通过 
搜索
搜索ristekusdi / rbac-connector
IMISSU2 RBAC 连接器
v2.0.6
2022-12-27 07:36 UTC
Requires
- php: ^7.2.5|^8.0.2
README
IMISSU2 RBAC 连接器与 Keycloak。
需求
- 您的客户端类型必须是保密的,才能获取客户端密钥。
- 在 IMISSU2 中启用服务帐户以从 RBAC 连接器获取数据。
- 在 IMISSU2 的客户端页面服务帐户选项卡中分配角色。
什么是服务帐户?
服务帐户是一种特殊类型的提供者帐户(例如 Google、Keycloak 等),旨在代表需要身份验证和授权以访问提供者 API 中的数据的非人类用户。
设置
- 创建文件
.env并设置RBAC_CONNECTOR_HOST_URL、KEYCLOAK_CLIENT_ID和KEYCLOAK_CLIENT_SECRET的值。
RBAC_CONNECTOR_HOST_URL=<imissu2-website> KEYCLOAK_CLIENT_ID=<keycloak-client-id> KEYCLOAK_CLIENT_SECRET=<keycloak-client-secret>
- 使用以下命令安装包。
composer require ristekusdi/rbac-connector
常见用例
以下是您需要使用此包的常见用例。
获取用户和总用户数
<?php use RistekUSDI\RBAC\Connector\Connector; /** * $users_raw return data type array of users with field id, firstName, lastName, email, username, and attributes. * * Params: first, max, search, q. All parameters are optional * * $start = pagination offset (default 0) * $max = maximum result size (default 10) * $search = you can search by firstName, lastName, email, and username * * Values of parameter 'q' are: * - unud_user_type_id:1 * - unud_user_type_id:2 * - unud_user_type_id:3 * */ $users_raw = (new Connector())->getUsers(array( 'first' => $start, 'max' => $length, 'search' => $search, // key "q" is optional 'q' => 'unud_user_type_id:2 unud_user_type_id:3' )); /** * $total_users return data type integer * * Parameters: search, q. All parameters are optional. * * $search = you can search by firstName, lastName, email, and username * Values of parameter 'q' are: * - unud_user_type_id:1 * - unud_user_type_id:2 * - unud_user_type_id:3 * */ $total_users = (new Connector())->totalUsers(array( 'search' => $search, // key "q" is optional 'q' => 'unud_user_type_id:2 unud_user_type_id:3' ));
存储用户
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Store user * @param $data (user entity) */ (new Connector())->storeUser($data);
显示用户
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Show user by username * * */ $user = (new Connector())->showUser($username);
更新用户
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Update user by username * @param $username, $data (user entity) * */ $user = (new Connector())->showUser($username, $data);
将用户分配给客户端角色
<?php use RistekUSDI\RBAC\Connector\Connector; /** * * Params: user_id, client_id, and roles. All parameters are required. * * $user_id = id of user NOT id_sso * $client_id = client_id from value $_SERVER['KEYCLOAK_CLIENT_ID'] or config('sso.client_id') * $roles = array of role_name * */ (new Connector())->syncAssignedUserClientRoles($user_id, $client_id, $roles);
获取客户端角色
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Get client roles. * * @param $clientId string (required) * @param $roles array (optional) * * Note: $roles array come from your DB app. * Example: $roles = ['Administrator', 'Mahasiswa', 'Dosen', 'Pegawai']; * */ (new Connector())->getClientRoles($clientId, $roles = array());
在客户端中创建角色
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Store role into client. * * Parameters: client_id, role_name. All parameters are required. * * $client_id = client_id from value $_SERVER['KEYCLOAK_CLIENT_ID'] or config('sso.client_id') * $role_name = role name * */ (new Connector())->storeClientRole($client_id, $role_name);
在客户端中更新角色名称
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Update role name in a client. * * Parameters: client_id, previous_role_name, current_role_name. All parameters are required. * * $client_id = client_id from value $_SERVER['KEYCLOAK_CLIENT_ID'] or config('sso.client_id') * $previous_role_name = previous role name * $current_role_name = current role name * */ (new Connector())->updateClientRoleName($client_id, $previous_role_name, $current_role_name);
从客户端中删除角色
<?php use RistekUSDI\RBAC\Connector\Connector; /** * Delete role from client. * * Parameters: client_id, role_name. All parameters are required. * * $client_id = client_id from value $_SERVER['KEYCLOAK_CLIENT_ID'] or config('sso.client_id') * $role_name = role name * */ (new Connector())->deleteClientRole($client_id, $role_name);