how to set keycloak by using the docker and an example of application implmentation with php languages
copy environment
cp .env-sample .envtest with logging docker
docker-compose up --buildtest with logging docker in background
docker-compose up --build -dThe first step is to use the keycloak admin console to manage client registration and set role permissions.
Open with your favorite browser like Chrome or Mozilla
login with username and password :
username: admin
password: passwordFollow steps below:
- Click
Add realmbutton on the top left of the admin dashboard. Create a new realm with this data:- Name =
demo-realm
- Name =
- Click
Create - Click
Logintab, then configure this value:- User registration =
ON
- User registration =
- Click
Save
Follow steps below:
- Click on
Clientsin the left menu - Click on "Create", then configure these values:
- Client ID =
demo_client
- Client ID =
- Click
Save - Edit this field:
- Access Type =
public - Valid Redirect URIs =
http://localhost:3000/*
- Access Type =
Follow steps below:
- Click on
Clientsin the left menu - Click
Editbutton next todemo_client - Click
Rolestab and click buttonAdd Roleexample Role Name = access_view - Click
Mapperson tab and click buttonAdd Builtinchecklistclient rolesand click save - Click
editclient rolesinToken Claim Namechange roles topermissionand click save
Now you have successfully finished the keycloak configuration for the new client application.
Follow steps below:
- Click on
Rolesin the left menu - Click
Add RoleExample :
- Name =
Administrator - Set Composite Roles =
ON - in Composite Roles Select Client Roles
demo_client - in Alvailable Roles select permission
access_viewand clickAdd selected - click tab
Default Rolesin topRolespage - in
Realm RolesselectAvailable RolesAdministratorexample for default roles user register app
Follow steps below:
- Click on
Clientsin the left menu - Click
demo_client - Click on
Installationin top menu - in
Format Optionselect a formatKeycloak OIDC JSONand click Download - move
keycloak.jsonin the root folder app
move keycloak.json to root app directory PHP create file index.php and add code like this
<script src="http://localhost:2080/auth/js/keycloak.js"></script>
<script src="https://cdn.jsdelivr.net/npm/js-cookie@beta/dist/js.cookie.min.js"></script>
<script type="text/javascript">
const keycloak = Keycloak('http://localhost:3000/keycloak.json')
const initOptions = {
responseMode: 'fragment',
flow: 'standard',
onLoad: 'login-required'
};
function logout(){
Cookies.remove('token');
Cookies.remove('callback');
keycloak.logout();
}
keycloak.init(initOptions).success(function(authenticated) {
Cookies.set('token', keycloak.token);
Cookies.set('callback',JSON.stringify(keycloak.tokenParsed.resource_access.php_service.permission));
var arr = JSON.parse(Cookies.get('callback'));
arr = arr.reduce((index,value) => (index[value] = true, index), {});
(arr.access_create === true ? document.getElementById("create").disabled = false : document.getElementById("create").disabled = true);
(arr.access_edit === true ? document.getElementById("edit").disabled = false : document.getElementById("edit").disabled = true);
(arr.access_delete === true ? document.getElementById("delete").disabled = false : document.getElementById("delete").disabled = true);
(arr.access_view === true ? document.getElementById("read").disabled = false : document.getElementById("read").disabled = true);
document.getElementById("test").innerHTML = Cookies.get('token');
// console.log('Init Success (' + (authenticated ? 'Authenticated token : '+JSON.stringify(keycloak) : 'Not Authenticated') + ')');
}).error(function() {
console.log('Init Error');
});
</script>Please start in Firefox or chrome a "New Private Window" and connect to the following URL
http://localhost:2080/auth/realms/demo-realm/account
Follow steps below:
- Click
registerin the bottom login page
Use this credentials to access
- Host:
keycloak_db_sso - Port: 5432
- Database:
keycloak_sso - User:
keycloak_sso - Password:
password