larsw / flask-oidc-ex Goto Github PK
View Code? Open in Web Editor NEWThis project forked from puiterwijk/flask-oidc
OpenID Connect support for Flask - Extended
License: BSD 2-Clause "Simplified" License
This project forked from puiterwijk/flask-oidc
OpenID Connect support for Flask - Extended
License: BSD 2-Clause "Simplified" License
Keycloak generate token without this value
current version does not work on newer python libraries, likely fix:
Hi,
I want to refresh my access token to validate user to continue access the web page , can you please help me.
Is it possible to turn off token validation somehow? We have our own token validator and we want to use it instead.
Seems i've come across a problem I cannot solve using flask-oidc or flask-oidc-ex.
You need to make sure that you introspect the token using the same DNS hostname/port as the token issuer. Unfortunately that's a not widely documented "feature" of Keycloak.
The workaround is to add to the introspection request a header
defining the Host: <address>
of the issuer. There is no option to do this in flask-oidc
or flask-oidc-ex.
This is defined in OpenID Connect documentation also:
POST "{base_url}/realms/{realm}/protocol/openid-connect/token/introspect" HTTP/1.1
Host: {issuer_url} # Issuer Request
Content-Type: application/x-www-form-urlencoded
data={
"token": <...>
"token_type_hint": "access_token"
"client_id": <...>
"client_secret": <...>
}
https://openid.net/specs/openid-connect-basic-1_0.html
This could be done by adding a new config variable that is loaded in from Flask.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.