alterindonesia/keycloak-guard

Laravel 的 Keycloak Guard

v0.0.5 2024-06-26 09:47 UTC

This package is auto-updated.

Last update: 2024-09-26 10:20:25 UTC


README

此包是 Keycloak 的守卫器。此包是从 keycloak-guard 包 fork 出来的,并修改了部分代码。

安装

composer require alterindonesia/keycloak-guard

环境

KEYCLOAK_REALM_PUBLIC_KEY=
KEYCLOAK_LOAD_USER_FROM_DATABASE=false
KEYCLOAK_USER_PROVIDER_CREDENTIAL=email
KEYCLOAK_TOKEN_PRINCIPAL_ATTRIBUTE=preferred_username
KEYCLOAK_APPEND_DECODED_TOKEN=true
KEYCLOAK_ALLOWED_RESOURCES=account
KEYCLOAK_IGNORE_RESOURCES_VALIDATION=false
KEYCLOAK_LEEWAY=0
KEYCLOAK_TOKEN_INPUT_KEY=null
KEYCLOAK_SESSION_SYNC=true
KEYCLOAK_URL=
KEYCLOAK_REALM=

发布配置

php artisan vendor:publish --provider="Alterindonesia\KeycloakGuard\KeycloakGuardServiceProvider"

使用方法

使用此包有两种方法

  1. 仅解码令牌并从令牌中获取用户数据。
  2. 从 Keycloak 服务器 API 同步用户数据。
KEYCLOAK_SESSION_SYNC=true
KEYCLOAK_URL=
KEYCLOAK_REALM=

Laravel 认证

在 config/auth.php 中的更改

    ...
    'defaults' => [
        'guard' => 'api', # <-- For sure, i`m building an API
        'passwords' => 'users',
    ],

    ....

    'guards' => [
        # <!-----
        #     Make sure your "api" guard looks like this.
        #     Newer Laravel versions just removed this config block.
        #  ---->
        'api' => [
            'driver' => 'keycloak',
            'provider' => 'users',
        ],
    ],

Laravel 路由

// protected endpoints
Route::group(['middleware' => 'auth:api'], function () {
    Route::get('/protected-endpoint', 'SecretController@index');
    // more endpoints ...
});

特别感谢