CODEWITHSUNDEEP
pythonazuresslkeycloakkeycloak-admin-cli
Pai-Ting Lee
Pai-Ting Lee

Reputation: 91

Cannot connect to Keycloak Server

I am using the python-keycloak library 3.3 to connect my python app with Keycloak. I am using 2 clients in 1 realm. On my local computer, when I run the keycloak server on localhost:8080 it works perfect, but when I try to connect to the Keycloak Server, deployed in an Azure cloud I get this error for the auth client:

keycloak.exceptions.KeycloakConnectionError: Can't connect to server (Could not find a suitable TLS CA certificate bundle, invalid path: True)

For the other client which I need for my frontend and here is no TLS CA certificate issue and I can reach the server without any problems. Can someone help me?

from keycloak import KeycloakAdmin
from keycloak import KeycloakOpenIDConnection
from config import cfg

cdb = cfg['test']

keycloak_connection = KeycloakOpenIDConnection(
                        server_url=['SERVER_URL'],
                        username=cdb['USERNAME'],
                        password=cdb['PASSWORD'],
                        realm_name=cdb['REALM_NAME'],
                        client_id=cdb['CLIENT_ID'],
                        client_secret_key=cdb['CLIENT_SECRET_KEY'],
                        verify=cdb['VERIFY'])

keycloak_admin = KeycloakAdmin(connection=keycloak_connection)

Upvotes: 1

Views: 581

Answers (2)

Pai-Ting Lee
Pai-Ting Lee

Reputation: 91

Ok I figured it out, you cannot use verify=cdb['VERIFY'] because then it takes 'True' as a string but it needs a boolean. It works with child realm as well, no need for using the master realm and changing to the child realm.

Upvotes: 1

Bench Vue
Bench Vue

Reputation: 9320

You can't make a direct child realm's connection. You connect the master realm first And switch child realm. I don't know why. It works the old Keycloak version but not work v24.

Launch Keycalok

Launch Keyclock by docker-compose in here

configuration

config.py master realm and credential

test  = dict(
    SERVER_URL = 'http://localhost:8080',
    MASTER_USERNAME = 'admin',
    MASTER_PASSWORD = 'admin',
    MASTER_REALM_NAME = 'master',
    MASTER_CLIENT_ID = 'admin-cli',
    REALM_NAME = 'my-realm',
    VERIFY = True
)

demo.py

from keycloak import KeycloakAdmin
from keycloak import KeycloakOpenIDConnection
import config

cdb = config.test

keycloak_connection = KeycloakOpenIDConnection(
                        server_url=cdb['SERVER_URL'],
                        username=cdb['MASTER_USERNAME'],
                        password=cdb['MASTER_PASSWORD'],
                        realm_name=cdb['MASTER_REALM_NAME'],
                        client_id=cdb['MASTER_CLIENT_ID'],
                        verify=cdb['VERIFY']
)

keycloak_admin = KeycloakAdmin(connection=keycloak_connection)

keycloak_admin.change_current_realm(cdb['REALM_NAME'])

current = keycloak_admin.get_current_realm()
print('current realm : ' + current)

users = keycloak_admin.get_users()
for user in users:
  print(user)

Result

enter image description here

Upvotes: 1

Related Questions