nawasara/keycloak
最新稳定版本:v0.1.1
Composer 安装命令:
composer require nawasara/keycloak
包简介
Keycloak SSO admin dashboard for Nawasara — manage users and clients with DB-cached snapshots and queue-backed mutations.
README 文档
README
Keycloak SSO admin dashboard for the Nawasara superapp framework. Manage users and clients without leaving Nawasara, backed by local DB snapshots for speed and queue jobs for write auditability.
Features
- Users — list, search, view detail (sessions, roles, attributes), enable/disable, and reset password
- Clients — list, search, create, edit, and delete client applications; reveal and regenerate client secret on demand
- DB-cached + queue pattern — list pages read from
nawasara_keycloak_users/nawasara_keycloak_clientssnapshots; mutations dispatch through queue jobs that update Keycloak and the local snapshot atomically with content-hash conflict detection - Sync info bar — shows last successful sync time, pending mutations, and a link to the audit log
- Test connection — Vault credential page exposes a one-click test that obtains an admin token and queries
/users/countto confirm realm reachability and admin-API access
Installation
composer require nawasara/keycloak
php artisan migrate
php artisan db:seed --class="Nawasara\Keycloak\Database\Seeders\PermissionSeeder" --force
Auto-discovered by Laravel.
Keycloak setup
The package authenticates to Keycloak via the client credentials flow with a confidential client that has admin privileges on the target realm.
- In the Keycloak admin console, open the realm you want to manage.
- Clients → Create client:
- Client type:
OpenID Connect - Client ID: e.g.
nawasara-admin - Client authentication:
On - Authentication flow: tick
Service accounts rolesonly
- Client type:
- After creation, open the new client → Service Account Roles tab → Assign role:
realm-management→ grantmanage-users,manage-clients,view-users,view-clients,view-realm,view-events(and any others you need)
- Open the Credentials tab and copy the client secret.
Storing credentials in Vault
- Open Nawasara →
/nawasara-vault - Select the Keycloak SSO group
- Fill in:
- Base URL — e.g.
https://sso.kominfo.go.id - Realm — the realm you grant admin access to (e.g.
master,kominfo) - Client ID — from step 2 above
- Client Secret — from step 4 above
- Base URL — e.g.
- Save
Click Test Connection in the credential dropdown to verify. A successful test reports the realm's user count.
Pages
| Route | Permission |
|---|---|
/nawasara-keycloak/users |
keycloak.user.view |
/nawasara-keycloak/clients |
keycloak.client.view |
/nawasara-keycloak/sessions |
keycloak.session.view |
Permissions
| Permission | Description |
|---|---|
keycloak.user.view |
View user list and detail |
keycloak.user.manage |
Toggle enable/disable, reset password |
keycloak.user.reset_password |
Reset a user's password |
keycloak.client.view |
View client list and detail |
keycloak.client.manage |
Create / edit / delete client, regenerate secret |
keycloak.client.reveal_secret |
Reveal client secret |
keycloak.session.view |
View active sessions |
keycloak.session.revoke |
Revoke a session |
Author
Pringgo J. Saputro <odyinggo@gmail.com>
License
MIT
统计信息
- 总下载量: 7
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 3
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-05-09