Keycloak API does not contain "resource_access"
Question:
I try to use a new package in Python called fastapi_keycloak
which uses the following code:
if not decoded_token.get('resource_access').get('realm-management') or not decoded_token.get('resource_access').get('account'):
This results in an Error:
AttributeError: 'NoneType' object has no attribute 'get'
When I print the token I get the following:
{'exp': 1649358045, 'iat': 1649357745, 'jti': 'dc94f05e-8ea0-45ca-a2b8-5e826cbfe808', 'iss': 'http://localhost:8085/auth/realms/Test', 'sub': '33b940e2-0bdb-49a7-9356-e6e230f49619', 'ty p': 'Bearer', 'azp': 'admin-cli', 'acr': '1', 'realm_access': {'roles': ['default-roles-test', 'offline_access', 'uma_authorization']}, 'scope': 'roles profile email', 'clientId': 'admi n-cli', 'clientHost': '172.24.0.1', 'email_verified': False, 'preferred_username': 'service-account-admin-cli', 'clientAddress': '172.24.0.1'}
I looks like the package always expects a "resource_access" key in the token, but it´s just not there.
What I tried:
Client Scopes > roles > Include In Token Scope => does not change anything
Who can help me?
Answers:
This issue was resolved by a PR a few days after your question:
https://github.com/code-specialist/fastapi-keycloak/pull/38/
Nevertheless, you still encounter the same issue, because the realm-export.json
file referenced in the docs website has not been updated. If you use the one from the repo then everything should work as expected.
I try to use a new package in Python called fastapi_keycloak
which uses the following code:
if not decoded_token.get('resource_access').get('realm-management') or not decoded_token.get('resource_access').get('account'):
This results in an Error:
AttributeError: 'NoneType' object has no attribute 'get'
When I print the token I get the following:
{'exp': 1649358045, 'iat': 1649357745, 'jti': 'dc94f05e-8ea0-45ca-a2b8-5e826cbfe808', 'iss': 'http://localhost:8085/auth/realms/Test', 'sub': '33b940e2-0bdb-49a7-9356-e6e230f49619', 'ty p': 'Bearer', 'azp': 'admin-cli', 'acr': '1', 'realm_access': {'roles': ['default-roles-test', 'offline_access', 'uma_authorization']}, 'scope': 'roles profile email', 'clientId': 'admi n-cli', 'clientHost': '172.24.0.1', 'email_verified': False, 'preferred_username': 'service-account-admin-cli', 'clientAddress': '172.24.0.1'}
I looks like the package always expects a "resource_access" key in the token, but it´s just not there.
What I tried:
Client Scopes > roles > Include In Token Scope => does not change anything
Who can help me?
This issue was resolved by a PR a few days after your question:
https://github.com/code-specialist/fastapi-keycloak/pull/38/
Nevertheless, you still encounter the same issue, because the realm-export.json
file referenced in the docs website has not been updated. If you use the one from the repo then everything should work as expected.