In Keycloak Client I get a URL Not Found Error 404
Question:
I am new to Keycloak and have trouble with the example client.
I am using following versions:
- Keycloak server version 20.0.2
- Python version 3.8.8
- python-keycloak-client v 2.3.0.
Code
from keycloak.realm import KeycloakRealm
realm = KeycloakRealm(server_url=‘https://auth/.******.’, realm_name=‘jasonrealm’)
oidc_client = realm.open_id_connect(client_id=‘jason-test-client’,
client_secret=‘*********’)
creds = oidc_client.client_credentials()
print(creds)
admin_client = realm.admin
root = admin_client.root()
Error
The error I get is as follows:
Traceback (most recent call last):
File "keystore-client1.py", line 9, in
creds = oidc_client.client_credentials()
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 227, in client_credentials
return self._token_request(grant_type='client_credentials', **kwargs)
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 307, in _token_request
return self._realm.client.post(self.get_url('token_endpoint'),
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 34, in get_url
return self.well_known[name]
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/well_known.py", line 35, in getitem
return self.contents[key]
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/well_known.py", line 27, in contents
self._contents = self._realm.client.get(self._path)
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/client.py", line 74, in get
return self._handle_response(
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/client.py", line 89, in _handle_response
raise KeycloakClientError(original_exc=err)
keycloak.exceptions.KeycloakClientError: 404 Client Error: Not Found for url: https://auth.******.***/auth/realms/jasonrealm/.well-known/openid-configuration
I am expecting to connect to the Keycloak server.
I tried all the versions of python-keycloak-client I could find. No change in behavior.
Answers:
python-keycloak-client(v0.2.3) not support Keycloak 20.x and 19.x
You have to use old (legacy) Keycloak 18.x
The repository URL
https://github.com/Peter-Slump/python-keycloak-client
The reason, The python-keycloak-client looking for OIDC configulation URL but new Keycloak v20.x changed new ULR. (the differenc is /auth)
So that step failed from internal routine of python-keycloak-client.
I think you have two choices, one is use old Keycloak v.18, other is using other Python adapter python-keycloak
OLD URL
http://keycloakhost:keycloakport/auth/realms/{realm}/.well-known/openid-configuration
New URL
http://keycloakhost:keycloakport/realms/{realm}/.well-known/openid-configuration
I tested your code with v 18.0.2-legacy
https://quay.io/repository/keycloak/keycloak?tab=tags&tag=latest
It worked with python-keycloak-client
from keycloak.realm import KeycloakRealm
realm = KeycloakRealm(server_url='http://localhost:8080', realm_name='jasonrealm')
oidc_client = realm.open_id_connect(client_id='jason-test-client', client_secret='qJYGwvwnPBAXpFC4oIW2yek9Mo404msU')
creds = oidc_client.client_credentials()
print(creds)
Result
$ python3 test.py
{'access_token': 'eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2TjUzczZHQXdkREI3QXM3RFRsX2pQanp4MGU4dlJvQlNTUjNXakhnQi1VIn0.eyJleHAiOjE2NzMyOTAyMTEsImlhdCI6MTY3MzI4NjYxMSwianRpIjoiYTI1NWE2NGMtMDE3MC00YWViLThlZmUtODhiNDc2NDc5NDE3IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL2phc29ucmVhbG0iLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiNWI2MzQ0MWUtZGM5Ni00OTk0LTliZWUtMzViMmNkYTVmOTQ3IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiamFzb24tdGVzdC1jbGllbnQiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1qYXNvbnJlYWxtIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7Imphc29uLXRlc3QtY2xpZW50Ijp7InJvbGVzIjpbInVtYV9wcm90ZWN0aW9uIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJjbGllbnRIb3N0IjoiMTcyLjE4LjAuMSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiY2xpZW50SWQiOiJqYXNvbi10ZXN0LWNsaWVudCIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1qYXNvbi10ZXN0LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxNzIuMTguMC4xIn0.CfeVngrlAwg95YVsRwhbyNPrp-cu_3oD7CUF0hTVSA4XbJEP7nTgq34a0AT_zxgjywRSmxnqbmbGJkA3V660fpEyvdAzy5XWLV50bTEuvLY-4tJVyqye8ORFj_CtnCxbHv6sQqlIismBNUVF7GyaBAHrwzLUPoPvTGj7crExKbppImx-VZBlZ1QaE9Pucu0ckR0ke4OYZzAq8Mu7NWzrwXf1WmDoPR-Gwr74UO2E-N12KeLHPQjhEKJ9zaBZ0uhf_nuhNl4LwwAj3fYw6r4vYPIffzSTRzqoRMpXcnX9mvVSfcqCliIlNRpvY-IAswpojwOS5o4PZJwrubI0ZwAvmA', 'expires_in': 3600, 'refresh_expires_in': 0, 'token_type': 'Bearer', 'not-before-policy': 0, 'scope': 'email profile'}
Update, using python-keycloak with Keycloak v.20.0.2
Create ream/client id
Add user (username = user1, password = "1234")
get-token.py with python-keycloak
from keycloak import KeycloakOpenID
# Configure client
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/",
client_id="example_client",
realm_name="example_realm",
client_secret_key="CoZmMflBVmPRiek5dJqXap7ew0vDFyMk")
token = keycloak_openid.token("user1", "1234")
print(token['access_token'])
Result
References
I am new to Keycloak and have trouble with the example client.
I am using following versions:
- Keycloak server version 20.0.2
- Python version 3.8.8
- python-keycloak-client v 2.3.0.
Code
from keycloak.realm import KeycloakRealm
realm = KeycloakRealm(server_url=‘https://auth/.******.’, realm_name=‘jasonrealm’)
oidc_client = realm.open_id_connect(client_id=‘jason-test-client’,
client_secret=‘*********’)
creds = oidc_client.client_credentials()
print(creds)
admin_client = realm.admin
root = admin_client.root()
Error
The error I get is as follows:
Traceback (most recent call last):
File "keystore-client1.py", line 9, in
creds = oidc_client.client_credentials()
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 227, in client_credentials
return self._token_request(grant_type='client_credentials', **kwargs)
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 307, in _token_request
return self._realm.client.post(self.get_url('token_endpoint'),
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/openid_connect.py", line 34, in get_url
return self.well_known[name]
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/well_known.py", line 35, in getitem
return self.contents[key]
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/well_known.py", line 27, in contents
self._contents = self._realm.client.get(self._path)
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/client.py", line 74, in get
return self._handle_response(
File "/home/jason/keycloak-client/.venv/lib/python3.8/site-packages/keycloak/client.py", line 89, in _handle_response
raise KeycloakClientError(original_exc=err)
keycloak.exceptions.KeycloakClientError: 404 Client Error: Not Found for url: https://auth.******.***/auth/realms/jasonrealm/.well-known/openid-configuration
I am expecting to connect to the Keycloak server.
I tried all the versions of python-keycloak-client I could find. No change in behavior.
python-keycloak-client(v0.2.3) not support Keycloak 20.x and 19.x
You have to use old (legacy) Keycloak 18.x
The repository URL
https://github.com/Peter-Slump/python-keycloak-client
The reason, The python-keycloak-client looking for OIDC configulation URL but new Keycloak v20.x changed new ULR. (the differenc is /auth)
So that step failed from internal routine of python-keycloak-client.
I think you have two choices, one is use old Keycloak v.18, other is using other Python adapter python-keycloak
OLD URL
http://keycloakhost:keycloakport/auth/realms/{realm}/.well-known/openid-configuration
New URL
http://keycloakhost:keycloakport/realms/{realm}/.well-known/openid-configuration
I tested your code with v 18.0.2-legacy
https://quay.io/repository/keycloak/keycloak?tab=tags&tag=latest
It worked with python-keycloak-client
from keycloak.realm import KeycloakRealm
realm = KeycloakRealm(server_url='http://localhost:8080', realm_name='jasonrealm')
oidc_client = realm.open_id_connect(client_id='jason-test-client', client_secret='qJYGwvwnPBAXpFC4oIW2yek9Mo404msU')
creds = oidc_client.client_credentials()
print(creds)
Result
$ python3 test.py
{'access_token': 'eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2TjUzczZHQXdkREI3QXM3RFRsX2pQanp4MGU4dlJvQlNTUjNXakhnQi1VIn0.eyJleHAiOjE2NzMyOTAyMTEsImlhdCI6MTY3MzI4NjYxMSwianRpIjoiYTI1NWE2NGMtMDE3MC00YWViLThlZmUtODhiNDc2NDc5NDE3IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL2phc29ucmVhbG0iLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiNWI2MzQ0MWUtZGM5Ni00OTk0LTliZWUtMzViMmNkYTVmOTQ3IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiamFzb24tdGVzdC1jbGllbnQiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1qYXNvbnJlYWxtIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7Imphc29uLXRlc3QtY2xpZW50Ijp7InJvbGVzIjpbInVtYV9wcm90ZWN0aW9uIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJjbGllbnRIb3N0IjoiMTcyLjE4LjAuMSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiY2xpZW50SWQiOiJqYXNvbi10ZXN0LWNsaWVudCIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1qYXNvbi10ZXN0LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxNzIuMTguMC4xIn0.CfeVngrlAwg95YVsRwhbyNPrp-cu_3oD7CUF0hTVSA4XbJEP7nTgq34a0AT_zxgjywRSmxnqbmbGJkA3V660fpEyvdAzy5XWLV50bTEuvLY-4tJVyqye8ORFj_CtnCxbHv6sQqlIismBNUVF7GyaBAHrwzLUPoPvTGj7crExKbppImx-VZBlZ1QaE9Pucu0ckR0ke4OYZzAq8Mu7NWzrwXf1WmDoPR-Gwr74UO2E-N12KeLHPQjhEKJ9zaBZ0uhf_nuhNl4LwwAj3fYw6r4vYPIffzSTRzqoRMpXcnX9mvVSfcqCliIlNRpvY-IAswpojwOS5o4PZJwrubI0ZwAvmA', 'expires_in': 3600, 'refresh_expires_in': 0, 'token_type': 'Bearer', 'not-before-policy': 0, 'scope': 'email profile'}
Update, using python-keycloak with Keycloak v.20.0.2
Create ream/client id
Add user (username = user1, password = "1234")
get-token.py with python-keycloak
from keycloak import KeycloakOpenID
# Configure client
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/",
client_id="example_client",
realm_name="example_realm",
client_secret_key="CoZmMflBVmPRiek5dJqXap7ew0vDFyMk")
token = keycloak_openid.token("user1", "1234")
print(token['access_token'])
Result