You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

233 lines
12 KiB

7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
3 years ago
3 years ago
3 years ago
7 years ago
7 years ago
5 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23. """Keycloak URL patterns."""
  24. # OPENID URLS
  25. URL_REALM = "realms/{realm-name}"
  26. URL_WELL_KNOWN_BASE = "realms/{realm-name}/.well-known"
  27. URL_WELL_KNOWN = URL_WELL_KNOWN_BASE + "/openid-configuration"
  28. URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token"
  29. URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo"
  30. URL_LOGOUT = "realms/{realm-name}/protocol/openid-connect/logout"
  31. URL_CERTS = "realms/{realm-name}/protocol/openid-connect/certs"
  32. URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect"
  33. URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}"
  34. URL_AUTH = (
  35. "{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}"
  36. "&scope={scope}&state={state}"
  37. )
  38. URL_DEVICE = "realms/{realm-name}/protocol/openid-connect/auth/device"
  39. URL_CLIENT_REGISTRATION = URL_REALM + "/clients-registrations/default"
  40. URL_CLIENT_UPDATE = URL_CLIENT_REGISTRATION + "/{client-id}"
  41. # ADMIN URLS
  42. URL_ADMIN_USERS = "admin/realms/{realm-name}/users"
  43. URL_ADMIN_USERS_COUNT = "admin/realms/{realm-name}/users/count"
  44. URL_ADMIN_USER = "admin/realms/{realm-name}/users/{id}"
  45. URL_ADMIN_USER_CONSENTS = "admin/realms/{realm-name}/users/{id}/consents"
  46. URL_ADMIN_SEND_UPDATE_ACCOUNT = "admin/realms/{realm-name}/users/{id}/execute-actions-email"
  47. URL_ADMIN_SEND_VERIFY_EMAIL = "admin/realms/{realm-name}/users/{id}/send-verify-email"
  48. URL_ADMIN_RESET_PASSWORD = "admin/realms/{realm-name}/users/{id}/reset-password"
  49. URL_ADMIN_GET_SESSIONS = "admin/realms/{realm-name}/users/{id}/sessions"
  50. URL_ADMIN_USER_ALL_ROLES = "admin/realms/{realm-name}/users/{id}/role-mappings"
  51. URL_ADMIN_USER_CLIENT_ROLES = (
  52. "admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}"
  53. )
  54. URL_ADMIN_USER_REALM_ROLES = "admin/realms/{realm-name}/users/{id}/role-mappings/realm"
  55. URL_ADMIN_USER_REALM_ROLES_AVAILABLE = (
  56. "admin/realms/{realm-name}/users/{id}/role-mappings/realm/available"
  57. )
  58. URL_ADMIN_USER_REALM_ROLES_COMPOSITE = (
  59. "admin/realms/{realm-name}/users/{id}/role-mappings/realm/composite"
  60. )
  61. URL_ADMIN_GROUPS_REALM_ROLES = "admin/realms/{realm-name}/groups/{id}/role-mappings/realm"
  62. URL_ADMIN_GROUPS_CLIENT_ROLES = (
  63. "admin/realms/{realm-name}/groups/{id}/role-mappings/clients/{client-id}"
  64. )
  65. URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE = (
  66. "admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}/available"
  67. )
  68. URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE = (
  69. "admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}/composite"
  70. )
  71. URL_ADMIN_USER_GROUP = "admin/realms/{realm-name}/users/{id}/groups/{group-id}"
  72. URL_ADMIN_USER_GROUPS = "admin/realms/{realm-name}/users/{id}/groups"
  73. URL_ADMIN_USER_CREDENTIALS = "admin/realms/{realm-name}/users/{id}/credentials"
  74. URL_ADMIN_USER_CREDENTIAL = "admin/realms/{realm-name}/users/{id}/credentials/{credential_id}"
  75. URL_ADMIN_USER_LOGOUT = "admin/realms/{realm-name}/users/{id}/logout"
  76. URL_ADMIN_USER_STORAGE = "admin/realms/{realm-name}/user-storage/{id}/sync"
  77. URL_ADMIN_SERVER_INFO = "admin/serverinfo"
  78. URL_ADMIN_GROUPS = "admin/realms/{realm-name}/groups"
  79. URL_ADMIN_GROUPS_COUNT = "admin/realms/{realm-name}/groups/count"
  80. URL_ADMIN_GROUP = "admin/realms/{realm-name}/groups/{id}"
  81. URL_ADMIN_GROUP_BY_PATH = "admin/realms/{realm-name}/group-by-path/{path}"
  82. URL_ADMIN_GROUP_CHILD = "admin/realms/{realm-name}/groups/{id}/children"
  83. URL_ADMIN_GROUP_PERMISSIONS = "admin/realms/{realm-name}/groups/{id}/management/permissions"
  84. URL_ADMIN_GROUP_MEMBERS = "admin/realms/{realm-name}/groups/{id}/members"
  85. URL_ADMIN_CLIENT_INITIAL_ACCESS = "admin/realms/{realm-name}/clients-initial-access"
  86. URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients"
  87. URL_ADMIN_CLIENT = URL_ADMIN_CLIENTS + "/{id}"
  88. URL_ADMIN_CLIENTS_CLIENT_ID = URL_ADMIN_CLIENTS + "?clientId={client-id}"
  89. URL_ADMIN_CLIENT_ALL_SESSIONS = URL_ADMIN_CLIENT + "/user-sessions"
  90. URL_ADMIN_CLIENT_SECRETS = URL_ADMIN_CLIENT + "/client-secret"
  91. URL_ADMIN_CLIENT_ROLES = URL_ADMIN_CLIENT + "/roles"
  92. URL_ADMIN_CLIENT_ROLE = URL_ADMIN_CLIENT + "/roles/{role-name}"
  93. URL_ADMIN_CLIENT_ROLES_COMPOSITE_CLIENT_ROLE = URL_ADMIN_CLIENT_ROLE + "/composites"
  94. URL_ADMIN_CLIENT_ROLE_MEMBERS = URL_ADMIN_CLIENT + "/roles/{role-name}/users"
  95. URL_ADMIN_CLIENT_ROLE_GROUPS = URL_ADMIN_CLIENT + "/roles/{role-name}/groups"
  96. URL_ADMIN_CLIENT_MANAGEMENT_PERMISSIONS = URL_ADMIN_CLIENT + "/management/permissions"
  97. URL_ADMIN_CLIENT_SCOPE_MAPPINGS_REALM_ROLES = URL_ADMIN_CLIENT + "/scope-mappings/realm"
  98. URL_ADMIN_CLIENT_SCOPE_MAPPINGS_CLIENT_ROLES = (
  99. URL_ADMIN_CLIENT + "/scope-mappings/clients/{client}"
  100. )
  101. URL_ADMIN_CLIENT_OPTIONAL_CLIENT_SCOPES = URL_ADMIN_CLIENT + "/optional-client-scopes"
  102. URL_ADMIN_CLIENT_OPTIONAL_CLIENT_SCOPE = (
  103. URL_ADMIN_CLIENT_OPTIONAL_CLIENT_SCOPES + "/{client_scope_id}"
  104. )
  105. URL_ADMIN_CLIENT_DEFAULT_CLIENT_SCOPES = URL_ADMIN_CLIENT + "/default-client-scopes"
  106. URL_ADMIN_CLIENT_DEFAULT_CLIENT_SCOPE = (
  107. URL_ADMIN_CLIENT_DEFAULT_CLIENT_SCOPES + "/{client_scope_id}"
  108. )
  109. URL_ADMIN_CLIENT_AUTHZ = URL_ADMIN_CLIENT + "/authz/resource-server"
  110. URL_ADMIN_CLIENT_AUTHZ_SETTINGS = URL_ADMIN_CLIENT_AUTHZ + "/settings"
  111. URL_ADMIN_CLIENT_AUTHZ_RESOURCE = URL_ADMIN_CLIENT_AUTHZ + "/resource/{resource-id}"
  112. URL_ADMIN_CLIENT_AUTHZ_RESOURCES = URL_ADMIN_CLIENT_AUTHZ + "/resource?max=-1"
  113. URL_ADMIN_CLIENT_AUTHZ_SCOPES = URL_ADMIN_CLIENT_AUTHZ + "/scope?max=-1"
  114. URL_ADMIN_CLIENT_AUTHZ_PERMISSIONS = URL_ADMIN_CLIENT_AUTHZ + "/permission?max=-1"
  115. URL_ADMIN_CLIENT_AUTHZ_POLICIES = URL_ADMIN_CLIENT_AUTHZ + "/policy?max=-1&permission=false"
  116. URL_ADMIN_CLIENT_AUTHZ_ROLE_BASED_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/role?max=-1"
  117. URL_ADMIN_CLIENT_AUTHZ_RESOURCE_BASED_PERMISSION = (
  118. URL_ADMIN_CLIENT_AUTHZ + "/permission/resource?max=-1"
  119. )
  120. URL_ADMIN_CLIENT_AUTHZ_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/{policy-id}"
  121. URL_ADMIN_CLIENT_AUTHZ_POLICY_SCOPES = URL_ADMIN_CLIENT_AUTHZ_POLICY + "/scopes"
  122. URL_ADMIN_CLIENT_AUTHZ_POLICY_RESOURCES = URL_ADMIN_CLIENT_AUTHZ_POLICY + "/resources"
  123. URL_ADMIN_CLIENT_AUTHZ_SCOPE_PERMISSION = URL_ADMIN_CLIENT_AUTHZ + "/permission/scope/{scope-id}"
  124. URL_ADMIN_CLIENT_AUTHZ_RESOURCE_PERMISSION = (
  125. URL_ADMIN_CLIENT_AUTHZ + "/permission/resource/{resource-id}"
  126. )
  127. URL_ADMIN_ADD_CLIENT_AUTHZ_SCOPE_PERMISSION = URL_ADMIN_CLIENT_AUTHZ + "/permission/scope?max=-1"
  128. URL_ADMIN_CLIENT_AUTHZ_CLIENT_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/client"
  129. URL_ADMIN_CLIENT_AUTHZ_CLIENT_POLICY_ASSOCIATED_POLICIES = (
  130. URL_ADMIN_CLIENT_AUTHZ + "/policy/{policy-id}/associatedPolicies"
  131. )
  132. URL_ADMIN_CLIENT_SERVICE_ACCOUNT_USER = URL_ADMIN_CLIENT + "/service-account-user"
  133. URL_ADMIN_CLIENT_CERTS = URL_ADMIN_CLIENT + "/certificates/{attr}"
  134. URL_ADMIN_CLIENT_INSTALLATION_PROVIDER = URL_ADMIN_CLIENT + "/installation/providers/{provider-id}"
  135. URL_ADMIN_CLIENT_PROTOCOL_MAPPERS = URL_ADMIN_CLIENT + "/protocol-mappers/models"
  136. URL_ADMIN_CLIENT_PROTOCOL_MAPPER = URL_ADMIN_CLIENT_PROTOCOL_MAPPERS + "/{protocol-mapper-id}"
  137. URL_ADMIN_CLIENT_SCOPES = "admin/realms/{realm-name}/client-scopes"
  138. URL_ADMIN_CLIENT_SCOPE = URL_ADMIN_CLIENT_SCOPES + "/{scope-id}"
  139. URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER = URL_ADMIN_CLIENT_SCOPE + "/protocol-mappers/models"
  140. URL_ADMIN_CLIENT_SCOPES_MAPPERS = URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER + "/{protocol-mapper-id}"
  141. URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles"
  142. URL_ADMIN_REALM_ROLES_SEARCH = URL_ADMIN_REALM_ROLES + "?search={search-text}"
  143. URL_ADMIN_REALM_ROLES_MEMBERS = URL_ADMIN_REALM_ROLES + "/{role-name}/users"
  144. URL_ADMIN_REALM_ROLES_GROUPS = URL_ADMIN_REALM_ROLES + "/{role-name}/groups"
  145. URL_ADMIN_REALMS = "admin/realms"
  146. URL_ADMIN_REALM = "admin/realms/{realm-name}"
  147. URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances"
  148. URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
  149. URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
  150. URL_ADMIN_IDP = "admin/realms/{realm-name}/identity-provider/instances/{alias}"
  151. URL_ADMIN_REALM_ROLES_ROLE_BY_ID = URL_ADMIN_REALM + "/roles-by-id/{role-id}"
  152. URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}"
  153. URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = (
  154. "admin/realms/{realm-name}/roles/{role-name}/composites"
  155. )
  156. URL_ADMIN_REALM_EXPORT = (
  157. "admin/realms/{realm-name}/partial-export?exportClients={export-clients}&"
  158. + "exportGroupsAndRoles={export-groups-and-roles}"
  159. )
  160. URL_ADMIN_REALM_PARTIAL_IMPORT = "admin/realms/{realm-name}/partialImport"
  161. URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES = URL_ADMIN_REALM + "/default-default-client-scopes"
  162. URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPE = URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES + "/{id}"
  163. URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES = URL_ADMIN_REALM + "/default-optional-client-scopes"
  164. URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPE = URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES + "/{id}"
  165. URL_ADMIN_FLOWS = "admin/realms/{realm-name}/authentication/flows"
  166. URL_ADMIN_FLOW = URL_ADMIN_FLOWS + "/{id}"
  167. URL_ADMIN_FLOWS_ALIAS = "admin/realms/{realm-name}/authentication/flows/{flow-id}"
  168. URL_ADMIN_FLOWS_COPY = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/copy"
  169. URL_ADMIN_FLOWS_EXECUTIONS = (
  170. "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions"
  171. )
  172. URL_ADMIN_FLOWS_EXECUTION = "admin/realms/{realm-name}/authentication/executions/{id}"
  173. URL_ADMIN_FLOWS_EXECUTIONS_EXECUTION = (
  174. "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions/execution"
  175. )
  176. URL_ADMIN_FLOWS_EXECUTIONS_FLOW = (
  177. "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions/flow"
  178. )
  179. URL_ADMIN_AUTHENTICATOR_PROVIDERS = (
  180. "admin/realms/{realm-name}/authentication/authenticator-providers"
  181. )
  182. URL_ADMIN_AUTHENTICATOR_CONFIG_DESCRIPTION = (
  183. "admin/realms/{realm-name}/authentication/config-description/{provider-id}"
  184. )
  185. URL_ADMIN_AUTHENTICATOR_CONFIG = "admin/realms/{realm-name}/authentication/config/{id}"
  186. URL_ADMIN_COMPONENTS = "admin/realms/{realm-name}/components"
  187. URL_ADMIN_COMPONENT = "admin/realms/{realm-name}/components/{component-id}"
  188. URL_ADMIN_KEYS = "admin/realms/{realm-name}/keys"
  189. URL_ADMIN_USER_FEDERATED_IDENTITIES = "admin/realms/{realm-name}/users/{id}/federated-identity"
  190. URL_ADMIN_USER_FEDERATED_IDENTITY = (
  191. "admin/realms/{realm-name}/users/{id}/federated-identity/{provider}"
  192. )
  193. URL_ADMIN_USER_EVENTS = "admin/realms/{realm-name}/events"
  194. URL_ADMIN_ADMIN_EVENTS = "admin/realms/{realm-name}/admin-events"
  195. URL_ADMIN_EVENTS_CONFIG = URL_ADMIN_USER_EVENTS + "/config"
  196. URL_ADMIN_CLIENT_SESSION_STATS = "admin/realms/{realm-name}/client-session-stats"
  197. URL_ADMIN_GROUPS_CLIENT_ROLES_COMPOSITE = URL_ADMIN_GROUPS_CLIENT_ROLES + "/composite"
  198. URL_ADMIN_REALM_ROLE_COMPOSITES = "admin/realms/{realm-name}/roles-by-id/{role-id}/composites"
  199. URL_ADMIN_REALM_ROLE_COMPOSITES_REALM = URL_ADMIN_REALM_ROLE_COMPOSITES + "/realm"
  200. URL_ADMIN_CLIENT_ROLE_CHILDREN = URL_ADMIN_REALM_ROLE_COMPOSITES + "/clients/{client-id}"
  201. URL_ADMIN_CLIENT_CERT_UPLOAD = URL_ADMIN_CLIENT_CERTS + "/upload-certificate"
  202. URL_ADMIN_REQUIRED_ACTIONS = URL_ADMIN_REALM + "/authentication/required-actions"
  203. URL_ADMIN_REQUIRED_ACTIONS_ALIAS = URL_ADMIN_REQUIRED_ACTIONS + "/{action-alias}"
  204. URL_ADMIN_ATTACK_DETECTION = "admin/realms/{realm-name}/attack-detection/brute-force/users"
  205. URL_ADMIN_ATTACK_DETECTION_USER = (
  206. "admin/realms/{realm-name}/attack-detection/brute-force/users/{id}"
  207. )
  208. URL_ADMIN_CLEAR_KEYS_CACHE = URL_ADMIN_REALM + "/clear-keys-cache"
  209. URL_ADMIN_CLEAR_REALM_CACHE = URL_ADMIN_REALM + "/clear-realm-cache"
  210. URL_ADMIN_CLEAR_USER_CACHE = URL_ADMIN_REALM + "/clear-user-cache"
  211. # UMA URLS
  212. URL_UMA_WELL_KNOWN = URL_WELL_KNOWN_BASE + "/uma2-configuration"