[keycloak-user] How to correctly use REST API? delete user through REST API for example

JasonPeng hpeng at redhat.com
Thu Jan 14 23:44:36 EST 2016


Hi Stian,

Do you have an example of pom.xml if I want to fully control the Keycloak
user management(ex: create user, change roles)? I¹ve tried the approach you
suggest, however it comes out with problem that I don¹t know if it¹s missing
some dependency in my client project or I fail on configuring the
jboss-deployment-structure.xml

Thanks,
Jason



From:  Stian Thorgersen <sthorger at redhat.com>
Reply-To:  <stian at redhat.com>
Date:  Thursday, January 14, 2016 at 5:00 PM
To:  JasonMacAir <hpeng at redhat.com>
Cc:  Thomas Darimont <thomas.darimont at googlemail.com>, keycloak-user
<keycloak-user at lists.jboss.org>
Subject:  Re: [keycloak-user] How to correctly use REST API? delete user
through REST API for example

EAP 6.4 has an old version of RestEasy without the RestEasy client. Easiest
option is probably to just include newer RestEasy jars in your WAR.

On 14 January 2016 at 09:55, JasonPeng <hpeng at redhat.com> wrote:
> Hi Thomas,
> 
> Thank¹s for the recommendation. However, I bumped into some clossloader issue
> when I tried it on my EAP 6.4+ Keycloak 1.1.7.Final environment.
> 
> I keep get the class not found error against RestEasy Client,
> "java.lang.NoClassDefFoundError:
> org/jboss/resteasy/client/jaxrs/ResteasyClientBuilder². Although I¹d setup my
> jboss-deployment-structure.xml in my project under /WEB-INF/. The setting is
> like below:
> 
> <jboss-deployment-structure>
>     <deployment>
>         <dependencies>
>             <module name="org.jboss.resteasy.resteasy-jaxrs"
> services="import"/>
>         </dependencies>
>     </deployment>
> </jboss-deployment-structure>
> 
> 
> Thank you and best regards,
>> Jason Peng
> Solution Architect, Taiwan
> Ret Hat Limited
> TEL: +886-2-7743-2972 <tel:%2B886-2-7743-2972>
> FAX: +886-2-7743-2974 <tel:%2B886-2-7743-2974>
> Mobile: +886-988-836-827 <tel:%2B886-988-836-827>
> EMAIL: hpeng at redhat.com
> 
> 
> 
> 
> From:  Thomas Darimont <thomas.darimont at googlemail.com>
> Date:  Wednesday, January 13, 2016 at 3:26 AM
> To:  JasonMacAir <hpeng at redhat.com>
> Cc:  keycloak-user <keycloak-user at lists.jboss.org>
> Subject:  Re: [keycloak-user] How to correctly use REST API? delete user
> through REST API for example
> 
> Hi Jason,
> 
> do you really need to use the raw REST API or would it be an option to use the
> keycloak-admin-client API?
> 
> here is an example for creating and deleting a user via the admin-client API:
> 
> package de.tdlabs.training.keycloak;
> 
> import static java.util.Arrays.asList;
> 
> import javax.ws.rs.core.Response;
> 
> import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
> import org.keycloak.admin.client.Keycloak;
> import org.keycloak.admin.client.KeycloakBuilder;
> import org.keycloak.representations.idm.CredentialRepresentation;
> import org.keycloak.representations.idm.UserRepresentation;
> 
> public class KeycloakAdminClientExample {
> 
> public static void main(String[] args) throws Exception {
> 
> Keycloak kc = KeycloakBuilder.builder() //
> .serverUrl("http://localhost:8081/auth") //
> .realm("rest-example")//
> .username("rest-user-admin") //
> .password("password") //
> .clientId("admin-cli") //
> .resteasyClient(new ResteasyClientBuilder().connectionPoolSize(10).build()) //
> .build();
> 
> CredentialRepresentation credential = new CredentialRepresentation();
> credential.setType(CredentialRepresentation.PASSWORD);
> credential.setValue("test123");
> credential.setTemporary(false);
> 
> UserRepresentation user = new UserRepresentation();
> user.setUsername("testuser");
> user.setFirstName("Test");
> user.setLastName("User");
> user.setCredentials(asList(credential));
> user.setEnabled(true);
> user.setRealmRoles(asList("admin"));
> 
> // Create testuser
> Response result = kc.realm("rest-example").users().create(user);
> if (result.getStatus() != 201) {
> System.err.println("Couldn't create user.");
> System.exit(0);
> }
> System.out.println("Testuser created.... verify in keycloak!");
> 
> System.out.println("Press any key...");
> System.in.read();
> 
> // Delete testuser
> String locationHeader = result.getHeaderString("Location");
> String userId = locationHeader.replaceAll(".*/(.*)$", "$1");
> kc.realm("rest-example").users().get(userId).remove();
> }
> }
> 
> 
> https://gist.github.com/thomasdarimont/43689aefb37540624e35
> 
> Cheers,
> Thomas
> 
> 2016-01-12 19:05 GMT+01:00 JasonPeng <hpeng at redhat.com>:
>> Hi there,
>> 
>> Can someone give me some hint about how to correctly setup a client that can
>> accept REST request from a httpclient in keycloak?
>> For example, I use the admin-access example from keycloak source project and
>> modify it to do a DELETE action through REST API, however I keep getting the
>> request Forbidden 403 from keycloak server. I don¹t change any setting of the
>> admin-client imported from the json file and my code snippet of deleting user
>> as below:
>> 
>> public static void deleteUser(HttpServletRequest request, AccessTokenResponse
>> res) throws Failure {
>> HttpClient client = new DefaultHttpClient();
>> String userId = "e20277f8-2ebe-4e5e-aa00-0cee9c578249";
>> try {
>> HttpDelete delete = new HttpDelete(getBaseUrl(request) +
>> "/admin/realms/demo/users/" + userId);
>> delete.addHeader("Authorization", "Bearer " + res.getToken());
>> HttpResponse response = client.execute(delete);
>> System.out.println(response.getStatusLine().getReasonPhrase());
>> if (response.getStatusLine().getStatusCode() != 200) {
>> throw new Failure(response.getStatusLine().getStatusCode());
>> }
>> HttpEntity entity = response.getEntity();
>> InputStream is = entity.getContent();
>> if (is != null)
>> is.close();
>> } catch (IOException e) {
>> throw new RuntimeException(e);
>> } finally {
>> client.getConnectionManager().shutdown();
>> }
>> }
>> 
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> 
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160115/6cfea2b1/attachment-0001.html 


More information about the keycloak-user mailing list