[keycloak-user] How to correctly use REST API? delete user through REST API for example
Stian Thorgersen
sthorger at redhat.com
Fri Jan 15 10:50:35 EST 2016
We have an issue outstanding to get the admin-client example working on EAP
6.4.
https://issues.jboss.org/browse/KEYCLOAK-1921
Not sure when we'll get to it though.
I suspect the only way to get it to work on EAP 6.4 would be to prevent the
old RestEasy from being added (should be possible to do in
jboss-secure-deployment with exclude subsystem), then add the new RestEasy
dependencies directly to the WAR.
You could also look at
https://docs.jboss.org/resteasy/docs/3.0.1.Final/userguide/html/Installation_Configuration.html#upgrading-eap61
On 15 January 2016 at 05:44, JasonPeng <hpeng at redhat.com> wrote:
> Hi Stian,
>
> Do you have an example of pom.xml if I want to fully control the Keycloak
> user management(ex: create user, change roles)? I’ve tried the approach you
> suggest, however it comes out with problem that I don’t know if it’s
> missing some dependency in my client project or I fail on configuring the
> jboss-deployment-structure.xml
>
> Thanks,
> Jason
>
>
>
> From: Stian Thorgersen <sthorger at redhat.com>
> Reply-To: <stian at redhat.com>
> Date: Thursday, January 14, 2016 at 5:00 PM
> To: JasonMacAir <hpeng at redhat.com>
> Cc: Thomas Darimont <thomas.darimont at googlemail.com>, keycloak-user <
> keycloak-user at lists.jboss.org>
>
> Subject: Re: [keycloak-user] How to correctly use REST API? delete user
> through REST API for example
>
> EAP 6.4 has an old version of RestEasy without the RestEasy client.
> Easiest option is probably to just include newer RestEasy jars in your WAR.
>
> On 14 January 2016 at 09:55, JasonPeng <hpeng at redhat.com> wrote:
>
>> Hi Thomas,
>>
>> Thank’s for the recommendation. However, I bumped into some clossloader
>> issue when I tried it on my EAP 6.4+ Keycloak 1.1.7.Final environment.
>>
>> I keep get the class not found error against RestEasy Client,
>> "java.lang.NoClassDefFoundError:
>> org/jboss/resteasy/client/jaxrs/ResteasyClientBuilder”. Although I’d setup
>> my jboss-deployment-structure.xml in my project under /WEB-INF/. The
>> setting is like below:
>>
>> <jboss-deployment-structure>
>> <deployment>
>> <dependencies>
>> <module name="org.jboss.resteasy.resteasy-jaxrs"
>> services="import"/>
>> </dependencies>
>> </deployment>
>> </jboss-deployment-structure>
>>
>>
>> Thank you and best regards,
>> —
>> Jason Peng
>> Solution Architect, Taiwan
>> Ret Hat Limited
>> TEL: +886-2-7743-2972
>> FAX: +886-2-7743-2974
>> Mobile: +886-988-836-827
>> EMAIL: hpeng at redhat.com
>>
>>
>>
>>
>> From: Thomas Darimont <thomas.darimont at googlemail.com>
>> Date: Wednesday, January 13, 2016 at 3:26 AM
>> To: JasonMacAir <hpeng at redhat.com>
>> Cc: keycloak-user <keycloak-user at lists.jboss.org>
>> Subject: Re: [keycloak-user] How to correctly use REST API? delete user
>> through REST API for example
>>
>> Hi Jason,
>>
>> do you really need to use the raw REST API or would it be an option to
>> use the keycloak-admin-client API?
>>
>> here is an example for creating and deleting a user via the admin-client
>> API:
>>
>> package de.tdlabs.training.keycloak;
>>
>> import static java.util.Arrays.asList;
>>
>> import javax.ws.rs.core.Response;
>>
>> import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
>> import org.keycloak.admin.client.Keycloak;
>> import org.keycloak.admin.client.KeycloakBuilder;
>> import org.keycloak.representations.idm.CredentialRepresentation;
>> import org.keycloak.representations.idm.UserRepresentation;
>>
>> public class KeycloakAdminClientExample {
>>
>> public static void main(String[] args) throws Exception {
>>
>> Keycloak kc = KeycloakBuilder.builder() //
>> .serverUrl("http://localhost:8081/auth") //
>> .realm("rest-example")//
>> .username("rest-user-admin") //
>> .password("password") //
>> .clientId("admin-cli") //
>> .resteasyClient(new
>> ResteasyClientBuilder().connectionPoolSize(10).build()) //
>> .build();
>>
>> CredentialRepresentation credential = new CredentialRepresentation();
>> credential.setType(CredentialRepresentation.PASSWORD);
>> credential.setValue("test123");
>> credential.setTemporary(false);
>>
>> UserRepresentation user = new UserRepresentation();
>> user.setUsername("testuser");
>> user.setFirstName("Test");
>> user.setLastName("User");
>> user.setCredentials(asList(credential));
>> user.setEnabled(true);
>> user.setRealmRoles(asList("admin"));
>>
>> // Create testuser
>> Response result = kc.realm("rest-example").users().create(user);
>> if (result.getStatus() != 201) {
>> System.err.println("Couldn't create user.");
>> System.exit(0);
>> }
>> System.out.println("Testuser created.... verify in keycloak!");
>>
>> System.out.println("Press any key...");
>> System.in.read();
>>
>> // Delete testuser
>> String locationHeader = result.getHeaderString("Location");
>> String userId = locationHeader.replaceAll(".*/(.*)$", "$1");
>> kc.realm("rest-example").users().get(userId).remove();
>> }
>> }
>>
>>
>> https://gist.github.com/thomasdarimont/43689aefb37540624e35
>>
>> Cheers,
>> Thomas
>>
>> 2016-01-12 19:05 GMT+01:00 JasonPeng <hpeng at redhat.com>:
>>
>>> Hi there,
>>>
>>> Can someone give me some hint about how to correctly setup a client that
>>> can accept REST request from a httpclient in keycloak?
>>> For example, I use the admin-access example from keycloak source project
>>> and modify it to do a DELETE action through REST API, however I keep
>>> getting the request Forbidden 403 from keycloak server. I don’t change any
>>> setting of the admin-client imported from the json file and my code snippet
>>> of deleting user as below:
>>>
>>> public static void deleteUser(HttpServletRequest request,
>>> AccessTokenResponse res) throws Failure {
>>> HttpClient client = new DefaultHttpClient();
>>> String userId = "e20277f8-2ebe-4e5e-aa00-0cee9c578249";
>>> try {
>>> HttpDelete delete = new HttpDelete(getBaseUrl(request) +
>>> "/admin/realms/demo/users/" + userId);
>>> delete.addHeader("Authorization", "Bearer " + res.getToken());
>>> HttpResponse response = client.execute(delete);
>>> System.out.println(response.getStatusLine().getReasonPhrase());
>>> if (response.getStatusLine().getStatusCode() != 200) {
>>> throw new Failure(response.getStatusLine().getStatusCode());
>>> }
>>> HttpEntity entity = response.getEntity();
>>> InputStream is = entity.getContent();
>>> if (is != null)
>>> is.close();
>>> } catch (IOException e) {
>>> throw new RuntimeException(e);
>>> } finally {
>>> client.getConnectionManager().shutdown();
>>> }
>>> }
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160115/641ccc19/attachment.html
More information about the keycloak-user
mailing list