{
 "cells": [
  {
   "cell_type": "markdown",
   "metadata": {},
   "source": [
    "# Using Twitcher with Keycloak\n",
    "\n",
    "Setup a [Keycloak](https://www.keycloak.org/) service with \n",
    "[client credentials grant type](https://requests-oauthlib.readthedocs.io/en/latest/oauth2_workflow.html#backend-application-flow).\n",
    "You can use this [Ansible playbook](https://github.com/bird-house/ansible-keycloak-playbook). \n",
    "The Keycloak service is running on: http://localhost:8080\n",
    "\n",
    "Configure the twitcher as described in the keycloak example of the [twitcher tutorial](https://twitcher.readthedocs.io/en/latest/tutorial.html) and register the [Emu](https://github.com/bird-house/emu) WPS.\n"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "# disable ssl warnings\n",
    "import urllib3\n",
    "urllib3.disable_warnings()"
   ]
  },
  {
   "cell_type": "markdown",
   "metadata": {},
   "source": [
    "### Keycloak client\n",
    "https://www.keycloak.org/docs/latest/server_admin/index.html#_service_accounts"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "keycloak_url = 'http://localhost:8080'\n",
    "token_endpoint = '/auth/realms/demo/protocol/openid-connect/token'\n",
    "client_id = 'demo'\n",
    "client_secret = 'c083d72c-a262-40b1-ad51-326f6977d74b'"
   ]
  },
  {
   "cell_type": "markdown",
   "metadata": {},
   "source": [
    "### Get OAuth access token from Keycloak\n",
    "scope=compute"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "token_url = \"{}{}\".format(keycloak_url, token_endpoint)\n",
    "token_url"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "import os\n",
    "from oauthlib.oauth2 import BackendApplicationClient\n",
    "from requests_oauthlib import OAuth2Session\n",
    "\n",
    "os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'\n",
    "\n",
    "client = BackendApplicationClient(client_id=client_id)\n",
    "oauth = OAuth2Session(client=client)\n",
    "token = oauth.fetch_token(\n",
    "    token_url,\n",
    "    scope='compute',\n",
    "    client_id=client_id,\n",
    "    client_secret=client_secret,\n",
    "    include_client_id=True,\n",
    "    verify=False)\n",
    "token"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "token['access_token']"
   ]
  },
  {
   "cell_type": "markdown",
   "metadata": {},
   "source": [
    "### Execute WPS Process with access token"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "base_url = 'http://localhost:8000'\n",
    "url = \"{}/ows/proxy/emu?service=WPS&version=1.0.0&request=Execute&identifier=chomsky\".format(base_url)\n",
    "url"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "import requests\n",
    "headers = {'Authorization': 'Bearer {}'.format(token['access_token'])}\n",
    "\n",
    "resp = requests.get(url, headers=headers, verify=False)\n",
    "resp.ok"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "metadata": {},
   "outputs": [],
   "source": [
    "'ProcessSucceeded' in resp.text"
   ]
  }
 ],
 "metadata": {
  "kernelspec": {
   "display_name": "Python 3",
   "language": "python",
   "name": "python3"
  },
  "language_info": {
   "codemirror_mode": {
    "name": "ipython",
    "version": 3
   },
   "file_extension": ".py",
   "mimetype": "text/x-python",
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython3",
   "version": "3.8.1"
  }
 },
 "nbformat": 4,
 "nbformat_minor": 4
}