GUI中未显示已部署的Keycloak脚本映射器 [英] Deployed Keycloak Script Mapper does not show up in the GUI

问题描述

我正在使用Keycloak 10.0.2的docker映像.我希望Keycloak提供Hasura可以使用的access_tokens. Hasura要求这样的自定义声明:

I'm using the docker image of Keycloak 10.0.2. I want Keycloak to supply access_tokens that can be used by Hasura. Hasura requires custom claims like this:

{
  "sub": "1234567890",
  "name": "John Doe",
  "admin": true,
  "iat": 1516239022,
  "https://hasura.io/jwt/claims": {
    "x-hasura-allowed-roles": ["editor","user", "mod"],
    "x-hasura-default-role": "user",
    "x-hasura-user-id": "1234567890",
    "x-hasura-org-id": "123",
    "x-hasura-custom": "custom-value"
  }
}

遵循文档并使用我在网上找到的脚本(请参见要点)我在hasura-mapper.js:

Following the documentation, and using a script I found online, (See this gist) I created a Script Mapper jar with this script (copied verbatim from the gist), in hasura-mapper.js:

var roles = [];
for each (var role in user.getRoleMappings()) roles.push(role.getName());
token.setOtherClaims("https://hasura.io/jwt/claims", {
    "x-hasura-user-id": user.getId(),
    "x-hasura-allowed-roles": Java.to(roles, "java.lang.String[]"),
    "x-hasura-default-role": "user",
});

和META-INF/中的以下keycloak-scripts.json:

and the following keycloak-scripts.json in META-INF/:

{
    "mappers": [
        {
            "name": "Hasura",
            "fileName": "hasura-mapper.js",
            "description": "Create Hasura Namespaces and roles"
        }
    ]
}

Keycloak调试日志表明它找到了jar，并成功部署了它. 但是下一步是什么?我无法在GUI的任何位置找到已部署的映射器，那么如何激活它呢?我尝试创建协议映射器，但是选项脚本映射器"不可用.范围->评估生成标准访问令牌.

Keycloak debug log indicates it found the jar, and successfully deployed it. But what's the next step? I can't find the deployed mapper anywhere in the GUI, so how do I activate it? I tried creating a protocol Mapper, but the option 'Script Mapper' is not available. And Scopes -> Evaluate generates a standard access token.

如何激活已部署的协议映射器?

How do I activate my deployed protocol mapper?

推荐答案

当然，在对SO提出问题之后，您仍然会继续搜索，而我最终在此

Of course after you put up a question on SO you still keep searching, and I finally found the answer in this JIRA issue. The scripts feature has been a preview feature since (I think) version 8.

因此，在启动Keycloak时，您需要提供:

So when starting Keycloak you need to provide:

 -Dkeycloak.profile.feature.scripts=enabled 

，然后您的脚本映射器将显示在创建映射器"屏幕上的映射器类型"下拉列表中，一切正常.

and after that your Script Mapper will show up in the Mapper Type dropdown on the Create Mapper screen, and everything works.

这篇关于GUI中未显示已部署的Keycloak脚本映射器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！