https://github.com/dasniko/keycloak-extensions-demo
Demos, examples and playground for Keycloak extensions, providers, SPI implementations, etc.
https://github.com/dasniko/keycloak-extensions-demo
examples extensions iam java keycloak oidc spi sso
Last synced: 4 months ago
JSON representation
Demos, examples and playground for Keycloak extensions, providers, SPI implementations, etc.
- Host: GitHub
- URL: https://github.com/dasniko/keycloak-extensions-demo
- Owner: dasniko
- License: apache-2.0
- Created: 2021-11-17T14:52:13.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2025-06-10T05:12:00.000Z (4 months ago)
- Last Synced: 2025-06-10T06:23:07.728Z (4 months ago)
- Topics: examples, extensions, iam, java, keycloak, oidc, spi, sso
- Language: Java
- Homepage: http://keycloak-experte.de
- Size: 558 KB
- Stars: 374
- Watchers: 15
- Forks: 122
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Keycloak Extensions Demo
Demos, examples and playground for [Keycloak](https://www.keycloak.org) extensions, providers, SPI implementations, etc.
[](https://github.com/dasniko/keycloak-extensions-demo/actions/workflows/maven.yml)
[](https://www.keycloak.org)
[](https://github.com/dasniko/keycloak-extensions-demo/stargazers)
[](https://github.com/dasniko/keycloak-extensions-demo/forks)
>Provided _AS-IS_ - no warranties, no guarantees.
>Just for demonstration purposes only!
This repository contains the following extensions, and probably (most likely 😉) more...
## Keycloak User Storage Provider
[Flintstones](./flintstones-userprovider) - Demo user storage provider, providing some members of the Flintstones family, through an HTTP-base API and in writable mode, also possible to add new users.
## Keycloak Authenticators
[MagicLink Authenticator](./magiclink) - demo authenticator which sends a magic link to the user with which the user can login without needing to provide a password.
[Various Authenticators](./authenticators) - various demo authenticators.
[Conditional Authenticators](./conditional-authenticators) - conditions for authenticators which will decide upon
* a header and given value (or negated value) if `true`/`false`
* an authentication session note and given value (or negated value) if `true`/`false`
* and others
## Keycloak Event Listeners
### Session Restrictor
[Highlander](./event-listener) - demo event listener for Keycloak, allowing only the last session to survive (_Highlander mode - there must only be one!_), if a user logs in on multiple browsers/devices.
_(This was for long time not possible in Keycloak ootb, thus this event listener; since KC v19(?) this is natively supported.)_
### Event Forwarder
[AWS SNS Publisher](./event-listener) - demo event listener for Keycloak, simply forwarding/publishing all events to an AWS SNS topic.
### User Attribute Updater
[LastLoginTime](./event-listener) - demo event listener for Keycloak, storing the most recent login time in an user attribute.
## Custom Keycloak OIDC protocol token mapper
[LuckyNumberMapper](./tokenmapper) - example custom token mapper for Keycloak using the OIDC protocol.
## Keycloak REST endpoint/resource extension
[Custom Rest Resource](./rest-endpoint) - demo implementation for custom REST resources within Keycloak, public (unauthenticated) and secured (authenticated) endpoints.
## Custom Required Action
[MobileNumberRequiredAction](./requiredaction) - example which enforces the user to update its mobile phone number, if not already set.
## Custom Email Template & Sender Provider
[Email Provider](./email) for custom templates in JSON format (no actual emal, but for processing through external/3rd party services) and sending emails via a vendor specific (here: AWS SES) protocol, instead of SMTP.
## Demo Docker Compose Environment
There's a `docker-compose.yml` definition to use with Docker Compose. No Warranties, use at your own risk and fortune, I'm not giving any support to this!
Build and run all the stuff with:
& ./mvnw clean package -DskipTests && docker compose up