This repository has been archived by the owner on Feb 1, 2024. It is now read-only.
forked from fschmtt/keycloak-rest-api-client-php
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from castoredc/allow-all-clients-CI
Modify the forked repository for Castor Identity purposes
- Loading branch information
Showing
12 changed files
with
225 additions
and
192 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,61 +1,61 @@ | ||
{ | ||
"name": "fschmtt/keycloak-rest-api-client-php", | ||
"description": "PHP client to interact with Keycloak's Admin REST API.", | ||
"type": "library", | ||
"require": { | ||
"php": "^8.1", | ||
"ext-json": "*", | ||
"guzzlehttp/guzzle": "^7.3", | ||
"lcobucci/jwt": "^4.1" | ||
}, | ||
"require-dev": { | ||
"phpmetrics/phpmetrics": "^2.7", | ||
"phpstan/phpstan": "^1.10", | ||
"symplify/easy-coding-standard": "^11.1", | ||
"ramsey/uuid": "^4.7", | ||
"phpunit/phpunit": "^10" | ||
}, | ||
"autoload": { | ||
"psr-4": { | ||
"Fschmtt\\Keycloak\\": "src" | ||
} | ||
}, | ||
"autoload-dev": { | ||
"psr-4": { | ||
"Fschmtt\\Keycloak\\Test\\": "tests" | ||
} | ||
}, | ||
"license": "mit", | ||
"authors": [ | ||
{ | ||
"name": "Frederik Schmitt", | ||
"email": "frederik.schmitt96@gmail.com" | ||
} | ||
], | ||
"scripts": { | ||
"analyze": [ | ||
"@phpstan", | ||
"@psalm" | ||
], | ||
"ecs": "vendor/bin/ecs check", | ||
"ecs:fix": "vendor/bin/ecs check --fix", | ||
"phpstan": "vendor/bin/phpstan analyze", | ||
"psalm": "vendor/bin/psalm", | ||
"test": [ | ||
"@test:unit", | ||
"@test:integration" | ||
], | ||
"test:unit": "vendor/bin/phpunit --testsuite unit", | ||
"test:integration": "vendor/bin/phpunit --testsuite integration" | ||
}, | ||
"scripts-descriptions": { | ||
"analyze": "Run phpstan and psalm analysis", | ||
"ecs": "Run ECS", | ||
"ecs:fix": "Fix ECS errors", | ||
"phpstan": "Run phpstan", | ||
"psalm": "Run psalm", | ||
"test": "Run unit and integration tests", | ||
"test:unit": "Run unit tests", | ||
"test:integration": "Run integration tests (requires a fresh and running Keycloak instance)" | ||
"name": "fschmtt/keycloak-rest-api-client-php", | ||
"description": "PHP client to interact with Keycloak's Admin REST API.", | ||
"type": "library", | ||
"require": { | ||
"php": "^8.1", | ||
"ext-json": "*", | ||
"guzzlehttp/guzzle": "^7.3", | ||
"lcobucci/jwt": "^4.1" | ||
}, | ||
"require-dev": { | ||
"phpmetrics/phpmetrics": "^2.7", | ||
"phpstan/phpstan": "^1.10", | ||
"symplify/easy-coding-standard": "^11.1", | ||
"ramsey/uuid": "^4.7", | ||
"phpunit/phpunit": "^10" | ||
}, | ||
"autoload": { | ||
"psr-4": { | ||
"Fschmtt\\Keycloak\\": "src" | ||
} | ||
}, | ||
"autoload-dev": { | ||
"psr-4": { | ||
"Fschmtt\\Keycloak\\Test\\": "tests" | ||
} | ||
}, | ||
"license": "mit", | ||
"repositories": [ | ||
{ | ||
"type": "composer", | ||
"url": "https://satis.castoredc.net/" | ||
} | ||
], | ||
"scripts": { | ||
"analyze": [ | ||
"@phpstan", | ||
"@psalm" | ||
], | ||
"ecs": "vendor/bin/ecs check", | ||
"ecs:fix": "vendor/bin/ecs check --fix", | ||
"phpstan": "vendor/bin/phpstan analyze", | ||
"psalm": "vendor/bin/psalm", | ||
"test": [ | ||
"@test:unit", | ||
"@test:integration" | ||
], | ||
"test:unit": "vendor/bin/phpunit --testsuite unit", | ||
"test:integration": "vendor/bin/phpunit --testsuite integration" | ||
}, | ||
"scripts-descriptions": { | ||
"analyze": "Run phpstan and psalm analysis", | ||
"ecs": "Run ECS", | ||
"ecs:fix": "Fix ECS errors", | ||
"phpstan": "Run phpstan", | ||
"psalm": "Run psalm", | ||
"test": "Run unit and integration tests", | ||
"test:unit": "Run unit tests", | ||
"test:integration": "Run integration tests (requires a fresh and running Keycloak instance)" | ||
} | ||
} |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<?php | ||
|
||
namespace Fschmtt\Keycloak\Http\Client; | ||
|
||
use Psr\Http\Message\ResponseInterface; | ||
|
||
interface Client | ||
{ | ||
/** | ||
* @param array<string, mixed> $options | ||
*/ | ||
public function request(string $method, string $path = '', array $options = []): ResponseInterface; | ||
|
||
public function isAuthorized(): bool; | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
<?php | ||
|
||
namespace Fschmtt\Keycloak\Http\Client; | ||
|
||
use DateTime; | ||
use Fschmtt\Keycloak\Keycloak; | ||
use Fschmtt\Keycloak\OAuth\TokenStorageInterface; | ||
use GuzzleHttp\ClientInterface; | ||
|
||
use Psr\Http\Message\ResponseInterface; | ||
|
||
abstract class KeycloakClient implements Client | ||
{ | ||
public function __construct( | ||
protected readonly Keycloak $keycloak, | ||
protected readonly ClientInterface $httpClient, | ||
protected readonly TokenStorageInterface $tokenStorage, | ||
) | ||
{ | ||
} | ||
|
||
/** | ||
* @param array<string, mixed> $options | ||
*/ | ||
public function request(string $method, string $path = '', array $options = []): ResponseInterface | ||
{ | ||
if (!$this->isAuthorized()) { | ||
$this->authorize(); | ||
} | ||
|
||
$defaultOptions = [ | ||
'base_uri' => $this->keycloak->getBaseUrl(), | ||
'headers' => [ | ||
'Authorization' => 'Bearer ' . $this->tokenStorage->retrieveAccessToken()->toString(), | ||
], | ||
]; | ||
|
||
$options = array_merge_recursive($options, $defaultOptions); | ||
|
||
return $this->httpClient->request( | ||
$method, | ||
$this->keycloak->getBaseUrl() . $path, | ||
$options | ||
); | ||
} | ||
|
||
public function isAuthorized(): bool | ||
{ | ||
return $this->tokenStorage->retrieveAccessToken() !== null && !$this->tokenStorage->retrieveAccessToken()->isExpired(new DateTime()); | ||
} | ||
|
||
protected abstract function authorize(): void; | ||
|
||
/** | ||
* @return array{access_token: string} | ||
*/ | ||
protected abstract function fetchTokens(): array; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
<?php | ||
|
||
namespace Fschmtt\Keycloak\Http\Client; | ||
|
||
use Fschmtt\Keycloak\Keycloak; | ||
use Fschmtt\Keycloak\OAuth\TokenStorageInterface; | ||
use GuzzleHttp\ClientInterface; | ||
use Lcobucci\JWT\Encoding\JoseEncoder; | ||
use Lcobucci\JWT\Token; | ||
|
||
class RealmClient extends KeycloakClient | ||
{ | ||
public function __construct( | ||
Keycloak $keycloak, | ||
ClientInterface $httpClient, | ||
TokenStorageInterface $tokenStorage, | ||
private readonly string $realm, | ||
) | ||
{ | ||
parent::__construct($keycloak, $httpClient, $tokenStorage); | ||
} | ||
|
||
/** | ||
* @return array{access_token: string} | ||
*/ | ||
protected function fetchTokens(): array | ||
{ | ||
$response = $this->httpClient->request( | ||
'POST', | ||
$this->keycloak->getBaseUrl() . sprintf('/realms/%s/protocol/openid-connect/token', $this->realm), | ||
[ | ||
'form_params' => [ | ||
'client_id' => $this->keycloak->getClientId(), | ||
'client_secret' => $this->keycloak->getClientSecret(), | ||
'grant_type' => 'client_credentials', | ||
], | ||
] | ||
); | ||
|
||
$tokens = json_decode( | ||
$response->getBody()->getContents(), | ||
true, | ||
flags: JSON_THROW_ON_ERROR, | ||
); | ||
|
||
return ['access_token' => $tokens['access_token']]; | ||
} | ||
|
||
protected function authorize(): void | ||
{ | ||
$tokens = $this->fetchTokens(); | ||
$parser = (new Token\Parser(new JoseEncoder())); | ||
|
||
$this->tokenStorage->storeAccessToken($parser->parse($tokens['access_token'])); | ||
} | ||
} |
Oops, something went wrong.