From 22d87577f4637133146c376dbb99553035b340ab Mon Sep 17 00:00:00 2001
From: Q <q@misell.cymru>
Date: Fri, 9 Apr 2021 17:50:28 +0100
Subject: [PATCH 1/3] fix authz token

---
 src/keycloak/authz.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/keycloak/authz.py b/src/keycloak/authz.py
index cb2c8a9..a47f55e 100644
--- a/src/keycloak/authz.py
+++ b/src/keycloak/authz.py
@@ -115,7 +115,7 @@ def get_permissions(self, token, resource_scopes_tuples=None,
                     response.get('error_description')
                 )
             else:
-                token = response.get('refresh_token')
+                token = response.get('access_token')
                 decoded_token = self._decode_token(token.split('.')[1])
                 authz_info = decoded_token.get('authorization', {})
         except KeycloakClientError as error:

From 20ff6b75e12dbb34d53814ef12e942f08546b6ec Mon Sep 17 00:00:00 2001
From: Q <q@misell.cymru>
Date: Fri, 14 May 2021 17:49:42 +0100
Subject: [PATCH 2/3] fix padding issue

---
 src/keycloak/authz.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/keycloak/authz.py b/src/keycloak/authz.py
index a47f55e..64189ba 100644
--- a/src/keycloak/authz.py
+++ b/src/keycloak/authz.py
@@ -63,7 +63,7 @@ def _decode_token(cls, token):
         missing_padding = len(token) % 4
         if missing_padding != 0:
             token += '=' * (4 - missing_padding)
-        return json.loads(base64.b64decode(token).decode('utf-8'))
+        return json.loads(base64.b64decode(token + "===").decode('utf-8'))
 
     def get_permissions(self, token, resource_scopes_tuples=None,
                         submit_request=False, ticket=None):

From 0267dfa9021eaf478330dedbce587c7a5016a3b3 Mon Sep 17 00:00:00 2001
From: Q <q@misell.cymru>
Date: Fri, 2 Aug 2024 21:05:51 +0200
Subject: [PATCH 3/3] fix permission token parsing

---
 src/keycloak/authz.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/keycloak/authz.py b/src/keycloak/authz.py
index 64189ba..d4e6038 100644
--- a/src/keycloak/authz.py
+++ b/src/keycloak/authz.py
@@ -63,7 +63,7 @@ def _decode_token(cls, token):
         missing_padding = len(token) % 4
         if missing_padding != 0:
             token += '=' * (4 - missing_padding)
-        return json.loads(base64.b64decode(token + "===").decode('utf-8'))
+        return json.loads(base64.urlsafe_b64decode(token + "===").decode('utf-8'))
 
     def get_permissions(self, token, resource_scopes_tuples=None,
                         submit_request=False, ticket=None):