Merge pull request #537 from dmstr-forks/master

Added Keycloak as a new Auth Client

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ## dev
 
+- Enh: Keycloak auth client (e.luhr)
 - Fix: Social Network Auth (eluhr)
 
 ## 1.6.2 Jan 4th, 2024

docs/guides/social-network-authentication.md

@@ -46,6 +46,7 @@ The following is the list of clients supported by the module:
 - **Facebook** - `Da\User\AuthClient\Facebook`
 - **Github** - `Da\User\AuthClient\Github`
 - **Google** - `Da\User\AuthClient\Google`
+- **Keycloak** - `Da\User\AuthClient\Keycloak`
 - **LinkedIn** - `Da\User\AuthClient\LinkedIn`
 - **Twitter** - `Da\User\AuthClient\Twitter`
 - **VKontakte** - `Da\User\AuthClient\VKontakte`

src/User/AuthClient/Keycloak.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace Da\User\AuthClient;
+
+use Da\User\Contracts\AuthClientInterface;
+use yii\authclient\OpenIdConnect;
+
+/**
+ * Example application configuration:
+ *
+ * ```php
+ * 'components' => [
+ *     'authClientCollection' => [
+ *         'class' => 'yii\authclient\Collection',
+ *         'clients' => [
+ *             'keycloak' => [
+ *                 'class' => 'yii\authclient\clients\Keycloak',
+ *                 'clientId' => 'keycloak_client_id',
+ *                 'clientSecret' => 'keycloak_client_secret',
+ *                 'issuerUrl' => 'http://keycloak/realms/your-realm',
+ *             ],
+ *         ],
+ *     ]
+ *     // ...
+ * ]
+ * ```
+*/
+class Keycloak extends OpenIdConnect implements AuthClientInterface
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function getEmail()
+    {
+        // claim from email scope
+        return $this->getUserAttributes()['email'] ?? null;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getUserName()
+    {
+        // claim from profile scope
+        return $this->getUserAttributes()['preferred_username'] ?? $this->getEmail();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getUserId()
+    {
+        return $this->getUserAttributes()['sub'] ?? null;
+    }
+}