For the config.php I only modify the following values:
- secretsalt
- auth.adminpassword
The comments above secretsalt give examples of how to generate the value.
I put authsources and our Keycloak JSON configs here: XDMOD and Keycloak · GitHub
The saml20-idp-remote.php I got from using the simplesamlphp interface, somewhere once you have the config.php and authsources.php is a way to generate the metadata. Looking at my notes I think you go to https://<XDMOD server name>/simplesaml/module.php/saml/sp/metadata.php/default-sp and it will need information from Keycloak which I got by doing this curl https://<Keycloak server name>/auth/realms/<REALM name>/protocol/saml/descriptor. If I remember correctly that will generate the PHP you need for the saml20-idp-remote.php.
I used Puppet to generate the certs specific to the simplesamplphp SP but the command you can use to generate them is here: Open XDMoD - Setting up XDMoD for LDAP Authentication. Further details about the XDMOD side of things is here: Open XDMoD - Single Sign On Guide
Based on the errors you got it looks like your redirect URL in Keycloak is wrong, the value you should use is in the Keycloak Client JSON in the Gist linked above.