Skip to main content

Keycloak OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity provider implementations for Swarmauri

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_auth_idp_keycloak Discord

Swarmauri Auth IDP Keycloak

Keycloak OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity providers packaged for Swarmauri deployments.

Features

  • PKCE-enabled Authorization Code flows that integrate with Keycloak realm issuers.
  • Discovery-driven OAuth 2.1/OIDC login that validates ID tokens against realm JWKS.
  • UserInfo enrichment for deployments that require normalized profile payloads.
  • Retry-aware HTTP integration tuned for Keycloak endpoints.
  • ComponentBase-compatible models registered under swarmauri.auth_idp entry points.

Installation

pip

pip install swarmauri_auth_idp_keycloak

uv (project)

uv add swarmauri_auth_idp_keycloak

uv (environment)

uv pip install swarmauri_auth_idp_keycloak

Usage

import asyncio
from pydantic import SecretBytes, SecretStr
from swarmauri_auth_idp_keycloak import KeycloakOAuth20Login

login = KeycloakOAuth20Login(
    issuer="https://kc.example.com/realms/myrealm",
    client_id="keycloak-client-id",
    client_secret=SecretStr("keycloak-client-secret"),
    redirect_uri="https://app.example.com/callback",
    state_secret=SecretBytes(b"replace-with-random-bytes"),
)

# Optional: preload discovery metadata when running outside your Keycloak instance.
login.discovery_cache = {
    "authorization_endpoint": "https://kc.example.com/realms/myrealm/protocol/openid-connect/auth",
    "token_endpoint": "https://kc.example.com/realms/myrealm/protocol/openid-connect/token",
    "userinfo_endpoint": "https://kc.example.com/realms/myrealm/protocol/openid-connect/userinfo",
}

async def run_flow() -> None:
    auth = await login.auth_url()
    print(auth["url"])
    # Redirect the browser to `auth["url"]`, then capture the callback `code` and `state`.
    # Later, call `login.exchange_and_identity(code, state)` inside your callback handler.

asyncio.run(run_flow())

Workflow Summary

  1. Call auth_url() and redirect the browser to the returned URL.
  2. Persist the state and verify it during the callback handler.
  3. Exchange the authorization code through exchange_and_identity() to obtain tokens and profile metadata.

Entry Points

  • swarmauri.auth_idp:KeycloakOAuth20Login
  • swarmauri.auth_idp:KeycloakOAuth21Login
  • swarmauri.auth_idp:KeycloakOIDC10Login

Contributing

To contribute to swarmauri-sdk, review the guidelines for contributing which cover development workflow, testing, and coding standards.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swarmauri_auth_idp_keycloak-0.11.0.dev1.tar.gz (11.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_auth_idp_keycloak-0.11.0.dev1.tar.gz.

File metadata

  • Download URL: swarmauri_auth_idp_keycloak-0.11.0.dev1.tar.gz
  • Upload date:
  • Size: 11.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_auth_idp_keycloak-0.11.0.dev1.tar.gz
Algorithm Hash digest
SHA256 96ddd61130e60d71f584f1e0812b7f9079b0d22f2a001c9f10cc5f0ab9626a98
MD5 a89a0d0f20c569f42eed9cb80ee56006
BLAKE2b-256 8e505c259356470ba5f32d1ddef0f569faf802a321f0c1e0f36b5ce5602871ea

See more details on using hashes here.

File details

Details for the file swarmauri_auth_idp_keycloak-0.11.0.dev1-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_auth_idp_keycloak-0.11.0.dev1-py3-none-any.whl
  • Upload date:
  • Size: 16.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_auth_idp_keycloak-0.11.0.dev1-py3-none-any.whl
Algorithm Hash digest
SHA256 047aaaa153ed96e3ec99e0bbc88e73d9d9253729877ce28951eb886d3b23c30f
MD5 a043aacf7471d81b29a689a6d8d8d302
BLAKE2b-256 e8180379eda14af73c40a45a0444d488ecdd2aa7b865dfdb73c911d521af0132

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page