如何通过代理 API 访问 KeyCloak 端点 [英] How to access KeyCloak endpoints via proxy API
问题描述
我目前有以下架构
APP -> API -> KeyCloak
APP -> API -> KeyCloak
我希望 APP 能够向我的 API 发送请求,然后该 API 将在内部将某些请求代理到 KeyCloak.例如,我想通过我的 API 向 KeyCloak 中的/userinfo 端点发出请求.如果我能弄清楚这一点,我就可以执行更复杂的功能.
I want the APP to be able to send requests to my API which will then internally proxy certain requests to KeyCloak. For example, I'd like to make a request to the /userinfo endpoint in KeyCloak through my API. If I can figure this out I can then perform more complex features.
APP -> http://api:port/api/userinfoAPI -> http://keycloak:port/auth/realms/quartech/protocol/openid-connect/userinfo
APP -> http://api:port/api/userinfo API -> http://keycloak:port/auth/realms/quartech/protocol/openid-connect/userinfo
我有一个有效的 JWT 不记名令牌.因为我可以直接成功地向 KeyCloak 发出请求,但是如果我尝试通过我的 API 发出请求,它会返回 401.即使它使用相同的 JWT Bearer 令牌.
I have a valid JWT Bearer token. As I can directly make the request to KeyCloak successfully, however if I attempt to make the request via my API it returns 401. Even though it is using the same JWT Bearer token.
我相信这与配置 KeyCloak 客户端以允许来自 API 的请求有关.但到目前为止我还没有弄清楚.
I believe it has something to do with configuring the KeyCloak client to allow requests to come from the API. But so far I haven't been able to figure it out.
推荐答案
我发现它需要一个 DNS 条目才能在 Docker 容器内进行本地开发.
I've discovered it required a DNS entry to local development within a Docker container.
我已经编辑了 hosts
文件并添加了一个 127.0.0.1 keycloak
然后 al
I've edited the hosts
file and added a 127.0.0.1 keycloak
and then al
这篇关于如何通过代理 API 访问 KeyCloak 端点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!