A basic GraphQL Yoga plugin that adds functionality to authenticate users using the Keycloak service.
As of the 9th of April 2024, plugin-keycloak has been deprecated, effective immediately. If you wish to use this package, please switch to plugin-oidc as that will be our new maintained version. The new plugin will have support for OpenID Connect compatible clients meaning that you can use other services like Authentik.
This plugin checks an access token which is a Bearer token on the
Authentication header with the Keycloak server to verify if it's valid.
Additionally, it passes back the response info, which includes information like
the preferred_username, this can then be used in the GraphQL Yoga server to
identify users.
Starting from
v1.1.5, we
have removed the dependency of keycloak-backend. In addition, we have changed
ITokenContent to KeycloakToken, please update these in your code. You can
also see this
commit
for changes.
Please see here for an example of how to use the project.
We are working on trying to stop depending on so many dependencies. As part of this, we have copied some code from the keycloak-backend library. This project, at the time of writing, is using the MIT license. The files that were took were:
Token.ts->token.tsKeycloak.ts->keycloak.tsJwt.ts->jwt.ts
We plan to adapt these files more as we change around our codebase. For example, the new scopes feature that was mentioned in issue #2.
Disclaimer: This plugin was based off of the plugin-jwt source code.