Download the PHP package dmstr/yii2-usuario-keycloak without Composer
On this page you can find all versions of the php package dmstr/yii2-usuario-keycloak. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package yii2-usuario-keycloak
Yii2 usuario keycloak client
Installation
Install the package via composer
For the installation of usuario see usuario docs
Setup
To run a keycloak using Docker (compose) please see docker-compose.keycloak.yml in the docker folder
For local development you should add keycloak-local to your /etc/hosts like this: 127.0.0.1 keycloak-local
You may need to replace 127.0.0.1 with your docker ip
Configuration
This part of config is mandatory. With this we add keycloak as a "social network"
Enable front channel logout from keycloak when user logs out in app
Only allow login to users with verified emails
Disabled the sending of a welcome message when a user is from keycloak
If you do not want to allow identity switching. This is recommended because potential RBAC Roles with the TokenRoleRule may not work correctly
Logout the user if the keycloak token is expired
This only works in a web application so add your config accordingl and needs some slight modifications to your user component. You can copy and use this example or extend your existing user compoent.
Change the login url so the site redirect you directly to the keycloak login page
User identity to use in rest calls
We suggest to use the JwtHttpBearerAuth from bizley/yii2jwt for this. You can
use the following example to implement it in your user
Using the identity class
Generate the keys for the jwt
if you only want to use validation and parsing you can configure the jwt component like this.
In combination with a Keycloak, the value KEYCLOAK_PUBLIC_KEY_FILE should be that from the Keycloak Public Key
When using the JwtHttpBearerAuth ensure that cors is before the authenticator in the behaviors of your controller
or module and all access controll stuff is after.
Auto submit social account registration confirm form
TokenRoleRule
This rule allows you to assign roles to users based on the roles they have in keycloak. This is useful if you want to use keycloak as a single source of truth for your user roles. Note that the role names in keycloak must match the role and should be assiged to any logged in user.
All versions of yii2-usuario-keycloak with dependencies
2amigos/yii2-usuario Version ^1.6.3
web-token/jwt-library Version ^3.4