[keycloak-dev] Oauth Register and Token Validation Example
Harit Himanshu
harit.subscriptions at gmail.com
Tue Jul 29 20:51:45 EDT 2014
Thanks Marek
I saw here
<https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java#L54>
app
gains the accessToken, but did not see where this `/auth` api is
implemented. I want to learn how to I do the same thing of exposing `/auth`
api to generate tokens
I did not see anything in pom.xml
<https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/pom.xml>
either. seems like magic to me at the moment. Any guidance here?
Thanks
On Tue, Jul 29, 2014 at 12:25 AM, Marek Posolda <mposolda at redhat.com> wrote:
> Hi,
>
> the best is to start with documentation
> http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html
> and also look at existing examples
> https://github.com/keycloak/keycloak/tree/master/examples . Probably most
> useful for you might be
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template .
> It has restful application "database-service", where you can send secured
> REST requests with the bearer token attached to them. Other applications in
> the directory are web applications, which obtain bearer token from the
> Keycloak login . Product-portal and customer-portal are JEE applications
> secured by Keycloak itself, third-party and third-party-cdi is more
> traditional OAuth where token is used just to retrieve the secured data
> from "database-service" . See the README for more info.
>
> Example for CORS support is here:
> https://github.com/keycloak/keycloak/tree/master/examples/cors
>
> Marek
>
>
> On 25.7.2014 23:04, Harit Himanshu wrote:
>
> Hey Team,
>
> I am been looking for answer to
> http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis and
> found that keycloak is suitable for securing REST APIs using OAuth 2.0.
>
> I am looking for example where the following is demonstrated
> a.) Third-party app registers and gets Access Token
> b.) Third-Party app accesses Resource Server to access protected resource
> by sending Access Token to REST API
> c.) and How Token is validated.
>
>
> It is mentioned in features of keycloak as
>
> - OAuth Bearer token auth for REST Services
> - OAuth 2.0 Grant requests
> - CORS Support
>
> Can you please guide me through examples?
>
> Thank you
>
>
> On Fri, Jul 25, 2014 at 2:00 PM, Harit Himanshu <
> harit.subscriptions at gmail.com> wrote:
>
>> Hey Team,
>>
>> I am been looking for answer to
>> http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis
>> and found that keycloak is suitable for securing REST APIs using OAuth 2.0.
>>
>> I am looking for example where the following is demonstrated
>> a.) Third-party app registers and gets Access Token
>> b.) Third-Party app accesses Resource Server to access protected resource
>> by sending Access Token to REST API
>> c.) and How Token is validated.
>>
>>
>> It is mentioned in features of keycloak as
>>
>> - OAuth Bearer token auth for REST Services
>> - OAuth 2.0 Grant requests
>> - CORS Support
>>
>> Can you please guide me through examples?
>>
>> Thank you
>> + Harit Himanshu
>>
>
>
>
> _______________________________________________
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20140729/0814787e/attachment.html
More information about the keycloak-dev
mailing list