Browse Source

fix: add scopes to device auth (#599)

* feat: add scopes to device authorization

* fix: add types

---------

Co-authored-by: Marlene <marlene.koh@xtraman.org>
pull/605/head v4.6.2
Marlene Koh 3 months ago
committed by GitHub
parent
commit
032418de63
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
  1. 12
      src/keycloak/keycloak_openid.py

12
src/keycloak/keycloak_openid.py

@ -822,7 +822,7 @@ class KeycloakOpenID:
) )
return raise_error_from_response(data_raw, KeycloakPostError) return raise_error_from_response(data_raw, KeycloakPostError)
def device(self):
def device(self, scope: str = ""):
"""Get device authorization grant. """Get device authorization grant.
The device endpoint is used to obtain a user code verification and user authentication. The device endpoint is used to obtain a user code verification and user authentication.
@ -837,11 +837,13 @@ class KeycloakOpenID:
https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow
https://github.com/keycloak/keycloak-community/blob/main/design/oauth2-device-authorization-grant.md#how-to-try-it https://github.com/keycloak/keycloak-community/blob/main/design/oauth2-device-authorization-grant.md#how-to-try-it
:param scope: Scope of authorization request, split with the blank space
:type scope: str
:returns: Device Authorization Response :returns: Device Authorization Response
:rtype: dict :rtype: dict
""" """
params_path = {"realm-name": self.realm_name} params_path = {"realm-name": self.realm_name}
payload = {"client_id": self.client_id}
payload = {"client_id": self.client_id, "scope": scope}
payload = self._add_secret_key(payload) payload = self._add_secret_key(payload)
data_raw = self.connection.raw_post(URL_DEVICE.format(**params_path), data=payload) data_raw = self.connection.raw_post(URL_DEVICE.format(**params_path), data=payload)
@ -1464,7 +1466,7 @@ class KeycloakOpenID:
) )
return raise_error_from_response(data_raw, KeycloakPostError) return raise_error_from_response(data_raw, KeycloakPostError)
async def a_device(self):
async def a_device(self, scope: str = ""):
"""Get device authorization grant asynchronously. """Get device authorization grant asynchronously.
The device endpoint is used to obtain a user code verification and user authentication. The device endpoint is used to obtain a user code verification and user authentication.
@ -1479,11 +1481,13 @@ class KeycloakOpenID:
https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow
https://github.com/keycloak/keycloak-community/blob/main/design/oauth2-device-authorization-grant.md#how-to-try-it https://github.com/keycloak/keycloak-community/blob/main/design/oauth2-device-authorization-grant.md#how-to-try-it
:param scope: Scope of authorization request, split with the blank space
:type scope: str
:returns: Device Authorization Response :returns: Device Authorization Response
:rtype: dict :rtype: dict
""" """
params_path = {"realm-name": self.realm_name} params_path = {"realm-name": self.realm_name}
payload = {"client_id": self.client_id}
payload = {"client_id": self.client_id, "scope": scope}
payload = self._add_secret_key(payload) payload = self._add_secret_key(payload)
data_raw = await self.connection.a_raw_post(URL_DEVICE.format(**params_path), data=payload) data_raw = await self.connection.a_raw_post(URL_DEVICE.format(**params_path), data=payload)

Loading…
Cancel
Save