Merge pull request #58 from twsI/feature/public-key

Added public key method

README.md

@@ -97,7 +97,7 @@ token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['ac
 token_info = keycloak_openid.introspect(token['access_token']))
 
 # Decode Token
-KEYCLOAK_PUBLIC_KEY = "secret"
+KEYCLOAK_PUBLIC_KEY = keycloak_openid.public_key()
 options = {"verify_signature": True, "verify_aud": True, "exp": True}
 token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
 

keycloak/keycloak_openid.py

@@ -30,6 +30,7 @@ from .connection import ConnectionManager
 from .exceptions import raise_error_from_response, KeycloakGetError, \
     KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError
 from .urls_patterns import (
+    URL_REALM,
     URL_AUTH,
     URL_TOKEN,
     URL_USERINFO,
@@ -265,6 +266,17 @@ class KeycloakOpenID:
         params_path = {"realm-name": self.realm_name}
         data_raw = self.connection.raw_get(URL_CERTS.format(**params_path))
         return raise_error_from_response(data_raw, KeycloakGetError)
+    
+    def public_key(self):
+        """
+        The public key is exposed by the realm page directly.
+
+        :return:
+        """
+        params_path = {"realm-name": self.realm_name}
+        data_raw = self.connection.raw_get(URL_REALM.format(**params_path))
+        return raise_error_from_response(data_raw, KeycloakGetError)['public_key']
+
 
     def entitlement(self, token, resource_server_id):
         """

keycloak/urls_patterns.py

@@ -22,6 +22,7 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 # OPENID URLS
+URL_REALM = "realms/{realm-name}"
 URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration"
 URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token"
 URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo"