ceedcv-maya / shared-auth-laravel
Keycloak/OIDC JWT authentication middleware for Laravel: JWKS caching, RequirePermissionMiddleware, AppToAppAuthenticator, configurable user resolver.
Maintainers
Requires
- php: ^8.4
- illuminate/cache: ^11.0 || ^12.0 || ^13.0
- illuminate/http: ^11.0 || ^12.0 || ^13.0
- illuminate/support: ^11.0 || ^12.0 || ^13.0
- lcobucci/jwt: ^5.0
- phpseclib/phpseclib: ^3.0
Requires (Dev)
- mockery/mockery: ^1.6
- orchestra/testbench: ^9.0 || ^10.0
- pestphp/pest: ^3.0
- pestphp/pest-plugin-laravel: ^3.0
README
Keycloak/OIDC JWT authentication middleware for Laravel: JWKS caching, RequirePermissionMiddleware, AppToAppAuthenticator, configurable user resolver.
Part of the ceedcv-maya/maya_platform mono-repo. Distributed independently for reuse outside the Maya ecosystem.
Installation
composer require ceedcv-maya/shared-auth-laravel
// routes/api.php use Maya\Auth\Middleware\AuthenticateJwt; use Maya\Auth\Middleware\RequirePermission; Route::middleware([AuthenticateJwt::class, RequirePermission::class.':users.read'])->group(function () { Route::get('/me', fn () => auth()->user()); });
KEYCLOAK_URL=https://keycloak.example.org KEYCLOAK_REALM=my-realm KEYCLOAK_CLIENT_ID=my-app
TypeScript / build notes
PSR-4 autoload from src/. Service providers are registered via Laravel package discovery (no manual provider registration needed).
License
MIT — see LICENSE.
Reporting issues
The canonical source lives in Maya-AQSS/maya_platform. File issues there; this read-only split repo is only the published artifact.