{"id":13411369,"url":"https://github.com/BackendStack21/keycloak-backend","last_synced_at":"2025-03-14T17:30:43.404Z","repository":{"id":60931665,"uuid":"95303274","full_name":"BackendStack21/keycloak-backend","owner":"BackendStack21","description":"Keycloak Node.js minimalist connector for backend services integration. ","archived":false,"fork":false,"pushed_at":"2023-08-09T21:11:47.000Z","size":132,"stargazers_count":70,"open_issues_count":3,"forks_count":17,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-05-20T03:19:47.111Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BackendStack21.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-24T14:39:55.000Z","updated_at":"2024-06-18T15:33:47.927Z","dependencies_parsed_at":"2024-06-18T15:33:44.266Z","dependency_job_id":"023a7f50-3680-4b40-937a-cf2c1f20d3c3","html_url":"https://github.com/BackendStack21/keycloak-backend","commit_stats":{"total_commits":52,"total_committers":6,"mean_commits":8.666666666666666,"dds":0.4423076923076923,"last_synced_commit":"a8c0e300d495d8a3229c512b8a3af9f1167881d5"},"previous_names":["jkyberneees/keycloak-backend"],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BackendStack21%2Fkeycloak-backend","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BackendStack21%2Fkeycloak-backend/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BackendStack21%2Fkeycloak-backend/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BackendStack21%2Fkeycloak-backend/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BackendStack21","download_url":"https://codeload.github.com/BackendStack21/keycloak-backend/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243618601,"owners_count":20320265,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:13.188Z","updated_at":"2025-03-14T17:30:43.096Z","avatar_url":"https://github.com/BackendStack21.png","language":"TypeScript","readme":"# keycloak-backend\n[![NPM version](https://badgen.net/npm/v/keycloak-backend)](https://www.npmjs.com/package/keycloak-backend)\n[![NPM Total Downloads](https://badgen.net/npm/dt/keycloak-backend)](https://www.npmjs.com/package/keycloak-backend)\n[![License](https://badgen.net/npm/license/keycloak-backend)](https://www.npmjs.com/package/keycloak-backend)\n[![TypeScript support](https://badgen.net/npm/types/keycloak-backend)](https://www.npmjs.com/package/keycloak-backend)\n[![Github stars](https://badgen.net/github/stars/BackendStack21/keycloak-backend?icon=github)](https://github.com/BackendStack21/keycloak-backend.git)\n\n\u003cimg src=\"logo.svg\" width=\"400\"\u003e  \n\nKeycloak Node.js minimalist connector for backend services integration. It aims to serve as base for high performance authorization middlewares.\n\n\u003e In order to use this module, the used Keycloak client `Direct Access Grants Enabled` setting should be `ON`\n\n## Keycloak Introduction\nThe awesome open-source Identity and Access Management solution develop by RedHat.\nKeycloak support those very nice features you are looking for:\n- Single-Sign On\n- LDAP and Active Directory\n- Standard Protocols\n- Social Login\n- Clustering\n- Custom Themes\n- Centralized Management\n- Identity Brokering\n- Extensible\n- Adapters\n- High Performance\n- Password Policies\n\nMore about Keycloak: http://www.keycloak.org/\n\n## Using the keycloak-backend module\n### Configuration\n```js\nconst Keycloak = require('keycloak-backend').Keycloak\nconst keycloak = new Keycloak({\n  \"realm\": \"realm-name\",\n  \"keycloak_base_url\": \"https://keycloak.example.org\",\n  \"client_id\": \"super-secure-client\",\n  \"username\": \"user@example.org\",\n  \"password\": \"passw0rd\",\n  \"is_legacy_endpoint\": false\n})\n```\n\u003e The `is_legacy_endpoint` configuration property should be TRUE for older Keycloak versions (under 18)\n\nFor TypeScript:\n```ts\nimport { Keycloak } from \"keycloak-backend\"\nconst keycloak = new Keycloak({\n  \"realm\": \"realm-name\",\n  \"keycloak_base_url\": \"https://keycloak.example.org\",\n  \"client_id\": \"super-secure-client\",\n  \"username\": \"user@example.org\",\n  \"password\": \"passw0rd\",\n  \"is_legacy_endpoint\": false\n})\n```\n\n### Generating access tokens\n```js\nconst accessToken = await keycloak.accessToken.get()\n```\nOr:\n```js\nrequest.get('http://service.example.org/api/endpoint', {\n  'auth': {\n    'bearer': await keycloak.accessToken.get()\n  }\n})\n```\n\n### Validating access tokens\n#### Online validation\nThis method requires online connection to the Keycloak service to validate the access token. It is highly secure since it also check for possible token invalidation. The disadvantage is that a request to the Keycloak service happens on every validation:\n```js\nconst token = await keycloak.jwt.verify(accessToken)\n//console.log(token.isExpired())\n//console.log(token.hasRealmRole('user'))\n//console.log(token.hasApplicationRole('app-client-name', 'some-role'))\n```\n\n#### Offline validation\nThis method perform offline JWT verification against the access token using the Keycloak Realm public key. Performance is higher compared to the online method, as a disadvantage no access token invalidation on Keycloak server is checked:\n```js\nconst cert = fs.readFileSync('public_cert.pem')\nconst token = await keycloak.jwt.verifyOffline(accessToken, cert)\n//console.log(token.isExpired())\n//console.log(token.hasRealmRole('user'))\n//console.log(token.hasApplicationRole('app-client-name', 'some-role'))\n```\n\n## Breaking changes\n### v4\n- Codebase migrated from JavaScript to TypeScript. Many thanks to @neferin12\n\n### v3\n- The `UserManager` class was dropped\n- The `auth-server-url` config property was changed to `keycloak_base_url`\n- Most recent Keycloak API is supported by default, old versions are still supported through the `is_legacy_endpoint` config property\n","funding_links":[],"categories":["Web Development","TypeScript"],"sub_categories":["Javascript"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBackendStack21%2Fkeycloak-backend","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBackendStack21%2Fkeycloak-backend","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBackendStack21%2Fkeycloak-backend/lists"}