Search by 
alterindonesia / keycloak-guard
Keycloak Guard for Laravel
v0.0.5
2024-06-26 09:47 UTC
Requires
- php: ^8.0
- firebase/php-jwt: ^6.3
README
This package is a guard for keycloak. This package is a fork from keycloak-guard package and change several code.
Installation
composer require alterindonesia/keycloak-guard
Environment
KEYCLOAK_REALM_PUBLIC_KEY= KEYCLOAK_LOAD_USER_FROM_DATABASE=false KEYCLOAK_USER_PROVIDER_CREDENTIAL=email KEYCLOAK_TOKEN_PRINCIPAL_ATTRIBUTE=preferred_username KEYCLOAK_APPEND_DECODED_TOKEN=true KEYCLOAK_ALLOWED_RESOURCES=account KEYCLOAK_IGNORE_RESOURCES_VALIDATION=false KEYCLOAK_LEEWAY=0 KEYCLOAK_TOKEN_INPUT_KEY=null KEYCLOAK_SESSION_SYNC=true KEYCLOAK_URL= KEYCLOAK_REALM=
Publish Configuration
php artisan vendor:publish --provider="Alterindonesia\KeycloakGuard\KeycloakGuardServiceProvider"
Usage
There are two ways to use this package:
- Just decode the token and get the user data from the token.
- Sync the user data from the token on keycloak server API.
KEYCLOAK_SESSION_SYNC=true KEYCLOAK_URL= KEYCLOAK_REALM=
Laravel Auth
Changes on config/auth.php
... 'defaults' => [ 'guard' => 'api', # <-- For sure, i`m building an API 'passwords' => 'users', ], .... 'guards' => [ # <!----- # Make sure your "api" guard looks like this. # Newer Laravel versions just removed this config block. # ----> 'api' => [ 'driver' => 'keycloak', 'provider' => 'users', ], ],
Laravel Routes
// protected endpoints Route::group(['middleware' => 'auth:api'], function () { Route::get('/protected-endpoint', 'SecretController@index'); // more endpoints ... });
Big Thanks
- robsontenorio for the original package.