View Source Kloak
Kloak is a simple wrapper for OAuth2, which can be used for authenticating users with Phoenix and a Keycloak IDM.
Installation
The package can be installed by adding kloak
to your list of dependencies in mix.exs
:
def deps do
[
{:kloak, "~> 0.2.1"}
]
end
Usage
Using Kloak
with a Phoenix
application is quite easy. To perform authentication with Keycloak, you need to implement at least one login
and one callback
controller function e.g. in your authentication_controller
.
@doc "Login controller action which redirects to Keycloak for authentication."
def login(conn, _) do
with {:ok, client} <- Kloak.Client.new(),
{:ok, nonce} <- Kloak.generate_nonce(),
{:ok, redirect_url} <- Kloak.authorize_url(client, scope: "openid", state: nonce, redirect_uri: url(~p"/auth/callback")) do
conn
|> Kloak.put_oidc_state(nonce)
|> redirect(external: redirect_url)
end
end
@doc "Callback controller action which is called when a users is redirected from Keycloak."
def callback(conn, %{"code" => code, "state" => state}) do
with {:ok, true} <- Kloak.verify_oidc_state(conn, state),
{:ok, client} <- Kloak.Client.new(),
{:ok, token} <- Kloak.get_token(client, code: code, redirect_uri: url(~p"/auth/callback")),
{:ok, client} <- Kloak.Client.new(token: token),
{:ok, user_information} <- Kloak.user_information(client) do
# Do something with the user information
IO.inspect(user_information)
# Authentication was successful
conn
|> put_session(:token, token)
|> put_flash(:info, gettext("You have successfully logged in."))
|> redirect(to: ~p"/dashboard")
end
end
License
The MIT License (MIT). Please see LICENSE for more information.