6 releases (3 breaking)
0.4.0 | Apr 5, 2022 |
---|---|
0.4.0-beta.2 | Nov 5, 2021 |
0.4.0-beta.1 | Sep 22, 2021 |
0.3.0 | Jan 22, 2021 |
0.1.0 | Nov 25, 2020 |
#361 in HTTP server
222 downloads per month
55KB
923 lines
actix-web-middleware-keycloak-auth
A middleware for Actix Web that handles authentication with a JWT emitted by Keycloak.
Features
- Actix Web middleware
- deny HTTP requests that do not provide a valid JWT (or choose to allow them and handle the authentication state from a following middleware)
- require one or several Keycloak realm or client roles to be included in the JWT
- error HTTP responses sent from the middleware can have generic bodies as well as detailed error reasons
- access JWT claims from handlers (for example: get the ID of the authenticated user)
- parse custom JWT claims (using Serde)
- access parsed roles from handlers (every Keycloak role contained in the JWT)
- compatible with paperclip using the
paperclip_compat
feature - store auth status in request-local data instead of returning a HTTP response (so that the next middleware/handler can try another auth mechanism, for example)
Usage
License
MIT License Copyright (c) 2020 David Sferruzza
Dependencies
~21–32MB
~727K SLoC