libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
keycloak-scim/examples/providers/domain-extension
History
Jon Koops 972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
..
src/main KEYCLOAK-15270 Account REST API doesn't verify audience 2020-09-14 08:43:09 -03:00
invoke-authenticated.sh Fix minor typos in examples (#13155) 2022-08-05 09:00:11 -03:00
pom.xml Use a valid SemVer format for the SNAPSHOT version (#17334) 2023-03-03 11:11:44 +01:00
README.md Fix minor typos in examples (#13155) 2022-08-05 09:00:11 -03:00

README.md

Example Domain Extension

To run, deploy as a module by running:

$KEYCLOAK_HOME/bin/jboss-cli.sh --command="module add --name=org.keycloak.examples.domain-extension-example --resources=target/domain-extension-example.jar --dependencies=org.keycloak.keycloak-core,org.keycloak.keycloak-services,org.keycloak.keycloak-model-jpa,org.keycloak.keycloak-server-spi,org.keycloak.keycloak-server-spi-private,javax.ws.rs.api,javax.persistence.api,org.hibernate,org.javassist,org.liquibase"

Then registering the provider by editing standalone/configuration/standalone.xml and adding the module to the providers element:

<providers>
    ...
    <provider>module:org.keycloak.examples.domain-extension-example</provider>
</providers>

Then start (or restart) the server.

Testing

First you can create some example companies with these CURL requests.

curl -i --request POST http://localhost:8080/auth/realms/master/example/companies --data "{ \"name\": \"foo company\" }" --header "Content-type: application/json"
curl -i --request POST http://localhost:8080/auth/realms/master/example/companies --data "{ \"name\": \"bar company\" }" --header "Content-type: application/json"

Then you can look up all companies

curl -i --request GET http://localhost:8080/auth/realms/master/example/companies --header "Accept: application/json"

If you create realm foo in Keycloak admin console and then replace the realm name in the URI (for example like http://localhost:8080/auth/realms/foo/example/companies ) you will see that companies are scoped per-realm. So you will see different companies for realm master and for realm foo .

Testing with authenticated access

Example contains the endpoint, which is accessible just for authenticated users. REST request must be authenticated with bearer access token of authenticated user and the user must be in realm role admin in order to access the resource. You can run bash script from the current directory:

./invoke-authenticated.sh

The script assumes user admin with password admin exists in realm master. Also it assumes that you have curl installed.