diff --git a/CHANGELOG.md b/CHANGELOG.md index d3dd6073..65e1d172 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## dev +- Enh: Keycloak auth client (e.luhr) - Fix: Social Network Auth (eluhr) ## 1.6.2 Jan 4th, 2024 diff --git a/docs/guides/social-network-authentication.md b/docs/guides/social-network-authentication.md index b8d927ad..9a518021 100644 --- a/docs/guides/social-network-authentication.md +++ b/docs/guides/social-network-authentication.md @@ -46,6 +46,7 @@ The following is the list of clients supported by the module: - **Facebook** - `Da\User\AuthClient\Facebook` - **Github** - `Da\User\AuthClient\Github` - **Google** - `Da\User\AuthClient\Google` +- **Keycloak** - `Da\User\AuthClient\Keycloak` - **LinkedIn** - `Da\User\AuthClient\LinkedIn` - **Twitter** - `Da\User\AuthClient\Twitter` - **VKontakte** - `Da\User\AuthClient\VKontakte` diff --git a/src/User/AuthClient/Keycloak.php b/src/User/AuthClient/Keycloak.php new file mode 100644 index 00000000..78943dca --- /dev/null +++ b/src/User/AuthClient/Keycloak.php @@ -0,0 +1,55 @@ + [ + * 'authClientCollection' => [ + * 'class' => 'yii\authclient\Collection', + * 'clients' => [ + * 'keycloak' => [ + * 'class' => 'yii\authclient\clients\Keycloak', + * 'clientId' => 'keycloak_client_id', + * 'clientSecret' => 'keycloak_client_secret', + * 'issuerUrl' => 'http://keycloak/realms/your-realm', + * ], + * ], + * ] + * // ... + * ] + * ``` +*/ +class Keycloak extends OpenIdConnect implements AuthClientInterface +{ + /** + * {@inheritdoc} + */ + public function getEmail() + { + // claim from email scope + return $this->getUserAttributes()['email'] ?? null; + } + + /** + * {@inheritdoc} + */ + public function getUserName() + { + // claim from profile scope + return $this->getUserAttributes()['preferred_username'] ?? $this->getEmail(); + } + + /** + * {@inheritdoc} + */ + public function getUserId() + { + return $this->getUserAttributes()['sub'] ?? null; + } +}