Keycloak

composer require socialiteproviders/keycloak

Installation & Basic Usage

Please see the Base Installation Guide, then follow the provider specific instructions below.

Add configuration to config/services.php

'keycloak' => [
  'client_id' => env('KEYCLOAK_CLIENT_ID'),
  'client_secret' => env('KEYCLOAK_CLIENT_SECRET'),
  'redirect' => env('KEYCLOAK_REDIRECT_URI'),
  'base_url' => env('KEYCLOAK_BASE_URL'),   // Specify your keycloak server URL here
  'realms' => env('KEYCLOAK_REALM')         // Specify your keycloak realm
],

Add provider event listener

Configure the package's listener to listen for SocialiteWasCalled events.

Add the event to your listen[] array in app/Providers/EventServiceProvider. See the Base Installation Guide for detailed instructions.

protected $listen = [
    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
        // ... other providers
        \SocialiteProviders\Keycloak\KeycloakExtendSocialite::class.'@handle',
    ],
];

Usage

You should now be able to use the provider like you would regularly use Socialite (assuming you have the facade installed):

return Socialite::driver('keycloak')->redirect();

To logout of your app and Keycloak:

public function logout() {
    Auth::logout(); // Logout of your app
    $redirectUri = Config::get('app.url'); // The URL the user is redirected to
    return redirect(Socialite::driver('keycloak')->getLogoutUrl($redirectUri)); // Redirect to Keycloak
}

Keycloak <= 3.2

Keycloak below v3.2 requires no scopes to be set. Later versions require the openid scope for all requests.

return Socialite::driver('keycloak')->scopes([])->redirect();

See the upgrade guide.