1. Go to this page and download the library: Download klsoft/yii2-keycloak-authz library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
klsoft / yii2-keycloak-authz example snippets
namespace MyNamespace;
use Klsoft\Yii2KeycloakAuthz\KeycloakRepositoryInterface;
use Klsoft\Yii2KeycloakAuthz\PermissionTicketResult;
use Klsoft\Yii2KeycloakAuthz\PermissionTicketResponse;
final class KeycloakRepository implements KeycloakRepositoryInterface
{
public function __construct(
private string $realm,
private string $realmUri)
{
}
public function getPermissionTicket(string $accessToken, array $permissions): PermissionTicketResult
{
$url = "$this->realmUri/authz/protection/permission";
$options = [
'http' => [
'ignore_errors' => true,
'method' => 'POST',
'header' => [
'Content-type: application/json',
"Authorization: Bearer $accessToken"],
'content' => json_encode($permissions)
],
];
$responseData = file_get_contents($url, false, stream_context_create($options));
$responseStatusCode = $this->getHttpResponseStatusCode($http_response_header[0]);
if (!empty($responseData)) {
$responseArr = json_decode($responseData, true);
if (isset($responseArr['ticket'])) {
return new PermissionTicketResult(
new PermissionTicketResponse(
$this->realm,
$this->realmUri,
$responseArr['ticket']));
}
return new PermissionTicketResult(null, $responseStatusCode, $responseArr);
}
return new PermissionTicketResult(null, $responseStatusCode);
}
private function getHttpResponseStatusCode(string $responseHeader): int
{
if (preg_match("/^HTTP\/[\d.]+\s+(\d{3})\s.*$/", $responseHeader, $matches)) {
return intval($matches[1]);
}
return 0;
}
}
use yii\rest\Controller;
use Klsoft\Yii2JwtAuth\HttpJwtAuth;
use Klsoft\Yii2KeycloakAuthz\Authorization;
use Klsoft\Yii2KeycloakAuthz\Permission;
class ProductController extends Controller
{
public function __construct(
private HttpJwtAuth $httpJwtAuth,
private Authorization $authz,
private ProductPresenterInterface $productPresenter)
{
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authentication'] = $this->httpJwtAuth;
$behaviors['authorization'] = $this->authz;
return $behaviors;
}
#[Permission(
'product',
['create']
)]
public function actionCreate()
{
return $this->productPresenter->createProduct(Yii::$app->getRequest());
}
}
#[Permission(
'product',
['create'],
['organization' => ['acme']]
)]
public function actionCreate()
#[Permission(
'product',
['create'],
['organization' => [
'__container_entry_identifier',
OrganizationPresenterInterface::class,
'getOrganizationName',
['__request']]
]
)]
public function actionCreate()
use yii\rest\Controller;
use Klsoft\Yii2JwtAuth\HttpJwtAuth;
use Klsoft\Yii2KeycloakAuthz\Authorization;
use Klsoft\Yii2KeycloakAuthz\Permission;
final class ProductController extends Controller
{
public function __construct(
private HttpJwtAuth $httpJwtAuth,
private Authorization $authz,
private ProductPresenterInterface $productPresenter)
{
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authentication'] = $this->httpJwtAuth;
$behaviors['authorization'] = $this->authz->withPermissions([
new Permission(
'product',
['create']
),
new Permission(
'product',
['update']
)
]);
return $behaviors;
}
}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.