11:56 a.m.
I am trying to write a test harness for out application which uses
KeyCloak.
In order to run my tests I need to manipulate KeyCloak.
I am able to get data out of KeyCloak using the REST API. However I am
unclear what I should send to KeyCloak to change a setting.
I was trying to set the role for a user and wrote the script at the bottom
of the email.
I get back an error of org.codehaus.jackson.map.JsonMappingException: Can
not deserialize instance of java.util.ArrayList out of START_OBJECT token
at [Source: io.undertow.servlet.spec.ServletInputStreamImpl@73cda37e;
line: 1, column: 1]
I have obviously missed a key point in the format of my data, but cannot
see what it is.
Chris
---------------------------------------
#!/bin/bash
host=192.168.10.221:8088
realm=ATS-ci
t=$(curl -X POST
http://${host}/auth/realms/${realm}/protocol/openid-connect/token
--data "username=${1}" --data "password=${2}" --data
"grant_type=password"
--data "client_id=client" 2>/dev/null | jq -r ".id_token")
client=$(curl http://${host}/auth/admin/realms/${realm}/clients -H "Accept:
application/json" -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r
".[]
| select(.name == \"client\").id")
user=$(curl http://${host}/auth/admin/realms/${realm}/users -H "Accept:
application/json" -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r
".[]
| select(.username == \"${3}\").id")
echo ${client}
echo ${user}
echo "Roles"
curl http://${host}/auth/admin/realms/${realm}/clients/${client}/roles \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
echo ""
echo "Roles:${3}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" \
--data "{'realm': 'ATS-${realm}', 'id': '${user}',
'client': '${client}',
'\$entity': [ 'operator' ] }"
1:26 a.m.
Hi,
I think you're supposed to send the list of roles (JSON array), but
you're instead sending the object. I think the stuff like "realm",
"id"
and "client" is not needed in your last request, just send the list of
roles instead.
Btv. you can take a look at docs
http://keycloak.github.io/docs/rest-api/admin/realms/%7Brealm%7D/users/%7...
. What should help is also to install some plugin to decode requests to
your browser (like Firebug in Firefox) and then do some actions in
keycloak admin console (like assign some client role to some user) and
then analyze how the request for assign roles should look like, what's
the format of data etc. Admin console is angular application, which uses
REST requests to admin REST API under the hood.
Marek
On 12.8.2015 18:56, Christopher Davies wrote:
I am trying to write a test harness for out application which uses
KeyCloak.
In order to run my tests I need to manipulate KeyCloak.
I am able to get data out of KeyCloak using the REST API. However I am
unclear what I should send to KeyCloak to change a setting.
I was trying to set the role for a user and wrote the script at the
bottom of the email.
I get back an error of org.codehaus.jackson.map.JsonMappingException:
Can not deserialize instance of java.util.ArrayList out of
START_OBJECT token
at [Source: io.undertow.servlet.spec.ServletInputStreamImpl@73cda37e;
line: 1, column: 1]
I have obviously missed a key point in the format of my data, but
cannot see what it is.
Chris
---------------------------------------
#!/bin/bash
host=192.168.10.221:8088 <http://192.168.10.221:8088>
realm=ATS-ci
t=$(curl -X POST
http://${host}/auth/realms/${realm}/protocol/openid-connect/token
--data "username=${1}" --data "password=${2}" --data
"grant_type=password" --data "client_id=client" 2>/dev/null | jq
-r
".id_token")
client=$(curl http://${host}/auth/admin/realms/${realm}/clients -H
"Accept: application/json" -H "Authorization: Bearer ${t}"
2>/dev/null
| jq -r ".[] | select(.name == \"client\").id")
user=$(curl http://${host}/auth/admin/realms/${realm}/users -H
"Accept: application/json" -H "Authorization: Bearer ${t}"
2>/dev/null
| jq -r ".[] | select(.username == \"${3}\").id")
echo ${client}
echo ${user}
echo "Roles"
curl http://${host}/auth/admin/realms/${realm}/clients/${client}/roles \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
echo ""
echo "Roles:${3}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" \
--data "{'realm': 'ATS-${realm}', 'id': '${user}',
'client':
'${client}', '\$entity': [ 'operator' ] }"
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
1:42 a.m.
Thanks will try that. I can see how I got confused.
More questions to cone ...
However thanks for a fast response and a great product.
On Thu, Aug 13, 2015 at 7:26 AM Marek Posolda <mposolda(a)redhat.com> wrote:
Hi,
I think you're supposed to send the list of roles (JSON array), but you're
instead sending the object. I think the stuff like "realm", "id" and
"client" is not needed in your last request, just send the list of roles
instead.
Btv. you can take a look at docs
http://keycloak.github.io/docs/rest-api/admin/realms/%7Brealm%7D/users/%7...
. What should help is also to install some plugin to decode requests to
your browser (like Firebug in Firefox) and then do some actions in keycloak
admin console (like assign some client role to some user) and then analyze
how the request for assign roles should look like, what's the format of
data etc. Admin console is angular application, which uses REST requests to
admin REST API under the hood.
Marek
On 12.8.2015 18:56, Christopher Davies wrote:
I am trying to write a test harness for out application which uses
KeyCloak.
In order to run my tests I need to manipulate KeyCloak.
I am able to get data out of KeyCloak using the REST API. However I am
unclear what I should send to KeyCloak to change a setting.
I was trying to set the role for a user and wrote the script at the bottom
of the email.
I get back an error of org.codehaus.jackson.map.JsonMappingException: Can
not deserialize instance of java.util.ArrayList out of START_OBJECT token
at [Source: io.undertow.servlet.spec.ServletInputStreamImpl@73cda37e;
line: 1, column: 1]
I have obviously missed a key point in the format of my data, but cannot
see what it is.
Chris
---------------------------------------
#!/bin/bash
host=192.168.10.221:8088
realm=ATS-ci
t=$(curl -X POST http://${host}/auth/realms/${realm}/protocol/openid-connect/token
--data "username=${1}" --data "password=${2}" --data
"grant_type=password"
--data "client_id=client" 2>/dev/null | jq -r ".id_token")
client=$(curl http://${host}/auth/admin/realms/${realm}/clients -H
"Accept: application/json" -H "Authorization: Bearer ${t}"
2>/dev/null | jq
-r ".[] | select(.name == \"client\").id")
user=$(curl http://${host}/auth/admin/realms/${realm}/users -H "Accept:
application/json" -H "Authorization: Bearer ${t}" 2>/dev/null | jq -r
".[]
| select(.username == \"${3}\").id")
echo ${client}
echo ${user}
echo "Roles"
curl http://${host}/auth/admin/realms/${realm}/clients/${client}/roles \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
echo ""
echo "Roles:${3}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" 2>/dev/null | jq -r ".[] | {id, name
}"
curl
http://${host}/auth/admin/realms/${realm}/users/${user}/role-mappings/clients/${client}
\
-X POST \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${t}" \
--data "{'realm': 'ATS-${realm}', 'id': '${user}',
'client': '${client}',
'\$entity': [ 'operator' ] }"
_______________________________________________
keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
3423
days inactive
3424
days old
2 comments
2 participants
participants (2)
-
Christopher Davies -
Marek Posolda