Skip to content
This repository has been archived by the owner on Apr 9, 2024. It is now read-only.
/ plugin-keycloak Public archive

Plugin for GraphQL Yoga that adds Keycloak authentication and authorization.

License

Notifications You must be signed in to change notification settings

Nexirift/plugin-keycloak

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

NPM Version NPM License NPM Downloads

plugin-keycloak

A basic GraphQL Yoga plugin that adds functionality to authenticate users using the Keycloak service.

Deprecation Notice

As of the 9th of April 2024, plugin-keycloak has been deprecated, effective immediately. If you wish to use this package, please switch to plugin-oidc as that will be our new maintained version. The new plugin will have support for OpenID Connect compatible clients meaning that you can use other services like Authentik.

How does it work?

This plugin checks an access token which is a Bearer token on the Authentication header with the Keycloak server to verify if it's valid. Additionally, it passes back the response info, which includes information like the preferred_username, this can then be used in the GraphQL Yoga server to identify users.

BREAKING CHANGES

Starting from v1.1.5, we have removed the dependency of keycloak-backend. In addition, we have changed ITokenContent to KeycloakToken, please update these in your code. You can also see this commit for changes.

Example

Please see here for an example of how to use the project.

Disclaimer

We are working on trying to stop depending on so many dependencies. As part of this, we have copied some code from the keycloak-backend library. This project, at the time of writing, is using the MIT license. The files that were took were:

  • Token.ts -> token.ts
  • Keycloak.ts -> keycloak.ts
  • Jwt.ts -> jwt.ts

We plan to adapt these files more as we change around our codebase. For example, the new scopes feature that was mentioned in issue #2.

Credits

Disclaimer: This plugin was based off of the plugin-jwt source code.