https://github.com/dsferruzza/actix-web-middleware-keycloak-auth

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak
https://github.com/dsferruzza/actix-web-middleware-keycloak-auth

actix-web actix-web-middleware authentication jwt keycloak middleware rust

Last synced: 17 days ago
JSON representation

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak

• Host: GitHub
• URL: https://github.com/dsferruzza/actix-web-middleware-keycloak-auth
• Owner: dsferruzza
• License: mit
• Created: 2020-11-24T23:51:46.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2024-09-29T10:09:33.000Z (10 months ago)
• Last Synced: 2025-05-26T17:47:15.004Z (about 2 months ago)
• Topics: actix-web, actix-web-middleware, authentication, jwt, keycloak, middleware, rust
• Language: Rust
• Homepage:
• Size: 150 KB
• Stars: 34
• Watchers: 3
• Forks: 11
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# actix-web-middleware-keycloak-auth

[![LICENSE](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)

![Build and test](https://github.com/dsferruzza/actix-web-middleware-keycloak-auth/workflows/Build%20and%20test/badge.svg)

![Lint](https://github.com/dsferruzza/actix-web-middleware-keycloak-auth/workflows/Lint/badge.svg)

[![Crates.io Version](https://img.shields.io/crates/v/actix-web-middleware-keycloak-auth.svg)](https://crates.io/crates/actix-web-middleware-keycloak-auth)

[![Documentation](https://docs.rs/actix-web-middleware-keycloak-auth/badge.svg)](https://docs.rs/actix-web-middleware-keycloak-auth)

A middleware for [Actix Web](https://actix.rs/) that handles authentication with a JWT emitted by [Keycloak](https://www.keycloak.org/).

## Features

- Actix Web middleware

- deny HTTP requests that do not provide a valid JWT (or choose to allow them and handle the authentication state from a following middleware)

- require one or several Keycloak realm or client roles to be included in the JWT

- error HTTP responses sent from the middleware can have generic bodies as well as detailed error reasons

- access JWT claims from handlers (for example: get the ID of the authenticated user)

- parse custom JWT claims (using Serde)

- access parsed roles from handlers (every Keycloak role contained in the JWT)

- compatible with [paperclip](https://crates.io/crates/paperclip) using the `paperclip_compat` feature

- store auth status in request-local data instead of returning a HTTP response (so that the next middleware/handler can try another auth mechanism, for example)

## Usage

- [Documentation](https://docs.rs/actix-web-middleware-keycloak-auth)

- [Examples](examples/)

## License

MIT License Copyright (c) 2020 David Sferruzza