Skip to content

Keycloak Guard for Laravel is a middleware package that provides authentication and authorization functionality for Laravel applications using the Keycloak open-source identity and access management system. This package offers an easy-to-use solution for integrating Keycloak with Laravel, allowing developers to protect routes and control access to

License

Notifications You must be signed in to change notification settings

hussein4alaa/keycloak-guard-laravel

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Keycloak Guard Laravel Package

The keycloak-guard-laravel package provides an integration between the Keycloak authentication server and a Laravel application. It allows you to use Keycloak as the authentication provider for your Laravel application.

image

Installation You can install the package using Composer:

composer require g4t/keycloak

now publish config file run following command

php artisan vendor:publish

and select g4t\Keycloak\KeycloakGuardServiceProvider provider

Configuration

To configure the package, you need to add your Keycloak server details to your Laravel .env file:

K_REALM_PUBLIC_KEY=
K_LOAD_USER_FROM_DATABASE=true # get user data from database or keycloak
K_USER_PROVIDER_CREDENTIAL=username # This setting specifies the unique column name in your user provider table that will be used to retrieve the user's credentials for authentication.
K_TOKEN_PRINCIPAL_ATTRIBUTE=preferred_username # This setting specifies the key name for the attribute in the Keycloak token that will be used to check against the unique column specified in K_USER_PROVIDER_CREDENTIAL. The attribute should contain the user's unique identifier, such as a username or email address.
K_TOKEN_EXPIRED=false # Enable this when you are sure that you have set the Keycloak server time correctly.

You also need to configure your Laravel application to use the keycloak guard. To do this, add the following to your config/auth.php file:

'guards' => [
    // Other guards...
    
    'keycloak' => [
        'driver' => 'keycloak',
        'provider' => 'users',
    ],
],

'providers' => [
    // Other providers...
    
    'users' => [
        'driver' => 'keycloak',
    ],
],

Usage

Once the package is installed and configured, you can use the keycloak guard to authenticate users in your Laravel application. To authenticate a user, you can use the Auth::guard('keycloak')->attempt($credentials) method, where $credentials is an array of user credentials.

For example:

return auth('keycloak')->attempt([
      'url' => 'http://localhost:8080',
      'realm' => 'realm-name',
      'username' => 'username',
      'password' => 1234,
      'client_id' => 'client_id',
      'client_secret' => 'client_secret',
      'grant_type' => 'password',
]);

You can also use the auth('keycloak')->check() method to check if the user is authenticated:

if (auth('keycloak')->check()) {
    // User is authenticated
} else {
    // User is not authenticated
}

About

Keycloak Guard for Laravel is a middleware package that provides authentication and authorization functionality for Laravel applications using the Keycloak open-source identity and access management system. This package offers an easy-to-use solution for integrating Keycloak with Laravel, allowing developers to protect routes and control access to

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages