From e4c0ff2c7d865237bbd97720b7ce0383198af319 Mon Sep 17 00:00:00 2001 From: Zerek <16066557+Zerek-Cheng@users.noreply.github.com> Date: Wed, 13 Jul 2022 00:45:09 +0800 Subject: [PATCH 1/2] fix: Support the auth_url method called with scope & state params now --- src/keycloak/keycloak_openid.py | 4 +++- src/keycloak/urls_patterns.py | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/keycloak/keycloak_openid.py b/src/keycloak/keycloak_openid.py index ad608d0..b44915f 100644 --- a/src/keycloak/keycloak_openid.py +++ b/src/keycloak/keycloak_openid.py @@ -174,7 +174,7 @@ class KeycloakOpenID: return raise_error_from_response(data_raw, KeycloakGetError) - def auth_url(self, redirect_uri): + def auth_url(self, redirect_uri, scope="email", state=""): """ http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint @@ -185,6 +185,8 @@ class KeycloakOpenID: "authorization-endpoint": self.well_known()["authorization_endpoint"], "client-id": self.client_id, "redirect-uri": redirect_uri, + "scope": scope, + "state": state, } return URL_AUTH.format(**params_path) diff --git a/src/keycloak/urls_patterns.py b/src/keycloak/urls_patterns.py index 3ec134c..18b1951 100644 --- a/src/keycloak/urls_patterns.py +++ b/src/keycloak/urls_patterns.py @@ -32,6 +32,7 @@ URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect" URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}" URL_AUTH = ( "{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}" + "&scope={scope}&state={state} " ) # ADMIN URLS From 962133ec01d9135acba959b59276683736676464 Mon Sep 17 00:00:00 2001 From: Zerek <16066557+Zerek-Cheng@users.noreply.github.com> Date: Wed, 13 Jul 2022 08:48:44 +0800 Subject: [PATCH 2/2] docs: update auth_url method's docstring and readme file --- README.md | 13 +++++++++++++ src/keycloak/keycloak_openid.py | 14 ++++++++++---- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d3572f5..d300fa9 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,19 @@ keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/", # Get WellKnow config_well_known = keycloak_openid.well_known() +# Get Code With Oauth Authorization Request +auth_url = keycloak_openid.auth_url( + redirect_uri="your_call_back_url", + scope="email", + state="your_state_info") + +# Get Access Token With Code +access_token = keycloak_openid.token( + grant_type='authorization_code', + code='the_code_you_get_from_auth_url_callback', + redirect_uri="your_call_back_url") + + # Get Token token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password", totp="012345") diff --git a/src/keycloak/keycloak_openid.py b/src/keycloak/keycloak_openid.py index b44915f..85447b2 100644 --- a/src/keycloak/keycloak_openid.py +++ b/src/keycloak/keycloak_openid.py @@ -176,10 +176,16 @@ class KeycloakOpenID: def auth_url(self, redirect_uri, scope="email", state=""): """ - - http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint - - :return: + Get authorization URL endpoint. + + :param redirect_uri: Redirect url to receive oauth code + :type redirect_uri: str + :param scope: Scope of authorization request, split with the blank space + :type: scope: str + :param state: State will be returned to the redirect_uri + :type: str + :returns: Authorization URL Full Build + :rtype: str """ params_path = { "authorization-endpoint": self.well_known()["authorization_endpoint"],