Browse Source
Merge pull request #58 from twsI/feature/public-key
Added public key method
pull/64/head
Marcos Pereira
5 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with
14 additions and
1 deletions
-
README.md
-
keycloak/keycloak_openid.py
-
keycloak/urls_patterns.py
|
|
@ -97,7 +97,7 @@ token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['ac |
|
|
|
token_info = keycloak_openid.introspect(token['access_token'])) |
|
|
|
|
|
|
|
# Decode Token |
|
|
|
KEYCLOAK_PUBLIC_KEY = "secret" |
|
|
|
KEYCLOAK_PUBLIC_KEY = keycloak_openid.public_key() |
|
|
|
options = {"verify_signature": True, "verify_aud": True, "exp": True} |
|
|
|
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options) |
|
|
|
|
|
|
|
|
|
@ -30,6 +30,7 @@ from .connection import ConnectionManager |
|
|
|
from .exceptions import raise_error_from_response, KeycloakGetError, \ |
|
|
|
KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError |
|
|
|
from .urls_patterns import ( |
|
|
|
URL_REALM, |
|
|
|
URL_AUTH, |
|
|
|
URL_TOKEN, |
|
|
|
URL_USERINFO, |
|
|
@ -266,6 +267,17 @@ class KeycloakOpenID: |
|
|
|
data_raw = self.connection.raw_get(URL_CERTS.format(**params_path)) |
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
def public_key(self): |
|
|
|
""" |
|
|
|
The public key is exposed by the realm page directly. |
|
|
|
|
|
|
|
:return: |
|
|
|
""" |
|
|
|
params_path = {"realm-name": self.realm_name} |
|
|
|
data_raw = self.connection.raw_get(URL_REALM.format(**params_path)) |
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError)['public_key'] |
|
|
|
|
|
|
|
|
|
|
|
def entitlement(self, token, resource_server_id): |
|
|
|
""" |
|
|
|
Client applications can use a specific endpoint to obtain a special security token |
|
|
|
|
|
@ -22,6 +22,7 @@ |
|
|
|
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
|
|
|
|
|
|
|
# OPENID URLS |
|
|
|
URL_REALM = "realms/{realm-name}" |
|
|
|
URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration" |
|
|
|
URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token" |
|
|
|
URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo" |
|
|
|