<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 30.7.2014 02:51, Harit Himanshu
wrote:<br>
</div>
<blockquote
cite="mid:CADYyO+UCZXBqTQdn3HBR-sM0zWUUdgfu3tv802tsxs5WV=M2PQ@mail.gmail.com"
type="cite">
<div dir="ltr">Thanks Marek
<div><br>
</div>
<div>I saw <a moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java#L54">here</a> app
gains the accessToken, but did not see where this `/auth` api
is implemented. I want to learn how to I do the same thing of
exposing `/auth` api to generate tokens</div>
</div>
</blockquote>
This is example for Direct Grant API. It allows you to send POST
request to Keycloak including username and password and Keycloak
will directly returns you accessToken without even displaying
Keycloak login screen. Direct Grant API has some limitations though
(password must be known to your application, SSO won't work, User
won't be able to login if he needs to do some required action (like
change password) etc.). So it's usually better to use proper login
flow instead of Direct Grant API. See here for more info
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java#L54">https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/src/main/java/org/keycloak/example/AdminClient.java#L54</a>
.<br>
<br>
Marek<br>
<blockquote
cite="mid:CADYyO+UCZXBqTQdn3HBR-sM0zWUUdgfu3tv802tsxs5WV=M2PQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div><br>
</div>
<div>I did not see anything in <a moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/blob/master/examples/demo-template/admin-access-app/pom.xml">pom.xml</a>
either. seems like magic to me at the moment. Any guidance
here?</div>
<div><br>
</div>
<div>Thanks</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, Jul 29, 2014 at 12:25 AM, Marek
Posolda <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
the best is to start with documentation <a
moz-do-not-send="true"
href="http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html"
target="_blank">http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html/index.html</a>
and also look at existing examples <a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/examples"
target="_blank">https://github.com/keycloak/keycloak/tree/master/examples</a>
. Probably most useful for you might be <a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/examples/demo-template"
target="_blank">https://github.com/keycloak/keycloak/tree/master/examples/demo-template</a>
. It has restful application "database-service", where
you can send secured REST requests with the bearer token
attached to them. Other applications in the directory
are web applications, which obtain bearer token from the
Keycloak login . Product-portal and customer-portal are
JEE applications secured by Keycloak itself, third-party
and third-party-cdi is more traditional OAuth where
token is used just to retrieve the secured data from
"database-service" . See the README for more info. <br>
<br>
Example for CORS support is here: <a
moz-do-not-send="true"
href="https://github.com/keycloak/keycloak/tree/master/examples/cors"
target="_blank">https://github.com/keycloak/keycloak/tree/master/examples/cors</a><br>
<br>
Marek
<div>
<div class="h5"><br>
<br>
On 25.7.2014 23:04, Harit Himanshu wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="h5">
<div dir="ltr"><span
style="font-family:arial,sans-serif;font-size:13px">Hey
Team,</span>
<div
style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px">I
am been looking for answer to <a
moz-do-not-send="true"
href="http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis"
target="_blank">http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis</a> and
found that keycloak is suitable for securing
REST APIs using OAuth 2.0.</div>
<div
style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px">I
am looking for example where the following is
demonstrated</div>
<div
style="font-family:arial,sans-serif;font-size:13px">
a.) Third-party app registers and gets Access
Token</div>
<div
style="font-family:arial,sans-serif;font-size:13px">b.)
Third-Party app accesses Resource Server to
access protected resource by sending Access
Token to REST API</div>
<div
style="font-family:arial,sans-serif;font-size:13px">c.)
and How Token is validated.</div>
<div
style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px">It
is mentioned in features of keycloak as </div>
<div
style="font-family:arial,sans-serif;font-size:13px">
<ul style="margin:0px;padding:10px 0px 10px
15px;color:rgb(119,119,119);font-family:Helvetica,Arial,sans-serif;font-size:12px;line-height:18px">
<li
style="margin-left:5px;list-style:none;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">OAuth
Bearer token auth for REST Services</li>
<li
style="margin-left:5px;list-style:none;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent"><span
style="background-color:transparent">OAuth
2.0 Grant requests</span></li>
<li
style="margin-left:5px;list-style:none;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll transparent">CORS
Support</li>
</ul>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px">
Can you please guide me through examples?</div>
<div
style="font-family:arial,sans-serif;font-size:13px"><br>
</div>
<div
style="font-family:arial,sans-serif;font-size:13px">Thank
you</div>
<div
style="font-family:arial,sans-serif;font-size:13px">
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Fri, Jul 25, 2014 at
2:00 PM, Harit Himanshu <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:harit.subscriptions@gmail.com"
target="_blank">harit.subscriptions@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">Hey Team,
<div><br>
</div>
<div>I am been looking for answer to <a
moz-do-not-send="true"
href="http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis"
target="_blank">http://stackoverflow.com/questions/24769691/what-are-some-ways-to-secure-rest-apis</a>
and found that keycloak is suitable for
securing REST APIs using OAuth 2.0.</div>
<div><br>
</div>
<div>I am looking for example where the
following is demonstrated</div>
<div>a.) Third-party app registers and gets
Access Token</div>
<div>b.) Third-Party app accesses Resource
Server to access protected resource by
sending Access Token to REST API</div>
<div>c.) and How Token is validated.</div>
<div><br>
</div>
<div><br>
</div>
<div>It is mentioned in features of keycloak
as </div>
<div>
<ul style="margin:0px;padding:10px 0px
10px
15px;color:rgb(119,119,119);font-family:Helvetica,Arial,sans-serif;font-size:12px;line-height:18px">
<li
style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll
transparent">OAuth Bearer token auth
for REST Services</li>
<li
style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll
transparent"><span
style="background-color:transparent">OAuth
2.0 Grant requests</span></li>
<li
style="list-style:none;margin-left:5px;padding:0px
0px 0px
20px;background:url(https://static.jboss.org/theme/images/magnolia/check-sprite.gif)
0px -124px no-repeat scroll
transparent">CORS Support</li>
</ul>
</div>
<div> Can you please guide me through
examples?</div>
<div><br>
</div>
<div>Thank you</div>
<span><font color="#888888">
<div>+ Harit Himanshu</div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>