Skip to content

Latest commit

 

History

History
57 lines (41 loc) · 3.77 KB

README.md

File metadata and controls

57 lines (41 loc) · 3.77 KB

Keycloak Admin Client Adapter

Build Maven Central License Maintenance

This adapter provides convenience methods to register and login users to keycloak. It's based on the official keycloak admin client to work with a keycloak server from a microprofile based microservice.

MP-Config-Parameter:

The following required configuration must be provided by the 'microprofile-config.properties'

Keycloak adapter configuration {KeycloakAdapterConfiguration.java}

The adapter configuration configures the 'keycloak-admin-client' to interact with the keycloak for user management.

keycloak.adapter.serverUrl=<KEYCLOAK_URL: default = no valid default, default = no default, example = "http://localhost:8282/auth">
keycloak.adapter.masterRealm=<KEYCLOAK_MASTER_REALM: default = "master", example = "master">
keycloak.adapter.admin.clientId=<KEYCLOAK_REALM_CLIENT_ID: default = "admin-cli", example = "admin-cli">
keycloak.adapter.admin.username=<KEYCLOAK_REALM_USER: default = no valid default, example = "admin">
keycloak.adapter.admin.password=<KEYCLOAK_REALM_PASSWORD: default = no valid default, example = "keycloak">
keycloak.adapter.grantType=<KEYCLOAK_GRANT_TYPE: default = "password", example = "password">
keycloak.adapter.connectionPoolSize=<KEYCLOAK_CONNECTION_POOL_SIZE: default = "5", example = "5">

Keycloak key configuration {KeycloakKeyConfiguration.java}

The key configuration will be required to create and verify a double-opt-in link (based on JWT)

keycloak.keyPair.filename.publicKey=<KEYCLOAK_PUBLIC_KEY_FILENAME: default = no valid default, example = "public.key">
keycloak.keyPair.filename.privateKey=<KEYCLOAK_PRIVATE_KEY_FILENAME: default = no valid default, example = "private.key">
keycloak.keyPair.tokenSecret=<KEYCLOAK_PUBLIC_TOKEN_SECRET: default = no valid default, example = bg601f81f747428166e90541603frade>
keycloak.keyPair.algorithm=<KEYCLOAK_KEY_ALGORITHM: default = "RSA", example = "RSA">

Keycloak service configuration {KeycloakServiceConfiguration.java}

The service configuration will be used to configure the realm and client the user will be created or updated or login

keycloak.serivce.realm=<KEYCLOAK_REALM: default = no valid default, example = "MicroProfile">
keycloak.service.clientId=<KEYCLOAK_REALM_CLIENT_ID: default = no valid default, example = "web_application">

Keycloak registration service configuration {KeycloakRegistrationServiceConfiguration.java}

The registration configuration configures the registration service to use double opt in or requires the role access by keycloak extension (the keycloak creates a realm role with the clientId name as value to allow access to a client). The tokenLifeTime and tokenTimeUnit configuration sets the token lifetime.

keycloak.registration.mode=<KEYCLOAK_REGISTRATION_MODE: default = "DEFAULT", example = "DOUBLE_OPT_IN">
keycloak.registration.roleRequire=<KEYCLOAK_REGISTRATION_ROLE_REQUIRED: default = "DEFAULT", example = "ROLE">
keycloak.registration.tokenLifeTime=<KEYCLOAK_REGISTRATION_TOKEN_LIFE_TIME: default = "5", example = "5">
keycloak.registration.tokenTimeUnit=<KEYCLOAK_REGISTRATION_TOKEN_TIME_UNIT: default = "MINUTES", example = "MINUTES">