@revolist/nestjs-keycloak-admin
Advanced tools
Readme
This is a modified version of the original Keycloak module for NestJS, designed to support CommonJS module import. public static register(options: KeycloakModuleOptions): DynamicModule was removed.
Register module with:
KeycloakModule.registerAsync({
useFactory: async (configService: ConfigService) => {
return {
baseUrl: 'your-keycloak-url',
realmName: 'your-realm',
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
};
},
})
Make sure to replace the placeholder values with your actual Keycloak configuration details.
Note: This modified version of the Keycloak module is provided as-is and is not officially supported by the original package maintainers. Use it at your own discretion.
Install using npm i --save nestjs-keycloak-admin or pnpm add nestjs-keycloak-admin
@keycloak/keycloak-admin-client package, nestjs-keycloak-admin can't support CommonJS at the moment.
The team behind keycloak-admin-client made the decision to have a breaking change and support CommonJS.
Please refer to this Github issue for more information about their decision-making process.Then on your app.module.ts
import { Module } from '@nestjs/common';
import { AppController } from './app.controller';
import KeycloakModule, { AuthGuard, ResourceGuard, RoleGuard } from 'nestjs-keycloak-admin'
import { APP_GUARD } from '@nestjs/core';
@Module({
imports: [
KeycloakModule.register({
baseUrl: '',
realmName: '',
clientSecret: '',
clientId: ''
})
],
controllers: [AppController],
providers: [
{ provide: APP_GUARD, useClass: AuthGuard },
{ provide: APP_GUARD, useClass: ResourceGuard },
{ provide: APP_GUARD, useClass: RoleGuard },
],
})
export class AppModule {}
By default nestjs-keycloak-admin supports User Managed Access for managing your resources.
import { Controller, Get, Request, ExecutionContext, Post } from '@nestjs/common'
import {
DefineResource,
Public,
KeycloakService,
FetchResources,
Resource,
DefineScope,
DefineResourceEnforcer,
UMAResource,
Scope,
} from 'nestjs-keycloak-admin'
@Controller('/organization')
@DefineResource('organization')
export class AppController {
constructor(private readonly keycloak: KeycloakService) {}
@Get('/hello')
@Public()
sayHello(): string {
return 'life is short.'
}
@Get('/')
@FetchResources()
findAll(@Request() req: any): Resource[] {
return req.resources as Resource[]
}
@Get('/:slug')
@DefineScope('read')
@EnforceResource({
def: ({ params }) => params.slug,
param: 'slug',
})
findBySlug(@Request() req: any): Resource {
return req.resource as Resource
}
@Post('/')
@DefineScope('create')
async create(@Request() req: any): Promise<Resource> {
let resource = new Resource({
name: 'resource',
displayName: 'My Resource',
} as UMAResource)
.setOwner(req.user._id)
.setScopes([new Scope('organization:read'), new Scope('organization:write')])
.setType('urn:resource-server:type:organization')
.setUris(['/organization/123'])
.setAttributes({
valid: true,
types: ['customer', 'any'],
})
resource = await this.keycloak.resourceManager.create(resource)
// create organization on your resource server and add link to resource.id, to access it later.
return resource
}
}
@Get('/hello')
@Roles({roles: ['realm:admin'], mode: RoleMatchingMode.ANY})
sayHello(@User() user: KeycloakUser, @AccessToken() accessToken): string {
return `life is short. -${user.email}/${accessToken}`
}
Here is the decorators you can use in your controllers.
| Decorator | Description |
|---|---|
| @User | Retrieves the current Keycloak logged-in user. (must be per method, unless controller is request scoped.) |
| @AccessToken | Retrieves the current access token. (must be per method, unless controller is request scoped.) |
| @DefineResource | Define the keycloak application resource name. |
| @DefineScope | Define the keycloak resource scope (ex: 'create', 'read', 'update', 'delete') |
| @EnforceResource | |
| @FetchResources | |
| @Public | Allow any user to use the route. |
| @Roles | Keycloak realm/application roles. Prefix any realm-level roles with "realm:" (i.e realm:admin) |
FAQs
Keycloak Admin Provider for Nest.js
The npm package @revolist/nestjs-keycloak-admin receives a total of 5 weekly downloads. As such, @revolist/nestjs-keycloak-admin popularity was classified as not popular.
We found that @revolist/nestjs-keycloak-admin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.