50 lines
1.1 KiB
TypeScript
50 lines
1.1 KiB
TypeScript
import type { OAuthConfig, OAuthUserConfig } from "."
|
|
|
|
export interface KeycloakProfile extends Record<string, any> {
|
|
exp: number
|
|
iat: number
|
|
auth_time: number
|
|
jti: string
|
|
iss: string
|
|
aud: string
|
|
sub: string
|
|
typ: string
|
|
azp: string
|
|
session_state: string
|
|
at_hash: string
|
|
acr: string
|
|
sid: string
|
|
email_verified: boolean
|
|
name: string
|
|
preferred_username: string
|
|
given_name: string
|
|
family_name: string
|
|
email: string
|
|
picture: string
|
|
user: any
|
|
}
|
|
|
|
export default function Keycloak<P extends KeycloakProfile>(
|
|
options: OAuthUserConfig<P>
|
|
): OAuthConfig<P> {
|
|
return {
|
|
id: "keycloak",
|
|
name: "Keycloak",
|
|
wellKnown: `${options.issuer}/.well-known/openid-configuration`,
|
|
type: "oauth",
|
|
authorization: { params: { scope: "openid email profile" } },
|
|
checks: ["pkce", "state"],
|
|
idToken: true,
|
|
profile(profile) {
|
|
return {
|
|
id: profile.sub,
|
|
name: profile.name ?? profile.preferred_username,
|
|
email: profile.email,
|
|
image: profile.picture,
|
|
}
|
|
},
|
|
style: { logo: "/keycloak.svg", bg: "#fff", text: "#000" },
|
|
options,
|
|
}
|
|
}
|