3

keycloak~自定义rest接口

 3 years ago
source link: https://www.cnblogs.com/lori/p/14758692.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

rest资源

对于我们集成keycloak来说,你可能会遇到它没有实现的功能,这时需要对kc进行扩展,资源的扩展是其中一个方面,它需要实现RealmResourceProviderRealmResourceProviderFactory两个接口,然后在KC启动之后,它可以被注册到IOC容器里,方便以后我们直接使用。

KC里的扩展是开闭原则OCP的完美体现,扩展在kc里叫SPI,它通过SPI的方式实现对功能的扩展,类似于面向接口的编程,通过META-INF/services里的文件进行注册,这类似于spring里的META-INF/spring.factories的功能。

  • 定义一个资源工厂
public class WeixinUserResourceProviderFactory implements RealmResourceProviderFactory {
    private static final Logger logger = Logger.getLogger(WeixinUserResourceProviderFactory.class);

    public WeixinUserResourceProviderFactory() {
        System.err.println("WeixinUserResourceProviderFactory.init");
    }

    /**
     * 资源提供者名称会在url上体现.
     *
     * @return
     */
    @Override
    public String getId() {
        return "weixin-api";
    }

    @Override
    public RealmResourceProvider create(KeycloakSession session) {
        return new WeixinUserResourceProvider(session);
    }

    @Override
    public void init(Scope config) {
    }

    @Override
    public void postInit(KeycloakSessionFactory factory) {
    }

    @Override
    public void close() {
    }

}
  • 定义一个资源的具体实现
public class WeixinUserResourceProvider implements RealmResourceProvider {

    private final KeycloakSession session;

    WeixinUserResourceProvider(KeycloakSession session) {
        this.session = session;
    }

    @Override
    public Object getResource() {
        return new WeixinUserResource(session);
    }

    @Override
    public void close() {
    }
}
  • 具体资源里公开的rest接口
public class WeixinUserResource {
 
    private final KeycloakSession session;
    private final EntityManager em;
    private final RealmModel realm;

    public WeixinUserResource(KeycloakSession session) {
        this.session = session;
        realm = session.getContext().getRealm();
        this.em = session.getProvider(JpaConnectionProvider.class).getEntityManager();
    }


@GET
@NoCache
@Produces(APPLICATION_JSON)
@Path("user-detail")
public UserDetail userDetail(@HeaderParam("Authorization") String authorization, @QueryParam("userId") String userId) {
//....
}

对于上面的资源,我们可以通过{kc-host}/auth/realms/{realm-name}/weixin-api/user-detail地址去访问它,其中,weixin-api表示当前spi factory的ID。

如果希望你的rest接口通过token授权才能访问,需要让WeixinUserResource继承这个抽象类AbstractSecuredLocalService

  • 向kc注册spi
    添加文件resources/META-INF/services/org.keycloak.services.resource.RealmResourceProviderFactory,内容如下
keycloak.services.social.weixin.rest.WeixinUserResourceProviderFactory
  • 文件结构如下
    1

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK