ristekusdi / kisara-php
Keycloak Service Account library using PHP
Requires
- php: ^7.4|^8.0
README
Keycloak Service Account library with minimum PHP version 7.2. Adapted from Keycloak REST API.
All class extends a Base class which is a class to get ADMIN_URL, BASE_URL, REALM, authentication to get token, and ACCESS_TOKEN.
Get Started
composer require ristekusdi/kisara-php
In each class, you need to set a config (array value) to get data you need. Here's the available options:
// First option $config = [ 'admin_url' => 'KEYCLOAK_ADMIN_URL', 'base_url' => 'KEYCLOAK_BASE_URL', 'realm' => 'KEYCLOAK_REALM', 'client_id' => 'KEYCLOAK_CLIENT_ID', 'client_secret' => 'KEYCLOAK_CLIENT_SECRET', ]; // Second option $config = [ 'admin_url' => 'KEYCLOAK_ADMIN_URL', 'base_url' => 'KEYCLOAK_BASE_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_SERVICE_ACCOUNTS_OF_CLIENT', ];
Notes: Admin url and base url in your Keycloak may same url or maybe different.
Available Classes and Methods
Client
get
Get all client with or without parameters.
use RistekUSDI\Kisara\Client as KisaraClient; // With parameters (new KisaraClient($config))->get([ 'clientId' => 'CLIENT_ID_NAME', 'search' => 'true' ]); // Without parameters (new KisaraClient($config))->get();
findById
Get a client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->findById($client_id);
store
Store a client.
use RistekUSDI\Kisara\Client as KisaraClient; $data = [ 'enabled' => 'true', 'protocol' => 'openid-connect', 'clientId' => $clientId, 'rootUrl' => $rootUrl, // Determine if client type is public or confidential // true = public, false = confidential 'publicClient' => $publicClient, ]; (new KisaraClient($config))->store($data);
update
Update a client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient; $data = [ 'enabled' => 'true', 'protocol' => 'openid-connect', 'clientId' => $clientId, 'rootUrl' => $rootUrl, // Determine if client type is public or confidential // true = public, false = confidential 'publicClient' => $publicClient, ]; (new KisaraClient($config))->update($client_id, $data);
delete
Delete client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->delete($client_id);
getServiceAccountUser
Get service account user from a client with id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->getServiceAccountUser($client_id);
userSessions
Get current user sessions that belongs to the client.
use RistekUSDI\Kisara\Client as KisaraClient; // Without param (new KisaraClient($config))->userSessions($client_id); $params = [ 'first' => '0', 'max' => '10', ]; // With params (new KisaraClient($config))->userSessions($client_id, $params);
ClientRole
get
Get roles of client by id of client NOT clientId. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10', 'search' => 'role name of client', ]; (new KisaraClientRole($config))->get($client_id, $params);
store
Store a role to a client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $data = [ 'name' => 'role name of client', ] (new KisaraClientRole($config))->store($client_id, $data);
getUsers
Get users from a client role with id of client and role name. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10' ]; (new KisaraClientRole($config))->getUsers($client_id, $role_name, $params);
getGroups
Get groups from a client role with id of client and role name. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10' ]; (new KisaraClientRole($config))->getGroups($client_id, $role_name, $params);
ClientSecret
get
Get client secret of client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret; (new KisaraClientSecret($config))->get($client_id);
update
Update client secret of client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret; (new KisaraClientSecret($config))->update($client_id);
DeviceActivity
get
Get list of devices the user is logged on to.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->get();
endAllSession
End all logged in session from device.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->endAllSession();
endSession
End logged in session from device by session id.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->endSession($session_id);
Group
get
Get groups with or without parameters.
use RistekUSDI\Kisara\Group as KisaraGroup; // With parameters. $params = [ 'first' => '0', 'max' => '10', 'search' => 'name of group', ]; (new KisaraGroup($config))->get($params); // Without parameters. (new KisaraGroup($config))->get();
findById
Get a single group by id of group.
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->findById($group_id);
store
Store a group.
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->store(array( 'name' => 'name of group' ));
delete
Delete a group by id of group.
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->delete($group_id);
members
Get members of group by id of group. Parameters are optional.
use RistekUSDI\Kisara\Group as KisaraGroup; // With parameters. $params = [ 'first' => '0', 'max' => '10', ]; (new KisaraGroup($config))->members($group_id, $params); // Without parameters. (new KisaraGroup($config))->members($group_id);
getRoleMappings
Get group role mappings by group id.
use RistekUSDI\Kisara\Group as KisaraGroup; // Without parameters. (new KisaraGroup($config))->getRoleMappings($group_id);
GroupClientRole
getAvailableRoles
Get available roles of client role in a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getAvailableRoles($group_id, $client_id);
storeAssignedRoles
Store assigned roles of client role to a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->storeAssignedRoles($group_id, $client_id, $roles);
getAssignedRoles
Get assigned roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getAssignedRoles($group_id, $client_id);
deleteAssignedRoles
Delete assigned roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->deleteAssignedRoles($group_id, $client_id);
getEffectiveRoles
Get effective roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getEffectiveRoles($group_id, $client_id);
Key
get
Get all key from Keycloak realm settings.
use RistekUSDI\Kisara\Key as KisaraKey; (new KisaraKey($config))->get();
getRSA256PublicKey
Get RSA 256 Public Key from Keycloak realm settings.
use RistekUSDI\Kisara\Key as KisaraKey; (new KisaraKey($config))->getRSA256PublicKey();
Role
findById
Find a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole; (new KisaraRole($config))->findById($role_id);
update
Update a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole; $data = [ 'name' => 'role name' ] (new KisaraRole($config))->update($role_id, $data);
delete
Delete a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole; (new KisaraRole($config))->delete($role_id);
Session
delete
Delete session logged in user by session id.
use RistekUSDI\Kisara\Session as KisaraSession; (new KisaraSession($config))->delete($session_id);
User
get
Get users with or without parameters.
use RistekUSDI\Kisara\User as KisaraUser; // With parameters $params = [ // Option 1 'username' => 'username', 'exact' => true, // Option 2 'email' => 'mail of user', 'username' => 'username', ]; (new KisaraUser($config))->get($params); // Without parameters (new KisaraUser($config))->get();
findById
Find user by id of user.
use RistekUSDI\Kisara\User as KisaraUser; (new KisaraUser($config))->findById($user_id);
store
Store a user.
use RistekUSDI\Kisara\User as KisaraUser; $data = [ 'firstName' => 'first name of user', 'lastName' => 'last name of user', 'email' => 'email of user', 'username' => 'username', 'enabled' => true, 'credentials' => [ [ 'temporary' => true, 'type' => 'password', 'value' => 'value of password.' ] ], ]; (new KisaraUser($config))->store($data);
update
Update a user.
use RistekUSDI\Kisara\User as KisaraUser; $data = [ 'firstName' => 'first name of user', 'lastName' => 'last name of user', 'email' => 'email of user', 'username' => 'username', 'enabled' => true, 'credentials' => [ [ 'temporary' => true, 'type' => 'password', 'value' => 'value of password.' ] ], ]; (new KisaraUser($config))->update($user_id, $data);
groups
Get groups belong to user with id of user.
use RistekUSDI\Kisara\User as KisaraUser; (new KisaraUser($config))->groups($user_id);
resetCredentials
Reset user credentials.
use RistekUSDI\Kisara\User as KisaraUser; $data = array( 'type' => 'password', 'value' => 'value of password', 'temporary' => true, ); (new KisaraUser($config))->resetCredentials($user_id, $data);
UserClientRole
getAvailableRoles
Get available roles of client role in a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getAvailableRoles($user_id, $client_id);
storeAssignedRoles
Store assigned roles of client role to a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->storeAssignedRoles($user_id, $client_id, $roles);
getAssignedRoles
Get assigned roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getAssignedRoles($user_id, $client_id);
deleteAssignedRoles
Delete assigned roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->deleteAssignedRoles($user_id, $client_id);
getEffectiveRoles
Get effective roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getEffectiveRoles($user_id, $client_id);
UserGroup
attach
Attach a group to a user.
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup; (new KisaraUserGroup($config))->attach($user_id, $group_id);
detach
Detach a group from a user.
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup; (new KisaraUserGroup($config))->detach($user_id, $group_id);