haizad/laravel-keycloak-admin

Keycloak Admin Rest API for Laravel/Lumen

1.9 2021-02-04 07:50 UTC

This package is auto-updated.

Last update: 2024-11-04 16:32:51 UTC


README

This is a forked repository from https://github.com/Mnikoei/laravel-keycloak-admin

Original work credited to Mnikoei.

Alternative

Keycloak Admin library made by Scito. https://gitlab.com/scito-performance/keycloak-admin

Supports

  • Laravel 8
  • Lumen 8
  • Installation

    composer require haizad/laravel-keycloak-admin
    

    Copy the package config to your local config with the publish command:

    Laravel only

    php artisan vendor:publish --provider="LaravelKeycloakAdmin\KeycloakAdminServiceProvider"

    Lumen only

    Create a config folder in the root directory. Copy keycloakAdmin.php from vendor/haizad/laravel-keycloak-admin/src/Config/, and paste into config folder.

    Register the provider in your boostrap app file bootstrap/app.php

    Add the following line at that files. Please note that $app->configure('keycloakAdmin'); should be placed below $app->register(\LaravelKeycloakAdmin\KeycloakAdminServiceProvider::class);.

    //"Register Service Providers"  section
    $app->register(\LaravelKeycloakAdmin\KeycloakAdminServiceProvider::class);
    $app->configure('keycloakAdmin');
    
    $app->router->group([
        'namespace' => 'App\Http\Controllers',
    ], function ($router) {
        require __DIR__.'/../routes/web.php';
    });
    
    return $app;

    For facades, uncomment $app->withFacades(); in your boostrap app file bootstrap/app.php

    Environment Setup

    Add these environment variables to your .env :

    KEYCLOAK_BASE_URL=http://keycloak-domain.example/auth
    
    KEYCLOAK_REALM=                
    
    KEYCLOAK_REALM_PUBLIC_KEY=     # realm settings -> keys 
    
    KEYCLOAK_CLIENT_ID=            
    
    KEYCLOAK_CLIENT_SECRET=        # clients -> your_client -> credentials 
    
    KEYCLOAK_ADMIN_BASE_URL=${KEYCLOAK_BASE_URL}/admin/realms/${KEYCLOAK_REALM} 
    

    Enable realm managment

    Go to clients -> your_client -> Service Account then select realm-managment

    from Client Roles list and assign realm-admin to client.

    Available methods :

    Package has provided services as below:

    • user
    • role
    • client
    • clientRole
    • addon

    Available functions:

    • Create User
    • Get All User
    • Query User

    All API's are declared in config\keycloakAdmin.php

    Usages

    Include the KeycloakAdmin inside your Laravel controller/API route

    use LaravelKeycloakAdmin\Facades\KeycloakAdmin;
    

    Example:

    KeycloakAdmin::serviceName()->apiName($parameters)
    
    //Create User Sample
    //Refer https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_userrepresentation
    KeycloakAdmin::user()->create([
                    'body' => [
                            'username' => 'foo',
                            'enabled' => true,
                            'emailVerified' => false,
                            'email' => 'foo@email.com',
                            'credentials' => [[
                                'type' => 'password',
                                'value' => 'foobar',
                                'temporary' => false
                            ]]
                      ]
    ]);
    
    //Query User Sample
    //Refer Query parameter on GET /{realm}/users https://www.keycloak.org/docs-api/11.0/rest-api/index.html
    KeycloakAdmin::user()->find([
                'query' => [ 
                     'email' => 'foobar@example.com'
                ]
    ]);
    
    //Get All User Sample
    KeycloakAdmin::user()->all();

    Additional Methods

    Logout User session by user Id

    KeycloakAdmin::addon()->logoutById([
         'id' => 'user_id'
    ])
    

    Set Expiry Access Token

    KeycloakAdmin::addon()->setAccessTokenExpiry([
         'body' => [
                 'accessTokenLifespan' => 60
           ]
    ])
    
    

    To do list

    • Lumen Support
    • Test LDAP Connection
    • Import users from LDAP

    All other api calls are same as examples just needs to provide required parameters as described in https://www.keycloak.org/docs-api/11.0/rest-api/index.html