From a9b39248543b521fe2a5936fe09b3d8509d681c0 Mon Sep 17 00:00:00 2001 From: Jacky Boen Date: Mon, 2 Aug 2021 10:27:17 +0800 Subject: [PATCH] Fix KeycloakAdmin using wrong realm when authenticating with a service account Signed-off-by: Jacky Boen --- keycloak/keycloak_admin.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/keycloak/keycloak_admin.py b/keycloak/keycloak_admin.py index ffb5968..5feceaf 100644 --- a/keycloak/keycloak_admin.py +++ b/keycloak/keycloak_admin.py @@ -1827,14 +1827,17 @@ class KeycloakAdmin: return r def get_token(self): + token_realm_name = 'master' if self.client_secret_key else self.user_realm_name or self.realm_name self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id, - realm_name=self.user_realm_name or self.realm_name, verify=self.verify, + realm_name=token_realm_name, verify=self.verify, client_secret_key=self.client_secret_key, custom_headers=self.custom_headers) grant_type = ["password"] if self.client_secret_key: grant_type = ["client_credentials"] + if self.user_realm_name: + self.realm_name = self.user_realm_name self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type)