#actix-web #middleware #authentication #jwt #keycloak

actix-web-middleware-keycloak-auth

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak

6 releases (3 breaking)

Uses new Rust 2021

0.4.0 Apr 5, 2022
0.4.0-beta.2 Nov 5, 2021
0.4.0-beta.1 Sep 22, 2021
0.3.0 Jan 22, 2021
0.1.0 Nov 25, 2020

#113 in HTTP server

Download history 18/week @ 2022-03-09 46/week @ 2022-03-16 45/week @ 2022-03-23 24/week @ 2022-03-30 69/week @ 2022-04-06 32/week @ 2022-04-13 123/week @ 2022-04-20 187/week @ 2022-04-27 76/week @ 2022-05-04 108/week @ 2022-05-11 69/week @ 2022-05-18 58/week @ 2022-05-25 137/week @ 2022-06-01 135/week @ 2022-06-08 130/week @ 2022-06-15 212/week @ 2022-06-22

620 downloads per month

MIT license

55KB
923 lines

actix-web-middleware-keycloak-auth

LICENSE Build and test Lint Crates.io Version Documentation

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak.

Features

  • Actix Web middleware
  • deny HTTP requests that do not provide a valid JWT (or choose to allow them and handle the authentication state from a following middleware)
  • require one or several Keycloak realm or client roles to be included in the JWT
  • error HTTP responses sent from the middleware can have generic bodies as well as detailed error reasons
  • access JWT claims from handlers (for example: get the ID of the authenticated user)
  • parse custom JWT claims (using Serde)
  • access parsed roles from handlers (every Keycloak role contained in the JWT)
  • compatible with paperclip using the paperclip_compat feature
  • store auth status in request-local data instead of returning a HTTP response (so that the next middleware/handler can try another auth mechanism, for example)

Usage

License

MIT License Copyright (c) 2020 David Sferruzza

Dependencies

~20–33MB
~736K SLoC