Skip to content

vymalo/keycloak-webhook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits

.github

.github

 
 

gradle/wrapper

gradle/wrapper

 
 

openapi

openapi

 
 

src/main

src/main

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

Dev.Dockerfile

Dev.Dockerfile

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle.kts

build.gradle.kts

 
 

docker-compose.yaml

docker-compose.yaml

 
 

gradle.properties

gradle.properties

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

settings.gradle.kts

settings.gradle.kts

 
 

Repository files navigation

Webhooks from Keycloak

This plugin call a webhook whenever an event is created from within Keycloak.

Configuration

  • WEBHOOK_EVENTS_TAKEN (optional) is the list of events created from Keycloak, that are listened by the plugin. Example: "LOGIN,REGISTER,LOGOUT". If not specified, will take all.

Using the http client

  • WEBHOOK_HTTP_BASE_PATH is the endpoint where the webhook request is going to be sent. Example: https://localhost:3000
  • WEBHOOK_HTTP_AUTH_USERNAME (optional) is the basic auth username. Example "admin".
  • WEBHOOK_HTTP_AUTH_PASSWORD (optional) is the basic auth password. Example "password".

Using the AMQP client

This part is heavily inspired from the keycloak-event-listener-rabbitmq plugin.

  • WEBHOOK_AMQP_HOST is the host url of the rabbitmq server. This key will indicate that the amqp client is being used.
  • WEBHOOK_AMQP_USERNAME is the username of the rabbitmq server
  • WEBHOOK_AMQP_PASSWORD is the password of the rabbitmq server
  • WEBHOOK_AMQP_PORT is the port of the rabbitmq server
  • WEBHOOK_AMQP_VHOST (optional) is the vhost of the rabbitmq server
  • WEBHOOK_AMQP_EXCHANGE is the exchange of the rabbitmq server
  • WEBHOOK_AMQP_SSL (optional) is to indicate if we're using SSL or not. Values are "yes" or "no"

Enable listener-webhook in Keycloak

Go to Realm Settings -> Events -> Event listeners and add "listener-webhook" to the list.

Example

When using the docker-compose file, the following containers are created:

  • keycloak: a keycloak server
  • watcher: a simple container that will print the webhook request. It's used to test the plugin. Upon user login, you should see a request printed in the web console at http://localhost:3000 like this: 
    {
  "type": "LOGIN",
  "realmId": "b1a70c8a-8656-4ae9-85f1-524e5c7f6294",
  "time": 1691758188038,
  "clientId": "account-console",
  "userId": "a032b425-60b5-462a-b156-8d178b86fa71",
  "ipAddress": "172.18.0.1",
  "details": {
    "auth_method": "openid-connect",
    "response_type": "code",
    "redirect_uri": "http://localhost:9100/realms/main/account/#/",
    "remember_me": "false",
    "consent": "no_consent_required",
    "code_id": "81be1792-8e07-4bff-a6f4-aca1971b1ea3",
    "response_mode": "fragment",
    "username": "selastlambou@gmail.com"
  }
}
  • rabbitmq: a rabbitmq server. This is for testing AMQP client.

About

Event-based Webhook plugin for Keycloak

blog.ssegning.com

Topics

kotlin events keycloak webhook openapi openapi3 kotlin-server keycloak-event-provider keycloak-spi

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

18 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 5

v0.5.0 Latest
Feb 20, 2024
+ 4 releases

Sponsor this project

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages