Browse Source
Merge pull request #353 from Zerek-Cheng/master
fix: Support the auth_url method called with scope & state params now
pull/357/head
v1.8.1
Richard Nemeth
3 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with
26 additions and
4 deletions
-
README.md
-
src/keycloak/keycloak_openid.py
-
src/keycloak/urls_patterns.py
|
|
|
@ -72,6 +72,19 @@ keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/", |
|
|
|
# Get WellKnow |
|
|
|
config_well_known = keycloak_openid.well_known() |
|
|
|
|
|
|
|
# Get Code With Oauth Authorization Request |
|
|
|
auth_url = keycloak_openid.auth_url( |
|
|
|
redirect_uri="your_call_back_url", |
|
|
|
scope="email", |
|
|
|
state="your_state_info") |
|
|
|
|
|
|
|
# Get Access Token With Code |
|
|
|
access_token = keycloak_openid.token( |
|
|
|
grant_type='authorization_code', |
|
|
|
code='the_code_you_get_from_auth_url_callback', |
|
|
|
redirect_uri="your_call_back_url") |
|
|
|
|
|
|
|
|
|
|
|
# Get Token |
|
|
|
token = keycloak_openid.token("user", "password") |
|
|
|
token = keycloak_openid.token("user", "password", totp="012345") |
|
|
|
|
|
|
|
@ -174,17 +174,25 @@ class KeycloakOpenID: |
|
|
|
|
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
def auth_url(self, redirect_uri): |
|
|
|
def auth_url(self, redirect_uri, scope="email", state=""): |
|
|
|
""" |
|
|
|
Get authorization URL endpoint. |
|
|
|
|
|
|
|
http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint |
|
|
|
|
|
|
|
:return: |
|
|
|
:param redirect_uri: Redirect url to receive oauth code |
|
|
|
:type redirect_uri: str |
|
|
|
:param scope: Scope of authorization request, split with the blank space |
|
|
|
:type: scope: str |
|
|
|
:param state: State will be returned to the redirect_uri |
|
|
|
:type: str |
|
|
|
:returns: Authorization URL Full Build |
|
|
|
:rtype: str |
|
|
|
""" |
|
|
|
params_path = { |
|
|
|
"authorization-endpoint": self.well_known()["authorization_endpoint"], |
|
|
|
"client-id": self.client_id, |
|
|
|
"redirect-uri": redirect_uri, |
|
|
|
"scope": scope, |
|
|
|
"state": state, |
|
|
|
} |
|
|
|
return URL_AUTH.format(**params_path) |
|
|
|
|
|
|
|
|
|
|
|
@ -32,6 +32,7 @@ URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect" |
|
|
|
URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}" |
|
|
|
URL_AUTH = ( |
|
|
|
"{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}" |
|
|
|
"&scope={scope}&state={state} " |
|
|
|
) |
|
|
|
|
|
|
|
# ADMIN URLS |
|
|
|
|
