Using Twitcher with Keycloak

Setup a Keycloak service with client credentials grant type. You can use this Ansible playbook. The Keycloak service is running on: http://localhost:8080

Configure the twitcher as described in the keycloak example of the twitcher tutorial and register the Emu WPS.

[ ]:
# disable ssl warnings
import urllib3
urllib3.disable_warnings()

Keycloak client

https://www.keycloak.org/docs/latest/server_admin/index.html#_service_accounts

[ ]:
keycloak_url = 'http://localhost:8080'
token_endpoint = '/auth/realms/demo/protocol/openid-connect/token'
client_id = 'demo'
client_secret = 'c083d72c-a262-40b1-ad51-326f6977d74b'

Get OAuth access token from Keycloak

scope=compute

[ ]:
token_url = "{}{}".format(keycloak_url, token_endpoint)
token_url
[ ]:
import os
from oauthlib.oauth2 import BackendApplicationClient
from requests_oauthlib import OAuth2Session

os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'

client = BackendApplicationClient(client_id=client_id)
oauth = OAuth2Session(client=client)
token = oauth.fetch_token(
    token_url,
    scope='compute',
    client_id=client_id,
    client_secret=client_secret,
    include_client_id=True,
    verify=False)
token
[ ]:
token['access_token']

Execute WPS Process with access token

[ ]:
base_url = 'http://localhost:8000'
url = "{}/ows/proxy/emu?service=WPS&version=1.0.0&request=Execute&identifier=chomsky".format(base_url)
url
[ ]:
import requests
headers = {'Authorization': 'Bearer {}'.format(token['access_token'])}

resp = requests.get(url, headers=headers, verify=False)
resp.ok
[ ]:
'ProcessSucceeded' in resp.text