使用Keycloak保护电子应用程序 [英] Securing Electron app with Keycloak
问题描述
我是Keycloak的新手,并且很难验证用Electron编写的桌面应用程序.我查看了讨论 OpenID Connect端点,然后找到一个浏览 Keycloak和Postman 的博客,我能够通过这种方法从Keycloak获取令牌.
I'm new to Keycloak and having a hard time authenticating a desktop app written on Electron. I looked at the documentation that discusses the OpenID Connect endpoint and then found a blog that walks through Keycloak and Postman and I was able to get tokens from Keycloak via this method.
我很确定这是不正确的,原因有几个.
I'm pretty sure this is incorrect for a few reasons.
如何在不运行客户端Web服务器来处理重定向的情况下对我的Electron应用进行身份验证?有一个用于验证Web应用程序的示例,但确实有人有一个简单的示例,说明如何针对Keycloak验证Electron应用程序吗?
How can I authenticate my Electron app without running a client side web server to handle the redirects? There is an example for authenticating a web app, but does anyone have a simple example of how to authenticate an Electron app against Keycloak?
推荐答案
在构建Electron中使用Keycloak必须在main.js中添加服务器侦听器:
To use Keycloak in build Electron You must add server listener in your main.js:
const Keycloak = http.createServer((request, response) => {
response.writeHeader(200, {"Content-Type": "text/html"});
var readSream = fs.createReadStream(__static + '/index.html','utf8')
readSream.pipe(response);
});
Keycloak.listen(3000);
接下来将文件index.html
添加到文件夹__static
.在此文件中,像说明一样,添加JS脚本.
并且您必须添加ipcRenderer
并将令牌发送到main.js:
Next add file index.html
to folder __static
. In this file add JS script like in this instruction.
And you must add ipcRenderer
and send token to main.js:
keycloak.init({ onLoad: 'login-required', redirectUri: 'http://localhost:3000' }).success(function(authenticated) {
if (authenticated) {
ipcRenderer.send('keycloak-token', keycloak.token);
}
}).error(function() {
console.log('error');
});
请记住在redirectUri
的Keycloak设置中添加http://localhost:3000
.
Remember to add http://localhost:3000
in Keycloak setting in redirectUri
.
下一步,您可以在main.js
中发送令牌以检查授权状态:
Next in main.js
you can send token to check autorization:
ipcMain.on('keycloak-token', (event, token) => {
const winURL = process.env.NODE_ENV === 'development'
? `http://localhost:9080?token=${token}`
: `file://${__dirname}/index.html?token=${token}`
mainWindow.loadURL(winURL);
});
这篇关于使用Keycloak保护电子应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!