[keycloak-user] Discourse SSO with Keycloak

Is there a best practice when it comes to adding hooks to Keycloak for integrating with software that let's you replace their security with Keycloak security? For example, Discourse provides this guide: https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045. It assumes the user is using their own home grown security where they can easily intercept redirects. Is there a mechanism in Keycloak that allows end users to more easily implement the solution they describe in that guide? I realize you don't have time to give me a solution. Can you just nudge me in the right direction?