def init_keycloak():
# Configure client
keycloak_openid = KeycloakOpenID(
server_url="http://192.168.0.223:8181/auth",
client_id="calls-gateway",
realm_name="ambulance-example",
client_secret_key="supersecret")
return keycloak_openid
def login():
# Configure client
keycloak_openid = KeycloakOpenID(
server_url="http://10.255.230.159:8181/auth/",
client_id="calls-gateway",
realm_name="ambulance-example",
client_secret_key="supersecret")
# Get WellKnow
# config_well_know = keycloak_openid.well_know()
# Get Token
token = keycloak_openid.token("user1", "user1")
# token = keycloak_openid.token("user", "password", totp="012345")
# Get Userinfo
# userinfo = keycloak_openid.userinfo(token['access_token'])
return token
def __init__(self, ex, parameters=None):
from keycloak import KeycloakOpenID
if parameters is None:
parameters = {}
self.ex = ex
self.server_url = parameters["server_url"]
self.client_id = parameters["client_id"]
self.realm_name = parameters["realm_name"]
self.client_secret_key = parameters["client_secret_key"]
self.keycloak_manager = KeycloakOpenID(
server_url=self.server_url,
client_id=self.client_id,
realm_name=self.realm_name,
client_secret_key=self.client_secret_key)
UserManagement.__init__(self, ex)
def keycloak_client(config: dict) -> KeycloakOpenID:
creds = config.get("credentials", None)
secret_key = creds["secret"] if creds else None
return KeycloakOpenID(
server_url=config["auth-server-url"] + "/",
realm_name=config["realm"],
client_id=config["resource"],
client_secret_key=secret_key,
)
def is_valid_token(self):
credentials = self.__parse_token();
username = credentials[1]
pwd = credentials[2]
keycloak = KeyCloak(server_url="https://auth.s2s-omxware.us-south.containers.appdomain.cloud/auth/",
client_id="omx-zeppelin",
realm_name="omxware",
client_secret_key="c05b7553-cf21-4f0c-ab81-a38aca3ba172",
verify=False)
if self.__env != 'public':
keycloak = KeyCloak(server_url="https://omx-auth.sl.cloud9.ibm.com/auth/",
client_id="omx-zeppelin",
realm_name="omxware",
client_secret_key="1320e78d-025d-48eb-ad3e-451281786932",
verify=False)
try:
# Get Token
token = keycloak.token(username, pwd)
self.__userinfo = keycloak.userinfo(token['access_token'])
self.__keycloak_token = token['access_token']
return True
except KeycloakAuthenticationError as auth_error:
# Exception object looks like this
# keycloak.exceptions.KeycloakAuthenticationError:
# 401: b'{"error":"invalid_grant","error_description":"Invalid user credentials"}'
error_msg = ''
if auth_error['error_description'] != None:
error_msg = auth_error['error_description']
if error_msg.strip() != None:
print(error_msg)
else:
print(auth_error['error_description'])
return False
def __init__(self, get_response):
"""
:param get_response:
"""
self.config = settings.KEYCLOAK_CONFIG
# Read configurations
try:
self.server_url = self.config['KEYCLOAK_SERVER_URL']
self.client_id = self.config['KEYCLOAK_CLIENT_ID']
self.realm = self.config['KEYCLOAK_REALM']
except KeyError as e:
raise Exception(
"KEYCLOAK_SERVER_URL, KEYCLOAK_CLIENT_ID or KEYCLOAK_REALM not found."
)
self.client_secret_key = self.config.get('KEYCLOAK_CLIENT_SECRET_KEY',
None)
self.client_public_key = self.config.get('KEYCLOAK_CLIENT_PUBLIC_KEY',
None)
self.default_access = self.config.get('KEYCLOAK_DEFAULT_ACCESS',
"DENY")
self.method_validate_token = self.config.get(
'KEYCLOAK_METHOD_VALIDATE_TOKEN', "INTROSPECT")
self.keycloak_authorization_config = self.config.get(
'KEYCLOAK_AUTHORIZATION_CONFIG', None)
# Create Keycloak instance
self.keycloak = KeycloakOpenID(
server_url=self.server_url,
client_id=self.client_id,
realm_name=self.realm,
client_secret_key=self.client_secret_key)
# Read policies
if self.keycloak_authorization_config:
self.keycloak.load_authorization_config(
self.keycloak_authorization_config)
# Django
self.get_response = get_response
def init_app(self, app):
self.provider = app.config['THROAT_CONFIG'].auth.provider
if self.provider == 'KEYCLOAK':
cfg = app.config['THROAT_CONFIG'].auth.keycloak
self.keycloak_admin = KeycloakAdmin(
server_url=cfg.server,
realm_name=cfg.user_realm,
user_realm_name=cfg.admin_realm,
client_id=cfg.admin_client,
client_secret_key=cfg.admin_secret,
verify=True,
auto_refresh_token=['get', 'put', 'post', 'delete'])
self.keycloak_openid = KeycloakOpenID(
server_url=cfg.server,
client_id=cfg.auth_client,
client_secret_key=cfg.auth_secret,
realm_name=cfg.user_realm,
verify=True)
def __init__(self, config_file=''):
"""
:param config_file: Path to the generated keycloak configuration file
"""
self.config_file = config_file
self.realm = None
self.auth_server_url = None
self.client_id = None
self.secret_key = None
self._load_configs()
self.keycloak = KeycloakOpenID(self.auth_server_url, self.realm, self.client_id, self.secret_key)
def init_openid():
logging.info('Initializing openid client...')
try:
kc.openid = KeycloakOpenID(server_url=KEYCLOAK_SERVER,
client_id=KEYCLOAK_CLIENT,
realm_name=KEYCLOAK_REALM,
client_secret_key=SECRET_KEY)
logging.info('Initialized openid client')
except:
logging.error('Failed initializing openid client')
def load_user_from_request(request):
if request.path != "/" and not app.config.get('is_local') and os.environ.get("TESTING") is None:
try:
api_key = request.headers.get('Authorization')
bearer_token = api_key.replace('Bearer ', '', 1)
keycloak_openid = KeycloakOpenID(
server_url=app.config.get('authentication', {}).get('url'),
client_id=app.config.get('authentication', {}).get('clientid'),
realm_name=app.config.get('authentication', {}).get('realm')
)
keycloak_public_key = "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
options = {"verify_signature": True, "verify_aud": True, "verify_exp": True}
token_info = keycloak_openid.decode_token(bearer_token, key=keycloak_public_key, options=options)
return Auth.authenticate_user(token_info, app.config.get('authentication'))
except Exception as e:
logging.exception(e)
return make_response("Error occured while authentication: ", str(e), 500)
else:
return User(is_authenticated=True)
def init_app(self, app):
self.provider = app.config["THROAT_CONFIG"].auth.provider
if self.provider == "KEYCLOAK":
cfg = app.config["THROAT_CONFIG"].auth.keycloak
self.keycloak_admin = KeycloakAdmin(
server_url=cfg.server,
realm_name=cfg.user_realm,
user_realm_name=cfg.admin_realm,
client_id=cfg.admin_client,
client_secret_key=cfg.admin_secret,
verify=True,
auto_refresh_token=["get", "put", "post", "delete"],
)
self.keycloak_openid = KeycloakOpenID(
server_url=cfg.server,
client_id=cfg.auth_client,
client_secret_key=cfg.auth_secret,
realm_name=cfg.user_realm,
verify=True,
)
def client(self, **kwargs: Dict) -> KeycloakOpenID:
"""
Create an authenticated keycloak client.
:kwargs (Dict) A directory contaning
the keycloak client authentication credentials
Return the KeycloakOpenID object.
"""
config = {}
if kwargs:
config.update(kwargs)
else:
config.update({
'server_url': envvar('KEYCLOAK_URL'),
'client_id': envvar('KEYCLOAK_CLIENT_ID'),
'realm_name': envvar('KEYCLOAK_REALM'),
'client_secret_key': envvar('KEYCLOAK_SECRET_KEY')
})
self.client = KeycloakOpenID(**config)
return self.client
def authenticate(self, hostport=None, username=None, password=None):
''' Authentication with Keycloak is required before any API interaction.
Realm is hardcoded to 'ndmws' and client 'ndmws-client', so no other
configuration is required. Note that the communication is always
encrypted so no plain text is on the wire, but you should protect your
configuration file from unathorized access (i.e. don't ever commit your
ndmws.ini file in your repo).
'''
if hostport == None or username == None or password == None:
hostport = config.get('auth', 'hostport')
_('Using auth hostport: %s' % hostport)
username = config.get('auth', 'username')
_('Using auth username: %s' % username)
password = config.get('auth', 'password')
_('Using auth password: %s' % password)
_('Using auth url: %s' % (AUTHURL % hostport))
self.kc = KeycloakOpenID(server_url=AUTHURL % hostport,
client_id='ndmws-client',
realm_name='ndmws')
self.token = self.kc.token(username, password)
self.logger.info(self.token)
def start_keycloak():
"""
Start Keycloak client according to credentials stored in env variables.
"""
# Instantiate keycloak client
keycloak_openid = KeycloakOpenID(
server_url=environ.get('OIDC_URL'),
realm_name=environ.get('OIDC_REALM'),
client_id=environ.get('OIDC_CLIENT_ID'),
client_secret_key=environ.get('OIDC_CLIENT_SECRET'))
return keycloak_openid
def validate(token):
KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgTcVSXga3C6Tam96Q2kmnQ7U55f0hA/56HRQnsY9V0d21QlLkkD+DvIbKGaDVNLp8I+Gqlx4s6u5oDKIA12BbE9jAWz7nblKJUMjESDbpQJVivLAOXPvHQK8tCvxClp8dLEb9cEGXbabO+YIWN3pNn5CL8l3IBbJs1sT76G3jyo0sw5oiSRj0agxIPrtThDPDKhOqG0V+NYtudeE1FhWzt4ajYS4yIHGioVtYsvTfePMRGLRHTMQPjia8kBwnVRDwqMputLGfBg8qnz/xUPiRj5hmEeLuT73zte/CLmfSyqn7IsOrso1zEXgBBLz8XUsp1elGRz+zZtkHqnPot8EQIDAQAB"
KEYCLOAK_PUBLIC_KEY = f"-----BEGIN PUBLIC KEY-----\n{KEYCLOAK_PUBLIC_KEY}\n-----END PUBLIC KEY-----"
options = {"verify_signature": True, "exp": True}
keycloak_openid = KeycloakOpenID(
server_url="http://localhost:8080/auth/",
client_id="api",
realm_name="master",
client_secret_key="05e8bfbf-e050-4830-bc8a-d5f4376b13ff")
try:
token_info = keycloak_openid.decode_token(token,
KEYCLOAK_PUBLIC_KEY,
options=options)
if (token_info):
return True
except jwt.JWTClaimsError:
return False
except jwt.ExpiredSignatureError:
return False
except jwt.JWSError:
return False
def __init__(self, get_response):
"""
:param get_response:
"""
self.config = settings.APPLICATION_CONFIG
# Read configurations
try:
self.server_url = get_application_config_for_key('KEYCLOAK_SERVER_URL')
self.client_id = get_application_config_for_key('KEYCLOAK_CLIENT_ID')
self.realm = get_application_config_for_key('KEYCLOAK_REALM')
except KeyError as e:
raise Exception("KEYCLOAK_SERVER_URL, KEYCLOAK_CLIENT_ID or KEYCLOAK_REALM not found.")
self.client_secret_key = get_application_config_for_key('KEYCLOAK_CLIENT_SECRET_KEY')
self.default_access = get_application_config_for_key('KEYCLOAK_DEFAULT_ACCESS')
self.method_validate_token = get_application_config_for_key('KEYCLOAK_METHOD_VALIDATE_TOKEN')
self.keycloak_authorization_config = get_application_config_for_key('KEYCLOAK_AUTHORIZATION_CONFIG')
# Create Keycloak instance
self.keycloak = KeycloakOpenID(server_url=self.server_url,
client_id=self.client_id,
realm_name=self.realm,
client_secret_key=self.client_secret_key,
)
# Read policies
if self.keycloak_authorization_config:
self.keycloak.load_authorization_config(self.keycloak_authorization_config)
# Django
self.get_response = get_response
print("KEYCLOAK_SERVER URL", get_application_config_for_key('KEYCLOAK_SERVER_URL'))
print("KEYCLOAK_CLIENT_ID URL", get_application_config_for_key('KEYCLOAK_CLIENT_ID'))
print("KEYCLOAK_REALM URL", get_application_config_for_key('KEYCLOAK_REALM'))
def __init__(self,
domain: Optional[str] = None,
audience: Optional[str] = None):
super().__init__()
self._domain = domain or os.getenv('KEYCLOAK_DOMAIN')
self._client_secret_key = os.getenv('KEYCLOAK_CLIENT_SECRET_KEY')
self._client_secret_id = os.getenv('KEYCLOAK_CLIENT_SECRET_ID')
self._realm = os.getenv('KEYCLOAK_REALM')
self._audience = audience or os.getenv('XCUBE_HUB_OAUTH_AUD')
self._algorithms = ["RS256"]
if self._domain is None:
raise Unauthorized(description="Keycloak error: Domain not set")
if self._audience is None:
raise Unauthorized(description="Keycloak error: Audience not set")
self._keycloak_openid = KeycloakOpenID(
server_url=f"https://{self._domain}/auth/",
client_id=self._client_secret_id,
realm_name=self._realm,
client_secret_key=self._client_secret_key,
verify=True)
def from_kc_oidc_json(app,
redirect_uri,
config_path=None,
logout_path=None,
heartbeat_path=None,
keycloak_kwargs=None,
authorization_settings=None,
uri_whitelist=None,
login_path=None,
prefix_callback_path=None,
abort_on_unauthorized=None):
# Read config, assumed to be in Keycloak OIDC JSON format.
config_path = "keycloak.json" if config_path is None else config_path
with open(config_path, 'r') as f:
config_data = json.load(f)
# Setup the Keycloak connection.
keycloak_config = dict(
server_url=config_data["auth-server-url"],
realm_name=config_data["realm"],
client_id=config_data["resource"],
client_secret_key=config_data["credentials"]["secret"],
verify=config_data["ssl-required"] != "none")
if keycloak_kwargs is not None:
keycloak_config = {**keycloak_config, **keycloak_kwargs}
keycloak_openid = KeycloakOpenID(**keycloak_config)
if authorization_settings is not None:
keycloak_openid.load_authorization_config(authorization_settings)
return FlaskKeycloak(app,
keycloak_openid,
redirect_uri,
logout_path=logout_path,
heartbeat_path=heartbeat_path,
uri_whitelist=uri_whitelist,
login_path=login_path,
prefix_callback_path=prefix_callback_path,
abort_on_unauthorized=abort_on_unauthorized)
def new_user(self):
"""
Kreira korisnikas na Keycloak-u.
Parametri:
---------------
email : str
username : str
firstName : str
lastName : str
secret : str
: -> dict
Rezultat:
---------------
: -> New User
"""
KeycloakOpenID(server_url="{}/auth/".format(os.getenv('KEYCLOAK_URL')),
client_id=os.getenv('KEYCLOAK_CLIENT_NAME'),
realm_name=os.getenv('CLIENT_RELM_NAME'),
client_secret_key=os.getenv('CLIENT_RELM_SECRET'))
email_check = Is_email_valid(self.email).check()
if email_check['exist'] == True:
# Kreiranje korisnika zahteva dict za slanje informacija o korisniku i zatim kreira jednog sa poslatim informacijama
self.admin.create_user({
"email":
self.email,
"username":
self.username,
"enabled":
"True",
"firstName":
self.firstName,
"lastName":
self.lastName,
"credentials": [{
"value": self.secret,
"type": "password"
}]
})
else:
return {"exist": False}
def __init__(self,
url=None,
username=None,
password=None,
client_id=None,
realm=None,
secret_key=None):
self.url = url
self.username = username
self.password = password
self.client = httpx.AsyncClient(verify=False)
self.realm = realm
self.client_id = client_id
self.secret_key = secret_key
self.keycloak_openid = KeycloakOpenID(server_url=url,
client_id=client_id,
realm_name=realm,
client_secret_key=secret_key)
def checker(self):
"""
Provera da li je username ili email vec registrovan u Keycloak-u.
Parametri:
---------------
users -> Uzima listu svih usera sa Keycloak-a.
list_users -> list : proverava listu username-a
emails -> list : proverava listu email-a
"""
# KeycloakOpenID radi sa generalnim stvarima kao sto su(token, policies, permissions..) a KeycloakAdmin sa korisnicima
KeycloakOpenID(server_url = "{}/auth/".format(os.getenv('KEYCLOAK_URL')),
client_id = os.getenv('KEYCLOAK_CLIENT_NAME'),
realm_name = os.getenv('CLIENT_RELM_NAME'),
client_secret_key = os.getenv('CLIENT_RELM_SECRET')
)
self.admin.realm_name = os.getenv('CLIENT_RELM_NAME')
users = self.admin.get_users()
emails = []
list_users = []
for x in users:
""" Provera email-a i username-a.
Dodajemo u listu i pravimo proveru da li postoji neko udruzenje sa istim email ili username\
jer su ove informacije jedinstvene na nivou svih korisnika.
"""
emails.append(x["email"])
list_users.append(x["username"])
if self.email in emails or self.username in list_users:
return {"exist" : True}
else:
return {"exist" : False}
def __init__(self, config_file):
# Get configurations, load everything here to make code easier to read
self.config_file = config_file
self.config = None
self.server_url = None
self.auth_server_url = None
self.realm_name = None
self.protected_client_id = None
self.keycloak_public_key = None
self.client_secret_key = None
self.auth_enabled = None
self.grant_type = None
self.client_id = None
self.username = None
self.password = None
self.load_configurations()
# Set up openid connector
self.keycloak_openid = KeycloakOpenID(
server_url=self.auth_server_url,
client_id=self.protected_client_id,
realm_name=self.realm_name,
client_secret_key=self.client_secret_key)
class AuthEndpoint:
def __init__(self, app):
self.app = app
self.url = self.app.config['KEYCLOAK_URL']
self.client_id = self.app.config['CLIENT_ID']
self.client_secret = self.app.config['CLIENT_SECRET']
self.keycloak_openid = KeycloakOpenID(
server_url=self.url,
client_id=self.client_id,
realm_name='apartments',
client_secret_key=self.client_secret,
verify=False)
def require_token(self, roles=None):
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
auth_header = request.headers.get('Authorization')
if not auth_header:
return 'Authorization required', 401
if 'Bearer ' not in auth_header:
return 'Bearer token required', 401
token = auth_header.replace('Bearer ', '')
try:
user = self.keycloak_openid.introspect(token)
missing_roles = set(roles) - set(
user['resource_access']['api-gateway']['roles'])
if missing_roles:
return F'Unauthorized, missing roles. {missing_roles}', 401
except Exception:
return 'Unauthorized', 401
return f(*args, **kwargs)
return decorated_function
return decorator
def get_oidc():
return KeycloakOpenID(server_url=os.environ.get('SERVER_URL'),
client_id=os.environ.get('CLIENT_ID'),
realm_name=os.environ.get('REALM_NAME'),
client_secret_key=os.environ.get('CLIENT_SECRET'),
verify=False)
from flask import Flask
import requests
from keycloak import KeycloakOpenID
application = Flask(__name__)
# Configure client
keycloak_openid = KeycloakOpenID(server_url="http://secure-keycloak-pyproject.192.168.64.2.nip.io/auth/",
client_id="jc-client",
realm_name="master",
client_secret_key="secret")
@application.route("/")
def hello():
keycloak1 = keycloak()
print("well:", keycloak1)
return getit()
def getit():
r = requests.get('https://google.com')
msg = str(r.status_code)
return msg
def keycloak():
# Get WellKnow
config_well_know = keycloak_openid.well_know()
return config_well_know
if __name__ == "__main__":
application.run()
from keycloak import KeycloakOpenID
# keycloak_openid = KeycloakOpenID(server_url="http://localhost:9080/auth/", realm_name="master", client_id="admin-cli")
keycloak_ea_openid = KeycloakOpenID(server_url="http://localhost:9080/auth/",
realm_name="ea",
client_id="ea")
def receive_token(username, password):
response = keycloak_ea_openid.token(username, password)
return response['access_token']
# master_admin_token = keycloak_openid.token('admin', 'admin')['access_token']
admin_token = receive_token('admin', 'admin')
user_token = receive_token('user', 'user')
# print(f'Master admin token: \n{master_admin_token}\n')
print(f'Admin token: \n{admin_token}\n')
print(f'User token: \n{user_token}')
return service_info['Address'], service_info['Port']
app = FastAPI(docs_url='/docs', openapi_url='/openapi.json')
# Configure admin
keycloak_admin = KeycloakAdmin(server_url=f"http://{LOCAL_IP}:8180/auth/",
username='******',
password='******',
realm_name="test",
verify=False)
# Configure client
keycloak_openid = KeycloakOpenID(
server_url=f"http://{LOCAL_IP}:8180/auth/",
client_id="kong",
realm_name="test",
client_secret_key="4cd2e98f-df15-4972-84c8-1be974e9aba6")
# Add user and set password
@app.post("/register")
async def create_user(email: str = Form(...),
username: str = Form(...),
password: str = Form(...),
firstName: str = Form(None),
lastName: str = Form(None),
referral: str = Form(None)):
new_user = keycloak_admin.create_user({
"email":
email,
import logging
from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2AuthorizationCodeBearer
from fastapi.middleware.cors import CORSMiddleware
# Keycloak setup
from keycloak import KeycloakOpenID
keycloak_url = "https://auth.ocf.berkeley.edu/auth/"
realm_name = "ocf"
keycloak_openid = KeycloakOpenID(
server_url=keycloak_url, client_id="ocfapi", realm_name=realm_name,
)
app = FastAPI()
origins = [
"http://localhost",
"http://localhost:8080",
]
app.add_middleware(
CORSMiddleware,
allow_origins=origins,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
class _Keycloak(AuthProvider):
f"""
Redis key-value pair database implementation of KeyValueStore
Defines methods for getting, deleting and putting key value pairs
:param host, port, db (see also `https://github.com/andymccurdy/redis-py)`
Example:
```
db = KeyValueDatabase.instance(provider='redis', host='localhost', port=6379, db=0)
```
"""
def __init__(self,
domain: Optional[str] = None,
audience: Optional[str] = None):
super().__init__()
self._domain = domain or os.getenv('KEYCLOAK_DOMAIN')
self._client_secret_key = os.getenv('KEYCLOAK_CLIENT_SECRET_KEY')
self._client_secret_id = os.getenv('KEYCLOAK_CLIENT_SECRET_ID')
self._realm = os.getenv('KEYCLOAK_REALM')
self._audience = audience or os.getenv('XCUBE_HUB_OAUTH_AUD')
self._algorithms = ["RS256"]
if self._domain is None:
raise Unauthorized(description="Keycloak error: Domain not set")
if self._audience is None:
raise Unauthorized(description="Keycloak error: Audience not set")
self._keycloak_openid = KeycloakOpenID(
server_url=f"https://{self._domain}/auth/",
client_id=self._client_secret_id,
realm_name=self._realm,
client_secret_key=self._client_secret_key,
verify=True)
def get_email(self, claims):
if 'email' not in claims:
return "no email"
return claims['email']
def verify_token(self, token: str) -> Dict:
"""
Get a key value
:param token:
:return:
"""
try:
self._keycloak_openid.introspect(token)
except KeycloakGetError as e:
raise Unauthorized(description="invalid token: " + str(e))
certs = self._keycloak_openid.certs()
rsa_key = {}
for key in certs["keys"]:
rsa_key = {
"kty": key["kty"],
"kid": key["kid"],
"use": key["use"],
"n": key["n"],
"e": key["e"]
}
try:
self._claims = self._keycloak_openid.decode_token(token=token,
key=rsa_key)
except Exception as e:
raise Unauthorized(description=str(e))
return self._claims
from keycloak import KeycloakOpenID, KeycloakAdmin
from django.conf import settings
web_config = settings.KEYCLOAK_WEB_CONFIG
admin_config = settings.KEYCLOAK_ADMIN_CONFIG
keycloak_web = KeycloakOpenID(server_url=web_config['KEYCLOAK_SERVER_URL'],
client_id=web_config['KEYCLOAK_CLIENT_ID'],
realm_name=web_config['KEYCLOAK_REALM'])
keycloak_admin = KeycloakAdmin(server_url=admin_config['KEYCLOAK_SERVER_URL'],
username=admin_config['KEYCLOAK_USERNAME'],
password=admin_config['KEYCLOAK_PASSWORD'],
realm_name=admin_config['KEYCLOAK_REALM'],
verify=True)
