PHPackages peppertech/larakeycloak - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. peppertech/larakeycloak ActiveLibrary[Authentication & Authorization](/categories/authentication) peppertech/larakeycloak ======================= Provide Authentication and Authorization using KeyCloak Socialite Provider v0.1.1(5y ago)012MITPHP Since Feb 12Pushed 5y ago1 watchersCompare [ Source](https://github.com/francisfueconcillo/larakeycloak)[ Packagist](https://packagist.org/packages/peppertech/larakeycloak)[ RSS](/packages/peppertech-larakeycloak/feed)WikiDiscussions main Synced 3d ago READMEChangelogDependencies (3)Versions (4)Used By (0) LaraKeycloak ============ [](#larakeycloak) --- - [Overview](#overview) - [Features](#features) - [Keycloak Configurations](#keycloak-configure) - [Installation](#install) - [Configuration](#config) - [Integration](#integrate) - [Testing](#testing) Overview -------- [](#overview) LaraKeycloak provides Authentication using [KeyCloak Socialite Provider](https://socialiteproviders.com/Keycloak/) and RBAC Authorization by checking user roles from [Keycloak](https://www.keycloak.org). Features -------- [](#features) - Provides Authentication using [KeyCloak Socialite Provider](https://socialiteproviders.com/Keycloak/) - Provides Authorization by RBAC managed by KeyCloak Keycloak Configurations ----------------------- [](#keycloak-configurations) Before installing LaraKeycloak, configure your Keycloak Server to add your application as Client. ### Creating a Keycloak Client [](#creating-a-keycloak-client) [![Client](./keycloak-client.png)](./keycloak-client.png) ### Add User Roles in Keycloak Client [](#add-user-roles-in-keycloak-client) [![Roles](./client-roles.png)](./client-roles.png) ### Create Users and Assign Roles [](#create-users-and-assign-roles) Create at least a Regular User and an Admin User, for testing Authorization later on. [![Roles](./user-roles.png)](./user-roles.png) Installation ------------ [](#installation) ``` composer require peppertech/larakeycloak ``` Configuration ------------- [](#configuration) ### Environment Variables [](#environment-variables) VariableRequiredDescriptionDefault ValueKEYCLOAK\_BASE\_URLYesKeycloak Server URL. ie. https://\[keycloak server\]/authnoneKEYCLOAK\_REALMSYesKeycloak RealmnoneKEYCLOAK\_CLIENT\_IDYesKeycloak Client IDnoneKEYCLOAK\_CLIENT\_SECRETYesOpenId Connect Client SecretnoneKEYCLOAK\_REDIRECT\_URIYesThe default page to redirect users after login/homeKEYCLOAK\_REALM\_PUBLIC\_KEYYesKeycloak Realm RS256 Public Keynone Integration ----------- [](#integration) ### Published Files [](#published-files) Run the following commands to publish the files to your app. ``` php artisan vendor:publish --tag="larakeycloak" ``` This will copy the following files: - `app/Http/Controllers/LaraKeyController.php`, controller for the `/auth/redirect` and '/auth/callback` routes. - `app/Policies/SampleAdminPolicy.php`, an example Admin Policy to secure certain pages in your application for `admin` role - `resources/views/sample_admin_blade.php`, example Admin View with `/sample/admin` route. - `app/Http/Controllers/SampleAdminController.php`, controller for the `/sample/admin` route. ### Routes [](#routes) Create the following routes in your `app/routes/web.php` ``` Route::group(['middleware' => ['auth:web']], function () { ... Route::get('/sample/admin', 'SampleAdminController@index')->name('sample-admin'); }); Route::get('/auth/redirect', 'LaraKeycloakController@redirect')->name('auth-redirect'); Route::get('/auth/callback', 'LaraKeycloakController@callback')->name('auth-callback'); Route::get('logout', '\App\Http\Controllers\Auth\LoginController@logout'); ``` Add the following `logout` method in your `LoginController` ``` use Illuminate\Support\Facades\Auth; use PepperTech\LaraKeycloak\LaraKeycloak; .... public function logout() { $larakc = new LaraKeyCloak(); $larakc->logout(); Auth::guard('web')->logout(); return redirect()->guest(route('main')); // `main` is the route name of public homepage } ``` ### Socialite Keycloak Settings [](#socialite-keycloak-settings) Reference: - Add the following block in your `config/services.php` ``` 'keycloak' => [ 'client_id' => env('KEYCLOAK_CLIENT_ID'), 'client_secret' => env('KEYCLOAK_CLIENT_SECRET'), 'redirect' => env('KEYCLOAK_REDIRECT_URI'), 'base_url' => env('KEYCLOAK_BASE_URL'), 'realms' => env('KEYCLOAK_REALMS'), 'realm_public_key' => env('KEYCLOAK_REALM_PUBLIC_KEY'), ], ``` - In `app/Providers/EventServiceProvider.php`, add the following: ``` use SocialiteProviders\Manager\SocialiteWasCalled; protected $listen = [ .... SocialiteWasCalled::class => [ // add your listeners (aka providers) here 'SocialiteProviders\\Keycloak\\KeycloakExtendSocialite@handle', ], ]; ``` - In `config/app.php` add the `SocialiteProviders\Manager\ServiceProvider::class` and comment-out `Laravel\Socialite\SocialiteServiceProvider::class` if you have added this before. ``` 'providers' => [ ... // Laravel\Socialite\SocialiteServiceProvider::class, SocialiteProviders\Manager\ServiceProvider::class, ] ``` ### Auth Middleware [](#auth-middleware) - In `app/Http/Middleware/Authenticate.php`, change the `redirectTo` method. This change will make the redirection to Keycloak Login when an unauthenticated user access a protect part of the website. ``` protected function redirectTo($request) { if (! Auth::check()) { return route('auth-redirect'); } } ``` Authorization ------------- [](#authorization) Authorization is provided by roles of user from Keycloak. `PepperTech\LaraKeycloak\LaraKeycloak` class has a public method `hasRole` that checks if currently logged-in user has that role. `hasRole` can be used with [Laravel Authorization](https://laravel.com/docs/7.x/authorization) ### Defining Gates [](#defining-gates) - Define your Gate in `app/Providers/AuthServiceProvider.php` `boot` method ``` public function boot() { $this->registerPolicies(); Gate::define('view-admin', [SampleAdminPolicy::class, 'view']); // define more Gates here } ``` ### Policies [](#policies) - An example Policy is provided in `app/Policies/SampleAdminPolicy.php` that uses the LaraKeycloak `hasRole` method. - An example Admin View Controller is also provided at `app/Htttp/Controllers/SampleAdminController.php`. Inspect how Gates are used here to check the user's authorization in viewing a page. Testing ------- [](#testing) - To test if everything is working, navigate to `http://[your domain]/sample/admin`. This should redirct to Keycloak Login Page. - Login with a Keycloak User that has 'admin' role. - Upon login, you should be able to see the Sample Admin Page. - Logout and go to `http://[your domain]/sample/admin` again. This time, login with a user that does not have an `admin` role. - Upon login, you should see a 403 Unauthorized Page. ### Health Score 21 — LowBetter than 19% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community7 Small or concentrated contributor base Maturity45 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 2 Last Release 1917d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/16d1a132239721c0ecc8e756b5c24d712a65e9a02897da2a1f7718712673181b?d=identicon)[francisf](/maintainers/francisf) --- Top Contributors [![francisfueconcillo](https://avatars.githubusercontent.com/u/2332683?v=4)](https://github.com/francisfueconcillo "francisfueconcillo (8 commits)") ### Embed Badge ![Health badge](/badges/peppertech-larakeycloak/health.svg) ``` [![Health](https://phpackages.com/badges/peppertech-larakeycloak/health.svg)](https://phpackages.com/packages/peppertech-larakeycloak) ``` ### Alternatives [google/auth Google Auth Library for PHP 1.4k272.7M162](/packages/google-auth)[socialiteproviders/manager Easily add new or override built-in providers in Laravel Socialite. 42442.0M544](/packages/socialiteproviders-manager)[thenetworg/oauth2-azure Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2509.6M48](/packages/thenetworg-oauth2-azure)[stevenmaguire/oauth2-keycloak Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2275.9M27](/packages/stevenmaguire-oauth2-keycloak)[robsontenorio/laravel-keycloak-guard 🔑 Simple Keycloak Guard for Laravel 5161.1M3](/packages/robsontenorio-laravel-keycloak-guard)[dutchcodingcompany/filament-socialite Social login for Filament through Laravel Socialite 213914.9k9](/packages/dutchcodingcompany-filament-socialite) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)