remove /auth from Keycloak Token URL

README.md

@@ -27,7 +27,6 @@ abel_keycloak_bearer_only_adapter:
     realm: '%env(OAUTH_KEYCLOAK_REALM)%' # your keycloak realm name
     client_id: '%env(OAUTH_KEYCLOAK_CLIENT_ID)%' # your keycloak client id
     client_secret: '%env(OAUTH_KEYCLOAK_CLIENT_SECRET)%' # your keycloak client secret
-    #ssl_verification: False # by default ssl_verification is set to False
 ```
 The best practice is to load your configuration from **.env** file.
 
@@ -35,10 +34,10 @@ The best practice is to load your configuration from **.env** file.
 # .env
 ...
 ###> Keycloak ###
-OAUTH_KEYCLOAK_ISSUER=http://keycloak.local:8080
-OAUTH_KEYCLOAK_REALM=my_realm
-OAUTH_KEYCLOAK_CLIENT_ID=my_bearer_client
-OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
+KEYCLOAK_ISSUER=http://keycloak.local:8080
+KEYCLOAK_REALM=my_realm
+KEYCLOAK_CLIENT_ID=my_bearer_client
+KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
 ###< Keycloak ###
 ...
 ```
@@ -78,6 +77,3 @@ security:
     access_control:
         - { path: ^/api/, roles: ROLE_API }
 ```
-### Keycloak configuration
-
-To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak-config-guide.md) is a step by step documentation for a basic configuration of keycloak.

Resources/docs/keycloak-config-guide.md

@@ -1,42 +0,0 @@
-# Keycloak Configuration guide
-
-### Create a realm
-
-We assume that you already have a realm, if not you can create a realm from the Administration UI, go to ```Realm list > Add realm```
-
-![Create a realm](screenshots/create-a-realm.png)
-
-it will appear in the realm list after creation.
-
-### Create a client
-
-You must define a client that will configure the scope of your application security.
-Make sure you already are in your newly created realm and create a new client by going in ```Configure > Clients > Create```.
-
-![Create a client](screenshots/create-a-client.png)
-
-Once created, you can configure it by going in ``` Configure > Clients > [Your client]```
-Here is a sample configuration that work with our bundle :
-
-![Configure client](screenshots/config-client.png)
-> Note that the client Access type is bearer-only.
-
-### Create roles
- 
- In keycloak, roles are an abstraction of permissions for our application (used in security.yaml).
- In our case we need to define a role named **ROLE_API**
- 
- You can configure it in ```Configure > Clients > [Your client] > Roles```
- 
- ![Create a role](screenshots/create-a-role.png)
- 
- ### Assign a role to a user
-
-Last but not least we need to affect our role to our users.
-
-To add role, go to ```Manage > Users > View all users > [Some User] > Role Mappings```.
-
-* In the **Client Roles** dropdown, select your client that contains our role(s).
-* Select Roles in **Available Roles** list, then click **Add selected** to assign role to the user.
-
-And your all done, now you can use your client to secure your API.

Security/Authenticator/KeycloakBearerAuthenticator.php

@@ -212,4 +212,4 @@ class KeycloakBearerAuthenticator extends AbstractGuardAuthenticator
     {
         return trim(preg_replace('/^(?:\s+)?[B-b]earer\s/', '', $token));
     }
-}
+}

composer.json

@@ -11,11 +11,11 @@
     ],
     "minimum-stability": "stable",
     "require": {
-        "php": "^7.2.5|^8.0",
-        "symfony/config": "^5.0",
-        "symfony/dependency-injection": "^5.0",
-        "symfony/http-kernel": "^5.0",
-        "symfony/security-bundle": "^5.0",
+        "php": "^7.1",
+        "symfony/config": "^4.0",
+        "symfony/dependency-injection": "^4.0",
+        "symfony/http-kernel": "^4.0",
+        "symfony/security-bundle": "^4.0",
         "guzzlehttp/guzzle": "^6.3",
         "ext-json": "*"
     },