Skip to main content

An extension for authentication with Keycloak

Project description

ckanext-keycloak - Keycloak authentication extension

Ckanext-keycloak is a extension for enalbing the user authentication with Keycloak, an open source software product to allow single sign-on with Identity Management and Access Management aimed at modern applications and services.

This extension provides an ability to let users use access-token from Keycloak server to access CKAN functions via CKAN REST Api.

Notes:

  • A new user will be created automatically in ckan database for the corresponding keycloak user if it does not exist.

  • Original ckan authentication still works normally with this extension.

Requirements

This extension was developed and tested under CKAN-2.7.3 and Keycloak-2.5.5

Installation

To install ckanext-keycloak:

  1. Activate your CKAN virtual environment, for example:

    . /usr/lib/ckan/default/bin/activate
  2. Install the ckanext-keycloak Python package into your virtual environment:

    pip install ckanext-keycloak
  3. Add keycloak setting in your CKAN config file (by default the config file is located at /etc/ckan/default/production.ini) as follows:

    ckan.plugins = keycloak <other-plugins>
    ckan.keycloak.authorization_endpoint = http://localhost/auth
    ckan.keycloak.realm = master
    ckan.keycloak.client_id = client_id
    ckan.keycloak.client_secret = client_secret
    ckan.keycloak.sysadmin_group_name = admin
    ckan.keycloak.profile_group_field = group
    ckan.keycloak.profile_username_field = preferred_username
    ckan.keycloak.profile_email_field = email
    ckan.keycloak.profile_fullname_field = name
  4. Restart CKAN. For example if you’ve deployed CKAN with Apache on Ubuntu:

    sudo service apache2 reload

Development Installation

To install ckanext-keycloak for development, activate your CKAN virtualenv and do:

git clone https://github.com/etri-odp/ckanext-keycloak.git
cd ckanext-keycloak
python setup.py develop
pip install -r dev-requirements.txt

Running the Tests

To run the tests, do:

nosetests --nologcapture --with-pylons=test.ini

To run the tests and produce a coverage report, first make sure you have coverage installed in your virtualenv (pip install coverage) then run:

nosetests --nologcapture --with-pylons=test.ini --with-coverage --cover-package=ckanext.keycloak --cover-inclusive --cover-erase --cover-tests

Registering ckanext-keycloak on PyPI

ckanext-keycloak should be availabe on PyPI as https://pypi.python.org/pypi/ckanext-keycloak. If that link doesn’t work, then you can register the project on PyPI for the first time by following these steps:

  1. Create a source distribution of the project:

    python setup.py sdist
  2. Register the project:

    python setup.py register
  3. Upload the source distribution to PyPI:

    python setup.py sdist upload
  4. Tag the first release of the project on GitHub with the version number from the setup.py file. For example if the version number in setup.py is 0.0.1 then do:

    git tag 0.0.1
    git push --tags

Acknowledgements

This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No.2017-00253, Development of an Advanced Open Data Distribution Platform based on International Standards)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ckanext-keycloak-0.0.1.tar.gz (20.1 kB view details)

Uploaded Source

Built Distribution

ckanext_keycloak-0.0.1-py2-none-any.whl (18.3 kB view details)

Uploaded Python 2

File details

Details for the file ckanext-keycloak-0.0.1.tar.gz.

File metadata

  • Download URL: ckanext-keycloak-0.0.1.tar.gz
  • Upload date:
  • Size: 20.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.11.1 setuptools/20.4 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.12

File hashes

Hashes for ckanext-keycloak-0.0.1.tar.gz
Algorithm Hash digest
SHA256 5fea92fb7284202721fd7f39531ecf82fc390b5f2dacb192d3cd3aa4dd7d164b
MD5 1e2b8a0810ea84e98c51fe7442b9c2c9
BLAKE2b-256 ce449190eece43312111680cd189ea296eb96d23d26a7361dc3d7c88943056f3

See more details on using hashes here.

File details

Details for the file ckanext_keycloak-0.0.1-py2-none-any.whl.

File metadata

  • Download URL: ckanext_keycloak-0.0.1-py2-none-any.whl
  • Upload date:
  • Size: 18.3 kB
  • Tags: Python 2
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.11.1 setuptools/20.4 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.12

File hashes

Hashes for ckanext_keycloak-0.0.1-py2-none-any.whl
Algorithm Hash digest
SHA256 acbe0a9d046d0d8e39712f7d969d4f7f4d920a5983840d73a29abde21efafd5d
MD5 b5ef80224496564429de94b156fedce3
BLAKE2b-256 1abd05f70a19c027fe203a3bdb0619daae67a34d88609bd5408035fc594957fe

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page