keycloak测试11.0.2PasswordClient credentialsIntrospectionAuthorization codePassword应用于后端处理:set KEYCLOAK_HOSThttp://keycloak.demofor.com.cn/set KEYCLOAK_REALMkeycloak-learnset CLIENT_IDchapter-1set CLIENT_SECRET149240f3-31c6-46dc-bab4-0b53c0ee13b9关于client_secret的获取截图如下改成一行命令:set KEYCLOAK_HOSTkeycloak.demofor.com.cn set KEYCLOAK_REALMkeycloak-learn set CLIENT_IDchapter-1 set CLIENT_SECRET149240f3-31c6-46dc-bab4-0b53c0ee13b9在windows 需要把 \ 换成^还有变量$ 改成%号 比如$a 改成%a%下面是访问方法curl --request POST ^–url http://keycloak.demofor.com.cn/auth/realms/keycloak-learn/protocol/openid-connect/token ^–header ‘Content-Type: application/x-www-form-urlencoded’ ^–data grant_typepassword ^–data client_idchapter-1 ^–data client_secret149240f3-31c6-46dc-bab4-0b53c0ee13b9 ^–data usernameuser ^–data password1 ^–data scopeopenid效果图如下![在这里插入图片描述](https://i-blog.csdnimg.cn/direct/1b204b105975415d86eb17575d18c9d3.png返回的数据截图如下获取到token,需要使用工具返解jwt 才能看到数据获取access_token:效果如下Client credentialscurl --request POST ^–url http://keycloak.demofor.com.cn/auth/realms/keycloak-learn/protocol/openid-connect/token ^–header ‘Content-Type: application/x-www-form-urlencoded’ ^–data grant_typeclient_credentials ^–data client_idchapter-1 ^–data client_secret149240f3-31c6-46dc-bab4-0b53c0ee13b9输入截图如下返回信息如下Introspectiontoken 解码 因为这个token 有有效期可以使用password 请求获取到的token 再来请求curl--request POST ^ --url http://keycloak.demofor.com.cn/auth/realms/keycloak-learn/protocol/openid-connect/token/introspect ^ --headerContent-Type: application/x-www-form-urlencoded^ --dataclient_idchapter-1 ^ --dataclient_secret149240f3-31c6-46dc-bab4-0b53c0ee13b9 --datatokenpassword 返回的token截图如下;使用的工具为brunoAuthorization code这个需要在这里流程先请求获取登录后获取到code,开启一个9000 服务端实现/和/callbackhttp://keycloak.demofor.com.cn/auth/realms/keycloak-learn/protocol/openid-connect/auth?client_idchapter-1response_typecoderedirect_urihttp://localhost:9000/callbackscopeopenidclient_secret149240f3-31c6-46dc-bab4-0b53c0ee13b9发送请求在地址栏输入http://localhost:9000/,点击access code ,跳转到登录界面输入用户名与密码截图如下再使用这个code ,请求curl --request POST ^–url http://keycloak.demofor.com.cn/auth/realms/keycloak-learn/protocol/openid-connect/token ^–header ‘Content-Type: application/x-www-form-urlencoded’ ^–data grant_typeauthorization_code ^–data redirect_urihttp://localhost/callback ^–data coded16a190c-44d9-432a-a809-459fdb37bb26.ee51d9d4-63b4-422e-a9c4-00a41fd19183.00a1f5fc-e14a-4309-92f2-67c3305fc275 ^–data client_idchapter-1 ^–data client_secret149240f3-31c6-46dc-bab4-0b53c0ee13b9参考文章地址 我们选择OpenID协议中的 http://www.keycloak.org/docs/latest/securing_apps/index.html#openid-connect-3 OpenID协议中的Spring Boot Adapterhttp://www.keycloak.org/docs/latest/securing_apps/index.html#_spring_boot_adapter Spring Security比较熟悉 http://www.keycloak.org/docs/latest/securing_apps/index.html#_spring_security_adapter