GUI中未显示已部署的Keycloak脚本映射器 [英] Deployed Keycloak Script Mapper does not show up in the GUI
问题描述
我正在使用Keycloak 10.0.2的docker映像.我希望Keycloak提供Hasura可以使用的access_tokens. Hasura要求这样的自定义声明:
I'm using the docker image of Keycloak 10.0.2. I want Keycloak to supply access_tokens that can be used by Hasura. Hasura requires custom claims like this:
{
"sub": "1234567890",
"name": "John Doe",
"admin": true,
"iat": 1516239022,
"https://hasura.io/jwt/claims": {
"x-hasura-allowed-roles": ["editor","user", "mod"],
"x-hasura-default-role": "user",
"x-hasura-user-id": "1234567890",
"x-hasura-org-id": "123",
"x-hasura-custom": "custom-value"
}
}
遵循文档并使用我在网上找到的脚本(请参见要点)我在hasura-mapper.js
:
Following the documentation, and using a script I found online, (See this gist) I created a Script Mapper jar with this script (copied verbatim from the gist), in hasura-mapper.js
:
var roles = [];
for each (var role in user.getRoleMappings()) roles.push(role.getName());
token.setOtherClaims("https://hasura.io/jwt/claims", {
"x-hasura-user-id": user.getId(),
"x-hasura-allowed-roles": Java.to(roles, "java.lang.String[]"),
"x-hasura-default-role": "user",
});
和META-INF/中的以下keycloak-scripts.json
:
and the following keycloak-scripts.json
in META-INF/:
{
"mappers": [
{
"name": "Hasura",
"fileName": "hasura-mapper.js",
"description": "Create Hasura Namespaces and roles"
}
]
}
Keycloak调试日志表明它找到了jar,并成功部署了它. 但是下一步是什么?我无法在GUI的任何位置找到已部署的映射器,那么如何激活它呢?我尝试创建协议映射器,但是选项脚本映射器"不可用.范围->评估生成标准访问令牌.
Keycloak debug log indicates it found the jar, and successfully deployed it. But what's the next step? I can't find the deployed mapper anywhere in the GUI, so how do I activate it? I tried creating a protocol Mapper, but the option 'Script Mapper' is not available. And Scopes -> Evaluate generates a standard access token.
如何激活已部署的协议映射器?
How do I activate my deployed protocol mapper?
推荐答案
Of course after you put up a question on SO you still keep searching, and I finally found the answer in this JIRA issue. The scripts feature has been a preview feature since (I think) version 8.
因此,在启动Keycloak时,您需要提供:
So when starting Keycloak you need to provide:
-Dkeycloak.profile.feature.scripts=enabled
,然后您的脚本映射器将显示在创建映射器"屏幕上的映射器类型"下拉列表中,一切正常.
and after that your Script Mapper will show up in the Mapper Type dropdown on the Create Mapper screen, and everything works.
这篇关于GUI中未显示已部署的Keycloak脚本映射器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!