Some Problems with general usage and Keycloak

[niosp]

Hey, I try to use the library with the Keycloak authentication system, but still getting few errors.

I have three files: login.php, index.php and callback.php. The plan is to check if the user is logged in on index.php, if not redirect to login.php which redirects to the keycloak server with authorizationURI. From the keycloak server, the user will be redirected to the callback.php which obtains and validates the token with the given code / secrets from keycloak.

login.php:

<?php
require __DIR__ . '/vendor/autoload.php';
use Facile\OpenIDClient\Client\ClientBuilder;
use Facile\OpenIDClient\Issuer\IssuerBuilder;
use Facile\OpenIDClient\Client\Metadata\ClientMetadata;
use Facile\OpenIDClient\Service\Builder\AuthorizationServiceBuilder;
use Facile\OpenIDClient\Service\Builder\UserInfoServiceBuilder;
use Psr\Http\Message\ServerRequestInterface;

session_start();
$issuer = (new IssuerBuilder())
    ->build('https://domain.com/auth/realms/test/.well-known/openid-configuration');
$clientMetadata = ClientMetadata::fromArray([
    'client_id' => 'test',
    'client_secret' => 'secret',
    'token_endpoint_auth_method' => 'client_secret_basic', 
    'redirect_uris' => [
        'https://domain.com/callback.php',    
    ],
]);
$client = (new ClientBuilder())
    ->setIssuer($issuer)
    ->setClientMetadata($clientMetadata)
    ->build();
$authorizationService = (new AuthorizationServiceBuilder())->build();
$redirectAuthorizationUri = $authorizationService->getAuthorizationUri(
    $client,
    ['response_mode' => 'query'] // custom params
);

callback.php:

<?php
require __DIR__ . '/vendor/autoload.php';
use Facile\OpenIDClient\Client\ClientBuilder;
use Facile\OpenIDClient\Issuer\IssuerBuilder;
use Facile\OpenIDClient\Client\Metadata\ClientMetadata;
use Facile\OpenIDClient\Service\Builder\AuthorizationServiceBuilder;
use Facile\OpenIDClient\Service\Builder\UserInfoServiceBuilder;
use Psr\Http\Message\ServerRequestInterface;

session_start();
$issuer = (new IssuerBuilder())
    ->build('https://domain.com/auth/realms/test/.well-known/openid-configuration');
$clientMetadata = ClientMetadata::fromArray([
    'client_id' => 'test',
    'client_secret' => 'secret',
    'token_endpoint_auth_method' => 'client_secret_basic', // the auth method tor the token endpoint
    'redirect_uris' => [
        'https://domain.com/callback.php',    
    ],
]);
$client = (new ClientBuilder())
    ->setIssuer($issuer)
    ->setClientMetadata($clientMetadata)
    ->build();

$authorizationService = (new AuthorizationServiceBuilder())->build();
$redirectAuthorizationUri = $authorizationService->getAuthorizationUri(
    $client,
    ['login_hint' => 'user_username'] // custom params
);

$serverRequest = null; // get your server request
$callbackParams = $authorizationService->getCallbackParams($serverRequest, $client);
$tokenSet = $authorizationService->callback($client, $callbackParams);

$idToken = $tokenSet->getIdToken(); 
$accessToken = $tokenSet->getAccessToken();
$refreshToken = $tokenSet->getRefreshToken(); 

Error: PHP Fatal error: Uncaught TypeError: Argument 1 passed to Facile\OpenIDClient\Service\AuthorizationService::getCallbackParams() must be an instance of Psr\Http\Message\ServerRequestInterface, null given, called in /var/www/html/callback.php on line 36 and defined in /var/www/html/vendor/facile-it/php-openid-client/src/Service/AuthorizationService.php:121

Maybe someone can help me, I've been trying to solve the error for hours.

Regards

[mikevrind]

@newlord-32 Please read the error, it literally tells you what is wrong.

Argument 1 passed to Facile\OpenIDClient\Service\AuthorizationService::getCallbackParams() must be an instance of Psr\Http\Message\ServerRequestInterface, null given

You are using $serverRequest = null; on line 35. This should be an instance of ServerRequestInterface, not a null value.

I'm not familiar with this library so I can't help you on the details, I just stumbled upon your question searching for an OIDC client :)