问题描述
我们正在评估KeyCloak,以取代用于用户注册和身份验证的自定义实现。
我们当前的工作流程提供了一个注册屏幕,用户可以在其中进行自我注册。提交注册表单后,将触发自定义验证流程,随后将一封电子邮件发送给用户以验证其电子邮件并激活其帐户。电子邮件中的链接允许他们设置密码,然后向他们发送欢迎电子邮件。
我正在使用Admin REST客户端API来实现此工作流程。我已经到了电子邮件验证部分。
我的问题:
解决方法
谢谢CodeWalter .. 对于其他可能需要它的人,这就是我使用Java客户端完成的方式。
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl(SERVER_URL)
.realm(MASTER_REALM)
.grantType(OAuth2Constants.CLIENT_CREDENTIALS)
.clientId(CLIENT_ID)
.clientSecret(CLIENT_SECRET)
.build();
// Define user
UserRepresentation user = new UserRepresentation();
user.setEnabled(true);
user.setUsername("[email protected]");
user.setFirstName("First");
user.setLastName("Last");
user.setEmail("[email protected]");
user.setAttributes(Collections.singletonMap("MRN",Arrays.asList("11111")));
// Define password credential
CredentialRepresentation passwordCred = new CredentialRepresentation();
passwordCred.setTemporary(true);
passwordCred.setType(CredentialRepresentation.PASSWORD);
passwordCred.setValue("Password@1");
user.setCredentials(Arrays.asList(passwordCred));
// Get realm
RealmResource realmResource = keycloak.realm(PHUB_REALM);
UsersResource usersRessource = realmResource.users();
// Create user (requires manage-users role)
Response response = usersRessource.create(user);
String userId = CreatedResponseUtil.getCreatedId(response);
System.out.println("Response: " + response.getStatusInfo());
System.out.println(userId);
UserResource u = realmResource.users().get(userId);
u.sendVerifyEmail();
设置 temporary = true 。 下面提到的示例JSON主体。然后,将在初始登录时将用户重定向到Keycloak以更改密码。
{
"createdTimestamp": 1587754061774,"username": "John","enabled": true,"firstName": "John","totp": false,"emailVerified": true,"disableableCredentialTypes": [],"requiredActions": [],"notBefore": 0,"groups": [],"credentials": [{
"type":"password","value":"1qaz@WSX","temporary":true
}],"access": {
"manageGroupMembership": true,"view": true,"mapRoles": true,"impersonate": true,"manage": true
}
}