keycloak.openid_connection

Keycloak OpenID Connection Manager module.

The module contains mainly the implementation of KeycloakOpenIDConnection class. This is an extension of the ConnectionManager class, and handles the automatic refresh of openid tokens when required.

Classes

KeycloakOpenIDConnection

A class to help with OpenID connections which can auto refresh tokens.

Module Contents

class keycloak.openid_connection.KeycloakOpenIDConnection(server_url, grant_type=None, username=None, password=None, token=None, totp=None, realm_name='master', client_id='admin-cli', verify=True, client_secret_key=None, custom_headers=None, user_realm_name=None, timeout=60, cert=None, max_retries=1)[source]

Bases: keycloak.connection.ConnectionManager

A class to help with OpenID connections which can auto refresh tokens.

Parameters:

object (_type_) – _description_

_server_url = None[source]
_grant_type = None[source]
_username = None[source]
_password = None[source]
_totp = None[source]
_realm_name = None[source]
_client_id = None[source]
_verify = None[source]
_client_secret_key = None[source]
_connection = None[source]
_custom_headers = None[source]
_user_realm_name = None[source]
_expires_at = None[source]
_keycloak_openid = None[source]
token_lifetime_fraction = 0.9[source]
headers[source]

Return header request to the server.

Returns:

Request headers

Return type:

dict

property server_url[source]

Get server url.

Returns:

Keycloak server url

Return type:

str

property grant_type[source]

Get grant type.

Returns:

Grant type

Return type:

str

property username[source]

Get username.

Returns:

Admin username

Return type:

str

property password[source]

Get password.

Returns:

Admin password

Return type:

str

property token[source]

Get token.

Returns:

Access and refresh token

Return type:

dict

property totp[source]

Get totp.

Returns:

TOTP

Return type:

str

property realm_name[source]

Get realm name.

Returns:

Realm name

Return type:

str

property client_id[source]

Get client id.

Returns:

Client id

Return type:

str

verify = True[source]

Return verify in use for request to the server.

Returns:

Verify indicator

Return type:

bool

property client_secret_key[source]

Get client secret key.

Returns:

Client secret key

Return type:

str

property user_realm_name[source]

Get user realm name.

Returns:

User realm name

Return type:

str

timeout = 60[source]

Return timeout in use for request to the server.

Returns:

Timeout

Return type:

int

property custom_headers[source]

Get custom headers.

Returns:

Custom headers

Return type:

dict

cert = None[source]

Return client certificates in use for request to the server.

Returns:

Client certificate

Return type:

Union[str,Tuple[str,str]]

property expires_at[source]

Get token expiry time.

Returns:

Datetime at which the current token will expire

Return type:

datetime

property keycloak_openid: keycloak.keycloak_openid.KeycloakOpenID[source]

Get the KeycloakOpenID object.

The KeycloakOpenID is used to refresh tokens

Returns:

KeycloakOpenID

Return type:

KeycloakOpenID

get_token()[source]

Get admin token.

The admin token is then set in the token attribute.

refresh_token()[source]

Refresh the token.

Raises:

KeycloakPostError – In case the refresh token request failed.

_refresh_if_required()[source]
raw_get(*args, **kwargs)[source]

Call connection.raw_get.

If auto_refresh is set for get and access_token is expired, it will refresh the token and try get once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_post(*args, **kwargs)[source]

Call connection.raw_post.

If auto_refresh is set for post and access_token is expired, it will refresh the token and try post once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_put(*args, **kwargs)[source]

Call connection.raw_put.

If auto_refresh is set for put and access_token is expired, it will refresh the token and try put once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_delete(*args, **kwargs)[source]

Call connection.raw_delete.

If auto_refresh is set for delete and access_token is expired, it will refresh the token and try delete once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

async a_get_token()[source]

Get admin token.

The admin token is then set in the token attribute.

async a_refresh_token()[source]

Refresh the token.

Raises:

KeycloakPostError – In case the refresh token request failed.

async a__refresh_if_required()[source]

Refresh the token if it is expired.

async a_raw_get(*args, **kwargs)[source]

Call connection.raw_get.

If auto_refresh is set for get and access_token is expired, it will refresh the token and try get once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

async a_raw_post(*args, **kwargs)[source]

Call connection.raw_post.

If auto_refresh is set for post and access_token is expired, it will refresh the token and try post once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

async a_raw_put(*args, **kwargs)[source]

Call connection.raw_put.

If auto_refresh is set for put and access_token is expired, it will refresh the token and try put once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

async a_raw_delete(*args, **kwargs)[source]

Call connection.raw_delete.

If auto_refresh is set for delete and access_token is expired, it will refresh the token and try delete once more.

Parameters:
  • args (tuple) – Additional arguments

  • kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response