9 unstable releases
0.5.0 | Sep 29, 2024 |
---|---|
0.4.2 | Dec 3, 2023 |
0.4.1 | Sep 27, 2023 |
0.4.0 | Apr 5, 2022 |
0.2.0 | Nov 29, 2020 |
#161 in HTTP server
201 downloads per month
57KB
925 lines
actix-web-middleware-keycloak-auth
A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak.
Features
- Actix Web middleware
- deny HTTP requests that do not provide a valid JWT (or choose to allow them and handle the authentication state from a following middleware)
- require one or several Keycloak realm or client roles to be included in the JWT
- error HTTP responses sent from the middleware can have generic bodies as well as detailed error reasons
- access JWT claims from handlers (for example: get the ID of the authenticated user)
- parse custom JWT claims (using Serde)
- access parsed roles from handlers (every Keycloak role contained in the JWT)
- compatible with paperclip using the
paperclip_compat
feature - store auth status in request-local data instead of returning a HTTP response (so that the next middleware/handler can try another auth mechanism, for example)
Usage
License
MIT License Copyright (c) 2020 David Sferruzza
Dependencies
~16–31MB
~519K SLoC