Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
сервис_keycloak

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
сервис_keycloak [2025/07/15 15:33]
val [REST API] 		сервис_keycloak [2025/08/18 16:46] (current)
val [docker-compose]
Line 19: Line 19:
  
 ==== docker-compose ==== ==== docker-compose ====
 +
 +  * Установка [[Технология Docker#​docker-compose]]
  
   * [[https://​swjm.blog/​deploying-keycloak-with-ssl-in-just-10-minutes-46073e5cf699|Deploying Keycloak with SSL in just 10 minutes!]]   * [[https://​swjm.blog/​deploying-keycloak-with-ssl-in-just-10-minutes-46073e5cf699|Deploying Keycloak with SSL in just 10 minutes!]]
Line 53: Line 55:
   keycloak:   keycloak:
     image: quay.io/​keycloak/​keycloak:​22.0.5     image: quay.io/​keycloak/​keycloak:​22.0.5
 +#    image: quay.io/​keycloak/​keycloak:​26.1.3
     container_name:​ keycloak     container_name:​ keycloak
     restart: always     restart: always
Line 68: Line 71:
       - KEYCLOAK_ADMIN=admin       - KEYCLOAK_ADMIN=admin
       - KEYCLOAK_ADMIN_PASSWORD=strongpassword       - KEYCLOAK_ADMIN_PASSWORD=strongpassword
 +#      - KC_BOOTSTRAP_ADMIN_USERNAME=admin
 +#      - KC_BOOTSTRAP_ADMIN_PASSWORD=strongpassword
       - KC_HTTPS_CERTIFICATE_FILE=/​wild.crt       - KC_HTTPS_CERTIFICATE_FILE=/​wild.crt
       - KC_HTTPS_CERTIFICATE_KEY_FILE=/​wild.key       - KC_HTTPS_CERTIFICATE_KEY_FILE=/​wild.key
 +#      - KC_PROXY_HEADERS=xforwarded
 #      - KC_DB=postgres #      - KC_DB=postgres
 #      - KC_DB_URL=jdbc:​postgresql://​postgres:​5432/​keycloak #      - KC_DB_URL=jdbc:​postgresql://​postgres:​5432/​keycloak
Line 368: Line 374:
  
   * [[https://​www.keycloak.org/​docs-api/​latest/​rest-api/​index.html]]   * [[https://​www.keycloak.org/​docs-api/​latest/​rest-api/​index.html]]
 +  * [[https://​jwt.io/​|JWT.IO allows you to decode, verify and generate JWT]]
 +  * [[https://​steve-mu.medium.com/​create-new-user-in-keycloak-with-admin-restful-api-e6e868b836b4]]
 +
 +  * [[Утилита jq]]
  
 <​code>​ <​code>​
Line 375: Line 385:
 KEYCLOAK_REALM=master KEYCLOAK_REALM=master
 KEYCLOAK_USERNAME=admin KEYCLOAK_USERNAME=admin
- KEYCLOAK_PASSWORD=strongpassword+KEYCLOAK_PASSWORD=strongpassword
 KEYCLOAK_CLIENT_ID=admin-cli KEYCLOAK_CLIENT_ID=admin-cli
  
Line 388: Line 398:
 #exit 0 #exit 0
  
-#USER_ID=0066e764-c9d3-45b3-ada8-3252fb07cde5+#USER_ID=6c43d042-2674-4bee-82a5-b31713a15093
  
 #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/"​ \ #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/"​ \
 +# -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ | jq
 #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/​${USER_ID}"​ \ #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/​${USER_ID}"​ \
 #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/?​q=username:​admin"​ \ #curl -SskX GET "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/?​q=username:​admin"​ \
-# -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ | jq 
  
 #curl -SskX POST "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/"​ \ #curl -SskX POST "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/"​ \
 # -H "​Content-Type:​ application/​json"​ \ # -H "​Content-Type:​ application/​json"​ \
 # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ \ # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ \
 +# --data-binary "​@user1.json"​
 # -d '​{"​username":​ "​user1"​}'​ # -d '​{"​username":​ "​user1"​}'​
  
Line 403: Line 414:
 # -H "​Content-Type:​ application/​json"​ \ # -H "​Content-Type:​ application/​json"​ \
 # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ \ # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ \
 +# --data-binary "​@user1.json"​
 # -d '​{"​firstName":​ "​Ivan"​}'​ # -d '​{"​firstName":​ "​Ivan"​}'​
 +
 +#curl -kX PUT "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/​${USER_ID}/​reset-password"​ \
 +# -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ \
 +# -H "​Content-Type:​ application/​json"​ \
 +# -d '{ "​type":​ "​password",​ "​temporary":​ false, "​value":​ "​kcpassword1"​ }'
  
 #curl -SskX DELETE "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/​${UPD_USER_ID}"​ \ #curl -SskX DELETE "​${KEYCLOAK_URL}/​admin/​realms/​${KEYCLOAK_REALM}/​users/​${UPD_USER_ID}"​ \
 # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​ # -H "​Authorization:​ Bearer ${ACCESS_TOKEN}"​
 +</​code><​code>​
 +# cat user1.json
 +</​code><​code>​
 +  {
 +    "​username":​ "​user1",​
 +    "​email":​ "​user1@corp.un",​
 +    "​firstName":​ "​Иван",​
 +    "​lastName":​ "​Иванов",​
 +    "​enabled":​ true,
 +    "​emailVerified":​ true
 +  }
 </​code>​ </​code>​
  
сервис_keycloak.1752582794.txt.gz · Last modified: 2025/07/15 15:33 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki