Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 86e523d94e | |||
| b4b78b0ab5 | |||
| 50a560b6f4 | |||
| 4a69b5d9fe | |||
| 3aedf851ef | |||
| 338850c5ce | |||
|
ae1a996ace | ||
|
43399b443e | ||
|
|
727ade1a19 | ||
| 88ec7d7bb1 | |||
|
|
8c8ceb1279 | ||
|
|
f11d97ced0 | ||
| fc2d81b9ad |
@@ -5,21 +5,25 @@ namespace ABEL\Bundle\keycloakBearerOnlyAdapterBundle\DependencyInjection;
|
|||||||
|
|
||||||
use Symfony\Component\Config\FileLocator;
|
use Symfony\Component\Config\FileLocator;
|
||||||
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
use Symfony\Component\DependencyInjection\ContainerBuilder;
|
||||||
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
|
use Symfony\Component\DependencyInjection\Extension\Extension;
|
||||||
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
|
use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
|
||||||
|
|
||||||
class ABELkeycloakBearerOnlyAdapterExtension extends Extension
|
class ABELkeycloakBearerOnlyAdapterExtension extends Extension
|
||||||
{
|
{
|
||||||
|
|
||||||
public function load(array $configs, ContainerBuilder $container)
|
public function load(array $configs, ContainerBuilder $container): void
|
||||||
{
|
{
|
||||||
$loader = new XmlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
|
$loader = new PhpFileLoader(
|
||||||
$loader->load('services.xml');
|
$container,
|
||||||
|
new FileLocator(__DIR__ . '/../Resources/config')
|
||||||
|
);
|
||||||
|
$loader->load('services.php');
|
||||||
|
|
||||||
$configuration = $this->getConfiguration($configs, $container);
|
$configuration = $this->getConfiguration($configs, $container);
|
||||||
$config = $this->processConfiguration($configuration, $configs);
|
$config = $this->processConfiguration($configuration, $configs);
|
||||||
|
|
||||||
$definition = $container->getDefinition('abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider');
|
$definition = $container->getDefinition('abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider');
|
||||||
|
|
||||||
$definition->replaceArgument(0, $config['issuer']);
|
$definition->replaceArgument(0, $config['issuer']);
|
||||||
$definition->replaceArgument(1, $config['realm']);
|
$definition->replaceArgument(1, $config['realm']);
|
||||||
$definition->replaceArgument(2, $config['client_id']);
|
$definition->replaceArgument(2, $config['client_id']);
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ use Symfony\Component\Config\Definition\ConfigurationInterface;
|
|||||||
class Configuration implements ConfigurationInterface
|
class Configuration implements ConfigurationInterface
|
||||||
{
|
{
|
||||||
|
|
||||||
public function getConfigTreeBuilder()
|
public function getConfigTreeBuilder(): TreeBuilder
|
||||||
{
|
{
|
||||||
$treeBuilder = new TreeBuilder("abel_keycloak_bearer_only_adapter");
|
$treeBuilder = new TreeBuilder("abel_keycloak_bearer_only_adapter");
|
||||||
|
|
||||||
|
|||||||
@@ -56,6 +56,11 @@ OAUTH_KEYCLOAK_CLIENT_SECRET=my_bearer_client_secret
|
|||||||
###< Abel_keycloak_bearer_only_adapter ###
|
###< Abel_keycloak_bearer_only_adapter ###
|
||||||
...
|
...
|
||||||
```
|
```
|
||||||
|
> Since Keycloak 17 the default distribution is now powered by **Quarkus**, while the legacy **WildFly** powered distribution will still be around until June 2022 <br>
|
||||||
|
> The new distribution introduces a number of breaking changes, including: <br>
|
||||||
|
> - `/auth` removed from the default context path <br>
|
||||||
|
> ⚠️ **If you are using a legacy version make sure to include /auth in OAUTH_KEYCLOAK_ISSUER** <br>
|
||||||
|
> Example: `keycloak:8080/auth`
|
||||||
|
|
||||||
In case of using Keycloak with Docker locally replace **issuer** value with your keycloak container reference in the network
|
In case of using Keycloak with Docker locally replace **issuer** value with your keycloak container reference in the network
|
||||||
|
|
||||||
@@ -103,4 +108,4 @@ To configure keycloak to work with this bundle, [here](./Resources/docs/keycloak
|
|||||||
| V1.0.1 | >=4.0.0 <5.0.0 |
|
| V1.0.1 | >=4.0.0 <5.0.0 |
|
||||||
| V1.1.* (uses old authentication systeme with guard) | >=5.0.0 <6.0.0 |
|
| V1.1.* (uses old authentication systeme with guard) | >=5.0.0 <6.0.0 |
|
||||||
| V1.2.* (uses new authentication systeme) | >=5.3.0 <6.0.0 |
|
| V1.2.* (uses new authentication systeme) | >=5.3.0 <6.0.0 |
|
||||||
| V1.3.* | =6.0.* |
|
| V1.3.* | >=6.0.0 <7.0.0 |
|
||||||
|
|||||||
25
Resources/config/services.php
Normal file
25
Resources/config/services.php
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
|
||||||
|
use ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User\KeycloakBearerUserProvider;
|
||||||
|
|
||||||
|
return static function (ContainerConfigurator $configurator): void {
|
||||||
|
$services = $configurator->services();
|
||||||
|
|
||||||
|
$services
|
||||||
|
->defaults()
|
||||||
|
->autowire()
|
||||||
|
->autoconfigure();
|
||||||
|
|
||||||
|
$services->load('ABEL\\Bundle\\keycloakBearerOnlyAdapterBundle\\', '../../*')
|
||||||
|
->exclude('../../{Entity,Migrations,Tests}');
|
||||||
|
|
||||||
|
// empty args → will be replaced later
|
||||||
|
$services->set('abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider', KeycloakBearerUserProvider::class)
|
||||||
|
->args([null, null, null, null, null]);
|
||||||
|
|
||||||
|
$services->alias(
|
||||||
|
KeycloakBearerUserProvider::class,
|
||||||
|
'abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider'
|
||||||
|
);
|
||||||
|
};
|
||||||
@@ -1,26 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8" ?>
|
|
||||||
<container xmlns="http://symfony.com/schema/dic/services"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://symfony.com/schema/dic/services
|
|
||||||
https://symfony.com/schema/dic/services/services-1.0.xsd">
|
|
||||||
|
|
||||||
<services>
|
|
||||||
<!-- Default configuration for services in *this* file -->
|
|
||||||
<defaults autowire="true" autoconfigure="true"/>
|
|
||||||
|
|
||||||
<!-- makes classes available to be used as services -->
|
|
||||||
<!-- this creates a service per class whose id is the fully-qualified class name -->
|
|
||||||
<prototype namespace="ABEL\Bundle\keycloakBearerOnlyAdapterBundle\" resource="../../*" exclude="../../{Entity,Migrations,Tests}"/>
|
|
||||||
|
|
||||||
<service id="abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider" class="ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User\KeycloakBearerUserProvider">
|
|
||||||
<argument/>
|
|
||||||
<argument/>
|
|
||||||
<argument/>
|
|
||||||
<argument/>
|
|
||||||
<argument/>
|
|
||||||
</service>
|
|
||||||
|
|
||||||
<service id="ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User\KeycloakBearerUserProvider" alias="abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider" />
|
|
||||||
|
|
||||||
</services>
|
|
||||||
</container>
|
|
||||||
@@ -6,7 +6,7 @@ namespace ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User;
|
|||||||
|
|
||||||
use Symfony\Component\Security\Core\User\UserInterface;
|
use Symfony\Component\Security\Core\User\UserInterface;
|
||||||
|
|
||||||
class KeycloakBearerUser implements UserInterface, \Serializable
|
class KeycloakBearerUser implements UserInterface
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
@@ -258,8 +258,11 @@ class KeycloakBearerUser implements UserInterface, \Serializable
|
|||||||
*
|
*
|
||||||
* This is important if, at any given point, sensitive information like
|
* This is important if, at any given point, sensitive information like
|
||||||
* the plain-text password is stored on this object.
|
* the plain-text password is stored on this object.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function eraseCredentials()
|
#[\Deprecated]
|
||||||
|
public function eraseCredentials(): void
|
||||||
{
|
{
|
||||||
// TODO: Implement eraseCredentials() method.
|
// TODO: Implement eraseCredentials() method.
|
||||||
}
|
}
|
||||||
@@ -270,7 +273,7 @@ class KeycloakBearerUser implements UserInterface, \Serializable
|
|||||||
* @return string the string representation of the object or null
|
* @return string the string representation of the object or null
|
||||||
* @since 5.1.0
|
* @since 5.1.0
|
||||||
*/
|
*/
|
||||||
public function serialize()
|
public function __serialize()
|
||||||
{
|
{
|
||||||
return serialize(array(
|
return serialize(array(
|
||||||
$this->sub,
|
$this->sub,
|
||||||
@@ -293,7 +296,7 @@ class KeycloakBearerUser implements UserInterface, \Serializable
|
|||||||
* @return void
|
* @return void
|
||||||
* @since 5.1.0
|
* @since 5.1.0
|
||||||
*/
|
*/
|
||||||
public function unserialize($serialized)
|
public function __unserialize($serialized)
|
||||||
{
|
{
|
||||||
list (
|
list (
|
||||||
$this->sub,
|
$this->sub,
|
||||||
|
|||||||
@@ -83,7 +83,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface{
|
|||||||
* @param string $class
|
* @param string $class
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function supportsClass(string $class)
|
public function supportsClass(string $class): bool
|
||||||
{
|
{
|
||||||
return KeycloakBearerUser::class === $class || is_subclass_of($class, KeycloakBearerUser::class);
|
return KeycloakBearerUser::class === $class || is_subclass_of($class, KeycloakBearerUser::class);
|
||||||
}
|
}
|
||||||
@@ -100,7 +100,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface{
|
|||||||
'base_uri' => $this->issuer,
|
'base_uri' => $this->issuer,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$response = $client->post('/auth/realms/'.$this->realm.'/protocol/openid-connect/token/introspect', [
|
$response = $client->post('/realms/'.$this->realm.'/protocol/openid-connect/token/introspect', [
|
||||||
'auth' => [$this->client_id, $this->client_secret],
|
'auth' => [$this->client_id, $this->client_secret],
|
||||||
'form_params' => [
|
'form_params' => [
|
||||||
'token' => $accessToken,
|
'token' => $accessToken,
|
||||||
|
|||||||
@@ -1,22 +1,22 @@
|
|||||||
{
|
{
|
||||||
"name": "abel/keycloak-bearer-only-adapter-bundle",
|
"name": "tothbt/keycloak-adapter-bundle",
|
||||||
"description": "Keycloak security adapter for bearer only clients",
|
"description": "Keycloak security adapter for bearer only clients",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"type": "symfony-bundle",
|
"type": "symfony-bundle",
|
||||||
"authors": [
|
"authors": [
|
||||||
{
|
{
|
||||||
"name": "Abdellah Elmakhroubi",
|
"name": "Richard Toth",
|
||||||
"email": "abdellah.elmakhroubi@gmail.com"
|
"email": "info@totbt.com"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"minimum-stability": "stable",
|
"minimum-stability": "stable",
|
||||||
"require": {
|
"require": {
|
||||||
"php": ">=7.2.5",
|
"php": ">=8.3",
|
||||||
"symfony/config": "^6.0",
|
"symfony/config": "^6.0 || ^7.0",
|
||||||
"symfony/dependency-injection": "^6.0",
|
"symfony/dependency-injection": "^6.0 || ^7.0",
|
||||||
"symfony/http-kernel": "^6.0",
|
"symfony/http-kernel": "^6.0 || ^7.0",
|
||||||
"symfony/security-bundle": "^6.0",
|
"symfony/security-bundle": "^6.0 || ^7.0",
|
||||||
"guzzlehttp/guzzle": "^6.3",
|
"guzzlehttp/guzzle": "^7",
|
||||||
"ext-json": "*"
|
"ext-json": "*"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
|
|||||||
Reference in New Issue
Block a user