README

This is a forked repository from https://github.com/Mnikoei/laravel-keycloak-admin

Original work credited to Mnikoei.

Alternative

Keycloak Admin library made by Scito. https://gitlab.com/scito-performance/keycloak-admin

Supports

Laravel 8

Lumen 8

Installation

composer require haizad/laravel-keycloak-admin

Copy the package config to your local config with the publish command:

Laravel only

php artisan vendor:publish --provider="LaravelKeycloakAdmin\KeycloakAdminServiceProvider"

Lumen only

Create a config folder in the root directory. Copy keycloakAdmin.php from vendor/haizad/laravel-keycloak-admin/src/Config/, and paste into config folder.

Add the following line at that files. Please note that $app->configure('keycloakAdmin'); should be placed below $app->register(\LaravelKeycloakAdmin\KeycloakAdminServiceProvider::class);.

//"Register Service Providers"  section
$app->register(\LaravelKeycloakAdmin\KeycloakAdminServiceProvider::class);
$app->configure('keycloakAdmin');

$app->router->group([
    'namespace' => 'App\Http\Controllers',
], function ($router) {
    require __DIR__.'/../routes/web.php';
});

return $app;

For facades, uncomment $app->withFacades(); in your boostrap app file bootstrap/app.php

Environment Setup

Add these environment variables to your .env :

KEYCLOAK_BASE_URL=http://keycloak-domain.example/auth

KEYCLOAK_REALM=                

KEYCLOAK_REALM_PUBLIC_KEY=     # realm settings -> keys 

KEYCLOAK_CLIENT_ID=            

KEYCLOAK_CLIENT_SECRET=        # clients -> your_client -> credentials 

KEYCLOAK_ADMIN_BASE_URL=${KEYCLOAK_BASE_URL}/admin/realms/${KEYCLOAK_REALM}

Enable realm managment

Go to clients -> your_client -> Service Account then select realm-managment

from Client Roles list and assign realm-admin to client.

Available methods :

Package has provided services as below:

user
role
client
clientRole
addon

Available functions:

Create User
Get All User
Query User

All API's are declared in config\keycloakAdmin.php

Usages

Include the KeycloakAdmin inside your Laravel controller/API route

use LaravelKeycloakAdmin\Facades\KeycloakAdmin;

Example:

KeycloakAdmin::serviceName()->apiName($parameters)

//Create User Sample
//Refer https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_userrepresentation
KeycloakAdmin::user()->create([
                'body' => [
                        'username' => 'foo',
                        'enabled' => true,
                        'emailVerified' => false,
                        'email' => 'foo@email.com',
                        'credentials' => [[
                            'type' => 'password',
                            'value' => 'foobar',
                            'temporary' => false
                        ]]
                  ]
]);

//Query User Sample
//Refer Query parameter on GET /{realm}/users https://www.keycloak.org/docs-api/11.0/rest-api/index.html
KeycloakAdmin::user()->find([
            'query' => [ 
                 'email' => 'foobar@example.com'
            ]
]);

//Get All User Sample
KeycloakAdmin::user()->all();

Additional Methods

Logout User session by user Id

KeycloakAdmin::addon()->logoutById([
     'id' => 'user_id'
])

Set Expiry Access Token

KeycloakAdmin::addon()->setAccessTokenExpiry([
     'body' => [
             'accessTokenLifespan' => 60
       ]
])

To do list

Lumen Support
Test LDAP Connection
Import users from LDAP

All other api calls are same as examples just needs to provide required parameters as described in https://www.keycloak.org/docs-api/11.0/rest-api/index.html

felipe.devops / laravel-keycloak-admin

Maintainers

Details