keygloak

package module
v0.0.0-...-2b944e4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 2, 2025 License: MPL-2.0 Imports: 10 Imported by: 0

README

Keygloak

VERY SIMPLE Keycloak client library written in Go. Only intended for confidential clients at the moment.

Installing
go get github.com/Feinzer/keygloak
Features:
  • Authentication: Obtain and manage OpenID Connect (OIDC) tokens.
  • User Management: Create and manage users within your Keycloak realm.
  • Token Operations: Perform token introspection, refreshing, and invalidation.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type KClient 

type KClient struct {
	Domain       string
	Realm        string
	BaseURL      string
	AdminURL     string
	ClientID     string
	ClientSecret string
	ClientToken  *KToken
}

func New 

func New(domain string, realm string) *KClient

Initialize your Keycloak client from your instance config

func NewFromEnv 

func NewFromEnv() (*KClient, error)

Initializes your Keycloak instance config from the following environment variables.

  • KC_DOMAIN=example.org
  • KC_REALM=example

func (*KClient) Authenticate 

func (client *KClient) Authenticate(clientId string, clientSecret string) error

Authenticates your Keycloak client using the clientId and clientSecret values

func (*KClient) CreateUser 

func (client *KClient) CreateUser(opts *KUserCreateOpts) (*KUser, error)

Creates a new user inside the realm you set in your instance config.

Client has to be previously authenticated using the Authenticate() method

func (*KClient) GetOpenIDToken 

func (client *KClient) GetOpenIDToken(grantType KGrantType, opts *KTokenOpts) (*KToken, error)

Retrieves a new JWT token from Keycloak using KTokenOptions

Avoid using this method directly

func (*KClient) IntrospectToken 

func (client *KClient) IntrospectToken(token string) (*KIntrospectionResponse, bool)

Executes a token introspection

func (*KClient) InvalidateToken 

func (client *KClient) InvalidateToken(refreshToken string) error

Invalidates the token session

func (*KClient) RefreshToken 

func (client *KClient) RefreshToken(accessToken string, refreshToken string) (*KToken, error)

Validates the given accessToken and tries to refresh it if invalid

func (*KClient) SignInWithPassword 

func (client *KClient) SignInWithPassword(opts *KSignInOpts) (*KToken, error)

Retrieves a token for the user with the provided username, password and optional totp

func (*KClient) UpdateUser 

func (client *KClient) UpdateUser(token string, opts *KUserUpdateOpts) (*KUser, error)

Updates the user inside the realm you set in your instance config.

Client has to be previously authenticated using the Authenticate() method

func (*KClient) UserInfo 

func (client *KClient) UserInfo(token string) (*KUserInfo, bool)

Retrieves user's info using the provided token

type KGrantType 

type KGrantType string
const (
	KGrantTypeAuthCode KGrantType = "authorization_code"
	KGrantTypeClient   KGrantType = "client_credentials"
	KGrantTypePassword KGrantType = "password"
	KGrantTypeRefresh  KGrantType = "refresh_token"
)

type KIntrospectionResponse 

type KIntrospectionResponse struct {
	Active    bool   `json:"active"`
	TokenType string `json:"token_type"`
	Scope     string `json:"scope"`
	Email     string `json:"email"`
	Username  string `json:"username"`
}

type KSignInOpts 

type KSignInOpts struct {
	Username string
	Password string
	Totp     *string
}

type KToken 

type KToken struct {
	Type    string  `json:"token_type"`
	Access  string  `json:"access_token"`
	Refresh *string `json:"refresh_token"`
	Scope   string  `json:"scope"`
}

type KTokenError 

type KTokenError struct {
	Message string `json:"error_description"`
}

type KTokenOpts 

type KTokenOpts struct {
	ClientID     string
	ClientSecret string
	Scope        string
	RefreshToken *string
	Username     *string
	Password     *string
	Totp         *string
}

type KUser 

type KUser struct {
	ID          string            `json:"id"`
	Enabled     bool              `json:"enabled"`
	Email       string            `json:"email"`
	Username    string            `json:"username"`
	FirstName   *string           `json:"firstName"`
	LastName    *string           `json:"lastName"`
	Credentials []KUserCredential `json:"credentials"`
}

type KUserCreateOpts 

type KUserCreateOpts struct {
	Email     string  `json:"email"`
	Username  string  `json:"username"`
	Password  string  `json:"password"`
	FirstName *string `json:"firstName"`
	LastName  *string `json:"lastName"`
}

type KUserCredential 

type KUserCredential struct {
	Type      string `json:"type"`
	Value     string `json:"value"`
	Temporary bool   `json:"temporary"`
}

type KUserError 

type KUserError struct {
	Message string `json:"errorMessage"`
}

type KUserInfo 

type KUserInfo struct {
	ID            string  `json:"sub"`
	Email         string  `json:"email"`
	EmailVerified bool    `json:"email_verified"`
	Username      string  `json:"preferred_username"`
	FullName      *string `json:"name"`
	FirstName     *string `json:"given_name"`
	LastName      *string `json:"family_name"`
}

type KUserUpdateOpts 

type KUserUpdateOpts struct {
	Enabled   *bool   `json:"enabled"`
	Email     *string `json:"email"`
	Username  *string `json:"username"`
	Password  *string `json:"password"`
	FirstName *string `json:"firstName"`
	LastName  *string `json:"lastName"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.