Add SSO E-Cosplay (Keycloak OIDC) and dynamic navbar active state

- Install knpuniversity/oauth2-client-bundle and stevenmaguire/oauth2-keycloak - Register KnpUOAuth2ClientBundle in bundles.php - Configure Keycloak OIDC client (realm e-cosplay, auth.esy-web.dev) - Add keycloakId field to User entity with migration - Create KeycloakAuthenticator with group-to-role mapping (/superadmin -> ROLE_ROOT) - Create OAuthController with SSO routes (/connection/sso/login, logout, check) - Add custom_authenticator to security firewall with form_login entry point - Add auth.esy-web.dev to nelmio external_redirects whitelist and CSP form-action - Add SSO button and error flash messages to login page - Make navbar active state dynamic based on current route (desktop + mobile) - Add Keycloak env vars to .env, .env.local, and ansible/env.local.j2 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 10:38:19 +01:00
parent 28763e7ee1
commit 2405fcc2da
15 changed files with 557 additions and 5 deletions
--- a/composer.json
+++ b/composer.json
@@ -12,6 +12,7 @@
        "doctrine/orm": "^3.6",
        "dompdf/dompdf": "*",
        "endroid/qr-code-bundle": "*",
+        "knpuniversity/oauth2-client-bundle": "^2.20",
        "league/flysystem-aws-s3-v3": "^3.32",
        "league/flysystem-bundle": "^3.6",
        "liip/imagine-bundle": "^2.17",
@@ -19,6 +20,7 @@
        "nelmio/security-bundle": "^3.9",
        "phpdocumentor/reflection-docblock": "^6.0",
        "phpstan/phpdoc-parser": "^2.3",
+        "stevenmaguire/oauth2-keycloak": "^6.1",
        "stripe/stripe-php": "*",
        "symfony/asset": "8.0.*",
        "symfony/console": "8.0.*",