Keycloak OAuth2 strategy for Überauth.
This repository is based on the work of mtchavez/ueberauth_keycloak.
Add :ueberauth_keycloak_strategy
to your list of dependencies in mix.exs
:
def deps do
[{:ueberauth_keycloak_strategy, "~> 0.2"}]
end
Add the strategy to your applications:
def application do
[applications: [:ueberauth_keycloak_strategy]]
end
Add Keycloak to your Überauth configuration:
config :ueberauth, Ueberauth,
providers: [
keycloak: {Ueberauth.Strategy.Keycloak, [default_scope: "read_user"]}
]
Update your provider configuration:
config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
client_id: System.get_env("KEYCLOAK_CLIENT_ID"),
client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"),
redirect_uri: System.get_env("KEYCLOAK_REDIRECT_URI")
Optionally configure the endpoint URL's so they reflect the correct host and realm:
config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
# ... existing config
# adapt host and realm in these URL's
authorize_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/auth",
token_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/token",
userinfo_url: "<http://localhost:8080>/realms/<my-realm>/protocol/openid-connect/userinfo"
Include the Überauth plug in your controller:
defmodule MyApp.AuthController do
use MyApp.Web, :controller
pipeline :browser do
plug Ueberauth
...
end
end
Create the request and callback routes if you haven't already:
scope "/auth", MyApp do
pipe_through :browser
get "/:provider", AuthController, :request
get "/:provider/callback", AuthController, :callback
end
You controller needs to implement callbacks to deal with Ueberauth.Auth
and Ueberauth.Failure
responses.
For an example implementation see the Überauth Example application on how to integrate other strategies. Adding Keycloak should be similar to Github.
Depending on the configured url you can initial the request through:
/auth/keycloak
Or with options:
/auth/keycloak?scope=profile
config :ueberauth, Ueberauth,
providers: [
keycloak: {
Ueberauth.Strategy.Keycloak, [
default_scope: "profile"
]
}
]
The docs can be found at ueberauth_keycloak on Hex Docs.