[keycloak-dev] Implementing database-service example in Python
Vinay Anantharaman
vinayan3 at gmail.com
Mon Aug 17 11:13:58 EDT 2015
Thanks! I really appreciate you guys helping me out with integrating
Keycloak.
Vinay
On Mon, Aug 17, 2015 at 4:01 AM, Stian Thorgersen <stian at redhat.com> wrote:
>
>
> ----- Original Message -----
> > From: "Vinay Anantharaman" <vinayan3 at gmail.com>
> > To: "Bill Burke" <bburke at redhat.com>
> > Cc: keycloak-dev at lists.jboss.org
> > Sent: Friday, 14 August, 2015 9:42:39 PM
> > Subject: Re: [keycloak-dev] Implementing database-service example in
> Python
> >
> > I'll be looking into this and will report back if a library exists for
> Python
> > to read JWT tokens.
> >
> > I was wondering is there an API on the KeyCloak server for doing JWT
> token
> > verification? Or rather should we decode the token and use the REST admin
> > endpoints if we need to query more information?
>
> There is a rest endpoint that can be used to verify a token, but that
> requires a request to KC. As the token is signed it's better to just check
> it locally as it reduces the amount of request to Keycloak.
>
> >
> >
> > Vinay
> >
> > On Thu, Aug 13, 2015 at 9:05 AM, Bill Burke < bburke at redhat.com > wrote:
> >
> >
> > If you're interested in becoming a contributor Vinay, this would be a
> > very useful extension!
> >
> > BTW, we also have a "lightweight" Java Security HTTP Proxy based on
> > Undertow that you can use to secure python apps.
> >
> > On 8/13/2015 2:00 AM, Stian Thorgersen wrote:
> > > Afraid we don't have any libraries for Python yet.
> > >
> > > Simply verifying the token should be relatively straight forward
> though.
> > > It's a standard JWT token (base64 encoded json) with a JWS signature.
> You
> > > can look at RSATokenVerifier to see what details should be verified
> > > (expiration date, issuer, etc..). You also need to verify the
> signature.
> > > There may quite likely be JWT libraries for Python you can use.
> > >
> > > ----- Original Message -----
> > >> From: "Vinay Anantharaman" < vinayan3 at gmail.com >
> > >> To: keycloak-dev at lists.jboss.org
> > >> Sent: Thursday, 13 August, 2015 12:21:01 AM
> > >> Subject: [keycloak-dev] Implementing database-service example in
> Python
> > >>
> > >> Hi,
> > >> I'm trying to implement the example database service from Python. The
> > >> description is here:
> > >>
> > >>
> > >>
> > >>
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template
> > >>
> > >> Our backend service is contacted directly by clients with an access
> token
> > >> from the Keycloak server. We would like to verify access tokens are
> and
> > >> then
> > >> return some data they need. I was looking at the code here:
> > >>
> > >>
> > >>
> > >>
> https://github.com/keycloak/keycloak/blob/master/examples/demo-template/database-
> > >> service/src/main/java/org/keycloak/example/oauth/CustomerService.java
> > >>
> > >> In Java this seems quite trivial with the support of Keycloak
> libraries.
> > >> In
> > >> Python I won't have them. What are the APIs on Keycloak I can use to
> > >> verify
> > >> an access token? Furthermore, are you aware of any classes like
> > >> RSATokenVerifier for python? I saw it being used here:
> > >>
> > >>
> > >>
> > >>
> https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java#L319
> > >>
> > >> Thanks,
> > >>
> > >>
> > >> Vinay Anantharaman
> > >>
> > >> _______________________________________________
> > >> keycloak-dev mailing list
> > >> keycloak-dev at lists.jboss.org
> > >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > > _______________________________________________
> > > keycloak-dev mailing list
> > > keycloak-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >
> >
> > --
> > Bill Burke
> > JBoss, a division of Red Hat
> > http://bill.burkecentral.com
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> >
> >
> > --
> > Vinay Anantharaman
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Vinay Anantharaman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150817/df8bc9ef/attachment.html
More information about the keycloak-dev
mailing list