{"id":19310278,"url":"https://github.com/cedadev/oauth2keycloakdjango","last_synced_at":"2025-02-24T03:25:57.750Z","repository":{"id":66788799,"uuid":"200013008","full_name":"cedadev/OAuth2KeycloakDjango","owner":"cedadev","description":null,"archived":false,"fork":false,"pushed_at":"2019-08-09T13:24:30.000Z","size":30,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-01-06T02:09:48.831Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cedadev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-01T08:46:09.000Z","updated_at":"2022-03-15T16:16:50.000Z","dependencies_parsed_at":"2023-02-25T10:46:30.295Z","dependency_job_id":null,"html_url":"https://github.com/cedadev/OAuth2KeycloakDjango","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2FOAuth2KeycloakDjango","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2FOAuth2KeycloakDjango/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2FOAuth2KeycloakDjango/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cedadev%2FOAuth2KeycloakDjango/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cedadev","download_url":"https://codeload.github.com/cedadev/OAuth2KeycloakDjango/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240411428,"owners_count":19797087,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T00:23:26.830Z","updated_at":"2025-02-24T03:25:57.713Z","avatar_url":"https://github.com/cedadev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OAuth2-Django-Keycloak\n\nIntegrating Django with Keycloak using OpenID Connect (OIDC)\n\n## Getting Started\n### Run Keycloak Ansible playbook\n\nMake sure you have Python3.6+, Ansible and Docker + Docker-ce installed\n1. Create python3 virtual env\n    ```\n    $ python3 -m venv keycloak\n    ```\n\n2. Activate python3 virtual env\n    ```\n    $ source keycloak/bin/activate\n    ```\n3. Navigate to the `keycloak` directory and create `keycloak-django` directory\n    ```\n    $ cd keycloak\n    $ mkdir keycloak-django\n    ```\n\n4. Clone the repository\n    ```\n    $ cd keycloak-django\n    $ git clone https://github.com/cedadev/OAuth2KeycloakDjango.git\n    ```\n5. Go to `Playbooks` directory\n    ```\n    $ cd OAuth2KeycloakDjango/Playbooks/\n    ```\n\n6.  Create a Keycloak admin running on localhost\n    ```\n    $ ansible-playbook create.yml\n    ```\n7. Create a client (Allow about 20sec for Keycloak to start the server)\n    ```\n    ansible-playbook -i inventory.yml create_client.yml\n    ```\n8. Create a user\n\n    There are two ways to create a user:\n    1) Log into Keycloak: http://localhost:9000. Click on Admin Console. Then, username and password is `admin` / `admin`.\n        - Click on _Users_ and then the **Add User** button.\n        - Set a username, email, first and last name.\n        - Go to the _Credentials_ tab and set a permanent password for this user.\n    2) Through Keycloak CLI\n        - download the server from https://www.keycloak.org/downloads.html and extract it\n        - navigate to `bin` directory\n        - connect to the server ```./kcadm.sh config credentials --server http://localhost:9000/auth --realm master --user admin --password admin```\n        - create a user ```./kcadm.sh create users -r master -s username=testuser -s enabled=true -s email=test@mail.com -s firstName=First -s lastName=Last```\n        - set/reset a  password(`-t` parameter means the password is not temporary) ```./kcadm.sh set-password -r master --username testuser --new-password pass -t=false``` \n        - more information https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.1/html/server_administration_guide/admin_cli\n        \n### Connecting Django and Keycloak\n\n1. Install requirements\n    ```\n    $ pip install -r requirements.txt\n    ```\n\n2. Run migrations \n    ```\n    $ python manage.py migrate\n    ```\n3. Go to the _Client Credentials_ tab in the `admin console` and copy the _Secret_. Paste this into the\n   Django settings.py file as the value of the _KEYCLOAK_CLIENT_SECRET_ setting.\n4. Also, change _KEYCLOAK_CLIENT_ID_ value with the user created above.\n   \n4. Run the server\n\n    ```\n    export OAUTHLIB_INSECURE_TRANSPORT=1\n    python manage.py runserver\n    ```\n\n    - Note: the OAUTHLIB_INSECURE_TRANSPORT env variable is needed since the\n      library being used normally doesn't allow OAuth over insecure HTTP. In\n      production it wouldn't be needed to set this environment variable because you\n      would have SSL certifications for your web application.\n   \n### Test it\n\n1. First log out of the Keycloak admin console if you are still logged in.\n\n2. Try going to http://localhost:8000/protected/. You should be redirected to Keycloak. Log in as the user you created above.\n\n3. Now you should be redirected back to `/protected/`.\n\nIn order to destroy the Keycloak server run\n```\n$ ansible-playbook destroy.yml\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcedadev%2Foauth2keycloakdjango","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcedadev%2Foauth2keycloakdjango","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcedadev%2Foauth2keycloakdjango/lists"}