# Kloak
Kloak is a simple wrapper for [OAuth2](https://hex.pm/packages/oauth2), which can be used for authenticating users with [Phoenix](https://hex.pm/packages/phoenix) and a [Keycloak](https://www.keycloak.org/) IDM.
## Installation
The package can be installed by adding `kloak` to your list of dependencies in `mix.exs`:
```elixir
def deps do
[
{:kloak, "~> 0.2.1"}
]
end
```
## Usage
Using `Kloak` with a `Phoenix` application is quite easy. To perform authentication with Keycloak, you need to implement at least one `login` and one `callback` controller function e.g. in your `authentication_controller`.
```elixir
@doc "Login controller action which redirects to Keycloak for authentication."
def login(conn, _) do
with {:ok, client} <- Kloak.Client.new(),
{:ok, nonce} <- Kloak.generate_nonce(),
{:ok, redirect_url} <- Kloak.authorize_url(client, scope: "openid", state: nonce, redirect_uri: url(~p"/auth/callback")) do
conn
|> Kloak.put_oidc_state(nonce)
|> redirect(external: redirect_url)
end
end
```
```elixir
@doc "Callback controller action which is called when a users is redirected from Keycloak."
def callback(conn, %{"code" => code, "state" => state}) do
with {:ok, true} <- Kloak.verify_oidc_state(conn, state),
{:ok, client} <- Kloak.Client.new(),
{:ok, token} <- Kloak.get_token(client, code: code, redirect_uri: url(~p"/auth/callback")),
{:ok, client} <- Kloak.Client.new(token: token),
{:ok, user_information} <- Kloak.user_information(client) do
# Do something with the user information
IO.inspect(user_information)
# Authentication was successful
conn
|> put_session(:token, token)
|> put_flash(:info, gettext("You have successfully logged in."))
|> redirect(to: ~p"/dashboard")
end
end
```
## License
The MIT License (MIT). Please see [LICENSE](LICENSE) for more information.