keycloak.openid_connection

Keycloak OpenID Connection Manager module.

The module contains mainly the implementation of KeycloakOpenIDConnection class. This is an extension of the ConnectionManager class, and handles the automatic refresh of openid tokens when required.

Module Contents

Classes

KeycloakOpenIDConnection

A class to help with OpenID connections which can auto refresh tokens.

class keycloak.openid_connection.KeycloakOpenIDConnection(server_url, username=None, password=None, token=None, totp=None, realm_name='master', client_id='admin-cli', verify=True, client_secret_key=None, custom_headers=None, user_realm_name=None, timeout=60)

Bases: keycloak.connection.ConnectionManager

A class to help with OpenID connections which can auto refresh tokens.

Parameters:

object (_type_) – _description_

property server_url

Get server url.

Returns:

Keycloak server url

Return type:

str

property realm_name

Get realm name.

Returns:

Realm name

Return type:

str

property client_id

Get client id.

Returns:

Client id

Return type:

str

property client_secret_key

Get client secret key.

Returns:

Client secret key

Return type:

str

property username

Get username.

Returns:

Admin username

Return type:

str

property password

Get password.

Returns:

Admin password

Return type:

str

property totp

Get totp.

Returns:

TOTP

Return type:

str

property token

Get token.

Returns:

Access and refresh token

Return type:

dict

property expires_at

Get token expiry time.

Returns:

Datetime at which the current token will expire

Return type:

datetime

property user_realm_name

Get user realm name.

Returns:

User realm name

Return type:

str

property custom_headers

Get custom headers.

Returns:

Custom headers

Return type:

dict

property keycloak_openid: keycloak.keycloak_openid.KeycloakOpenID

Get the KeycloakOpenID object.

The KeycloakOpenID is used to refresh tokens

Returns:

KeycloakOpenID

Return type:

KeycloakOpenID

_server_url

_username

_password

_totp

_realm_name

_client_id

_verify

_client_secret_key

_connection

_custom_headers

_user_realm_name

_expires_at

_keycloak_openid

get_token()

Get admin token.

The admin token is then set in the token attribute.

refresh_token()

Refresh the token.

Raises:

KeycloakPostError – In case the refresh token request failed.

_refresh_if_required()

raw_get(*args, **kwargs)

Call connection.raw_get.

If auto_refresh is set for get and access_token is expired, it will refresh the token and try get once more.

Parameters:

• args (tuple) – Additional arguments

• kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_post(*args, **kwargs)

Call connection.raw_post.

If auto_refresh is set for post and access_token is expired, it will refresh the token and try post once more.

Parameters:

• args (tuple) – Additional arguments

• kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_put(*args, **kwargs)

Call connection.raw_put.

If auto_refresh is set for put and access_token is expired, it will refresh the token and try put once more.

Parameters:

• args (tuple) – Additional arguments

• kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response

raw_delete(*args, **kwargs)

Call connection.raw_delete.

If auto_refresh is set for delete and access_token is expired, it will refresh the token and try delete once more.

Parameters:

• args (tuple) – Additional arguments

• kwargs (dict) – Additional keyword arguments

Returns:

Response

Return type:

Response