From ca9e2f348271b89af0bf08f263de3bf7054abddd Mon Sep 17 00:00:00 2001 From: Rhuan <283004+rhuanbarreto@users.noreply.github.com> Date: Mon, 2 Nov 2020 18:13:33 +0100 Subject: [PATCH] Add keycloak auth (#703) * Add keycloak referering to PR #6376 in parse-server * Update _includes/parse-server/third-party-auth.md Co-Authored-By: Tom Fox <13188249+TomWFox@users.noreply.github.com> * Update _includes/parse-server/third-party-auth.md Co-Authored-By: Tom Fox <13188249+TomWFox@users.noreply.github.com> * Update _includes/parse-server/third-party-auth.md Co-Authored-By: Tom Fox <13188249+TomWFox@users.noreply.github.com> * Update _includes/parse-server/third-party-auth.md Co-Authored-By: Tom Fox <13188249+TomWFox@users.noreply.github.com> * Update _includes/parse-server/third-party-auth.md Co-Authored-By: Tom Fox <13188249+TomWFox@users.noreply.github.com> Co-authored-by: Tom Fox <13188249+TomWFox@users.noreply.github.com> --- _includes/parse-server/third-party-auth.md | 31 ++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/_includes/parse-server/third-party-auth.md b/_includes/parse-server/third-party-auth.md index 126467af0..41fda7a5d 100644 --- a/_includes/parse-server/third-party-auth.md +++ b/_includes/parse-server/third-party-auth.md @@ -9,6 +9,7 @@ Parse Server supports 3rd party authentication with * Instagram * Janrain Capture * Janrain Engage +* Keycloak * LDAP * LinkedIn * Meetup @@ -161,6 +162,36 @@ Google oauth supports validation of id_token's and access_token's. } ``` +### Keycloak `authData` + +```js +{ + "keycloak": { + "access_token": "access token from keycloak JS client authentication", + "id": "the id retrieved from client authentication in Keycloak", + "roles": ["the roles retrieved from client authentication in Keycloak"], + "groups": ["the groups retrieved from client authentication in Keycloak"] + } +} +``` + +The authentication module will test if the authData is the same as the userinfo oauth call, by comparing the attributes. + +Copy the JSON config file generated on Keycloak ([tutorial](https://www.keycloak.org/docs/latest/securing_apps/index.html#_javascript_adapter)) +and paste it inside of a folder (Ex.: `auth/keycloak.json`) in your server. + +The options passed to Parse Server: + +```js +{ + auth: { + keycloak: { + config: require(`./auth/keycloak.json`) // Required + } + } +} +``` + ### Configuring Parse Server for LDAP The [LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) module can check if a