feat: Add keycloak API endpoints

doobry-systemli commented 4 months ago

Meant to be used by our custom keycloak user provider that queries userli for users and credential validation.

Todo

[x] Refactor event listeners to not break stateless firewall
[x] Tests for API endpoints (Behat or PHPUnit)

How to test

Comment out stateless: true (currently broken) in security.yaml
Set KEYCLOAK_API=1 in .env.local

List users: curl --header "Authorization: Bearer insecure" 'http://192.168.60.99/api/keycloak?domain=example.org&search=user'

Get user: curl --header "Authorization: Bearer insecure" 'http://192.168.60.99/api/keycloak/user/user@example.org?domain=example.org'

Validate credentials: curl -X POST -i --header "Authorization: Bearer insecure" --data "domain=example.org" --data "password=password" 'http://192.168.60.99/api/keycloak/validate/user@example.org'

doobry-systemli commented 4 months ago

I think I addressed all the remarks from review. Unit tests for KeycloakController are now also added.

sonarcloud[bot] commented 3 months ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
90.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

systemli / userli