Custom Keycloak Worker
Project description
Custom Keyclock Authentication Worker
based on Django Keycloak Auth (https://github.com/marcelo225/django-keycloak-auth) under MIT License
Class KeycloakWorker:
- to introspect the token
- to check if the token is active and which roles it bears
- to get userinfo about the token owner
- to manage Keycloak Group membership
Authentication and Authorization are based on Keycloak Roles: Role mapped to Group, User is a member of the Group. Roles:
- format: :user:manage
- example: crux:user:manage
- example: all:user:manage
Groups:
- format: _user_manage
- example: crux_user_manage
- example: all_user_manage
Users:
- Keycloak is supposed to has a User Federation (LDAP catalog, AD)
- Users are being found by username
##Usage
import os
from distutils.util import strtobool
from keycloakauth.keycloak import KeycloakWorker
KEYCLOAK_CONFIG = {
'KEYCLOAK_SERVER_URL': os.getenv('KEYCLOAK_SERVER_URL', 'https://keycloak/auth'),
'KEYCLOAK_REALM': os.getenv('KEYCLOAK_REALM', 'Master'),
'KEYCLOAK_CLIENT_ID': os.getenv('KEYCLOAK_CLIENT_ID', 'client1'),
'KEYCLOAK_CLIENT_SECRET_KEY': os.getenv('KEYCLOAK_CLIENT_SECRET_KEY', '12386724-1234-1234-1234-34a6214c650f'),
'KEYCLOAK_TECH_USER': os.getenv('KEYCLOAK_TECH_USER', 'admin'),
'KEYCLOAK_TECH_PASSWORD': os.getenv('KEYCLOAK_TECH_PASSWORD', 'admin'),
}
SSL_CRT_VERIFY = bool(strtobool(os.getenv('SSL_CRT_VERIFY', 'False')))
kworker = KeycloakWorker(config=KEYCLOAK_CONFIG, verify=SSL_CRT_VERIFY)
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
keycloakauth-0.0.4.tar.gz
(5.4 kB
view hashes)
Built Distribution
Close
Hashes for keycloakauth-0.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1565a8b099c0ff3eb7fcdee60f0060a09c5ddeff13fd935307912de737030b1c |
|
MD5 | 12435ea1972f4dc6f9489d0b059865d1 |
|
BLAKE2b-256 | 5c3d132e717cd0dc7e3b5b1435aed987df04b6cb7c092c6746dd2c9d77235387 |