keycloak.openid_connection ========================== .. py:module:: keycloak.openid_connection .. autoapi-nested-parse:: Keycloak OpenID Connection Manager module. The module contains mainly the implementation of KeycloakOpenIDConnection class. This is an extension of the ConnectionManager class, and handles the automatic refresh of openid tokens when required. Classes ------- .. autoapisummary:: keycloak.openid_connection.KeycloakOpenIDConnection Module Contents --------------- .. py:class:: KeycloakOpenIDConnection(server_url: str | None = None, grant_type: str | None = None, username: str | None = None, password: str | None = None, token: dict | None = None, totp: int | None = None, realm_name: str | None = 'master', client_id: str = 'admin-cli', verify: str | bool = True, client_secret_key: str | None = None, custom_headers: dict | None = None, user_realm_name: str | None = None, timeout: int | None = 60, cert: str | tuple | None = None, max_retries: int = 1, pool_maxsize: int | None = None) Bases: :py:obj:`keycloak.connection.ConnectionManager` A class to help with OpenID connections which can auto refresh tokens. :param object: _description_ :type object: _type_ .. py:attribute:: _server_url :value: None .. py:attribute:: _grant_type :value: None .. py:attribute:: _username :value: None .. py:attribute:: _password :value: None .. py:attribute:: _totp :value: None .. py:attribute:: _realm_name :value: None .. py:attribute:: _client_id :value: None .. py:attribute:: _verify :value: None .. py:attribute:: _client_secret_key :value: None .. py:attribute:: _connection :value: None .. py:attribute:: _custom_headers :value: None .. py:attribute:: _user_realm_name :value: None .. py:attribute:: _expires_at :value: None .. py:attribute:: _keycloak_openid :value: None .. py:attribute:: token_lifetime_fraction :value: 0.9 .. py:attribute:: headers Return header request to the server. :returns: Request headers :rtype: dict .. py:property:: server_url :type: str | None Get server url. :returns: Keycloak server url :rtype: str .. py:property:: grant_type :type: str | None Get grant type. :returns: Grant type :rtype: str .. py:property:: username :type: str | None Get username. :returns: Admin username :rtype: str .. py:property:: password :type: str | None Get password. :returns: Admin password :rtype: str .. py:property:: token :type: dict | None Get token. :returns: Access and refresh token :rtype: dict .. py:property:: totp :type: int | None Get totp. :returns: TOTP :rtype: str .. py:property:: realm_name :type: str | None Get realm name. :returns: Realm name :rtype: str .. py:property:: client_id :type: str | None Get client id. :returns: Client id :rtype: str .. py:attribute:: verify :value: True Return verify in use for request to the server. :returns: Verify indicator :rtype: bool .. py:property:: client_secret_key :type: str | None Get client secret key. :returns: Client secret key :rtype: str .. py:property:: user_realm_name :type: str | None Get user realm name. :returns: User realm name :rtype: str .. py:attribute:: timeout :value: 60 Return timeout in use for request to the server. :returns: Timeout :rtype: int .. py:property:: custom_headers :type: dict | None Get custom headers. :returns: Custom headers :rtype: dict .. py:attribute:: cert :value: None Return client certificates in use for request to the server. :returns: Client certificate :rtype: Union[str,Tuple[str,str]] .. py:property:: expires_at :type: datetime.datetime | None Get token expiry time. :returns: Datetime at which the current token will expire :rtype: datetime .. py:property:: keycloak_openid :type: keycloak.keycloak_openid.KeycloakOpenID Get the KeycloakOpenID object. The KeycloakOpenID is used to refresh tokens :returns: KeycloakOpenID :rtype: KeycloakOpenID .. py:method:: get_token() -> None Get admin token. The admin token is then set in the `token` attribute. .. py:method:: refresh_token() -> None Refresh the token. :raises KeycloakPostError: In case the refresh token request failed. .. py:method:: _refresh_if_required() -> None .. py:method:: raw_get(*args: Any, **kwargs: Any) -> requests.Response Call connection.raw_get. If auto_refresh is set for *get* and *access_token* is expired, it will refresh the token and try *get* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: raw_post(*args: Any, **kwargs: Any) -> requests.Response Call connection.raw_post. If auto_refresh is set for *post* and *access_token* is expired, it will refresh the token and try *post* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: raw_put(*args: Any, **kwargs: Any) -> requests.Response Call connection.raw_put. If auto_refresh is set for *put* and *access_token* is expired, it will refresh the token and try *put* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: raw_delete(*args: Any, **kwargs: Any) -> requests.Response Call connection.raw_delete. If auto_refresh is set for *delete* and *access_token* is expired, it will refresh the token and try *delete* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: a_get_token() -> None :async: Get admin token. The admin token is then set in the `token` attribute. .. py:method:: a_refresh_token() -> None :async: Refresh the token. :raises KeycloakPostError: In case the refresh token request failed. .. py:method:: a__refresh_if_required() -> None :async: Refresh the token if it is expired. .. py:method:: a_raw_get(*args: Any, **kwargs: Any) -> httpx.Response :async: Call connection.raw_get. If auto_refresh is set for *get* and *access_token* is expired, it will refresh the token and try *get* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: a_raw_post(*args: Any, **kwargs: Any) -> httpx.Response :async: Call connection.raw_post. If auto_refresh is set for *post* and *access_token* is expired, it will refresh the token and try *post* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: a_raw_put(*args: Any, **kwargs: Any) -> httpx.Response :async: Call connection.raw_put. If auto_refresh is set for *put* and *access_token* is expired, it will refresh the token and try *put* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response .. py:method:: a_raw_delete(*args: Any, **kwargs: Any) -> httpx.Response :async: Call connection.raw_delete. If auto_refresh is set for *delete* and *access_token* is expired, it will refresh the token and try *delete* once more. :param args: Additional arguments :type args: tuple :param kwargs: Additional keyword arguments :type kwargs: dict :returns: Response :rtype: Response