTaGyZIuMWPIBfjc";
String username = "user-001";
String password = "1234";
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl(serverUrl)
.realm(realm)
.clientId(clientId)
.clientSecret(clientSecret)
.username(username)
.password(password)
.grantType(OAuth2Constants.PASSWORD)
.scope(OAuth2Constants.SCOPE_OPENID)
.build();
AccessTokenResponse tokenResponse = keycloak.tokenManager().getAccessToken();
String accessToken = tokenResponse.getToken();
String idToken = tokenResponse.getIdToken();
String refreshToken = tokenResponse.getRefreshToken();
// Get user resource
RealmResource realmResource = keycloak.realm(realm);
UserResource userResource = realmResource.users().get("5962a29c-9a13-483e-9ad3-f2a57dbde9a9");
// Get user representation
UserRepresentation user = userResource.toRepresentation();
// Print user information
System.out.println("User ID: " + user.getId());
System.out.println("Username: " + user.getUsername());
System.out.println("Email: " + user.getEmail());
获取Keycloak更高级别的权限,可以控制Keycloak的一些高级行为,例如清除缓存(Xxx.java)
String serverUrl = "http://localhost:8090/";
String adminUsername = "admin";
String adminPassword = "admin";
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl(serverUrl)
.username(adminUsername)
.password(adminPassword)
// 使用 master realm
.realm("master")
// 使用内置的 admin-cli 客户端
.clientId("admin-cli")
.grantType(OAuth2Constants.PASSWORD)
.scope(OAuth2Constants.SCOPE_OPENID)
.build();
// 清除域下的用户缓存
keycloak.realm("realm-01").clearUserCache();