eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth
eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth#
- class eodag.plugins.authentication.keycloak.KeycloakOIDCPasswordAuth(provider: str, config: PluginConfig)[source]#
Authentication plugin using Keycloak and OpenId Connect.
This plugin request a token and use it through a query-string or a header.
Using
HTTPDownload
a download link http://example.com?foo=bar will become http://example.com?foo=bar&my-token=obtained-token if associated to the following configuration:provider: ... auth: plugin: KeycloakOIDCPasswordAuth auth_base_uri: 'https://somewhere/auth' realm: 'the-realm' client_id: 'SOME_ID' client_secret: '01234-56789' token_provision: qs token_qs_key: 'my-token' ... ...
If configured to send the token through the header, the download request header will be updated with Authorization: “Bearer obtained-token” if associated to the following configuration:
provider: ... auth: plugin: KeycloakOIDCPasswordAuth auth_base_uri: 'https://somewhere/auth' realm: 'the-realm' client_id: 'SOME_ID' client_secret: '01234-56789' token_provision: header ... ...
Methods
__init__
(provider, config)authenticate
()Makes authentication request
validate_config_credentials
()Validate configured credentials
Attributes
GRANT_TYPE
REQUIRED_PARAMS
TOKEN_URL_TEMPLATE
plugins
retrieved_token
token_info