eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth#

class eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth(provider: str, config: PluginConfig)[source]#

Authentication plugin using Keycloak and OpenId Connect.

This plugin request a token and use it through a query-string or a header.

Using HTTPDownload a download link http://example.com?foo=bar will become http://example.com?foo=bar&my-token=obtained-token if associated to the following configuration:

provider:
    ...
    auth:
        plugin: KeycloakOIDCPasswordAuth
        auth_base_uri: 'https://somewhere/auth'
        realm: 'the-realm'
        client_id: 'SOME_ID'
        client_secret: '01234-56789'
        token_provision: qs
        token_qs_key: 'my-token'
        ...
    ...

If configured to send the token through the header, the download request header will be updated with Authorization: “Bearer obtained-token” if associated to the following configuration:

provider:
    ...
    auth:
        plugin: KeycloakOIDCPasswordAuth
        auth_base_uri: 'https://somewhere/auth'
        realm: 'the-realm'
        client_id: 'SOME_ID'
        client_secret: '01234-56789'
        token_provision: header
        ...
    ...

__init__(provider: str, config: PluginConfig) → None[source]#

Methods

`__init__`(provider, config)
`authenticate`()	Makes authentication request
`validate_config_credentials`()	Validate configured credentials

Attributes

`GRANT_TYPE`
`REQUIRED_PARAMS`
`TOKEN_URL_TEMPLATE`
`plugins`
`retrieved_token`
`token_info`

eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth

Contents

eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth#