Browse Source

fix: use grant type password with client secret

When both user credentials and client credentials are supplied, this
library used the grant_type=client_credentials. This fix will instead
retrieve the token with grant_type=password, similar to the Keycloak
admin CLI kcadm.sh.
pull/514/head
Jens Trinh 10 months ago
parent
commit
ea0575869d
  1. 6
      src/keycloak/openid_connection.py

6
src/keycloak/openid_connection.py

@ -311,10 +311,10 @@ class KeycloakOpenIDConnection(ConnectionManager):
The admin token is then set in the `token` attribute. The admin token is then set in the `token` attribute.
""" """
grant_type = [] grant_type = []
if self.client_secret_key:
grant_type.append("client_credentials")
elif self.username and self.password:
if self.username and self.password:
grant_type.append("password") grant_type.append("password")
elif self.client_secret_key:
grant_type.append("client_credentials")
if grant_type: if grant_type:
self.token = self.keycloak_openid.token( self.token = self.keycloak_openid.token(

Loading…
Cancel
Save