我有以下代码来刷新我的访问令牌:
handleChange(id) {
this.setState((prevState) => ({
todos: prevState.todos.map(todo => todo.id === id ? {
...todo, // <-- shallow copy todo
completed: !todo.completed, // <-- update completed property
} : todo)
});
}
效果很好,但我想使用管理客户端,就像我在请求带有用户名和密码的访问令牌时所做的那样:
@PostMapping(value = "/auth/realms/{realm-name}/protocol/openid-connect/token/refresh", consumes = {MediaType.APPLICATION_FORM_URLENCODED_VALUE})
public AccessTokenResponse refreshToken(
@PathVariable("realm-name") String realmName,
RefreshAccessTokenDTO dto) {
MultiValueMap<String, String> body = new LinkedMultiValueMap<>();
body.add("grant_type", dto.getGrantType());
body.add("client_id", dto.getClientId());
body.add("client_secret", dto.getClientSecret());
body.add("refresh_token", dto.getRefreshToken());
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
HttpEntity<?> httpEntity = new HttpEntity<>(body, headers);
String url = String.format("http://localhost:8180/auth/realms/%s/protocol/openid-connect/token", realmName);
ResponseEntity<AccessTokenResponse> response = new RestTemplate().exchange(url, HttpMethod.POST, httpEntity, AccessTokenResponse.class);
return response.getBody();
}
是否可以使用管理员客户端刷新访问令牌?
如果是,如何构建 Keycloak 实例使其工作?