Version: | 0.4.0 |
---|---|
Source: | https://github.com/open-formulieren/open-forms-ext-token-exchange |
Keywords: | Open Forms Extension, Keycloak token exchange |
Open Forms extension to use Keycloak access tokens when requesting prefill data from external APIs.
- Signal receiver which extracts the Keycloak access token from the session and caches it.
- Pre-request hook that adds a custom authentication class to the request kwargs.
- Custom authentication class that performs the token exchange with Keycloak and adds the exchanged token to the
Authorization
header.
Note
The token exchange has a standard, but Keycloak mentions in its documentation that they "extended it a little, ignored some of it, and loosely interpreted other parts of the specification".
- Python 3.7 or above
- setuptools 30.3.0 or above
- Django 3.2
For an explanation of this how this extension works, look at the Open Forms developer documentation.
To see how to build and distribute an image with this extension, look at the Open Forms documentation about building and distributing extensions.
In the Open Forms Admin, go to Miscellaneous > Token exchange plugin configurations. Click on Add Token exchange plugin configuration and fill in the details:
- Select the service for which you want the token authorisation to be performed.
- Add the Keycloak audience.
Save the configuration.