A simple Passport strategy for using Keycloak as IDP using OAuth2.
npm install passport-keycloak-oauth
Register the strategy
var KeycloakStrategy = require('passport-keycloak-oauth').Strategy;
passport.use(
new KeycloakStrategy(
{
realm: 'master',
keycloakBaseURL: 'http://localhost:8080',
clientID: KEYCLOAK_CLIENT_ID,
clientSecret: KEYCLOAK_CLIENT_SECREY,
callbackURL: 'http://127.0.0.1:3000/auth/keycloak/callback',
scope: ['email', 'profile'],
},
function (accessToken, refreshToken, profile, done) {
// asynchronous verification, for effect...
process.nextTick(function () {
// To keep the example simple, the user's profile is returned to
// represent the logged-in user. In a typical application, you would want
// to associate the Keycloak account with a user record in your database,
// and return that user instead.
return done(null, profile);
});
}
)
);and then authenticate as:
app.get(
'/auth/keycloak',
passport.authenticate('keycloak', { state: 'SOME STATE' }),
function (req, res) {
// The request will be redirected to Keycloak for authentication, so this
// function will not be called.
}
);the login callback:
app.get(
'/auth/keycloak/callback',
passport.authenticate('keycloak', {
successRedirect: '/',
failureRedirect: '/login',
})
);See this for details on Keycloak API.
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. You can send me an email on amandesai01@gmail.com.
This project is licensed under the MIT license.