Documentation
¶
Overview ¶
Package keycloak provides Keycloak-specific extensions for Dynamic Client Registration.
Index ¶
- type AdminClient
- func (c *AdminClient) CreateOrUpdateRealm(ctx context.Context, config RealmConfig) (created bool, err error)
- func (c *AdminClient) DeleteRealm(ctx context.Context, realmName string) error
- func (c *AdminClient) GetClientByName(ctx context.Context, clientName string) (*ClientInfo, error)
- func (c *AdminClient) RefreshToken(ctx context.Context, clientID string) (string, error)
- func (c *AdminClient) RegistrationEndpoint() string
- func (c *AdminClient) TokenForRegistration(ctx context.Context) (string, error)
- type ClientInfo
- type RealmConfig
- type SMTPConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AdminClient ¶
type AdminClient struct {
// contains filtered or unexported fields
}
AdminClient provides Keycloak admin operations for OIDC Dynamic Client Registration. It implements both clientreg.TokenProvider (for initial registration) and clientreg.TokenRefresher (for automatic token refresh on 401 responses).
func NewAdminClient ¶
func NewAdminClient(httpClient *http.Client, baseURL, realm string) *AdminClient
NewAdminClient creates a new Keycloak admin client. The httpClient should be configured with appropriate authentication (e.g., OAuth2 client credentials).
func (*AdminClient) CreateOrUpdateRealm ¶
func (c *AdminClient) CreateOrUpdateRealm(ctx context.Context, config RealmConfig) (created bool, err error)
CreateOrUpdateRealm creates a new realm or updates it if it already exists. Returns true if the realm was created, false if it was updated.
func (*AdminClient) DeleteRealm ¶
func (c *AdminClient) DeleteRealm(ctx context.Context, realmName string) error
DeleteRealm deletes a realm. Returns nil if the realm doesn't exist.
func (*AdminClient) GetClientByName ¶
func (c *AdminClient) GetClientByName(ctx context.Context, clientName string) (*ClientInfo, error)
GetClientByName finds a client by its name (display name) in the realm. Returns nil if the client is not found.
func (*AdminClient) RefreshToken ¶
RefreshToken implements clientreg.TokenRefresher. It regenerates the registration access token for a client when a 401 is received.
func (*AdminClient) RegistrationEndpoint ¶
func (c *AdminClient) RegistrationEndpoint() string
RegistrationEndpoint returns the OIDC Dynamic Client Registration endpoint for the realm.
func (*AdminClient) TokenForRegistration ¶
func (c *AdminClient) TokenForRegistration(ctx context.Context) (string, error)
TokenForRegistration implements clientreg.TokenProvider. It creates a new initial access token for client registration.
type ClientInfo ¶
type ClientInfo struct {
ID string `json:"id"` // Keycloak's internal UUID
ClientID string `json:"clientId"` // The client_id used in OIDC
Name string `json:"name"` // Display name
}
ClientInfo contains basic information about a Keycloak client.
type RealmConfig ¶
type RealmConfig struct {
Realm string `json:"realm"`
DisplayName string `json:"displayName,omitempty"`
Enabled bool `json:"enabled"`
LoginWithEmailAllowed bool `json:"loginWithEmailAllowed,omitempty"`
RegistrationEmailAsUsername bool `json:"registrationEmailAsUsername,omitempty"`
RegistrationAllowed bool `json:"registrationAllowed,omitempty"`
SMTPServer *SMTPConfig `json:"smtpServer,omitempty"`
}
RealmConfig contains the configuration for a Keycloak realm.
type SMTPConfig ¶
type SMTPConfig struct {
Host string `json:"host,omitempty"`
Port string `json:"port,omitempty"`
From string `json:"from,omitempty"`
SSL bool `json:"ssl,omitempty"`
StartTLS bool `json:"starttls,omitempty"`
Auth bool `json:"auth,omitempty"`
User string `json:"user,omitempty"`
Password string `json:"password,omitempty"`
}
SMTPConfig contains SMTP server configuration for a realm.
Source Files