Keycloak Service Account library with minimum PHP version 7.2. Adapted from Keycloak REST API.
All class extends a Base class which is a class to get ADMIN_URL, BASE_URL, REALM, authentication to get token, and ACCESS_TOKEN.
composer require ristekusdi/kisara-php
In each class, you need to set a config (array value) to get data you need. Here's the available options:
// First option
$config = [
'admin_url' => 'KEYCLOAK_ADMIN_URL',
'base_url' => 'KEYCLOAK_BASE_URL',
'realm' => 'KEYCLOAK_REALM',
'client_id' => 'KEYCLOAK_CLIENT_ID',
'client_secret' => 'KEYCLOAK_CLIENT_SECRET',
];
// Second option
$config = [
'admin_url' => 'KEYCLOAK_ADMIN_URL',
'base_url' => 'KEYCLOAK_BASE_URL',
'realm' => 'KEYCLOAK_REALM',
'access_token' => 'ACCESS_TOKEN_FROM_SERVICE_ACCOUNTS_OF_CLIENT',
];
Notes: Admin url and base url in your Keycloak may same url or maybe different.
Get all client with or without parameters.
use RistekUSDI\Kisara\Client as KisaraClient;
// With parameters
(new KisaraClient($config))->get([
'clientId' => 'CLIENT_ID_NAME',
'search' => 'true'
]);
// Without parameters
(new KisaraClient($config))->get();
Get a client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient;
(new KisaraClient($config))->findById($client_id);
Store a client.
use RistekUSDI\Kisara\Client as KisaraClient;
$data = [
'enabled' => 'true',
'protocol' => 'openid-connect',
'clientId' => $clientId,
'rootUrl' => $rootUrl,
// Determine if client type is public or confidential
// true = public, false = confidential
'publicClient' => $publicClient,
];
(new KisaraClient($config))->store($data);
Update a client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient;
$data = [
'enabled' => 'true',
'protocol' => 'openid-connect',
'clientId' => $clientId,
'rootUrl' => $rootUrl,
// Determine if client type is public or confidential
// true = public, false = confidential
'publicClient' => $publicClient,
];
(new KisaraClient($config))->update($client_id, $data);
Delete client by id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient;
(new KisaraClient($config))->delete($client_id);
Get service account user from a client with id of client NOT clientId.
use RistekUSDI\Kisara\Client as KisaraClient;
(new KisaraClient($config))->getServiceAccountUser($client_id);
Get current user sessions that belongs to the client.
use RistekUSDI\Kisara\Client as KisaraClient;
// Without param
(new KisaraClient($config))->userSessions($client_id);
$params = [
'first' => '0',
'max' => '10',
];
// With params
(new KisaraClient($config))->userSessions($client_id, $params);
Get roles of client by id of client NOT clientId. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole;
$params = [
'first' => '0',
'max' => '10',
'search' => 'role name of client',
];
(new KisaraClientRole($config))->get($client_id, $params);
Store a role to a client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole;
$data = [
'name' => 'role name of client',
]
(new KisaraClientRole($config))->store($client_id, $data);
Get users from a client role with id of client and role name. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole;
$params = [
'first' => '0',
'max' => '10'
];
(new KisaraClientRole($config))->getUsers($client_id, $role_name, $params);
Get groups from a client role with id of client and role name. Parameters are optional.
use RistekUSDI\Kisara\ClientRole as KisaraClientRole;
$params = [
'first' => '0',
'max' => '10'
];
(new KisaraClientRole($config))->getGroups($client_id, $role_name, $params);
Get client secret of client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret;
(new KisaraClientSecret($config))->get($client_id);
Update client secret of client by id of client NOT clientId.
use RistekUSDI\Kisara\ClientSecret as KisaraClientSecret;
(new KisaraClientSecret($config))->update($client_id);
Get list of devices the user is logged on to.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity;
$config = [
'base_url' => 'BASE_KEYCLOAK_URL',
'realm' => 'KEYCLOAK_REALM',
'access_token' => 'ACCESS_TOKEN_FROM_USER',
];
(new KisaraDeviceActivity($config))->get();
End all logged in session from device.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity;
$config = [
'base_url' => 'BASE_KEYCLOAK_URL',
'realm' => 'KEYCLOAK_REALM',
'access_token' => 'ACCESS_TOKEN_FROM_USER',
];
(new KisaraDeviceActivity($config))->endAllSession();
End logged in session from device by session id.
use RistekUSDI\Kisara\DeviceActivity as KisaraDeviceActivity;
$config = [
'base_url' => 'BASE_KEYCLOAK_URL',
'realm' => 'KEYCLOAK_REALM',
'access_token' => 'ACCESS_TOKEN_FROM_USER',
];
(new KisaraDeviceActivity($config))->endSession($session_id);
Get groups with or without parameters.
use RistekUSDI\Kisara\Group as KisaraGroup;
// With parameters.
$params = [
'first' => '0',
'max' => '10',
'search' => 'name of group',
];
(new KisaraGroup($config))->get($params);
// Without parameters.
(new KisaraGroup($config))->get();
Get a single group by id of group.
use RistekUSDI\Kisara\Group as KisaraGroup;
(new KisaraGroup($config))->findById($group_id);
Store a group.
use RistekUSDI\Kisara\Group as KisaraGroup;
(new KisaraGroup($config))->store(array(
'name' => 'name of group'
));
Delete a group by id of group.
use RistekUSDI\Kisara\Group as KisaraGroup;
(new KisaraGroup($config))->delete($group_id);
Get members of group by id of group. Parameters are optional.
use RistekUSDI\Kisara\Group as KisaraGroup;
// With parameters.
$params = [
'first' => '0',
'max' => '10',
];
(new KisaraGroup($config))->members($group_id, $params);
// Without parameters.
(new KisaraGroup($config))->members($group_id);
Get group role mappings by group id.
use RistekUSDI\Kisara\Group as KisaraGroup;
// Without parameters.
(new KisaraGroup($config))->getRoleMappings($group_id);
Get available roles of client role in a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole;
(new KisaraGroupClientRole($config))->getAvailableRoles($group_id, $client_id);
Store assigned roles of client role to a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole;
(new KisaraGroupClientRole($config))->storeAssignedRoles($group_id, $client_id, $roles);
Get assigned roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole;
(new KisaraGroupClientRole($config))->getAssignedRoles($group_id, $client_id);
Delete assigned roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole;
(new KisaraGroupClientRole($config))->deleteAssignedRoles($group_id, $client_id);
Get effective roles of client role from a group.
use RistekUSDI\Kisara\GroupClientRole as KisaraGroupClientRole;
(new KisaraGroupClientRole($config))->getEffectiveRoles($group_id, $client_id);
Get all key from Keycloak realm settings.
use RistekUSDI\Kisara\Key as KisaraKey;
(new KisaraKey($config))->get();
Get RSA 256 Public Key from Keycloak realm settings.
use RistekUSDI\Kisara\Key as KisaraKey;
(new KisaraKey($config))->getRSA256PublicKey();
Find a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole;
(new KisaraRole($config))->findById($role_id);
Update a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole;
$data = [
'name' => 'role name'
]
(new KisaraRole($config))->update($role_id, $data);
Delete a role by id of role.
use RistekUSDI\Kisara\Role as KisaraRole;
(new KisaraRole($config))->delete($role_id);
Delete session logged in user by session id.
use RistekUSDI\Kisara\Session as KisaraSession;
(new KisaraSession($config))->delete($session_id);
Get users with or without parameters.
use RistekUSDI\Kisara\User as KisaraUser;
// With parameters
$params = [
// Option 1
'username' => 'username',
'exact' => true,
// Option 2
'email' => 'mail of user',
'username' => 'username',
];
(new KisaraUser($config))->get($params);
// Without parameters
(new KisaraUser($config))->get();
Find user by id of user.
use RistekUSDI\Kisara\User as KisaraUser;
(new KisaraUser($config))->findById($user_id);
Store a user.
use RistekUSDI\Kisara\User as KisaraUser;
$data = [
'firstName' => 'first name of user',
'lastName' => 'last name of user',
'email' => 'email of user',
'username' => 'username',
'enabled' => true,
'credentials' => [
[
'temporary' => true,
'type' => 'password',
'value' => 'value of password.'
]
],
];
(new KisaraUser($config))->store($data);
Update a user.
use RistekUSDI\Kisara\User as KisaraUser;
$data = [
'firstName' => 'first name of user',
'lastName' => 'last name of user',
'email' => 'email of user',
'username' => 'username',
'enabled' => true,
'credentials' => [
[
'temporary' => true,
'type' => 'password',
'value' => 'value of password.'
]
],
];
(new KisaraUser($config))->update($user_id, $data);
Get groups belong to user with id of user.
use RistekUSDI\Kisara\User as KisaraUser;
(new KisaraUser($config))->groups($user_id);
Reset user credentials.
use RistekUSDI\Kisara\User as KisaraUser;
$data = array(
'type' => 'password',
'value' => 'value of password',
'temporary' => true,
);
(new KisaraUser($config))->resetCredentials($user_id, $data);
Get available roles of client role in a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole;
(new KisaraUserClientRole($config))->getAvailableRoles($user_id, $client_id);
Store assigned roles of client role to a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole;
(new KisaraUserClientRole($config))->storeAssignedRoles($user_id, $client_id, $roles);
Get assigned roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole;
(new KisaraUserClientRole($config))->getAssignedRoles($user_id, $client_id);
Delete assigned roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole;
(new KisaraUserClientRole($config))->deleteAssignedRoles($user_id, $client_id);
Get effective roles of client role from a user.
use RistekUSDI\Kisara\UserClientRole as KisaraUserClientRole;
(new KisaraUserClientRole($config))->getEffectiveRoles($user_id, $client_id);
Attach a group to a user.
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup;
(new KisaraUserGroup($config))->attach($user_id, $group_id);
Detach a group from a user.
use RistekUSDI\Kisara\UserGroup as KisaraUserGroup;
(new KisaraUserGroup($config))->detach($user_id, $group_id);