Lib.rs

Web programmingHTTP server | Authentication
#actix-web #jwt #actix-web-middleware #keycloak #middleware #actix-middleware

actix-web-middleware-keycloak-auth

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak

by David Sferruzza

9 unstable releases

0.5.0 Sep 29, 2024
0.4.2 Dec 3, 2023
0.4.1 Sep 27, 2023
0.4.0 Apr 5, 2022
0.2.0 Nov 29, 2020

#157 in HTTP server

Download history 74/week @ 2024-09-18 306/week @ 2024-09-25 177/week @ 2024-10-02 114/week @ 2024-10-09 118/week @ 2024-10-16 73/week @ 2024-10-23 109/week @ 2024-10-30 63/week @ 2024-11-06 70/week @ 2024-11-13 48/week @ 2024-11-20 29/week @ 2024-11-27 43/week @ 2024-12-04 104/week @ 2024-12-11 39/week @ 2024-12-18 38/week @ 2024-12-25 60/week @ 2025-01-01

248 downloads per month

MIT license

57KB
925 lines

actix-web-middleware-keycloak-auth

LICENSE Build and test Lint Crates.io Version Documentation

A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak.

Features

  • Actix Web middleware
  • deny HTTP requests that do not provide a valid JWT (or choose to allow them and handle the authentication state from a following middleware)
  • require one or several Keycloak realm or client roles to be included in the JWT
  • error HTTP responses sent from the middleware can have generic bodies as well as detailed error reasons
  • access JWT claims from handlers (for example: get the ID of the authenticated user)
  • parse custom JWT claims (using Serde)
  • access parsed roles from handlers (every Keycloak role contained in the JWT)
  • compatible with paperclip using the paperclip_compat feature
  • store auth status in request-local data instead of returning a HTTP response (so that the next middleware/handler can try another auth mechanism, for example)

Usage

License

MIT License Copyright (c) 2020 David Sferruzza

Dependencies

~16–32MB
~521K SLoC