Extensions for django-allauth module to support groups of Keycloak.
Project description
django-allauth-keycloak-ext is a Python package that extends Django-allauth to support security groups configured in Keycloak.
Features
Supports adding/removing users from Django groups mapped to Keycloak groups during login procedure.
Supports mapping Keycloak groups to is_staff and is_superuser flags of Django users.
Supports mapping of Keycloak groups to Django ones.
Installation
To install django-allauth-keycloak-ext, run the following command:
pip install django-allauth-keycloak-extUsage
Once you have installed django-allauth-keycloak-ext, you can use it in your Django project by following these steps:
Add ‘allauth_keycloak_groups’ to your INSTALLED_APPS setting:
INSTALLED_APPS = [ # ... 'allauth_keycloak_ext', # ... ]Configure Django-allauth to use Keycloak Ext as a provider and map flags to Keycloak groups by adding the following settings to your settings.py file:
SOCIALACCOUNT_PROVIDERS = { "keycloak_ext": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_REALM": "master", "GROUPS": { "GROUP_TO_FLAG_MAPPING": { "is_staff": ["Django Staff", "django-admin-role"], "is_superuser": "django-admin-role", }, } } }Configure the security groups you want to use in Keycloak and map them to Django groups in your settings.py file:
SOCIALACCOUNT_PROVIDERS = { "keycloak_ext": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_REALM": "master", "GROUPS": { ... "GROUPS_MAPPING": { "django-admin-role": "django-admin-group", "offline_access": "Offline Group", } ... }, } }Note that the keys of the GROUPS_MAPPING dictionary should be the names of the security groups you have configured in Keycloak, and the values should be the names of the Django groups you want to map them to.
- Configure auto creation of the security groups in Django in your settings.py file:
SOCIALACCOUNT_PROVIDERS = { "keycloak_ext": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_REALM": "master", "GROUPS": { ... "GROUPS_MAPPING": { "django-admin-role": "django-admin-group", "offline_access": None, }, "GROUPS_AUTO_CREATE": True, }, } }Note that you can disable creating of any group by mapping them to None.
Usage Example
https://github.com/wonderu/keycloak-django - test application
License
This package is released under the MIT License.
Contributing
Contributions to this project are welcome. Please submit bug reports
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django-allauth-keycloak-ext-0.1.2.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b9e1f5bc4081f059dd8f7c6e6e30680a68e8bd4f9b808a89e31a4acf12fdaea4 |
|
| MD5 | 8de109f6993ad9add2cad4c134eaf5f5 |
|
| BLAKE2b-256 | 42defb4674e1df344001de9c2130410f170293fcefba2317f229fb3cd78f8813 |
Hashes for django_allauth_keycloak_ext-0.1.2-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | db0c6db149056d874ebacf9558e33976657db2fed77b0fa01ba84bfdbc89a57b |
|
| MD5 | fc301c64e62267cb51c15f3cc40fa7d4 |
|
| BLAKE2b-256 | 544353cd10b8649b20de6afeb4d14e35e29d6482d8eab68ff2bfeb573ce5dce3 |
