如何通过代理API访问KeyCloak端点 [英] How to access KeyCloak endpoints via proxy API

问题描述

我目前具有以下架构

APP-> API-> KeyCloak

APP -> API -> KeyCloak

我希望APP能够将请求发送到我的API，然后API在内部将某些请求代理到KeyCloak.例如，我想通过我的API向KeyCloak中的/userinfo端点发出请求.如果可以弄清楚，则可以执行更复杂的功能.

I want the APP to be able to send requests to my API which will then internally proxy certain requests to KeyCloak. For example, I'd like to make a request to the /userinfo endpoint in KeyCloak through my API. If I can figure this out I can then perform more complex features.

APP-> http://api:port/api/userinfo API-> http://keycloak:port/auth/realms/quartech /protocol/openid-connect/userinfo

APP -> http://api:port/api/userinfo API -> http://keycloak:port/auth/realms/quartech/protocol/openid-connect/userinfo

我有一个有效的JWT承载令牌.因为我可以直接成功向KeyCloak发出请求，但是，如果我尝试通过我的API发出请求，它将返回401.即使它使用的是相同的JWT Bearer令牌.

I have a valid JWT Bearer token. As I can directly make the request to KeyCloak successfully, however if I attempt to make the request via my API it returns 401. Even though it is using the same JWT Bearer token.

我认为这与配置KeyCloak客户端以允许来自API的请求有关.但是到目前为止，我还无法弄清楚.

I believe it has something to do with configuring the KeyCloak client to allow requests to come from the API. But so far I haven't been able to figure it out.

推荐答案

我发现它需要Docker容器中本地开发的DNS条目.

I've discovered it required a DNS entry to local development within a Docker container.

我已经编辑了hosts文件并添加了127.0.0.1 keycloak，然后添加了

I've edited the hosts file and added a 127.0.0.1 keycloak and then al

这篇关于如何通过代理API访问KeyCloak端点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！