keycloak-uncached
Changes
examples/demo-template/README.md 16(+15 -1)
examples/demo-template/testrealm.json 21(+21 -0)
Details
diff --git a/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp b/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
index f966321..7aaa988 100755
--- a/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
+++ b/examples/demo-template/customer-app/src/main/webapp/customers/view.jsp
@@ -11,7 +11,7 @@
<%
String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth/rest/realms/demo/tokens/logout")
.queryParam("redirect_uri", "http://localhost:8080/customer-portal").build().toString();
- String acctUri = "http://localhost:8080/auth/rest/realms/demo/account";
+ String acctUri = "http://localhost:8080/auth/rest/realms/demo/account?referrer=customer-portal";
IDToken idToken = CustomerDatabaseClient.getIDToken(request);
%>
<p>Goto: <a href="http://localhost:8080/product-portal">products</a> | <a href="<%=logoutUri%>">logout</a> | <a
diff --git a/examples/demo-template/customer-app-cli/keycloak.json b/examples/demo-template/customer-app-cli/keycloak.json
new file mode 100644
index 0000000..bf07380
--- /dev/null
+++ b/examples/demo-template/customer-app-cli/keycloak.json
@@ -0,0 +1,8 @@
+{
+ "realm" : "demo",
+ "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
+ "auth-server-url" : "http://localhost:8080/auth",
+ "ssl-not-required" : true,
+ "resource" : "customer-portal-cli",
+ "public-client" : true
+}
\ No newline at end of file
diff --git a/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html b/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
index ee38261..845a1ff 100755
--- a/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
+++ b/examples/demo-template/customer-app-js/src/main/webapp/customers/view.html
@@ -1,7 +1,7 @@
<html>
<head>
<title>Customer View Page</title>
- <script src="http://localhost:8081/auth/js/keycloak.js"></script>
+ <script src="/auth/js/keycloak.js"></script>
</head>
<body bgcolor="#E3F6CE">
@@ -19,7 +19,7 @@ User <b id="subject"></b> made this request.
<script>
var keycloak = Keycloak({
- clientId: 'customer-portal',
+ clientId: 'customer-portal-js',
realm: 'demo',
onload: 'login-required'
});
@@ -48,7 +48,7 @@ User <b id="subject"></b> made this request.
});
}
- var url = 'http://localhost:8080/database/customers';
+ var url = '/database/customers';
var req = new XMLHttpRequest();
req.open('GET', url, true);
@@ -88,4 +88,4 @@ User <b id="subject"></b> made this request.
<br><br>
<button onclick="reloadData()">Reload data</button>
</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/examples/demo-template/product-app/src/main/webapp/products/view.jsp b/examples/demo-template/product-app/src/main/webapp/products/view.jsp
index 8bb6281..6592f8f 100755
--- a/examples/demo-template/product-app/src/main/webapp/products/view.jsp
+++ b/examples/demo-template/product-app/src/main/webapp/products/view.jsp
@@ -10,7 +10,7 @@
<%
String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth/rest/realms/demo/tokens/logout")
.queryParam("redirect_uri", "http://localhost:8080/product-portal").build().toString();
- String acctUri = "http://localhost:8080/auth/rest/realms/demo/account";
+ String acctUri = "http://localhost:8080/auth/rest/realms/demo/account?referrer=product-portal";
%>
<p>Goto: <a href="http://localhost:8080/customer-portal">customers</a> | <a href="<%=logoutUri%>">logout</a> | <a href="<%=acctUri%>">manage acct</a></p>
examples/demo-template/README.md 16(+15 -1)
diff --git a/examples/demo-template/README.md b/examples/demo-template/README.md
index 5d5fba7..d0ac90e 100755
--- a/examples/demo-template/README.md
+++ b/examples/demo-template/README.md
@@ -11,6 +11,7 @@ There are multiple WAR projects. These will all run on the same WildFly instanc
machine on the network or Internet.
* **customer-app** A WAR application that does remote login using OAuth2 browser redirects with the auth server
* **customer-app-js** A pure HTML/Javascript application that does remote login using OAuth2 browser redirects with the auth server
+* **customer-app-cli** A pure CLI application that does remote login using OAuth2 browser redirects with the auth server
* **product-app** A WAR application that does remote login using OAuth2 browser redirects with the auth server
* **database-service** JAX-RS services authenticated by bearer tokens only. The customer and product app invoke on it to get data
* **third-party** Simple WAR that obtain a bearer token using OAuth2 using browser redirects to the auth-server.
@@ -147,7 +148,7 @@ are still happening, but the auth-server knows you are already logged in so the
If you click on the logout link of either of the product or customer app, you'll be logged out of all the applications.
-Ff you click on [http://localhost:8080/customer-portal-js](http://localhost:8080/customer-portal-js) you can invoke
+If you click on [http://localhost:8080/customer-portal-js](http://localhost:8080/customer-portal-js) you can invoke
on the pure HTML/Javascript application.
Step 6: Traditional OAuth2 Example
@@ -160,6 +161,19 @@ to get permission to access a user's data. To run this example open
If you area already logged in, you will not be asked for a username and password, but you will be redirected to
an oauth grant page. This page asks you if you want to grant certain permissions to the third-part app.
+Step 7: Try the CLI Example
+---------------------------
+To try the CLI example run the following commands:
+
+$ cd customer-app-cli
+$ mvn exec:java
+
+This will open a shell that lets you specify a few different commands. For example type 'login' and press enter to login. Pressing enter with a blank line will display the available commands.
+
+The CLI example has two alternative methods for login. When a browser is available the CLI opens the login form in a browser, and will automatically retrieve the return code by starting a
+temporary web server on a free port. If a browser is not available the URL to login is displayed on the CLI. The user can copy this URL to another computer that has a browser available. The code
+is displayed to the user after login and the user has to copy this code back to the application.
+
Admin Console
==========================
examples/demo-template/testrealm.json 21(+21 -0)
diff --git a/examples/demo-template/testrealm.json b/examples/demo-template/testrealm.json
index 5de7597..861bcca 100755
--- a/examples/demo-template/testrealm.json
+++ b/examples/demo-template/testrealm.json
@@ -62,15 +62,36 @@
"name": "customer-portal",
"enabled": true,
"adminUrl": "http://localhost:8080/customer-portal",
+ "baseUrl": "http://localhost:8080/customer-portal",
"redirectUris": [
"http://localhost:8080/customer-portal/*"
],
"secret": "password"
},
{
+ "name": "customer-portal-js",
+ "enabled": true,
+ "publicClient": true,
+ "adminUrl": "http://localhost:8080/customer-portal-js",
+ "baseUrl": "http://localhost:8080/customer-portal-js",
+ "redirectUris": [
+ "http://localhost:8080/customer-portal-js/*"
+ ]
+ },
+ {
+ "name": "customer-portal-cli",
+ "enabled": true,
+ "publicClient": true,
+ "redirectUris": [
+ "urn:ietf:wg:oauth:2.0:oob",
+ "http://localhost"
+ ]
+ },
+ {
"name": "product-portal",
"enabled": true,
"adminUrl": "http://localhost:8080/product-portal",
+ "baseUrl": "http://localhost:8080/product-portal",
"redirectUris": [
"http://localhost:8080/product-portal/*"
],