drago-ex/keycloak

Simple keycloak adapter.

Maintainers

Details

github.com/drago-ex/keycloak

Source

Issues

Installs: 435

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

v1.0.5 2023-12-08 07:41 UTC

Requires

Requires (Dev)

MIT 066b1cb8e893ff5169952781f4060eb0bb02655a

This package is auto-updated.

Last update: 2024-04-12 07:17:32 UTC

README

Simple keycloak adapter.

License: MIT PHP version Tests Coding Style CodeFactor Coverage Status

Technology

  • PHP 8.1 or higher
  • composer

Installation

composer require drago-ex/keycloak

Extension registration

extensions:
	keycloak: Drago\Keycloak\DI\KeycloakExtension


keycloak:

	# https://github.com/stevenmaguire/oauth2-keycloak
	authServerUrl: keycloak-server-url
	realm: keycloak-realm
	clientId: keycloak-client-id
	clientSecret: keycloak-client-secret
	redirectUri: https://example.com/callback-url

	# optional
	# version: 21.0.1
	# encryptionAlgorithm: 'RS256'
	# encryptionKeyPath: '../key.pem'
	# encryptionKey: 'contents_of_key_or_certificate'

	# https://github.com/guzzle/guzzle
	# guzzleHttp:

Use in presenter

use Drago\Keycloak\KeycloakAdapter

public function __construct(
	private Keycloak $keycloak,
	private KeycloakSessions $keycloakSessions,
) {
	parent::__construct();
}

// simple login
protected function startup(): void
{
	parent::startup();
	if (!$this->getUser()->isLoggedIn()) {
		$keycloakUser = $this->keycloakSessions
			->getItems()->resourceOwner;

		$this->getUser()->login($keycloakUser->getName(), $keycloakUser->getId());
		$this->redirect('redirect');
	}
}

// own authenticator, check attributes from keycloak, backlink
protected function startup(): void
{
	parent::startup();
	if (!$this->getUser()->isLoggedIn()) {
		$keycloakUser = $this->keycloakSessions
			->getItems()->resourceOwner;

		try {
			if ($keycloakUser) {
				$user = $this->getUser();

				// own authenticator
				$user->setAuthenticator($this->authRepository);

				// user login
				$user->login($keycloakUser->getName(), $keycloakUser->getId());

				// backlink, redirecting back to the page after login
				$this->restoreRequest($this->backlink);
				$this->redirect(':Backend:Admin:');
			}

		// check attributes from keylocker
		} catch (AuthenticationException $e) {
			if ($e->getCode() === 1) {
				$this->template->userLoginError = true;
				$this->getUserLogout();
				$redirect = $this->keycloak->getLogoutUrl();
				header('refresh:6; url=' . $redirect);
			}
		}
	}
}


private function getUserLogout(): void
{
	$this->getUser()->logout();
	$this->keycloakSessions->remove();
}

Error message in @layout.latte

<body n:ifset="$userLoginError">
	<h1 class="text-danger text-center mt-5">
		{_'The user does not have the required attributes set in keycloak.'}
	</h1>
</body>
<body n:if="$user->loggedIn">
	...
</body>

Items from keycloak

// state, accessToken and resource owner
$this->keycloakSessions->getItems();

User logout method

$this->keycloakSessions->remove();
$this->redirectUrl($this->keycloak->getLogoutUrl());