dqajyxqem115006813 2019-07-31 10:27
浏览 64

具有外部OpenID提供程序的API平台

I'm dealing with a project where I have a frontend build with React, which connects to an API build with API Platform, and uses an external user provider which implements oauth2 and OpenID protocols (Keycloak).

I think that I can configure API platform as an oauth2 client (through oauth configuration section, but I'm not sure if it will be an oauth client or a server), but I also need to get user information from the OpenID server to store information about the user who has created an entity (the owner).

Is there any way to do that? Or is better to not use API Platform and implement my own API which connects to the OpenID server?

Thanks in advance!

  • 写回答

1条回答 默认 最新

  • duankuiyu4618 2019-08-07 05:03
    关注

    Yes, It is advisable for API Platform to act as a Oauth 2.0 client for external oauth 2.0/OpenId provider in this case, Also It provides a benefit of storing the clientId, clientSecret and other configuration on API platform itself instead of storing on react frontend. Also you can store tokens, expiry, refresh tokens, Other scopes on API platform corresponding to the logged in userId and pass the same to react frontend when required. For getting userinfo via openId connect, API call will be proxied via API platform to external OpenId provider i.e keycloak.

    评论

报告相同问题?

悬赏问题

  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集
  • ¥15 esp8266与51单片机连接问题(标签-单片机|关键词-串口)(相关搜索:51单片机|单片机|测试代码)
  • ¥15 电力市场出清matlab yalmip kkt 双层优化问题
  • ¥30 ros小车路径规划实现不了,如何解决?(操作系统-ubuntu)