tothbt/keycloak-bundle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tothbt:v1.2.0
Branches Tags
tothbt:master tothbt:2.0 tothbt:develop
tothbt:v2.0.0 tothbt:v1.3.2 tothbt:v1.2.2 tothbt:v1.1.1 tothbt:v1.0.2 tothbt:v1.3.1 tothbt:v1.3.0 tothbt:v1.2.1 tothbt:v1.2.0 tothbt:v1.1.0 tothbt:v1.0.1
..
compare: tothbt:v1.3.0
Branches Tags
tothbt:2.0 tothbt:master tothbt:develop
tothbt:v2.0.0 tothbt:v1.3.2 tothbt:v1.2.2 tothbt:v1.1.1 tothbt:v1.0.2 tothbt:v1.3.1 tothbt:v1.3.0 tothbt:v1.2.1 tothbt:v1.2.0 tothbt:v1.1.0 tothbt:v1.0.1

15 Commits
v1.2.0 ... v1.3.0

Author SHA1 Message Date
El. Abdellah
87909a1c15 Update README.md 2022-03-06 19:36:11 +01:00
El. Abdellah
f254ab52ac Merge pull request #6 from el-abdel/develop 
Add compatibility with Symfony V6
 2022-03-06 19:34:25 +01:00
el-abdel
570008ab6e fix compatibility 2022-03-06 18:49:47 +01:00
abdel
1f88ce8cb0 add compatibility with sf6 2022-03-06 18:28:33 +01:00
El. Abdellah
f2e6a6b4cb Update README.md 2022-03-06 18:07:16 +01:00
El. Abdellah
eec425222b Update ABELkeycloakBearerOnlyAdapterBundle.php 2022-03-06 17:17:43 +01:00
El. Abdellah
30bcc70c4f Merge pull request #5 from el-abdel/fix/deprecation 
fix deprecated response
 2022-03-06 15:26:32 +01:00
El. Abdellah
e719e3c6ff fix support method check 2022-03-01 17:39:54 +01:00
El. Abdellah
20015218a0 fix deprecated response 2022-02-28 14:06:43 +01:00
El. Abdellah
23de5882b0 Update README.md 2022-02-25 09:37:02 +01:00
El. Abdellah
56fba70416 Update README.md 2022-02-24 17:51:04 +01:00
El. Abdellah
f3d64ef323 Update README.md 2022-02-24 17:47:40 +01:00
El. Abdellah
ea95d68fb0 edit readme file 2022-01-03 11:03:16 +01:00
El. Abdellah
d1494427f2 Update README.md 2021-12-17 09:42:48 +01:00
El. Abdellah
c05aae70da Update README.md 2021-12-17 09:41:34 +01:00
7 changed files with 36 additions and 16 deletions
Expand all files Collapse all files

6
ABELkeycloakBearerOnlyAdapterBundle.php
View File

@@ -5,11 +5,15 @@ namespace ABEL\Bundle\keycloakBearerOnlyAdapterBundle;
use ABEL\Bundle\keycloakBearerOnlyAdapterBundle\DependencyInjection\ABELkeycloakBearerOnlyAdapterExtension; use ABEL\Bundle\keycloakBearerOnlyAdapterBundle\DependencyInjection\ABELkeycloakBearerOnlyAdapterExtension;
use Symfony\Component\DependencyInjection\Extension\ExtensionInterface;
use Symfony\Component\HttpKernel\Bundle\Bundle; use Symfony\Component\HttpKernel\Bundle\Bundle;
class ABELkeycloakBearerOnlyAdapterBundle extends Bundle class ABELkeycloakBearerOnlyAdapterBundle extends Bundle
{ {
public function getContainerExtension() /**
* @return ExtensionInterface|null
*/
public function getContainerExtension(): ?ExtensionInterface
{ {
if (null === $this->extension) { if (null === $this->extension) {
$this->extension = new ABELkeycloakBearerOnlyAdapterExtension(); $this->extension = new ABELkeycloakBearerOnlyAdapterExtension();

2
DependencyInjection/ABELkeycloakBearerOnlyAdapterExtension.php
View File

@@ -27,7 +27,7 @@ class ABELkeycloakBearerOnlyAdapterExtension extends Extension
$definition->replaceArgument(4, $config['ssl_verification']); $definition->replaceArgument(4, $config['ssl_verification']);
} }
public function getAlias() public function getAlias(): string
{ {
return 'abel_keycloak_bearer_only_adapter'; return 'abel_keycloak_bearer_only_adapter';
} }

28
README.md
View File

@@ -5,10 +5,15 @@ This Symfony bundle is an adapter that allows securing API using keycloak Bearer
## Installation ## Installation
> Befor installing the bundle, automatic packages configuration can be activated with the following command:
> ```
> composer config extra.symfony.allow-contrib true
> ```
With composer: With composer:
``` ```
$ composer require abel/keycloak-bearer-only-adapter-bundle composer require abel/keycloak-bearer-only-adapter-bundle
``` ```
## Configuration ## Configuration
@@ -17,6 +22,15 @@ If you want to set up keycloak locally you can download it [here](https://www.ke
### Bundle configuration ### Bundle configuration
#### Via a recipe (Automatic)
This bundle hase a Symfony recipe that allow the automation of configuration via the Symfony Flex Composer plugin.
To enable recipe for your project, run the following command:
```
composer config extra.symfony.allow-contrib true
```
#### Manual
Having a running keycloak locally or in Docker and already configured a client with **Access Type = bearer-only** Having a running keycloak locally or in Docker and already configured a client with **Access Type = bearer-only**
here is the configuration to use: here is the configuration to use:
@@ -35,7 +49,7 @@ The best practice is to load your configuration from **.env** file.
# .env # .env
... ...
###> Abel_keycloak_bearer_only_adapter ### ###> Abel_keycloak_bearer_only_adapter ###
OAUTH_KEYCLOAK_ISSUER=http://keycloak.local:8080 OAUTH_KEYCLOAK_ISSUER=keycloak:8080
OAUTH_KEYCLOAK_REALM=my_realm OAUTH_KEYCLOAK_REALM=my_realm
OAUTH_KEYCLOAK_CLIENT_ID=my_bearer_client OAUTH_KEYCLOAK_CLIENT_ID=my_bearer_client
OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
@@ -45,10 +59,10 @@ OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
In case of using Keycloak with Docker locally replace **issuer** value with your keycloak container reference in the network In case of using Keycloak with Docker locally replace **issuer** value with your keycloak container reference in the network
For example, you can use the container IPAdresse, that you can get using this command: For example, you can use the service name, or container IPAdresse that you can get using this command:
``` ```
$ docker inspect <container id> | grep "IPAddress" docker inspect <container id> | grep "IPAddress"
``` ```
### Symfony security configuration ### Symfony security configuration
@@ -76,6 +90,7 @@ security:
access_control: access_control:
- { path: ^/api/, roles: ROLE_API } - { path: ^/api/, roles: ROLE_API }
``` ```
> :information_source: Referring to Symfony [documentation](https://symfony.com/doc/5.3/security.html#roles), roles must start with **ROLE_** (otherwise, things won't work as expected)
### Keycloak configuration ### Keycloak configuration
To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak-config-guide.md) is a step by step documentation for a basic configuration of keycloak. To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak-config-guide.md) is a step by step documentation for a basic configuration of keycloak.
@@ -86,5 +101,6 @@ To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak
| Bundle Version | Symfony Version | | Bundle Version | Symfony Version |
| ------------------------------------------------------|--------------------| | ------------------------------------------------------|--------------------|
| V1.0.1 | >=4.0.0 <5.0.0 | | V1.0.1 | >=4.0.0 <5.0.0 |
| V1.1.0 (uses old authentication systeme with guard) | >=5.0.0 <6.0.0 | | V1.1.* (uses old authentication systeme with guard) | >=5.0.0 <6.0.0 |
| V1.2.0 (uses new authentication systeme) | >=5.3.0 <6.0.0 | | V1.2.* (uses new authentication systeme) | >=5.3.0 <6.0.0 |
| V1.3.* | =6.0.* |

4
Security/Authenticator/KeycloakBearerAuthenticator.php
View File

@@ -11,7 +11,7 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException; use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator; use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface; use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport; use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
class KeycloakBearerAuthenticator extends AbstractAuthenticator class KeycloakBearerAuthenticator extends AbstractAuthenticator
@@ -31,7 +31,7 @@ class KeycloakBearerAuthenticator extends AbstractAuthenticator
return true; return true;
} }
public function authenticate(Request $request): PassportInterface public function authenticate(Request $request): Passport
{ {
$token = $request->headers->get('Authorization'); $token = $request->headers->get('Authorization');
if (null === $token || empty($token)) { if (null === $token || empty($token)) {

2
Security/User/KeycloakBearerUser.php
View File

@@ -202,7 +202,7 @@ class KeycloakBearerUser implements UserInterface, \Serializable
* *
* @return array (Role|string)[] The user roles * @return array (Role|string)[] The user roles
*/ */
public function getRoles() public function getRoles(): array
{ {
return $this->roles; return $this->roles;
} }

2
Security/User/KeycloakBearerUserProvider.php
View File

@@ -85,7 +85,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface{
*/ */
public function supportsClass(string $class) public function supportsClass(string $class)
{ {
return KeycloakBearerUser::class === $class || is_subclass_of(KeycloakBearerUser, User::class); return KeycloakBearerUser::class === $class || is_subclass_of($class, KeycloakBearerUser::class);
} }

8
composer.json
View File

@@ -12,10 +12,10 @@
"minimum-stability": "stable", "minimum-stability": "stable",
"require": { "require": {
"php": ">=7.2.5", "php": ">=7.2.5",
"symfony/config": "^5.3", "symfony/config": "^6.0",
"symfony/dependency-injection": "^5.3", "symfony/dependency-injection": "^6.0",
"symfony/http-kernel": "^5.3", "symfony/http-kernel": "^6.0",
"symfony/security-bundle": "^5.3", "symfony/security-bundle": "^6.0",
"guzzlehttp/guzzle": "^6.3", "guzzlehttp/guzzle": "^6.3",
"ext-json": "*" "ext-json": "*"
}, },