Überauth Keycloak

Keycloak OAuth2 strategy for Überauth.

Acknowledgements

This repository is based on the work of mtchavez/ueberauth_keycloak.

Installation

1. Add :ueberauth_keycloak_strategy to your list of dependencies in mix.exs:

    def deps do
      [{:ueberauth_keycloak_strategy, "~> 0.2"}]
    end

2. Add the strategy to your applications:

    def application do
      [applications: [:ueberauth_keycloak_strategy]]
    end

3. Add Keycloak to your Überauth configuration:

    config :ueberauth, Ueberauth,
      providers: [
        keycloak: {Ueberauth.Strategy.Keycloak, [default_scope: "read_user"]}
      ]

4. Update your provider configuration:

   config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
     client_id: System.get_env("KEYCLOAK_CLIENT_ID"),
     client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"),
     redirect_uri: System.get_env("KEYCLOAK_REDIRECT_URI")

5. Optionally configure the endpoint URL's so they reflect the correct host and realm:

   config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
     # ... existing config
   
     # adapt host and realm in these URL's
     authorize_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/auth",
     token_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/token",
     userinfo_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/userinfo"

6. Include the Überauth plug in your controller:

   defmodule MyApp.AuthController do
     use MyApp.Web, :controller
   
     pipeline :browser do
       plug Ueberauth
       ...
      end
   end

7. Create the request and callback routes if you haven't already:

   scope "/auth", MyApp do
     pipe_through :browser
   
     get "/:provider", AuthController, :request
     get "/:provider/callback", AuthController, :callback
   end

8. You controller needs to implement callbacks to deal with Ueberauth.Auth and Ueberauth.Failure responses.

For an example implementation see the Überauth Example application on how to integrate other strategies. Adding Keycloak should be similar to Github.

Calling

Depending on the configured url you can initial the request through:

/auth/keycloak

Or with options:

/auth/keycloak?scope=profile

config :ueberauth, Ueberauth,
  providers: [
    keycloak: {
      Ueberauth.Strategy.Keycloak, [
        default_scope: "profile"
      ]
    }
  ]

Documentation

The docs can be found at ueberauth_keycloak on Hex Docs.