The Authentication API
A module providing simplified assess to Squonk2 Authentication (Keycloak).
The API
Python utilities to simplify calls to the authentication mechanism (Keycloak) for use with the Data Manager and Account Server APIs.
- class squonk2.auth.Auth
The Auth class provides high-level, simplified access to the authentication service (Keycloak).
- classmethod get_access_token(*, keycloak_url: str, keycloak_realm: str, keycloak_client_id: str, username: str, password: str, prior_token: Optional[str] = None, timeout_s: int = 4) Optional[str]
Gets an access token from the given Keycloak server, realm and client ID.
If keycloak fails to yield a token None is returned, with messages written to the log.
The caller can (is encouraged to) provide a prior token in order to reduce token requests on the server. When a
prior_token
is provided the code only calls keycloak to obtain a new token if the current one looks like it will expire (in less than 60 seconds).- Parameters
keycloak_url – The keycloak server URL, typically https://example.com/auth
keycloak_realm – The keycloak realm
keycloak_client_id – The keycloak client ID (Data Manager or Account Server)
username – A valid username
password – A valid password
prior_token – An optional prior token. If supplied it will be used unless it is about to expire
timeout_s – The underlying request timeout