Can't get the User Permission list using Keycloak token. Getting error like keycloak.exceptions.KeycloakAuthorizationConfigError: Keycloak settings not found. Load Authorization Keycloak settings.
Iam using python-keycloak
keycloak_openid = KeycloakOpenID(server_url=config.server_url,
client_id=config.client_id,
realm_name=config.realm_name,
client_secret_key=config.client_secret_key,
verify=True)
keycloak_openid.load_authorization_config(os.path.join(local_path, 'Dynamic_Client-authz-config.json'))
userinfo = keycloak_openid.get_permissions(token, method_token_info='introspect')
print(userinfo)
{
"allowRemoteResourceManagement": false,
"policyEnforcementMode": "PERMISSIVE",
"resources": [
{
"name": "Default Resource",
"type": "urn:Dynamic_Client:resources:default",
"ownerManagedAccess": false,
"attributes": {},
"_id": "2c2a046f-84b2-42a8-a028-c6ae56ad63a1",
"uris": [
"/*"
]
}
],
"policies": [
{
"id": "f570c7e7-8168-4fb8-b05c-4df8be9398d0",
"name": "Default Policy",
"description": "A policy that grants access only for users within this realm",
"type": "js",
"logic": "POSITIVE",
"decisionStrategy": "AFFIRMATIVE",
"config": {
"code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n"
}
},
{
"id": "836d2453-ad1c-4482-b726-49875a8ba64f",
"name": "Default Permission",
"description": "A permission that applies to the default resource type",
"type": "resource",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"config": {
"defaultResourceType": "urn:Dynamic_Client:resources:default",
"applyPolicies": "[\"Default Policy\"]"
}
}
],
"scopes": []
}
Please find the solution for my issue
答案 0 :(得分:0)
所以我假设您正在寻找角色?
如果是这样,请使用自省令牌,这对我有用
token_info = keycloak_openid.introspect(token['access_token'])
print(token_info['resource_access']['client-name']['roles'])