From d743e43065344c7e1f96461a7f4197000715e161 Mon Sep 17 00:00:00 2001
From: twsl <45483159+twsI@users.noreply.github.com>
Date: Fri, 14 Feb 2020 00:12:00 +0100
Subject: [PATCH] Added public key method

---
 README.md                   |  2 +-
 keycloak/keycloak_openid.py | 14 +++++++++++++-
 keycloak/urls_patterns.py   |  1 +
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5f39f86..d3b71e5 100644
--- a/README.md
+++ b/README.md
@@ -97,7 +97,7 @@ token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['ac
 token_info = keycloak_openid.introspect(token['access_token']))
 
 # Decode Token
-KEYCLOAK_PUBLIC_KEY = "secret"
+KEYCLOAK_PUBLIC_KEY = keycloak_openid.public_key()
 options = {"verify_signature": True, "verify_aud": True, "exp": True}
 token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
 
diff --git a/keycloak/keycloak_openid.py b/keycloak/keycloak_openid.py
index b196a85..2d12678 100644
--- a/keycloak/keycloak_openid.py
+++ b/keycloak/keycloak_openid.py
@@ -30,6 +30,7 @@ from .connection import ConnectionManager
 from .exceptions import raise_error_from_response, KeycloakGetError, \
     KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError
 from .urls_patterns import (
+    URL_REALM,
     URL_AUTH,
     URL_TOKEN,
     URL_USERINFO,
@@ -263,8 +264,19 @@ class KeycloakOpenID:
         :return:
         """
         params_path = {"realm-name": self.realm_name}
-        data_raw = self.connection.raw_get(URL_CERTS.format(**params_path))
+        data_raw = self.connection.raw_get(URL_REALM.format(**params_path))
         return raise_error_from_response(data_raw, KeycloakGetError)
+    
+    def public_key(self):
+        """
+        The public key is exposed by the realm page directly.
+
+        :return:
+        """
+        params_path = {"realm-name": self.realm_name}
+        data_raw = self.connection.raw_get(URL_CERTS.format(**params_path))
+        return raise_error_from_response(data_raw, KeycloakGetError)['public_key']
+
 
     def entitlement(self, token, resource_server_id):
         """
diff --git a/keycloak/urls_patterns.py b/keycloak/urls_patterns.py
index fad3455..e3f4d95 100644
--- a/keycloak/urls_patterns.py
+++ b/keycloak/urls_patterns.py
@@ -22,6 +22,7 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 # OPENID URLS
+URL_REALM = "realms/{realm-name}"
 URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration"
 URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token"
 URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo"