We don’t currently offer integration with well known http libs. We'll be interesting
in providing adapter for Alamofire or (a Swift version of AFNetworking, very much in
progress). Here’s a ticket to track it .
Actually to integrate with http layer you need to have a AuthzModule protocol  and to
provide a seamless integration of Oauth2 within your http layer you should do something
like  using extension request.
Do not hesitate to share with us if you decide to do other adapters.
iOS AeroGear dev
On 30 Oct 2014, at 11:50, Kaustubh Kabra <kaustubh.kabra(a)xtremumsolutions.com>
I went through libraries provided by Corinne in previous mail but have few questions for
implementation on android and iOS -
1. Support for existing third party libraries ?
As of now, we are using ASIHTTPS (https://github.com/pokeb/asi-http-request
) for iOS and Volley for
android. Rather than replacing them with Aerogear libraries considering overall stability
of HTTP requests, can we augment those libraries to support key cloak OAUTH2 ?
2. OAUTH implementation possibilites -
Can we use/tweak approach mentioned in above answers/library to work with KeyCloak
Thanks in advance !
On Fri, Sep 26, 2014 at 11:43 AM, Sagar Zond <sagar.zond(a)xtremumsolutions.com>
+Please go through following libs, We can use this to integrate with Oauth server.
---------- Forwarded message ----------
From: Corinne Krych <corinnekrych(a)gmail.com>
Date: Thu, Sep 25, 2014 at 9:06 PM
Subject: Re: [keycloak-dev] Keycloak Intergration
To: "keycloak-user(a)lists.jboss.org" <keycloak-dev(a)lists.jboss.org>
Cc: Sagar Zond <sagar.zond(a)xtremumsolutions.com>, Shashank Singh
<shashank.singh(a)xtremumsolutions.com>, Bill Burke <bburke(a)redhat.com>
For Keycloak OAuth2, AeroGear provides a sdk, we have both Obj-C and Swift. Although
lastest features goes in Swift version.
1. AeroGear-iOS 1.6 targets obj-c code  with its associated test repo , [2bis]
2. AeroGear 2.0 is modularized and based on Swift:
Here you can find interesting access/refresh/revoke simple example:
Note that 2.0 is on its way and should be release early October.
http module (aerogear-ios-http coupled with aerogear-ios-oauth2) is taking care of
refreshing implictly tokens for you.
Some blog posts . I’m actually going to write an update blog post for Swift version.
Some links to go through.. Feedback welcome.
On 25 Sep 2014, at 15:32, Bill Burke <bburke(a)redhat.com> wrote:
> Sagar, I'm moving this to keycloak-dev list. See comments inline
> On 9/25/2014 6:53 AM, Sagar Zond wrote:
>> We are planning to use KeyClock for OAuth authorization server for our
>> API platform. Our understanding to KeyClock and OAuth is not very clear
>> so need your help to properly utilize KeyClock features.
>> Just to introduce our self, we are a start-up firm and creating products
>> for Health care domain. In our architecture we will have multiple Rest
>> API servers and multiple types of client like mobile, web and publicly
>> expose API. KeyCloak can be used as authentication and authorization
>> server. We have already gone through most of KeyCloak tutorials.
>> Here are few points of which we need answer -
>> 1. API platform will be registered as application server on KeyClock and
>> clients (mobile app, web app or other app) will be authorized by
>> keyclock as per defined role. Is this a proper use case of KeyClock ?
> You'll have to elaborate. I don't know exactly what you are saying.
> Your REST API server would be registered as a Keycloak "Application".
> You can define roles per "Application" or at the Realm level (global
>> 2. How do we integrate OAuth into mobile app ? Where can we write token
>> refresh logic?
> You can start off by defining an public "OAuth Client" per mobile app.
> You can use the direct grant REST API to obtain a token, or, use mobile
> redirects to login through the mobile's browser. I believe the Aerogear
> project is doing some work around Keycloak IOS and Android clients, but
> you'd have to ping them.
>> 3. How we can add more fields in session? e.g. if we want to add more
>> token in header which may contain some extra application specific
>> encrypted data.
> Not sure what you mean. We don't have a nice way of adding claims to
> the token at the moment.
>> 4. We are currently using OpenDS Ldap for authentication and we already
>> have number of registered users which currently using API. So we need
>> Keyclock to be configured for OpenDS, so please suggested how to
>> integrate OpenDS with KeyClock.
> We have LDAP integration:
> Bill Burke
> JBoss, a division of Red Hat
> keycloak-dev mailing list