[keycloak-user] Resource attributes with API
Pedro Igor Silva
psilva at redhat.com
Fri Jul 6 09:23:31 EDT 2018
Will add some examples to docs. The 'getResource().getAttributes()' returns
a map. Here is an example
https://github.com/pedroigor/keycloak/blob/49407c2e4f870659e1d5a00c7fd6cf1fbd16f8de/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/PolicyEvaluationTest.java#L601
.
On Fri, Jul 6, 2018 at 9:48 AM, Corentin Dupont <corentin.dupont at gmail.com>
wrote:
> Hello,
> I'm trying to experiment with resource attributes...
> However I don't find it in the doc (yet).
> Creating attributes like this seems to work:
>
> curl -X POST "
> http://localhost:8080/auth/realms/waziup/authz/protection/resource_set" -H
> "Authorization: Bearer $CLIENTTOKEN" -H "Content-Type: application/json" -d
> '{"name":"Sensortest3", "attributes":{"isPrivate": ["true"]}}'
>
> However, I'm not sure about the Javascript policy:
>
> var context = $evaluation.getContext();
> var permission = $evaluation.getPermission();
> var identity = context.getIdentity();
> if (permission.getResource().getAttributes().containsValue('isPrivate',
> 'false')) {
> $evaluation.grant();
> }
>
> Thanks!!
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list