通过 
搜索
搜索ristekusdi / kisara-php
使用 PHP 的 Keycloak 服务帐户库
v3.0.1
2024-05-04 02:43 UTC
Requires
- php: ^7.4|^8.0
README
Keycloak 服务帐户库,最低 PHP 版本 7.2。基于 Keycloak REST API 开发。
所有类都继承自一个 Base 类,该类用于获取 ADMIN_URL、BASE_URL、REALM,以及用于获取 token 和 ACCESS_TOKEN 的身份验证。
入门指南
composer require ristekusdi/kisara-php
在每一个类中,您需要设置一个配置(数组值),以获取所需的数据。以下是可用的选项
// First option $config = [ 'admin_url' => 'KEYCLOAK_ADMIN_URL', 'base_url' => 'KEYCLOAK_BASE_URL', 'realm' => 'KEYCLOAK_REALM', 'client_id' => 'KEYCLOAK_CLIENT_ID', 'client_secret' => 'KEYCLOAK_CLIENT_SECRET', ]; // Second option $config = [ 'admin_url' => 'KEYCLOAK_ADMIN_URL', 'base_url' => 'KEYCLOAK_BASE_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_SERVICE_ACCOUNTS_OF_CLIENT', ];
注意:您的 Keycloak 中的管理 URL 和基础 URL 可能相同,也可能不同。
可用类和方法
Client
get
获取带有或不带有参数的所有客户端。
use RistekUSDI\Kisara\Client as KisaraClient; // With parameters (new KisaraClient($config))->get([ 'clientId' => 'CLIENT_ID_NAME', 'search' => 'true' ]); // Without parameters (new KisaraClient($config))->get();
findById
通过客户端 ID 获取客户端,而不是 clientId。
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->findById($client_id);
store
存储客户端。
use RistekUSDI\Kisara\Client as KisaraClient; $data = [ 'enabled' => 'true', 'protocol' => 'openid-connect', 'clientId' => $clientId, 'rootUrl' => $rootUrl, // Determine if client type is public or confidential // true = public, false = confidential 'publicClient' => $publicClient, ]; (new KisaraClient($config))->store($data);
update
通过客户端 ID 更新客户端,而不是 clientId。
use RistekUSDI\Kisara\Client as KisaraClient; $data = [ 'enabled' => 'true', 'protocol' => 'openid-connect', 'clientId' => $clientId, 'rootUrl' => $rootUrl, // Determine if client type is public or confidential // true = public, false = confidential 'publicClient' => $publicClient, ]; (new KisaraClient($config))->update($client_id, $data);
delete
通过客户端 ID 删除客户端,而不是 clientId。
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->delete($client_id);
getServiceAccountUser
从具有客户端 ID 的客户端获取服务帐户用户,而不是 clientId。
use RistekUSDI\Kisara\Client as KisaraClient; (new KisaraClient($config))->getServiceAccountUser($client_id);
userSessions
获取属于客户端的用户当前会话。
use RistekUSDI\Kisara\Client as KisaraClient; // Without param (new KisaraClient($config))->userSessions($client_id); $params = [ 'first' => '0', 'max' => '10', ]; // With params (new KisaraClient($config))->userSessions($client_id, $params);
ClientRole
get
通过客户端 ID 获取客户端的角色,而不是 clientId。参数是可选的。
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10', 'search' => 'role name of client', ]; (new KisaraClientRole($config))->get($client_id, $params);
store
将角色存储到客户端中,而不是 clientId。
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $data = [ 'name' => 'role name of client', ] (new KisaraClientRole($config))->store($client_id, $data);
getUsers
从具有客户端 ID 和角色名称的客户端角色获取用户。参数是可选的。
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10' ]; (new KisaraClientRole($config))->getUsers($client_id, $role_name, $params);
getGroups
从具有客户端 ID 和角色名称的客户端角色获取组。参数是可选的。
use RistekUSDI\Kisara\ClientRole as KisaraClientRole; $params = [ 'first' => '0', 'max' => '10' ]; (new KisaraClientRole($config))->getGroups($client_id, $role_name, $params);
ClientSecret
get
通过客户端 ID 获取客户端的密钥,而不是 clientId。
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret; (new KisaraClientSecret($config))->get($client_id);
update
通过客户端 ID 更新客户端的密钥,而不是 clientId。
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret; (new KisaraClientSecret($config))->update($client_id);
DeviceActivity
get
获取用户登录到的设备列表。
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->get();
endAllSession
结束来自设备的所有登录会话。
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->endAllSession();
endSession
通过会话 ID 结束来自设备的登录会话。
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity; $config = [ 'base_url' => 'BASE_KEYCLOAK_URL', 'realm' => 'KEYCLOAK_REALM', 'access_token' => 'ACCESS_TOKEN_FROM_USER', ]; (new KisaraDeviceActivity($config))->endSession($session_id);
Group
get
获取带有或不带有参数的组。
use RistekUSDI\Kisara\Group as KisaraGroup; // With parameters. $params = [ 'first' => '0', 'max' => '10', 'search' => 'name of group', ]; (new KisaraGroup($config))->get($params); // Without parameters. (new KisaraGroup($config))->get();
findById
通过组 ID 获取单个组。
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->findById($group_id);
store
存储组。
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->store(array( 'name' => 'name of group' ));
delete
通过组 ID 删除组。
use RistekUSDI\Kisara\Group as KisaraGroup; (new KisaraGroup($config))->delete($group_id);
members
通过组 ID 获取组的成员。参数是可选的。
use RistekUSDI\Kisara\Group as KisaraGroup; // With parameters. $params = [ 'first' => '0', 'max' => '10', ]; (new KisaraGroup($config))->members($group_id, $params); // Without parameters. (new KisaraGroup($config))->members($group_id);
getRoleMappings
通过组 ID 获取组角色映射。
use RistekUSDI\Kisara\Group as KisaraGroup; // Without parameters. (new KisaraGroup($config))->getRoleMappings($group_id);
GroupClientRole
getAvailableRoles
获取组中客户端角色的可用角色。
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getAvailableRoles($group_id, $client_id);
storeAssignedRoles
将客户端角色的分配角色存储到组中。
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->storeAssignedRoles($group_id, $client_id, $roles);
getAssignedRoles
从组中获取客户端角色的分配角色。
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getAssignedRoles($group_id, $client_id);
deleteAssignedRoles
从组中删除客户端角色的分配角色。
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->deleteAssignedRoles($group_id, $client_id);
getEffectiveRoles
从组中获取客户端角色的有效角色。
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole; (new KisaraGroupClientRole($config))->getEffectiveRoles($group_id, $client_id);
Key
get
从 Keycloak 域设置中获取所有密钥。
use RistekUSDI\Kisara\Key as KisaraKey; (new KisaraKey($config))->get();
getRSA256PublicKey
从 Keycloak 域设置中获取 RSA 256 公钥。
use RistekUSDI\Kisara\Key as KisaraKey; (new KisaraKey($config))->getRSA256PublicKey();
Role
findById
通过角色 ID 查找角色。
use RistekUSDI\Kisara\Role as KisaraRole; (new KisaraRole($config))->findById($role_id);
update
通过角色 ID 更新角色。
use RistekUSDI\Kisara\Role as KisaraRole; $data = [ 'name' => 'role name' ] (new KisaraRole($config))->update($role_id, $data);
delete
通过角色 ID 删除角色。
use RistekUSDI\Kisara\Role as KisaraRole; (new KisaraRole($config))->delete($role_id);
Session
delete
通过会话 ID 删除已登录用户会话。
use RistekUSDI\Kisara\Session as KisaraSession; (new KisaraSession($config))->delete($session_id);
User
get
获取带有或不带有参数的用户。
use RistekUSDI\Kisara\User as KisaraUser; // With parameters $params = [ // Option 1 'username' => 'username', 'exact' => true, // Option 2 'email' => 'mail of user', 'username' => 'username', ]; (new KisaraUser($config))->get($params); // Without parameters (new KisaraUser($config))->get();
findById
通过用户 ID 查找用户。
use RistekUSDI\Kisara\User as KisaraUser; (new KisaraUser($config))->findById($user_id);
store
存储用户。
use RistekUSDI\Kisara\User as KisaraUser; $data = [ 'firstName' => 'first name of user', 'lastName' => 'last name of user', 'email' => 'email of user', 'username' => 'username', 'enabled' => true, 'credentials' => [ [ 'temporary' => true, 'type' => 'password', 'value' => 'value of password.' ] ], ]; (new KisaraUser($config))->store($data);
update
更新用户。
use RistekUSDI\Kisara\User as KisaraUser; $data = [ 'firstName' => 'first name of user', 'lastName' => 'last name of user', 'email' => 'email of user', 'username' => 'username', 'enabled' => true, 'credentials' => [ [ 'temporary' => true, 'type' => 'password', 'value' => 'value of password.' ] ], ]; (new KisaraUser($config))->update($user_id, $data);
groups
获取属于用户 ID 的用户所属的组。
use RistekUSDI\Kisara\User as KisaraUser; (new KisaraUser($config))->groups($user_id);
resetCredentials
重置用户凭据。
use RistekUSDI\Kisara\User as KisaraUser; $data = array( 'type' => 'password', 'value' => 'value of password', 'temporary' => true, ); (new KisaraUser($config))->resetCredentials($user_id, $data);
UserClientRole
getAvailableRoles
获取用户中客户端角色的可用角色。
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getAvailableRoles($user_id, $client_id);
storeAssignedRoles
将客户端角色的分配角色存储到用户中。
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->storeAssignedRoles($user_id, $client_id, $roles);
getAssignedRoles
从用户中获取客户端角色的分配角色。
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getAssignedRoles($user_id, $client_id);
deleteAssignedRoles
从用户中删除客户端角色的分配角色。
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->deleteAssignedRoles($user_id, $client_id);
getEffectiveRoles
从用户中获取客户端角色的有效角色。
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole; (new KisaraUserClientRole($config))->getEffectiveRoles($user_id, $client_id);
用户组
附加
将一个组附加到用户。
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup; (new KisaraUserGroup($config))->attach($user_id, $group_id);
分离
从用户中分离一个组。
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup; (new KisaraUserGroup($config))->detach($user_id, $group_id);