[keycloak-user] Direct Access to KeyCloak
Christopher Davies
christopher.james.davies at gmail.com
Thu Aug 13 02:42:05 EDT 2015
Thanks will try that. I can see how I got confused.
More questions to cone ...
However thanks for a fast response and a great product.
On Thu, Aug 13, 2015 at 7:26 AM Marek Posolda <mposolda at redhat.com> wrote:
> Hi,
>
> I think you're supposed to send the list of roles (JSON array), but you're
> instead sending the object. I think the stuff like "realm", "id" and
> "client" is not needed in your last request, just send the list of roles
> instead.
>
> Btv. you can take a look at docs
> http://keycloak.github.io/docs/rest-api/admin/realms/%7Brealm%7D/users/%7Bid%7D/role-mappings/clients/%7Bclient%7D/index.html#POST
> . What should help is also to install some plugin to decode requests to
> your browser (like Firebug in Firefox) and then do some actions in keycloak
> admin console (like assign some client role to some user) and then analyze
> how the request for assign roles should look like, what's the format of
> data etc. Admin console is angular application, which uses REST requests to
> admin REST API under the hood.
>
> Marek
>
>
> On 12.8.2015 18:56, Christopher Davies wrote:
>
> I am trying to write a test harness for out application which uses
> KeyCloak.
> In order to run my tests I need to manipulate KeyCloak.
>
> I am able to get data out of KeyCloak using the REST API. However I am
> unclear what I should send to KeyCloak to change a setting.
>
> I was trying to set the role for a user and wrote the script at the bottom
> of the email.
>
> I get back an error of org.codehaus.jackson.map.JsonMappingException: Can
> not deserialize instance of java.util.ArrayList out of START_OBJECT token
> at [Source: io.undertow.servlet.spec.ServletInputStreamImpl at 73cda37e;
> line: 1, column: 1]
>
> I have obviously missed a key point in the format of my data, but cannot
> see what it is.
>
>
> Chris
>
>
>
>
> ---------------------------------------
> #!/bin/bash
>
> host=192.168.10.221:8088
> realm=ATS-ci
>
>
> t=$(curl -X POST http://${host}/auth/realms/${realm}/protocol/openid-connect/token
> --data "username=${1}" --data "password=${2}" --data "grant_type=password"
> --data "client_id=client" 2>/dev/null | jq -r ".id_token")
>
> client=$(curl http://${host}/auth/admin/realms/${realm}/clients -H
> "Accept: application/json" -H "Authorization: Bearer ${t}" 2>/dev/null | jq
> -r ".[] | select(.name == \"client\").id")
> user=$(curl http://${host}/auth/admin/realms/${realm}/users -H "Accept:
> application/json" -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[]
> | select(.username == \"${3}\").id")
>
> echo ${client}
> echo ${user}
>
> echo "Roles"
> curl http://${host}/auth/admin/realms/${realm}/clients/${client}/roles \
> -H "Accept: application/json" \
> -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name }"
>
> echo ""
> echo "Roles:${3}"
> curl http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
> \
> -H "Accept: application/json" \
> -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name }"
>
>
> curl http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
> \
> -X POST \
> -H "Content-Type: application/json" \
> -H "Accept: application/json" \
> -H "Authorization: Bearer ${t}" \
> --data "{'realm': 'ATS-${realm}', 'id': '${user}', 'client': '${client}',
> '\$entity': [ 'operator' ] }"
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150813/be18d280/attachment.html
More information about the keycloak-user
mailing list