1. 首页
  2. 问答
  3. 访问SCIM API - Keyrock Fiware

访问SCIM API - Keyrock Fiware

2016-10-10 149 views
0

我在码头集装箱中使用fiware-idm图像(https://hub.docker.com/r/fiware/idm/),我尝试访问SCIM API。有用户“idm”(默认用户),他是提供者并拥有所有权限。但是,当我试图让所有用户:访问SCIM API - Keyrock Fiware

private String getAccessToken() { 
    HttpServletRequest httpServletRequest = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); 
    HttpSession session = httpServletRequest.getSession(); 
    String accessToken = (String) session.getAttribute("access_token"); 
    return accessToken; 
} 

public void getUsers() throws IOException { 
    String accessToken = getAccessToken(); 

    Client client = ClientBuilder.newClient(); 
    Response response = client.target("http://192.168.99.100:5000/v3/projects") 
     .request(MediaType.TEXT_PLAIN_TYPE) 
     .header("X-Auth-token", accessToken) 
     .get(); 

    setResultUsersList("-- status: " + response.getStatus() + " <br>" 
      + "-- headers: " + response.getHeaders() + " <br>" 
      + "-- body: " + response.readEntity(String.class) + " <br>" 
      + "-- token: " + accessToken); 
}

我收到一条错误信息: {“错误”:{“消息”:“你已经请求要求身份验证”,“代码” 401“标题“:‘未授权’}}

而认证工作,并得到了用户的相关信息也:

public void authenticateUser() throws OAuthSystemException, IOException { 
    HttpServletResponse httpServletResponse = (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse(); 

    OAuthClientRequest codeRequest = OAuthClientRequest 
      .authorizationLocation("http://192.168.99.100:8000/oauth2/authorize") 
      .setParameter("response_type", "code") 
      .setClientId(CLIENT_ID) 
      .setRedirectURI("http://localhost:8080/Example-Application-Security-UI/auth") 
      .buildQueryMessage(); 

    httpServletResponse.sendRedirect(codeRequest.getLocationUri()); 
} 

public void requestUserInfo() { 
    HttpServletRequest httpServletRequest = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); 
    HttpSession session = httpServletRequest.getSession(); 
    accessToken = (String) session.getAttribute("access_token"); 

    String strJson = callWebservice("http://192.168.99.100:8000/user?access_token=" + accessToken); 
    JSONObject jsonObject = new JSONObject(strJson); 
    resultUserInfo = jsonObject.toString(); 
}

来源

2016-10-10 Gabriela Cavalcante

回答

0

发出请求梯形校正时,需输入X-Auth-Token头需要梯形令牌的价值,而不是OAuth2 acc您当前提供的ess标记。

您可以通过对认证端点的POST请求获得Keystone令牌。由于在梯形支持的身份验证方法之一是OAuth2用户,你甚至可以使用令牌你从OAuth2用户认证获得的访问获得梯形令牌:

POST /v3/auth/tokens 
body: 

"auth": { 
     "identity": { 
      "methods": [ 
       "oauth2" 
      ], 
      "oauth2": { 
       'access_token_id': access_token 
      } 
     } 
    }

您现在可以使用梯形校正令牌执行请求到SCIM API(或授权用户拥有权限的任何API端点)。

希望这对你有帮助!

请注意,获取用户信息的请求在对Horizo​​n中的端点执行操作之后起作用,而不是对Keystone端点执行。

来源

2016-10-19 09:23:11

+0

谢谢!它的工作,我正在与身体: –

+0

**与身体:....“方法”:[“密码”] ...,但现在使用oauth2更好。谢谢! –

相关问题

 相关问题