使用Keycloak保护电子应用程序 [英] Securing Electron app with Keycloak

问题描述

我是Keycloak的新手，并且很难验证用Electron编写的桌面应用程序.我查看了讨论 OpenID Connect端点，然后找到一个浏览 Keycloak和Postman 的博客，我能够通过这种方法从Keycloak获取令牌.

I'm new to Keycloak and having a hard time authenticating a desktop app written on Electron. I looked at the documentation that discusses the OpenID Connect endpoint and then found a blog that walks through Keycloak and Postman and I was able to get tokens from Keycloak via this method.

我很确定这是不正确的，原因有几个.

I'm pretty sure this is incorrect for a few reasons.

如何在不运行客户端Web服务器来处理重定向的情况下对我的Electron应用进行身份验证?有一个用于验证Web应用程序的示例，但确实有人有一个简单的示例，说明如何针对Keycloak验证Electron应用程序吗?

How can I authenticate my Electron app without running a client side web server to handle the redirects? There is an example for authenticating a web app, but does anyone have a simple example of how to authenticate an Electron app against Keycloak?

推荐答案

在构建Electron中使用Keycloak必须在main.js中添加服务器侦听器:

To use Keycloak in build Electron You must add server listener in your main.js:

const Keycloak = http.createServer((request, response) => {
  response.writeHeader(200, {"Content-Type": "text/html"});  
  var readSream = fs.createReadStream(__static + '/index.html','utf8')
  readSream.pipe(response);
});
Keycloak.listen(3000);

接下来将文件index.html添加到文件夹__static.在此文件中，像说明一样，添加JS脚本. 并且您必须添加ipcRenderer并将令牌发送到main.js:

Next add file index.html to folder __static. In this file add JS script like in this instruction. And you must add ipcRenderer and send token to main.js:

   keycloak.init({ onLoad: 'login-required', redirectUri: 'http://localhost:3000' }).success(function(authenticated) {
       if (authenticated) {               
           ipcRenderer.send('keycloak-token', keycloak.token);
       }
   }).error(function() {
       console.log('error');
   });

请记住在redirectUri的Keycloak设置中添加http://localhost:3000.

Remember to add http://localhost:3000 in Keycloak setting in redirectUri.

下一步，您可以在main.js中发送令牌以检查授权状态:

Next in main.js you can send token to check autorization:

  ipcMain.on('keycloak-token', (event, token) => {
    const winURL = process.env.NODE_ENV === 'development'
  ? `http://localhost:9080?token=${token}`
  : `file://${__dirname}/index.html?token=${token}`

    mainWindow.loadURL(winURL);
  });

这篇关于使用Keycloak保护电子应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！