kratos-external-idp-integrator

Kratos External Idp Integrator

Channel Revision Published Runs on
latest/edge 299 24 Sep 2025
Ubuntu 22.04
istio/edge 273 13 Jan 2025
Ubuntu 22.04
0.3/edge 295 01 Aug 2025
Ubuntu 22.04
0.2/stable 192 26 Jun 2024
Ubuntu 22.04
0.2/edge 192 01 May 2024
Ubuntu 22.04
0.1/edge 182 15 Sep 2023
Ubuntu 22.04
juju deploy kratos-external-idp-integrator --channel edge
Show information

Platform:

Ubuntu
22.04

charms.kratos_external_idp_integrator.v1.kratos_external_provider

Interface library for Kratos external OIDC providers.

This library wraps relation endpoints using the kratos-external-idp interface and provides a Python API for both requesting Kratos to register the client credentials and for communicating with an external provider.

Getting Started

To get started using the library, you need to fetch the library using charmcraft.

cd some-charm
charmcraft fetch-lib charms.kratos_external_idp_integrator.v1.kratos_external_provider

To use the library from the provider side (KratosExternalIdpIntegrator):

In the metadata.yaml of the charm, add the following:

provides:
    kratos-external-idp:
        interface: external_provider
        limit: 1

Then, to initialize the library:

from charms.kratos_external_idp_integrator.v1.kratos_external_provider import (
    ExternalIdpProvider,
)
from ops.model import BlockedStatus

class SomeCharm(CharmBase):
  def __init__(self, *args):
    # ...
    self.external_idp_provider = ExternalIdpProvider(self, self.config)

    self.framework.observe(self.on.config_changed, self._on_config_changed)
    self.framework.observe(self.external_idp_provider.on.ready, self._on_ready)
    self.framework.observe(
        self.external_idp_provider.on.redirect_uri_changed, self._on_redirect_uri_changed
    )

    def _on_config_changed(self, event):
        # ...
        providers = self.external_idp_provider.validate_provider_config([self.config])
        if not providers:
            self.unit.status = BlockedStatus("Invalid configuration")
        # ...

    def _on_redirect_uri_changed(self, event):
        logger.info(f"The client's redirect_uri changed to {event.redirect_uri}")

    def _on_ready(self, event):
        if not isinstance(self.unit.status, BlockedStatus):
            self.external_idp_provider.create_providers(providers)

To use the library from the requirer side (Kratos):

In the metadata.yaml of the charm, add the following:

requires:
    kratos-external-idp:
        interface: external_provider

Then, to initialize the library:

from charms.kratos_external_idp_integrator.v1.kratos_external_provider import (
    ExternalIdpRequirer
)

class KratosCharm(CharmBase):
  def __init__(self, *args):
    # ...
    self.external_idp_requirer = ExternalIdpRequirer(self)

    self.framework.observe(
        self.external_idp_provider.on.client_config_changed, self._on_client_config_changed
    )

    def _on_client_config_changed(self, event):
        self._configure(event)

        self.external_provider.update_registered_provider(
            providers,
            event.relation_id,
        )

Index

def dump_secret(
    v: SecretStr,
    _: SerializerFunctionWrapHandler
)

class BaseProvider

Methods

BaseProvider. validate_provider( cls , v: str )

BaseProvider. serialize_scope( self , v )

BaseProvider. deserialize_scope( cls , v )

BaseProvider. deserialize_mapper_url( self )

BaseProvider. deserialize_id( self )

BaseProvider. deserialize_label( self )

class GenericProvider

Methods

GenericProvider. deserialize_id( self )

class SocialProvider

class GithubProvider

Methods

GithubProvider. deserialize_scope( cls , v )

class MicrosoftProvider

Methods

MicrosoftProvider. deserialize_id( self )

class AppleProvider

class Providers

Methods

Providers. __iter__( self )

Providers. __getitem__( self , idx: int )

Providers. __len__( self )

class RequirerProvider

class RequirerProviders

Methods

RequirerProviders. __iter__( self )

RequirerProviders. __getitem__( self , idx: int )

RequirerProviders. __len__( self )

class RelationReadyEvent

Description

Event to notify the charm that the relation is ready. None

Methods

RelationReadyEvent. snapshot( self )

Description

Save event. None

RelationReadyEvent. restore( self , snapshot: dict )

Description

Restore event. None

class RedirectURIChangedEvent

Description

Event to notify the charm that the redirect_uri changed. None

Methods

RedirectURIChangedEvent. __init__( self , handle: Handle , redirect_uri: str )

RedirectURIChangedEvent. snapshot( self )

Description

Save redirect_uri. None

RedirectURIChangedEvent. restore( self , snapshot: dict )

Description

Restore redirect_uri. None

class ExternalIdpProviderEvents

Description

Event descriptor for events raised by ExternalIdpProvider. None

class ExternalIdpProvider

Description

Forward client configurations to Identity Broker. None

Methods

ExternalIdpProvider. __init__( self , charm: CharmBase , relation_name: str )

ExternalIdpProvider. is_ready( self )

Description

Checks if the relation is ready. None

ExternalIdpProvider. create_providers( self , providers: Providers )

ExternalIdpProvider. remove_provider( self )

ExternalIdpProvider. get_redirect_uri( self , relation_id )

Description

Get the kratos client's redirect_uri. None

ExternalIdpProvider. validate_provider_config( configurations )

Description

Validate the OIDC provider configuration. None

class ClientConfigChangedEvent

Description

Event to notify the charm that a provider's client config changed. None

Methods

ClientConfigChangedEvent. __init__( self , handle: Handle , provider: Provider )

ClientConfigChangedEvent. snapshot( self )

Description

Save event. None

ClientConfigChangedEvent. restore( self , snapshot: dict )

Description

Restore event. None

class ClientConfigRemovedEvent

Description

Event to notify the charm that a provider's client config was removed. None

Methods

ClientConfigRemovedEvent. __init__( self , handle: Handle , relation_id: str )

ClientConfigRemovedEvent. snapshot( self )

Description

Save event. None

ClientConfigRemovedEvent. restore( self , snapshot: dict )

Description

Restore event. None

class ExternalIdpRequirerEvents

Description

Event descriptor for events raised by ExternalIdpRequirerEvents. None

class ExternalIdpRequirer

Description

Receive the External Idp configurations for Kratos. None

Methods

ExternalIdpRequirer. __init__( self , charm: CharmBase , relation_name: str )

ExternalIdpRequirer. relations( self )

ExternalIdpRequirer. update_registered_provider( self , providers: RequirerProviders , relation_id: int )

ExternalIdpRequirer. remove_registered_provider( self , relation_id: int )

ExternalIdpRequirer. get_providers_from_relation( self , relation: Relation )

ExternalIdpRequirer. get_providers( self )