[keycloak-user] Default client for a realm

Thomas Darimont thomas.darimont at googlemail.com
Tue Feb 9 06:02:14 EST 2016


Hello,

any ideas regarding this?

We need to link to a default application from several applications and it
would be helpful if keycloak would provide said redirect mechanism, such
that
each application would only need to know the clientId of the default client
application and keycloak performs the proper redirect to the actual target
application.

The example posted earlier works like a charm. This could even be extended
to the point that in case no clientId is given keycloak can decide which
client to redirect to.

Cheers,
Thomas

2016-02-05 19:05 GMT+01:00 Thomas Darimont <thomas.darimont at googlemail.com>:

> Quick update - I did some further experiments with this...
>
> I added /redirect path to the a
> org.keycloak.services.resources.RealmsResource
> like: @Path("{realm}/{client-id}/redirect")
> see code fragment below.
>
> This allows keycloak to initiate a redirect to the browser with the actual
> target url of the client. Other clients now only need to now the realm and
> clientId
> to generate a link that eventually redirects to the target application.
>
> Usage:
> GET http://localhost:8081/auth/realms/master/launchpad/redirect -> 302
> response with location: http://apps.corp.local/launchpad
>
> Any chance to get this in as a PR?
>
> Cheers,
> Thomas
>
>     @GET
>     @Path("{realm}/{client-id}/redirect")
>     public Response getRedirect(final @PathParam("realm") String
> realmName, final @PathParam("client-id") String clientId) throws Exception{
>
>         RealmModel realm = init(realmName);
>
>         if (realm == null){
>             return null;
>         }
>
>         ClientModel client = realm.getClientByClientId(clientId);
>
>         if (client == null){
>             return null;
>         }
>
>         if (client.getRootUrl() == null){
>             return
> Response.temporaryRedirect(uriInfo.getAbsolutePathBuilder().replacePath(client.getBaseUrl()).build()).build();
>         }
>
>         return Response.temporaryRedirect(URI.create(client.getRootUrl() +
> client.getBaseUrl())).build();
>     }
>
> 2016-02-05 16:23 GMT+01:00 Thomas Darimont <thomas.darimont at googlemail.com
> >:
>
>> Hello,
>>
>> 2016-02-05 15:22 GMT+01:00 Thomas Raehalme <
>> thomas.raehalme at aitiofinland.com>:
>>
>>> I understand this as well, but it has not been uncommon to encounter a
>>> situation where the user needs to know where to go next, because Keycloak
>>> doesn't have a link available.
>>
>>
>> with a redirect facility as outlined above - one could render a link to
>> the "$KEYCLOAK_BASE_URL/redirect" or
>> lookup the "default" client in order to render the client base url link
>> with a proper label (client name).
>>
>> Cheers,
>> Thomas
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160209/8dde1341/attachment-0001.html 


More information about the keycloak-user mailing list