Browse Source

fix: retry upon 401

542-keycloakadmin-not-recovering-from-keycloakauthenticationerror
Richard Nemeth 6 days ago
parent
commit
ad6ff06184
No known key found for this signature in database GPG Key ID: 21C39470DF3DEC39
  1. 32
      src/keycloak/openid_connection.py
  2. 10
      tests/test_keycloak_admin.py

32
src/keycloak/openid_connection.py

@ -389,6 +389,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
self._refresh_if_required()
r = super().raw_get(*args, **kwargs)
if r.status_code == 401:
self.refresh_token()
r = super().raw_get(*args, **kwargs)
return r
def raw_post(self, *args, **kwargs):
@ -406,6 +410,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
self._refresh_if_required()
r = super().raw_post(*args, **kwargs)
if r.status_code == 401:
self.refresh_token()
r = super().raw_post(*args, **kwargs)
return r
def raw_put(self, *args, **kwargs):
@ -423,6 +431,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
self._refresh_if_required()
r = super().raw_put(*args, **kwargs)
if r.status_code == 401:
self.refresh_token()
r = super().raw_put(*args, **kwargs)
return r
def raw_delete(self, *args, **kwargs):
@ -440,6 +452,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
self._refresh_if_required()
r = super().raw_delete(*args, **kwargs)
if r.status_code == 401:
self.refresh_token()
r = super().raw_delete(*args, **kwargs)
return r
async def a_get_token(self):
@ -496,6 +512,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
await self.a__refresh_if_required()
r = await super().a_raw_get(*args, **kwargs)
if r.status_code == 401:
await self.a_refresh_token()
r = await super().a_raw_get(*args, **kwargs)
return r
async def a_raw_post(self, *args, **kwargs):
@ -513,6 +533,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
await self.a__refresh_if_required()
r = await super().a_raw_post(*args, **kwargs)
if r.status_code == 401:
await self.a_refresh_token()
r = await super().a_raw_post(*args, **kwargs)
return r
async def a_raw_put(self, *args, **kwargs):
@ -530,6 +554,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
await self.a__refresh_if_required()
r = await super().a_raw_put(*args, **kwargs)
if r.status_code == 401:
await self.a_refresh_token()
r = await super().a_raw_put(*args, **kwargs)
return r
async def a_raw_delete(self, *args, **kwargs):
@ -547,4 +575,8 @@ class KeycloakOpenIDConnection(ConnectionManager):
"""
await self.a__refresh_if_required()
r = await super().a_raw_delete(*args, **kwargs)
if r.status_code == 401:
await self.a_refresh_token()
r = await super().a_raw_delete(*args, **kwargs)
return r

10
tests/test_keycloak_admin.py

@ -2771,9 +2771,8 @@ def test_auto_refresh(admin_frozen: KeycloakAdmin, realm: str):
"Content-Type": "application/json",
}
with pytest.raises(KeycloakAuthenticationError) as err:
admin.get_realm(realm_name=realm)
assert err.match('401: b\'{"error":"HTTP 401 Unauthorized".*}\'')
res = admin.get_realm(realm_name=realm)
assert res["realm"] == realm
# Freeze time to simulate the access token expiring
with freezegun.freeze_time("2023-02-25 10:05:00"):
@ -6008,9 +6007,8 @@ async def test_a_auto_refresh(admin_frozen: KeycloakAdmin, realm: str):
"Content-Type": "application/json",
}
with pytest.raises(KeycloakAuthenticationError) as err:
await admin.a_get_realm(realm_name=realm)
assert err.match('401: b\'{"error":"HTTP 401 Unauthorized".*}\'')
res = await admin.a_get_realm(realm_name=realm)
assert res["realm"] == realm
# Freeze time to simulate the access token expiring
with freezegun.freeze_time("2023-02-25 10:05:00"):

Loading…
Cancel
Save