https://github.com/pedrofurtado/keycloak-connect-ruby
https://github.com/pedrofurtado/keycloak-connect-ruby
Last synced: about 1 month ago
JSON representation
- Host: GitHub
- URL: https://github.com/pedrofurtado/keycloak-connect-ruby
- Owner: pedrofurtado
- Created: 2024-02-14T22:48:11.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-02-16T11:06:17.000Z (about 1 year ago)
- Last Synced: 2025-03-04T13:37:42.186Z (about 2 months ago)
- Language: Ruby
- Size: 5.86 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Keycloak connect ruby
```ruby
require 'logger'
KeycloakConnectRuby.configure do |c|
c.url = 'http://keycloak_server:8080'
c.realm = 'my-company'
c.client_id = 'my-sinatra-app'
c.client_secret = 'dsfgfdgfdgfd'
c.logger = Logger.new(STDOUT) # Or Rails.logger
c.proxy = nil
end
class MyApiController < ApplicationController
before_action :keycloak_authenticate_and_check_role!
def current_user
KeycloakConnectRuby::User.from_token(keycloak_token)
end
private
def keycloak_token
KeycloakConnectRuby::Token.validate_and_decode(bearer_token)
end
def bearer_token
request.authorization&.to_s&.gsub(/^Bearer /, "")
end
def keycloak_authenticate_and_check_role!
unless current_user.has_role?('my-role-name')
render json: { error: 'your message here' }, status: :unauthorized
end
rescue KeycloakConnectRuby::Errors::Token::ExpiredError => e
# ...
rescue KeycloakConnectRuby::Errors::Token::NoProvidedError => e
# ...
rescue KeycloakConnectRuby::Errors::Token::InvalidFormatError => e
# ...
end
def generate_keycloak_token_for_api_calls
# Client Credentials Grant flow
KeycloakConnectRuby::Token.generate_from_client_credentials
# Resource Owner Password Credentials flow (or Direct Grant flow)
KeycloakConnectRuby::Token.generate_from_password_credentials('username here', 'password here')
end
end
```