{"id":27230616,"url":"https://github.com/ops4j/org.ops4j.pax.keycloak","last_synced_at":"2025-04-10T13:30:15.619Z","repository":{"id":41784901,"uuid":"114357694","full_name":"ops4j/org.ops4j.pax.keycloak","owner":"ops4j","description":"Pax Keycloak","archived":false,"fork":false,"pushed_at":"2023-01-13T01:54:38.000Z","size":58,"stargazers_count":7,"open_issues_count":5,"forks_count":5,"subscribers_count":56,"default_branch":"master","last_synced_at":"2024-04-13T16:08:25.504Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ops4j.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-12-15T10:18:39.000Z","updated_at":"2022-05-25T14:57:31.000Z","dependencies_parsed_at":"2023-02-09T14:01:22.465Z","dependency_job_id":null,"html_url":"https://github.com/ops4j/org.ops4j.pax.keycloak","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ops4j%2Forg.ops4j.pax.keycloak","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ops4j%2Forg.ops4j.pax.keycloak/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ops4j%2Forg.ops4j.pax.keycloak/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ops4j%2Forg.ops4j.pax.keycloak/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ops4j","download_url":"https://codeload.github.com/ops4j/org.ops4j.pax.keycloak/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248225704,"owners_count":21068078,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-04-10T13:30:14.891Z","updated_at":"2025-04-10T13:30:15.590Z","avatar_url":"https://github.com/ops4j.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"Pax Keycloak\n============\n\nPax Keycloak aimed at providing support for [Keycloak](http://www.keycloak.org) in [Apache Karaf](https://karaf.apache.org).\n\n## Rationale\n\nThe reason behind this project was to provide these Karaf features:\n\n* pax-keycloak-http-jetty\n* pax-keycloak-http-tomcat\n* pax-keycloak-http-undertow\n\nThese features provided an integration point between pax-web and Keycloak.\n\n## Change\n\nEverything has changes (and became simpler) with [PAXWEB-1161](https://ops4j1.jira.com/browse/PAXWEB-1161) issue that _reverted_\nthe dependency between pax-web and Keycloak.\n\nNew pax-web's `org.ops4j.pax.web.service.AuthenticatorService` is now implemented by Keycloak itself and detected by pax-web using service locator pattern.\n\nKeycloak ships 3 jars that include `/META-INF/services/org.ops4j.pax.web.service.AuthenticatorService` service:\n* org.keycloak:keycloak-pax-web-jetty94\n* org.keycloak:keycloak-pax-web-tomcat8\n* org.keycloak:keycloak-pax-web-undertow\n\nspecial pax-keycloak project is no longer needed.\n\nKeycloak documentation related to integration with pax web is [in the section for Fuse 7 in official documentation](https://www.keycloak.org/docs/latest/securing_apps/index.html#_fuse7_adapter).\n\nExamples (specific to Fuse 7, but should work on plain Karaf as well) related to pax-web and keycloak integration\n[can be found here](https://github.com/jboss-fuse/karaf-quickstarts/tree/7.x.redhat-7-x/security/keycloak).\n\n## Examples\n\nIn order to run examples, we'll use Apache Karaf 4.2.3, Keycloak 4.5.0.Final (least version where integration works without issues) and Camel 2.23.0.\n\nIn Karaf, we have to add Keycloak (use Keycloak 4.5.0.Final or newer) and Camel feature repositories:\n\n    karaf@root()\u003e feature:repo-add mvn:org.keycloak/keycloak-osgi-features/4.5.0.Final/xml/features\n    Adding feature url mvn:org.keycloak/keycloak-osgi-features/4.5.0.Final/xml/features\n    karaf@root()\u003e feature:repo-add mvn:org.apache.camel.karaf/apache-camel/2.23.0/xml/features\n    Adding feature url mvn:org.apache.camel.karaf/apache-camel/2.23.0/xml/features\n\nIntegration with Jetty and Tomcat should work as well, but we'll use Undertow:\n\n    karaf@root()\u003e feature:install pax-http-undertow\n\n## Simple HttpService example\n\n`keycloak-httpservice` example shows the most fundamental integration, where plain `javax.servlet.http.HttpServlet` instance is registered using OSGi Http Service.\n\nAfter building project using `mvn clean install -Phttpservice-named`, we can install the bundle in Karaf (there's also profile `httpservice-default` - more details in [keycloak-httpservice/README.md](keycloak-httpservice/README.md):\n\n    karaf@root()\u003e install mvn:org.ops4j.pax.keycloak.quickstarts/keycloak-httpservice/1.0.0\n    Bundle ID: 126\n    karaf@root()\u003e start 126\n    karaf@root()\u003e      \n\nAssuming that Keycloak is running on localhost:8180 and required realm is prepared in Keycloak (to configured Keycloak itself, please refer to [official documentation](https://www.keycloak.org/docs/latest/)), where:\n\n* realm name is `karaf`\n* there's client `hs-info` Keycloak _client_ configured with:\n  * standard flow enabled\n  * access type: `public`\n  * Valid redirect URIs: `http://localhost:8181/*`\n  * Base URL: `http://localhost:8181/`\n  * Web Origins: `+`\n  * Role: `admin`\n\nWe have to create `${karaf.etc}/app1-keycloak.json` file with:\n\n    {\n        \"realm\": \"karaf\",\n        \"auth-server-url\": \"http://localhost:8180/auth\",\n        \"ssl-required\": \"external\",\n        \"resource\": \"hs-info\",\n        \"public-client\": true,\n        \"use-resource-role-mappings\": true,\n        \"confidential-port\": 0,\n        \"principal-attribute\": \"preferred_username\"\n    }\n\nWith the above configuration, we can browse to http://localhost:8181/app1/info and see a login page from Keycloak. After logging in there should be a page presented that shows details about user from Keycloak.\n\n## Camel example\n\nHere's an example of how to integrate pax-web, keycloak, and Camel. `keycloak-camel-blueprint` shows how\nCamel integrates with keycloak and pax-web.\n\nAfter building project using `mvn clean install`, we can install the bundle in Karaf (more details in [keycloak-camel-blueprint/README.md](keycloak-camel-blueprint/README.md))):\n\nInstall Camel features and `keycloak-pax-http-undertow`:\n\n    karaf@root()\u003e feature:install camel\n    karaf@root()\u003e feature:install camel-undertow\n    karaf@root()\u003e feature:install -v keycloak-pax-http-undertow\n\nNow we're ready to install Camel application that uses Keycloak integration.\n\n    karaf@root()\u003e install mvn:org.ops4j.pax.keycloak.quickstarts/keycloak-camel-blueprint/1.0.0\n    Bundle ID: 128\n    karaf@root()\u003e start 128\n\nAssuming that Keycloak is running on localhost:8180 and required realm is prepared in Keycloak (to configured Keycloak itself, please refer to [official documentation](https://www.keycloak.org/docs/latest/)), where:\n\n* realm name is `karaf`\n* there's client `camel-undertow-endpoint` Keycloak _client_ configured with:\n  * direct access grants flow enabled\n  * access type: `confidential`\n  * Base URL: `http://localhost:8383/`\n  * Role: `admin`\n  * secret: `f591a8ae-5a82-40de-9190-ea84ceca05a7`\n\nwe can run `org.ops4j.pax.keycloak.quickstarts.camel.CamelClientTest.accessCamelRoute` JUnit test that shows how to access such route programmatically. The JUnit test shows how to perform _OAuth2 dance_ to get a token and use this token to access Camel route.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fops4j%2Forg.ops4j.pax.keycloak","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fops4j%2Forg.ops4j.pax.keycloak","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fops4j%2Forg.ops4j.pax.keycloak/lists"}