Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
Browse Source

added create_client_authz_group_based_policy, create_client_authz_scope_based_permission and their corresponding urls

pull/430/head
Elias Hamacher 2 years ago
committed by elias.hamacher
parent
1e74b4337e
commit
026e3c06c1
2 changed files with 81 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 79
      src/keycloak/keycloak_admin.py
  2. 2
      src/keycloak/urls_patterns.py

79
src/keycloak/keycloak_admin.py
View File

@ -1725,6 +1725,85 @@ class KeycloakAdmin:
data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
)
def create_client_authz_group_based_policy(self, client_id, payload, skip_exists=False):
"""Create group-based policy of client.
Payload example::
payload={
"type": "group",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"name": "Policy-1",
"groups": [
{
"id": id
}
]
}
:param client_id: id in ClientRepresentation
https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_clientrepresentation
:type client_id: str
:param payload: No Document
:type payload: dict
:param skip_exists: Skip creation in case the object exists
:type skip_exists: bool
:return: Keycloak server response
:rtype: bytes
"""
params_path = {"realm-name": self.realm_name, "id": client_id}
data_raw = self.connection.raw_post(
urls_patterns.URL_ADMIN_CLIENT_AUTHZ_GROUP_BASED_POLICY.format(**params_path),
data=json.dumps(payload),
)
return raise_error_from_response(
data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
)
def create_client_authz_scope_based_permission(self, client_id, payload, skip_exists=False):
"""Create scope-based permission of client.
Payload example::
payload={
"type": "resource",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"name": "Permission-Name",
"scopes": [
scope_id
],
"policies": [
policy_id
]
:param client_id: id in ClientRepresentation
https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_clientrepresentation
:type client_id: str
:param payload: PolicyRepresentation
https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_policyrepresentation
:type payload: dict
:param skip_exists: Skip creation in case the object already exists
:type skip_exists: bool
:return: Keycloak server response
:rtype: bytes
"""
params_path = {"realm-name": self.realm_name, "id": client_id}
data_raw = self.connection.raw_post(
urls_patterns.URL_ADMIN_CLIENT_AUTHZ_SCOPE_BASED_PERMISSION.format(**params_path),
data=json.dumps(payload),
)
return raise_error_from_response(
data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
)
def create_client_authz_policy(self, client_id, payload, skip_exists=False):
"""Create an authz policy of client.

2
src/keycloak/urls_patterns.py
View File

@ -119,6 +119,8 @@ URL_ADMIN_CLIENT_AUTHZ_SCOPES = URL_ADMIN_CLIENT_AUTHZ + "/scope?max=-1"
URL_ADMIN_CLIENT_AUTHZ_PERMISSIONS = URL_ADMIN_CLIENT_AUTHZ + "/permission?max=-1"
URL_ADMIN_CLIENT_AUTHZ_POLICIES = URL_ADMIN_CLIENT_AUTHZ + "/policy?max=-1&permission=false"
URL_ADMIN_CLIENT_AUTHZ_ROLE_BASED_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/role?max=-1"
URL_ADMIN_CLIENT_AUTHZ_GROUP_BASED_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/group?max=-1"
URL_ADMIN_CLIENT_AUTHZ_SCOPE_BASED_PERMISSION = URL_ADMIN_CLIENT_AUTHZ + "/permission/scope?max=-1"
URL_ADMIN_CLIENT_AUTHZ_ROLE_BASED_POLICY_UPDATE = URL_ADMIN_CLIENT_AUTHZ + "/policy/role/{policy_id}"
URL_ADMIN_CLIENT_AUTHZ_GROUP_BASED_POLICY = URL_ADMIN_CLIENT_AUTHZ + "/policy/group?max=-1"
URL_ADMIN_CLIENT_AUTHZ_GROUP_BASED_POLICY_UPDATE = URL_ADMIN_CLIENT_AUTHZ + "/policy/group/{policy_id}"

Write Preview
Loading…
Cancel
Save