[WIP] new Keycloak Login Provider Plugin via OIDC #822
Conversation
| @@ -28,6 +28,7 @@ | |||
| "colinodell/json5": "^2.3", | |||
| "doctrine/annotations": "^1.14.3", | |||
| "guzzlehttp/guzzle": "^7.7", | |||
| "jumbojett/openid-connect-php": "^0.9.10", | |||
There was a problem hiding this comment.
Is it ok to require the OIDC Libary via composer? The Simplesaml Class from other Plugins is not required.
There was a problem hiding this comment.
I would rather not put it there. I try to only keep the dependencies in the main composer.json that will be part of the main distribution via ZIP file, without any plugins. So I don't want to put extra weight in there for this, the SAML or Redis parts. On the servers with those plugins, I do take some extra steps therefore, by manually installing yiisoft/yii2-redis predis/predis simplesamlphp/simplesamlphp after updating the dependencies.
| 'https://keycloak.domain.com', | ||
| 'antragsgruen.domain.com', | ||
| 'supderdupersecret' |
There was a problem hiding this comment.
I would love to set these credentials in the config.json - in the Admin panels would be ok too but if this would ever be the only way to log in (is this even possible right now?) then it would difficult to change these values if ever needed.
There was a problem hiding this comment.
Yea, I don't have a really good way of storing plugin-specific credentials. For the discourse-plugin (✝) I put the configuration in a separate file next to the config.json : https://github.com/CatoTH/antragsgruen/blob/main/plugins/discourse/Module.php#L31
Using the admin panel would work too, using something like https://github.com/CatoTH/antragsgruen/blob/main/plugins/member_petitions/Module.php#L65 , but might be an overkill there
|
Hi, |
|
Yes, I will. But right now I was not able to find some time to work on it again :/ |
I have build a keycloak OpenID Connect Login Plugin. It works, but I have several questions for coding style. I comment on the code snippets for it.