Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
Browse Source

Add typing model definitions

pull/348/head
Chuma Umenze 3 years ago
parent
6b218e564f
commit
3cee119eb3
6 changed files with 1118 additions and 175 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 45
      src/keycloak/connection.py
  2. 25
      src/keycloak/exceptions.py
  3. 875
      src/keycloak/keycloak_models.py
  4. 109
      src/keycloak/keycloak_openid.py
  5. 37
      src/keycloak/uma_permissions.py
  6. 202
      src/keycloak/urls_patterns.py

45
src/keycloak/connection.py
View File

@ -21,10 +21,12 @@
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
from typing import TYPE_CHECKING, Any, TypeVar, Union, Dict, Optional, List, Iterable
try:
from urllib.parse import urljoin
except ImportError:
from urlparse import urljoin
from urlparse import urljoin # pytype: disable=import-error
import requests
from requests.adapters import HTTPAdapter
@ -32,6 +34,10 @@ from requests.adapters import HTTPAdapter
from .exceptions import KeycloakConnectionError
if TYPE_CHECKING:
from requests.models import Response
class ConnectionManager(object):
"""
Represents a simple server connection.
@ -43,7 +49,14 @@ class ConnectionManager(object):
:param proxies: (dict) The proxies servers requests is sent by.
"""
def __init__(self, base_url, headers={}, timeout=60, verify=True, proxies=None):
def __init__(
self,
base_url: str,
headers: Optional[Dict[str, str,]] = {},
timeout: Optional[int] = 60,
verify: Optional[bool] = True,
proxies: Optional[Dict[str, str]] = None
) -> None:
self._base_url = base_url
self._headers = headers
self._timeout = timeout
@ -65,7 +78,7 @@ class ConnectionManager(object):
if proxies:
self._s.proxies.update(proxies)
def __del__(self):
def __del__(self) -> None:
self._s.close()
@property
@ -74,7 +87,7 @@ class ConnectionManager(object):
return self._base_url
@base_url.setter
def base_url(self, value):
def base_url(self, value: str):
""" """
self._base_url = value
@ -84,7 +97,7 @@ class ConnectionManager(object):
return self._timeout
@timeout.setter
def timeout(self, value):
def timeout(self, value: int):
""" """
self._timeout = value
@ -94,7 +107,7 @@ class ConnectionManager(object):
return self._verify
@verify.setter
def verify(self, value):
def verify(self, value: bool):
""" """
self._verify = value
@ -104,11 +117,11 @@ class ConnectionManager(object):
return self._headers
@headers.setter
def headers(self, value):
def headers(self, value: Dict[str, str]):
""" """
self._headers = value
def param_headers(self, key):
def param_headers(self, key: str) -> None:
"""
Return a specific header parameter.
@ -117,11 +130,11 @@ class ConnectionManager(object):
"""
return self.headers.get(key)
def clean_headers(self):
def clean_headers(self) -> None:
"""Clear header parameters."""
self.headers = {}
def exist_param_headers(self, key):
def exist_param_headers(self, key: str) -> bool:
"""Check if the parameter exists in the header.
:param key: (str) Header parameters key.
@ -129,7 +142,7 @@ class ConnectionManager(object):
"""
return self.param_headers(key) is not None
def add_param_headers(self, key, value):
def add_param_headers(self, key: str, value: str) -> None:
"""Add a single parameter inside the header.
:param key: (str) Header parameters key.
@ -137,14 +150,14 @@ class ConnectionManager(object):
"""
self.headers[key] = value
def del_param_headers(self, key):
def del_param_headers(self, key: str) -> None:
"""Remove a specific parameter.
:param key: (str) Key of the header parameters.
"""
self.headers.pop(key, None)
def raw_get(self, path, **kwargs):
def raw_get(self, path: str, **kwargs) -> "Response":
"""Submit get request to the path.
:param path: (str) Path for request.
@ -163,7 +176,7 @@ class ConnectionManager(object):
except Exception as e:
raise KeycloakConnectionError("Can't connect to server (%s)" % e)
def raw_post(self, path, data, **kwargs):
def raw_post(self, path: str, data: Dict, **kwargs) -> "Response":
"""Submit post request to the path.
:param path: (str) Path for request.
@ -183,7 +196,7 @@ class ConnectionManager(object):
except Exception as e:
raise KeycloakConnectionError("Can't connect to server (%s)" % e)
def raw_put(self, path, data, **kwargs):
def raw_put(self, path: str, data: Dict, **kwargs) -> "Response":
"""Submit put request to the path.
:param path: (str) Path for request.
@ -203,7 +216,7 @@ class ConnectionManager(object):
except Exception as e:
raise KeycloakConnectionError("Can't connect to server (%s)" % e)
def raw_delete(self, path, data={}, **kwargs):
def raw_delete(self, path: str, data: Optional[Dict]={}, **kwargs) -> "Response":
"""Submit delete request to the path.
:param path: (str) Path for request.

25
src/keycloak/exceptions.py
View File

@ -21,11 +21,26 @@
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
from typing import TYPE_CHECKING, Type, Union, Dict, Optional
import requests
if TYPE_CHECKING:
from requests import Response
from keycloak.keycloak_models import KeycloakModel
KeycloakErrorType = Type["KeycloakError"]
KeycloakModelType = Type["KeycloakModel"]
RequestResponseType = Union[Dict, bytes]
class KeycloakError(Exception):
def __init__(self, error_message="", response_code=None, response_body=None):
def __init__(
self,
error_message: Optional[str] = "",
response_code: Optional[int] = None,
response_body: Optional[RequestResponseType] = None
) -> None:
Exception.__init__(self, error_message)
@ -33,7 +48,7 @@ class KeycloakError(Exception):
self.response_body = response_body
self.error_message = error_message
def __str__(self):
def __str__(self) -> str:
if self.response_code is not None:
return "{0}: {1}".format(self.response_code, self.error_message)
else:
@ -96,7 +111,11 @@ class PermissionDefinitionError(Exception):
pass
def raise_error_from_response(response, error, expected_codes=None, skip_exists=False):
def raise_error_from_response(
response: "Response",
error: Union[KeycloakErrorType, Exception, Dict],
expected_codes=None,
skip_exists=False) -> RequestResponseType:
if expected_codes is None:
expected_codes = [200, 201, 204]

875
src/keycloak/keycloak_models.py
View File

@ -0,0 +1,875 @@
from enum import Enum
from typing import Optional, List, Dict, Any
from pydantic import BaseModel, Field, Extra
DecisionStrategy = Enum("DecisionStrategy", ["AFFIRMATIVE", "UNANIMOUS", "CONSENSUS"])
NodeType = Enum("NodeType", ["ARRAY", "BINARY", "BOOLEAN", "MISSING", "NULL", "NUMBER", "OBJECT", "POJO", "STRING"])
PolicyEnforcementMode = Enum("PolicyEnforcementMode", ["ENFORCING", "PERMISSIVE", "DISABLED"])
Category = Enum("Category", ["INTERNAL", "ACCESS", "ID", "ADMIN", "USERINFO", "LOGOUT", "AUTHORIZATION_RESPONSE"])
Logic = Enum("Logic", ["POSITIVE", "NEGATIVE"])
Use = Enum("Use", ["SIG", "ENC"])
Policy = Enum("Policy", ["SKIP", "OVERWRITE", "FAIL"])
class KeycloakModel(BaseModel):
def __getitem__(self, k):
return getattr(self, k)
def __setitem__(self, k, v):
return setattr(self, k, v)
def __delitem__(self, k):
return delattr(self, k)
def __contains__(self, k):
return hasattr(self, k)
def get(self, k, default=None):
return getattr(self, k, default)
class Config:
validate_all = True
validate_assignment = True
allow_mutation = False
extra = Extra.allow
smart_union = True
class AccessToken(KeycloakModel):
acr: Optional[str] = Field(None, alias="acr")
address: Optional["AddressClaimSet"] = Field(None, alias="address")
allowed_origins: Optional[List[str]] = Field(None, alias="allowed-origins")
at_hash: Optional[str] = Field(None, alias="at_hash")
auth_time: Optional[int] = Field(None, alias="auth_time")
authorization: Optional["AccessTokenAuthorization"] = Field(None, alias="authorization")
azp: Optional[str] = Field(None, alias="azp")
birthdate: Optional[str] = Field(None, alias="birthdate")
c_hash: Optional[str] = Field(None, alias="c_hash")
category: Optional[Category] = Field(None, alias="category")
claims_locales: Optional[str] = Field(None, alias="claims_locales")
cnf: Optional["AccessTokenCertConf"] = Field(None, alias="cnf")
email: Optional[str] = Field(None, alias="email")
email_verified: Optional[bool] = Field(None, alias="email_verified")
exp: Optional[int] = Field(None, alias="exp")
family_name: Optional[str] = Field(None, alias="family_name")
gender: Optional[str] = Field(None, alias="gender")
given_name: Optional[str] = Field(None, alias="given_name")
iat: Optional[int] = Field(None, alias="iat")
iss: Optional[str] = Field(None, alias="iss")
jti: Optional[str] = Field(None, alias="jti")
locale: Optional[str] = Field(None, alias="locale")
middle_name: Optional[str] = Field(None, alias="middle_name")
name: Optional[str] = Field(None, alias="name")
nbf: Optional[int] = Field(None, alias="nbf")
nickname: Optional[str] = Field(None, alias="nickname")
nonce: Optional[str] = Field(None, alias="nonce")
otherClaims: Optional[Dict[Any, Any]] = Field(None, alias="otherClaims")
phone_number: Optional[str] = Field(None, alias="phone_number")
phone_number_verified: Optional[bool] = Field(None, alias="phone_number_verified")
picture: Optional[str] = Field(None, alias="picture")
preferred_username: Optional[str] = Field(None, alias="preferred_username")
profile: Optional[str] = Field(None, alias="profile")
realm_access: Optional["AccessTokenAccess"] = Field(None, alias="realm_access")
s_hash: Optional[str] = Field(None, alias="s_hash")
scope: Optional[str] = Field(None, alias="scope")
session_state: Optional[str] = Field(None, alias="session_state")
sid: Optional[str] = Field(None, alias="sid")
sub: Optional[str] = Field(None, alias="sub")
trusted_certs: Optional[List[str]] = Field(None, alias="trusted-certs")
typ: Optional[str] = Field(None, alias="typ")
updated_at: Optional[int] = Field(None, alias="updated_at")
website: Optional[str] = Field(None, alias="website")
zoneinfo: Optional[str] = Field(None, alias="zoneinfo")
class AccessTokenAccess(KeycloakModel):
roles: Optional[List[str]] = Field(None, alias="roles")
verify_caller: Optional[bool] = Field(None, alias="verify_caller")
class AccessTokenAuthorization(KeycloakModel):
permissions: Optional[List["Permission"]] = Field(None, alias="permissions")
class AccessTokenCertConf(KeycloakModel):
x5t_S256: Optional[str] = Field(None, alias="x5t#S256")
class AddressClaimSet(KeycloakModel):
country: Optional[str] = Field(None, alias="country")
formatted: Optional[str] = Field(None, alias="formatted")
locality: Optional[str] = Field(None, alias="locality")
postal_code: Optional[str] = Field(None, alias="postal_code")
region: Optional[str] = Field(None, alias="region")
street_address: Optional[str] = Field(None, alias="street_address")
class AuthenticationExecutionExportRepresentation(KeycloakModel):
authenticator: Optional[str] = Field(None, alias="authenticator")
authenticatorConfig: Optional[str] = Field(None, alias="authenticatorConfig")
authenticatorFlow: Optional[bool] = Field(None, alias="authenticatorFlow")
flowAlias: Optional[str] = Field(None, alias="flowAlias")
priority: Optional[int] = Field(None, alias="priority")
requirement: Optional[str] = Field(None, alias="requirement")
userSetupAllowed: Optional[bool] = Field(None, alias="userSetupAllowed")
class AuthenticationExecutionInfoRepresentation(KeycloakModel):
alias: Optional[str] = Field(None, alias="alias")
authenticationConfig: Optional[str] = Field(None, alias="authenticationConfig")
authenticationFlow: Optional[bool] = Field(None, alias="authenticationFlow")
configurable: Optional[bool] = Field(None, alias="configurable")
description: Optional[str] = Field(None, alias="description")
displayName: Optional[str] = Field(None, alias="displayName")
flowId: Optional[str] = Field(None, alias="flowId")
id: Optional[str] = Field(None, alias="id")
index: Optional[int] = Field(None, alias="index")
level: Optional[int] = Field(None, alias="level")
providerId: Optional[str] = Field(None, alias="providerId")
requirement: Optional[str] = Field(None, alias="requirement")
requirementChoices: Optional[List[str]] = Field(None, alias="requirementChoices")
class AuthenticationExecutionRepresentation(KeycloakModel):
authenticator: Optional[str] = Field(None, alias="authenticator")
authenticatorConfig: Optional[str] = Field(None, alias="authenticatorConfig")
authenticatorFlow: Optional[bool] = Field(None, alias="authenticatorFlow")
flowId: Optional[str] = Field(None, alias="flowId")
id: Optional[str] = Field(None, alias="id")
parentFlow: Optional[str] = Field(None, alias="parentFlow")
priority: Optional[int] = Field(None, alias="priority")
requirement: Optional[str] = Field(None, alias="requirement")
class AuthenticationFlowRepresentation(KeycloakModel):
alias: Optional[str] = Field(None, alias="alias")
authenticationExecutions: Optional[List["AuthenticationExecutionExportRepresentation"]] = Field(None, alias="authenticationExecutions")
builtIn: Optional[bool] = Field(None, alias="builtIn")
description: Optional[str] = Field(None, alias="description")
id: Optional[str] = Field(None, alias="id")
providerId: Optional[str] = Field(None, alias="providerId")
topLevel: Optional[bool] = Field(None, alias="topLevel")
class AuthenticatorConfigInfoRepresentation(KeycloakModel):
helpText: Optional[str] = Field(None, alias="helpText")
name: Optional[str] = Field(None, alias="name")
properties: Optional[List["ConfigPropertyRepresentation"]] = Field(None, alias="properties")
providerId: Optional[str] = Field(None, alias="providerId")
class AuthenticatorConfigRepresentation(KeycloakModel):
alias: Optional[str] = Field(None, alias="alias")
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
id: Optional[str] = Field(None, alias="id")
class CertificateRepresentation(KeycloakModel):
certificate: Optional[str] = Field(None, alias="certificate")
kid: Optional[str] = Field(None, alias="kid")
privateKey: Optional[str] = Field(None, alias="privateKey")
publicKey: Optional[str] = Field(None, alias="publicKey")
class ClientInitialAccessCreatePresentation(KeycloakModel):
count: Optional[int] = Field(None, alias="count")
expiration: Optional[int] = Field(None, alias="expiration")
class ClientInitialAccessPresentation(KeycloakModel):
count: Optional[int] = Field(None, alias="count")
expiration: Optional[int] = Field(None, alias="expiration")
id: Optional[str] = Field(None, alias="id")
remainingCount: Optional[int] = Field(None, alias="remainingCount")
timestamp: Optional[int] = Field(None, alias="timestamp")
token: Optional[str] = Field(None, alias="token")
class ClientMappingsRepresentation(KeycloakModel):
client: Optional[str] = Field(None, alias="client")
id: Optional[str] = Field(None, alias="id")
mappings: Optional[List["RoleRepresentation"]] = Field(None, alias="mappings")
class ClientPoliciesRepresentation(KeycloakModel):
policies: Optional[List["ClientPolicyRepresentation"]] = Field(None, alias="policies")
class ClientPolicyConditionRepresentation(KeycloakModel):
condition: Optional[str] = Field(None, alias="condition")
configuration: Optional["JsonNode"] = Field(None, alias="configuration")
class ClientPolicyExecutorRepresentation(KeycloakModel):
configuration: Optional["JsonNode"] = Field(None, alias="configuration")
executor: Optional[str] = Field(None, alias="executor")
class ClientPolicyRepresentation(KeycloakModel):
conditions: Optional[List["ClientPolicyConditionRepresentation"]] = Field(None, alias="conditions")
description: Optional[str] = Field(None, alias="description")
enabled: Optional[bool] = Field(None, alias="enabled")
name: Optional[str] = Field(None, alias="name")
profiles: Optional[List[str]] = Field(None, alias="profiles")
class ClientProfileRepresentation(KeycloakModel):
description: Optional[str] = Field(None, alias="description")
executors: Optional[List["ClientPolicyExecutorRepresentation"]] = Field(None, alias="executors")
name: Optional[str] = Field(None, alias="name")
class ClientProfilesRepresentation(KeycloakModel):
globalProfiles: Optional[List["ClientProfileRepresentation"]] = Field(None, alias="globalProfiles")
profiles: Optional[List["ClientProfileRepresentation"]] = Field(None, alias="profiles")
class ClientRepresentation(KeycloakModel):
access: Optional[Dict[Any, Any]] = Field(None, alias="access")
adminUrl: Optional[str] = Field(None, alias="adminUrl")
alwaysDisplayInConsole: Optional[bool] = Field(None, alias="alwaysDisplayInConsole")
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
authenticationFlowBindingOverrides: Optional[Dict[Any, Any]] = Field(None, alias="authenticationFlowBindingOverrides")
authorizationServicesEnabled: Optional[bool] = Field(None, alias="authorizationServicesEnabled")
authorizationSettings: Optional["ResourceServerRepresentation"] = Field(None, alias="authorizationSettings")
baseUrl: Optional[str] = Field(None, alias="baseUrl")
bearerOnly: Optional[bool] = Field(None, alias="bearerOnly")
clientAuthenticatorType: Optional[str] = Field(None, alias="clientAuthenticatorType")
clientId: Optional[str] = Field(None, alias="clientId")
consentRequired: Optional[bool] = Field(None, alias="consentRequired")
defaultClientScopes: Optional[List[str]] = Field(None, alias="defaultClientScopes")
description: Optional[str] = Field(None, alias="description")
directAccessGrantsEnabled: Optional[bool] = Field(None, alias="directAccessGrantsEnabled")
enabled: Optional[bool] = Field(None, alias="enabled")
frontchannelLogout: Optional[bool] = Field(None, alias="frontchannelLogout")
fullScopeAllowed: Optional[bool] = Field(None, alias="fullScopeAllowed")
id: Optional[str] = Field(None, alias="id")
implicitFlowEnabled: Optional[bool] = Field(None, alias="implicitFlowEnabled")
name: Optional[str] = Field(None, alias="name")
nodeReRegistrationTimeout: Optional[int] = Field(None, alias="nodeReRegistrationTimeout")
notBefore: Optional[int] = Field(None, alias="notBefore")
oauth2DeviceAuthorizationGrantEnabled: Optional[bool] = Field(None, alias="oauth2DeviceAuthorizationGrantEnabled")
optionalClientScopes: Optional[List[str]] = Field(None, alias="optionalClientScopes")
origin: Optional[str] = Field(None, alias="origin")
protocol: Optional[str] = Field(None, alias="protocol")
protocolMappers: Optional[List["ProtocolMapperRepresentation"]] = Field(None, alias="protocolMappers")
publicClient: Optional[bool] = Field(None, alias="publicClient")
redirectUris: Optional[List[str]] = Field(None, alias="redirectUris")
registeredNodes: Optional[Dict[Any, Any]] = Field(None, alias="registeredNodes")
registrationAccessToken: Optional[str] = Field(None, alias="registrationAccessToken")
rootUrl: Optional[str] = Field(None, alias="rootUrl")
secret: Optional[str] = Field(None, alias="secret")
serviceAccountsEnabled: Optional[bool] = Field(None, alias="serviceAccountsEnabled")
standardFlowEnabled: Optional[bool] = Field(None, alias="standardFlowEnabled")
surrogateAuthRequired: Optional[bool] = Field(None, alias="surrogateAuthRequired")
webOrigins: Optional[List[str]] = Field(None, alias="webOrigins")
class ClientScopeEvaluateResourceProtocolMapperEvaluationRepresentation(KeycloakModel):
containerId: Optional[str] = Field(None, alias="containerId")
containerName: Optional[str] = Field(None, alias="containerName")
containerType: Optional[str] = Field(None, alias="containerType")
mapperId: Optional[str] = Field(None, alias="mapperId")
mapperName: Optional[str] = Field(None, alias="mapperName")
protocolMapper: Optional[str] = Field(None, alias="protocolMapper")
class ClientScopeRepresentation(KeycloakModel):
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
description: Optional[str] = Field(None, alias="description")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
protocol: Optional[str] = Field(None, alias="protocol")
protocolMappers: Optional[List["ProtocolMapperRepresentation"]] = Field(None, alias="protocolMappers")
class ComponentExportRepresentation(KeycloakModel):
config: Optional["MultivaluedHashMap"] = Field(None, alias="config")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
providerId: Optional[str] = Field(None, alias="providerId")
subComponents: Optional["MultivaluedHashMap"] = Field(None, alias="subComponents")
subType: Optional[str] = Field(None, alias="subType")
class ComponentRepresentation(KeycloakModel):
config: Optional["MultivaluedHashMap"] = Field(None, alias="config")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
parentId: Optional[str] = Field(None, alias="parentId")
providerId: Optional[str] = Field(None, alias="providerId")
providerType: Optional[str] = Field(None, alias="providerType")
subType: Optional[str] = Field(None, alias="subType")
class ConfigPropertyRepresentation(KeycloakModel):
defaultValue: Optional[Dict[Any, Any]] = Field(None, alias="defaultValue")
helpText: Optional[str] = Field(None, alias="helpText")
label: Optional[str] = Field(None, alias="label")
name: Optional[str] = Field(None, alias="name")
options: Optional[List[str]] = Field(None, alias="options")
readOnly: Optional[bool] = Field(None, alias="readOnly")
secret: Optional[bool] = Field(None, alias="secret")
type: Optional[str] = Field(None, alias="type")
class CredentialRepresentation(KeycloakModel):
createdDate: Optional[int] = Field(None, alias="createdDate")
credentialData: Optional[str] = Field(None, alias="credentialData")
id: Optional[str] = Field(None, alias="id")
priority: Optional[int] = Field(None, alias="priority")
secretData: Optional[str] = Field(None, alias="secretData")
temporary: Optional[bool] = Field(None, alias="temporary")
type: Optional[str] = Field(None, alias="type")
userLabel: Optional[str] = Field(None, alias="userLabel")
value: Optional[str] = Field(None, alias="value")
class FederatedIdentityRepresentation(KeycloakModel):
identityProvider: Optional[str] = Field(None, alias="identityProvider")
userId: Optional[str] = Field(None, alias="userId")
userName: Optional[str] = Field(None, alias="userName")
class GlobalRequestResult(KeycloakModel):
failedRequests: Optional[List[str]] = Field(None, alias="failedRequests")
successRequests: Optional[List[str]] = Field(None, alias="successRequests")
class GroupRepresentation(KeycloakModel):
access: Optional[Dict[Any, Any]] = Field(None, alias="access")
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
clientRoles: Optional[Dict[Any, Any]] = Field(None, alias="clientRoles")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
path: Optional[str] = Field(None, alias="path")
realmRoles: Optional[List[str]] = Field(None, alias="realmRoles")
subGroups: Optional[List["GroupRepresentation"]] = Field(None, alias="subGroups")
class IDToken(KeycloakModel):
acr: Optional[str] = Field(None, alias="acr")
address: Optional["AddressClaimSet"] = Field(None, alias="address")
at_hash: Optional[str] = Field(None, alias="at_hash")
auth_time: Optional[int] = Field(None, alias="auth_time")
azp: Optional[str] = Field(None, alias="azp")
birthdate: Optional[str] = Field(None, alias="birthdate")
c_hash: Optional[str] = Field(None, alias="c_hash")
category: Optional[Category] = Field(None, alias="category")
claims_locales: Optional[str] = Field(None, alias="claims_locales")
email: Optional[str] = Field(None, alias="email")
email_verified: Optional[bool] = Field(None, alias="email_verified")
exp: Optional[int] = Field(None, alias="exp")
family_name: Optional[str] = Field(None, alias="family_name")
gender: Optional[str] = Field(None, alias="gender")
given_name: Optional[str] = Field(None, alias="given_name")
iat: Optional[int] = Field(None, alias="iat")
iss: Optional[str] = Field(None, alias="iss")
jti: Optional[str] = Field(None, alias="jti")
locale: Optional[str] = Field(None, alias="locale")
middle_name: Optional[str] = Field(None, alias="middle_name")
name: Optional[str] = Field(None, alias="name")
nbf: Optional[int] = Field(None, alias="nbf")
nickname: Optional[str] = Field(None, alias="nickname")
nonce: Optional[str] = Field(None, alias="nonce")
otherClaims: Optional[Dict[Any, Any]] = Field(None, alias="otherClaims")
phone_number: Optional[str] = Field(None, alias="phone_number")
phone_number_verified: Optional[bool] = Field(None, alias="phone_number_verified")
picture: Optional[str] = Field(None, alias="picture")
preferred_username: Optional[str] = Field(None, alias="preferred_username")
profile: Optional[str] = Field(None, alias="profile")
s_hash: Optional[str] = Field(None, alias="s_hash")
session_state: Optional[str] = Field(None, alias="session_state")
sid: Optional[str] = Field(None, alias="sid")
sub: Optional[str] = Field(None, alias="sub")
typ: Optional[str] = Field(None, alias="typ")
updated_at: Optional[int] = Field(None, alias="updated_at")
website: Optional[str] = Field(None, alias="website")
zoneinfo: Optional[str] = Field(None, alias="zoneinfo")
class IdentityProviderMapperRepresentation(KeycloakModel):
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
id: Optional[str] = Field(None, alias="id")
identityProviderAlias: Optional[str] = Field(None, alias="identityProviderAlias")
identityProviderMapper: Optional[str] = Field(None, alias="identityProviderMapper")
name: Optional[str] = Field(None, alias="name")
class IdentityProviderRepresentation(KeycloakModel):
addReadTokenRoleOnCreate: Optional[bool] = Field(None, alias="addReadTokenRoleOnCreate")
alias: Optional[str] = Field(None, alias="alias")
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
displayName: Optional[str] = Field(None, alias="displayName")
enabled: Optional[bool] = Field(None, alias="enabled")
firstBrokerLoginFlowAlias: Optional[str] = Field(None, alias="firstBrokerLoginFlowAlias")
internalId: Optional[str] = Field(None, alias="internalId")
linkOnly: Optional[bool] = Field(None, alias="linkOnly")
postBrokerLoginFlowAlias: Optional[str] = Field(None, alias="postBrokerLoginFlowAlias")
providerId: Optional[str] = Field(None, alias="providerId")
storeToken: Optional[bool] = Field(None, alias="storeToken")
trustEmail: Optional[bool] = Field(None, alias="trustEmail")
class JsonNode(KeycloakModel):
array: Optional[bool] = Field(None, alias="array")
bigDecimal: Optional[bool] = Field(None, alias="bigDecimal")
bigInteger: Optional[bool] = Field(None, alias="bigInteger")
binary: Optional[bool] = Field(None, alias="binary")
boolean: Optional[bool] = Field(None, alias="boolean")
containerNode: Optional[bool] = Field(None, alias="containerNode")
double: Optional[bool] = Field(None, alias="double")
empty: Optional[bool] = Field(None, alias="empty")
float: Optional[bool] = Field(None, alias="float")
floatingPointNumber: Optional[bool] = Field(None, alias="floatingPointNumber")
int: Optional[bool] = Field(None, alias="int")
integralNumber: Optional[bool] = Field(None, alias="integralNumber")
long: Optional[bool] = Field(None, alias="long")
missingNode: Optional[bool] = Field(None, alias="missingNode")
nodeType: Optional[NodeType] = Field(None, alias="nodeType")
null: Optional[bool] = Field(None, alias="null")
number: Optional[bool] = Field(None, alias="number")
object: Optional[bool] = Field(None, alias="object")
pojo: Optional[bool] = Field(None, alias="pojo")
short: Optional[bool] = Field(None, alias="short")
textual: Optional[bool] = Field(None, alias="textual")
valueNode: Optional[bool] = Field(None, alias="valueNode")
class KeyStoreConfig(KeycloakModel):
format: Optional[str] = Field(None, alias="format")
keyAlias: Optional[str] = Field(None, alias="keyAlias")
keyPassword: Optional[str] = Field(None, alias="keyPassword")
realmAlias: Optional[str] = Field(None, alias="realmAlias")
realmCertificate: Optional[bool] = Field(None, alias="realmCertificate")
storePassword: Optional[str] = Field(None, alias="storePassword")
class KeysMetadataRepresentation(KeycloakModel):
active: Optional[Dict[Any, Any]] = Field(None, alias="active")
keys: Optional[List["KeysMetadataRepresentationKeyMetadataRepresentation"]] = Field(None, alias="keys")
class KeysMetadataRepresentationKeyMetadataRepresentation(KeycloakModel):
algorithm: Optional[str] = Field(None, alias="algorithm")
certificate: Optional[str] = Field(None, alias="certificate")
kid: Optional[str] = Field(None, alias="kid")
providerId: Optional[str] = Field(None, alias="providerId")
providerPriority: Optional[int] = Field(None, alias="providerPriority")
publicKey: Optional[str] = Field(None, alias="publicKey")
status: Optional[str] = Field(None, alias="status")
type: Optional[str] = Field(None, alias="type")
use: Optional[Use] = Field(None, alias="use")
class ManagementPermissionReference(KeycloakModel):
enabled: Optional[bool] = Field(None, alias="enabled")
resource: Optional[str] = Field(None, alias="resource")
scopePermissions: Optional[Dict[Any, Any]] = Field(None, alias="scopePermissions")
class MappingsRepresentation(KeycloakModel):
clientMappings: Optional[Dict[Any, Any]] = Field(None, alias="clientMappings")
realmMappings: Optional[List["RoleRepresentation"]] = Field(None, alias="realmMappings")
class MemoryInfoRepresentation(KeycloakModel):
free: Optional[int] = Field(None, alias="free")
freeFormated: Optional[str] = Field(None, alias="freeFormated")
freePercentage: Optional[int] = Field(None, alias="freePercentage")
total: Optional[int] = Field(None, alias="total")
totalFormated: Optional[str] = Field(None, alias="totalFormated")
used: Optional[int] = Field(None, alias="used")
usedFormated: Optional[str] = Field(None, alias="usedFormated")
class MultivaluedHashMap(KeycloakModel):
empty: Optional[bool] = Field(None, alias="empty")
loadFactor: Optional[float] = Field(None, alias="loadFactor")
threshold: Optional[int] = Field(None, alias="threshold")
class PartialImportRepresentation(KeycloakModel):
clients: Optional[List["ClientRepresentation"]] = Field(None, alias="clients")
groups: Optional[List["GroupRepresentation"]] = Field(None, alias="groups")
identityProviders: Optional[List["IdentityProviderRepresentation"]] = Field(None, alias="identityProviders")
ifResourceExists: Optional[str] = Field(None, alias="ifResourceExists")
policy: Optional[Policy] = Field(None, alias="policy")
roles: Optional["RolesRepresentation"] = Field(None, alias="roles")
users: Optional[List["UserRepresentation"]] = Field(None, alias="users")
class PasswordPolicyTypeRepresentation(KeycloakModel):
configType: Optional[str] = Field(None, alias="configType")
defaultValue: Optional[str] = Field(None, alias="defaultValue")
displayName: Optional[str] = Field(None, alias="displayName")
id: Optional[str] = Field(None, alias="id")
multipleSupported: Optional[bool] = Field(None, alias="multipleSupported")
class Permission(KeycloakModel):
claims: Optional[Dict[Any, Any]] = Field(None, alias="claims")
rsid: Optional[str] = Field(None, alias="rsid")
rsname: Optional[str] = Field(None, alias="rsname")
scopes: Optional[List[str]] = Field(None, alias="scopes")
class PolicyRepresentation(KeycloakModel):
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
decisionStrategy: Optional[DecisionStrategy] = Field(None, alias="decisionStrategy")
description: Optional[str] = Field(None, alias="description")
id: Optional[str] = Field(None, alias="id")
logic: Optional[Logic] = Field(None, alias="logic")
name: Optional[str] = Field(None, alias="name")
owner: Optional[str] = Field(None, alias="owner")
policies: Optional[List[str]] = Field(None, alias="policies")
resources: Optional[List[str]] = Field(None, alias="resources")
resourcesData: Optional[List["ResourceRepresentation"]] = Field(None, alias="resourcesData")
scopes: Optional[List[str]] = Field(None, alias="scopes")
scopesData: Optional[List["ScopeRepresentation"]] = Field(None, alias="scopesData")
type: Optional[str] = Field(None, alias="type")
class ProfileInfoRepresentation(KeycloakModel):
disabledFeatures: Optional[List[str]] = Field(None, alias="disabledFeatures")
experimentalFeatures: Optional[List[str]] = Field(None, alias="experimentalFeatures")
name: Optional[str] = Field(None, alias="name")
previewFeatures: Optional[List[str]] = Field(None, alias="previewFeatures")
class ProtocolMapperRepresentation(KeycloakModel):
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
protocol: Optional[str] = Field(None, alias="protocol")
protocolMapper: Optional[str] = Field(None, alias="protocolMapper")
class ProviderRepresentation(KeycloakModel):
operationalInfo: Optional[Dict[Any, Any]] = Field(None, alias="operationalInfo")
order: Optional[int] = Field(None, alias="order")
class RealmEventsConfigRepresentation(KeycloakModel):
adminEventsDetailsEnabled: Optional[bool] = Field(None, alias="adminEventsDetailsEnabled")
adminEventsEnabled: Optional[bool] = Field(None, alias="adminEventsEnabled")
enabledEventTypes: Optional[List[str]] = Field(None, alias="enabledEventTypes")
eventsEnabled: Optional[bool] = Field(None, alias="eventsEnabled")
eventsExpiration: Optional[int] = Field(None, alias="eventsExpiration")
eventsListeners: Optional[List[str]] = Field(None, alias="eventsListeners")
class RealmRepresentation(KeycloakModel):
accessCodeLifespan: Optional[int] = Field(None, alias="accessCodeLifespan")
accessCodeLifespanLogin: Optional[int] = Field(None, alias="accessCodeLifespanLogin")
accessCodeLifespanUserAction: Optional[int] = Field(None, alias="accessCodeLifespanUserAction")
accessTokenLifespan: Optional[int] = Field(None, alias="accessTokenLifespan")
accessTokenLifespanForImplicitFlow: Optional[int] = Field(None, alias="accessTokenLifespanForImplicitFlow")
accountTheme: Optional[str] = Field(None, alias="accountTheme")
actionTokenGeneratedByAdminLifespan: Optional[int] = Field(None, alias="actionTokenGeneratedByAdminLifespan")
actionTokenGeneratedByUserLifespan: Optional[int] = Field(None, alias="actionTokenGeneratedByUserLifespan")
adminEventsDetailsEnabled: Optional[bool] = Field(None, alias="adminEventsDetailsEnabled")
adminEventsEnabled: Optional[bool] = Field(None, alias="adminEventsEnabled")
adminTheme: Optional[str] = Field(None, alias="adminTheme")
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
authenticationFlows: Optional[List["AuthenticationFlowRepresentation"]] = Field(None, alias="authenticationFlows")
authenticatorConfig: Optional[List["AuthenticatorConfigRepresentation"]] = Field(None, alias="authenticatorConfig")
browserFlow: Optional[str] = Field(None, alias="browserFlow")
browserSecurityHeaders: Optional[Dict[Any, Any]] = Field(None, alias="browserSecurityHeaders")
bruteForceProtected: Optional[bool] = Field(None, alias="bruteForceProtected")
clientAuthenticationFlow: Optional[str] = Field(None, alias="clientAuthenticationFlow")
clientOfflineSessionIdleTimeout: Optional[int] = Field(None, alias="clientOfflineSessionIdleTimeout")
clientOfflineSessionMaxLifespan: Optional[int] = Field(None, alias="clientOfflineSessionMaxLifespan")
clientPolicies: Optional["JsonNode"] = Field(None, alias="clientPolicies")
clientProfiles: Optional["JsonNode"] = Field(None, alias="clientProfiles")
clientScopeMappings: Optional[Dict[Any, Any]] = Field(None, alias="clientScopeMappings")
clientScopes: Optional[List["ClientScopeRepresentation"]] = Field(None, alias="clientScopes")
clientSessionIdleTimeout: Optional[int] = Field(None, alias="clientSessionIdleTimeout")
clientSessionMaxLifespan: Optional[int] = Field(None, alias="clientSessionMaxLifespan")
clients: Optional[List["ClientRepresentation"]] = Field(None, alias="clients")
components: Optional["MultivaluedHashMap"] = Field(None, alias="components")
defaultDefaultClientScopes: Optional[List[str]] = Field(None, alias="defaultDefaultClientScopes")
defaultGroups: Optional[List[str]] = Field(None, alias="defaultGroups")
defaultLocale: Optional[str] = Field(None, alias="defaultLocale")
defaultOptionalClientScopes: Optional[List[str]] = Field(None, alias="defaultOptionalClientScopes")
defaultRole: Optional["RoleRepresentation"] = Field(None, alias="defaultRole")
defaultSignatureAlgorithm: Optional[str] = Field(None, alias="defaultSignatureAlgorithm")
directGrantFlow: Optional[str] = Field(None, alias="directGrantFlow")
displayName: Optional[str] = Field(None, alias="displayName")
displayNameHtml: Optional[str] = Field(None, alias="displayNameHtml")
dockerAuthenticationFlow: Optional[str] = Field(None, alias="dockerAuthenticationFlow")
duplicateEmailsAllowed: Optional[bool] = Field(None, alias="duplicateEmailsAllowed")
editUsernameAllowed: Optional[bool] = Field(None, alias="editUsernameAllowed")
emailTheme: Optional[str] = Field(None, alias="emailTheme")
enabled: Optional[bool] = Field(None, alias="enabled")
enabledEventTypes: Optional[List[str]] = Field(None, alias="enabledEventTypes")
eventsEnabled: Optional[bool] = Field(None, alias="eventsEnabled")
eventsExpiration: Optional[int] = Field(None, alias="eventsExpiration")
eventsListeners: Optional[List[str]] = Field(None, alias="eventsListeners")
failureFactor: Optional[int] = Field(None, alias="failureFactor")
federatedUsers: Optional[List["UserRepresentation"]] = Field(None, alias="federatedUsers")
groups: Optional[List["GroupRepresentation"]] = Field(None, alias="groups")
id: Optional[str] = Field(None, alias="id")
identityProviderMappers: Optional[List["IdentityProviderMapperRepresentation"]] = Field(None, alias="identityProviderMappers")
identityProviders: Optional[List["IdentityProviderRepresentation"]] = Field(None, alias="identityProviders")
internationalizationEnabled: Optional[bool] = Field(None, alias="internationalizationEnabled")
keycloakVersion: Optional[str] = Field(None, alias="keycloakVersion")
loginTheme: Optional[str] = Field(None, alias="loginTheme")
loginWithEmailAllowed: Optional[bool] = Field(None, alias="loginWithEmailAllowed")
maxDeltaTimeSeconds: Optional[int] = Field(None, alias="maxDeltaTimeSeconds")
maxFailureWaitSeconds: Optional[int] = Field(None, alias="maxFailureWaitSeconds")
minimumQuickLoginWaitSeconds: Optional[int] = Field(None, alias="minimumQuickLoginWaitSeconds")
notBefore: Optional[int] = Field(None, alias="notBefore")
oAuth2DeviceCodeLifespan: Optional[int] = Field(None, alias="oAuth2DeviceCodeLifespan")
oAuth2DevicePollingInterval: Optional[int] = Field(None, alias="oAuth2DevicePollingInterval")
oauth2DeviceCodeLifespan: Optional[int] = Field(None, alias="oauth2DeviceCodeLifespan")
oauth2DevicePollingInterval: Optional[int] = Field(None, alias="oauth2DevicePollingInterval")
offlineSessionIdleTimeout: Optional[int] = Field(None, alias="offlineSessionIdleTimeout")
offlineSessionMaxLifespan: Optional[int] = Field(None, alias="offlineSessionMaxLifespan")
offlineSessionMaxLifespanEnabled: Optional[bool] = Field(None, alias="offlineSessionMaxLifespanEnabled")
otpPolicyAlgorithm: Optional[str] = Field(None, alias="otpPolicyAlgorithm")
otpPolicyDigits: Optional[int] = Field(None, alias="otpPolicyDigits")
otpPolicyInitialCounter: Optional[int] = Field(None, alias="otpPolicyInitialCounter")
otpPolicyLookAheadWindow: Optional[int] = Field(None, alias="otpPolicyLookAheadWindow")
otpPolicyPeriod: Optional[int] = Field(None, alias="otpPolicyPeriod")
otpPolicyType: Optional[str] = Field(None, alias="otpPolicyType")
otpSupportedApplications: Optional[List[str]] = Field(None, alias="otpSupportedApplications")
passwordPolicy: Optional[str] = Field(None, alias="passwordPolicy")
permanentLockout: Optional[bool] = Field(None, alias="permanentLockout")
protocolMappers: Optional[List["ProtocolMapperRepresentation"]] = Field(None, alias="protocolMappers")
quickLoginCheckMilliSeconds: Optional[int] = Field(None, alias="quickLoginCheckMilliSeconds")
realm: Optional[str] = Field(None, alias="realm")
refreshTokenMaxReuse: Optional[int] = Field(None, alias="refreshTokenMaxReuse")
registrationAllowed: Optional[bool] = Field(None, alias="registrationAllowed")
registrationEmailAsUsername: Optional[bool] = Field(None, alias="registrationEmailAsUsername")
registrationFlow: Optional[str] = Field(None, alias="registrationFlow")
rememberMe: Optional[bool] = Field(None, alias="rememberMe")
requiredActions: Optional[List["RequiredActionProviderRepresentation"]] = Field(None, alias="requiredActions")
resetCredentialsFlow: Optional[str] = Field(None, alias="resetCredentialsFlow")
resetPasswordAllowed: Optional[bool] = Field(None, alias="resetPasswordAllowed")
revokeRefreshToken: Optional[bool] = Field(None, alias="revokeRefreshToken")
roles: Optional["RolesRepresentation"] = Field(None, alias="roles")
scopeMappings: Optional[List["ScopeMappingRepresentation"]] = Field(None, alias="scopeMappings")
smtpServer: Optional[Dict[Any, Any]] = Field(None, alias="smtpServer")
sslRequired: Optional[str] = Field(None, alias="sslRequired")
ssoSessionIdleTimeout: Optional[int] = Field(None, alias="ssoSessionIdleTimeout")
ssoSessionIdleTimeoutRememberMe: Optional[int] = Field(None, alias="ssoSessionIdleTimeoutRememberMe")
ssoSessionMaxLifespan: Optional[int] = Field(None, alias="ssoSessionMaxLifespan")
ssoSessionMaxLifespanRememberMe: Optional[int] = Field(None, alias="ssoSessionMaxLifespanRememberMe")
supportedLocales: Optional[List[str]] = Field(None, alias="supportedLocales")
userFederationMappers: Optional[List["UserFederationMapperRepresentation"]] = Field(None, alias="userFederationMappers")
userFederationProviders: Optional[List["UserFederationProviderRepresentation"]] = Field(None, alias="userFederationProviders")
userManagedAccessAllowed: Optional[bool] = Field(None, alias="userManagedAccessAllowed")
users: Optional[List["UserRepresentation"]] = Field(None, alias="users")
verifyEmail: Optional[bool] = Field(None, alias="verifyEmail")
waitIncrementSeconds: Optional[int] = Field(None, alias="waitIncrementSeconds")
webAuthnPolicyAcceptableAaguids: Optional[List[str]] = Field(None, alias="webAuthnPolicyAcceptableAaguids")
webAuthnPolicyAttestationConveyancePreference: Optional[str] = Field(None, alias="webAuthnPolicyAttestationConveyancePreference")
webAuthnPolicyAuthenticatorAttachment: Optional[str] = Field(None, alias="webAuthnPolicyAuthenticatorAttachment")
webAuthnPolicyAvoidSameAuthenticatorRegister: Optional[bool] = Field(None, alias="webAuthnPolicyAvoidSameAuthenticatorRegister")
webAuthnPolicyCreateTimeout: Optional[int] = Field(None, alias="webAuthnPolicyCreateTimeout")
webAuthnPolicyPasswordlessAcceptableAaguids: Optional[List[str]] = Field(None, alias="webAuthnPolicyPasswordlessAcceptableAaguids")
webAuthnPolicyPasswordlessAttestationConveyancePreference: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessAttestationConveyancePreference")
webAuthnPolicyPasswordlessAuthenticatorAttachment: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessAuthenticatorAttachment")
webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: Optional[bool] = Field(None, alias="webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister")
webAuthnPolicyPasswordlessCreateTimeout: Optional[int] = Field(None, alias="webAuthnPolicyPasswordlessCreateTimeout")
webAuthnPolicyPasswordlessRequireResidentKey: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessRequireResidentKey")
webAuthnPolicyPasswordlessRpEntityName: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessRpEntityName")
webAuthnPolicyPasswordlessRpId: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessRpId")
webAuthnPolicyPasswordlessSignatureAlgorithms: Optional[List[str]] = Field(None, alias="webAuthnPolicyPasswordlessSignatureAlgorithms")
webAuthnPolicyPasswordlessUserVerificationRequirement: Optional[str] = Field(None, alias="webAuthnPolicyPasswordlessUserVerificationRequirement")
webAuthnPolicyRequireResidentKey: Optional[str] = Field(None, alias="webAuthnPolicyRequireResidentKey")
webAuthnPolicyRpEntityName: Optional[str] = Field(None, alias="webAuthnPolicyRpEntityName")
webAuthnPolicyRpId: Optional[str] = Field(None, alias="webAuthnPolicyRpId")
webAuthnPolicySignatureAlgorithms: Optional[List[str]] = Field(None, alias="webAuthnPolicySignatureAlgorithms")
webAuthnPolicyUserVerificationRequirement: Optional[str] = Field(None, alias="webAuthnPolicyUserVerificationRequirement")
class RequiredActionProviderRepresentation(KeycloakModel):
alias: Optional[str] = Field(None, alias="alias")
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
defaultAction: Optional[bool] = Field(None, alias="defaultAction")
enabled: Optional[bool] = Field(None, alias="enabled")
name: Optional[str] = Field(None, alias="name")
priority: Optional[int] = Field(None, alias="priority")
providerId: Optional[str] = Field(None, alias="providerId")
class ResourceRepresentation(KeycloakModel):
id: str = Field(None, alias="id")
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
displayName: Optional[str] = Field(None, alias="displayName")
icon_uri: Optional[str] = Field(None, alias="icon_uri")
name: Optional[str] = Field(None, alias="name")
ownerManagedAccess: Optional[bool] = Field(None, alias="ownerManagedAccess")
scopes: Optional[List["ScopeRepresentation"]] = Field(None, alias="scopes")
type: Optional[str] = Field(None, alias="type")
uris: Optional[List[str]] = Field(None, alias="uris")
class ResourceServerRepresentation(KeycloakModel):
allowRemoteResourceManagement: Optional[bool] = Field(None, alias="allowRemoteResourceManagement")
clientId: Optional[str] = Field(None, alias="clientId")
decisionStrategy: Optional[DecisionStrategy] = Field(None, alias="decisionStrategy")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
policies: Optional[List["PolicyRepresentation"]] = Field(None, alias="policies")
policyEnforcementMode: Optional[PolicyEnforcementMode] = Field(None, alias="policyEnforcementMode")
resources: Optional[List["ResourceRepresentation"]] = Field(None, alias="resources")
scopes: Optional[List["ScopeRepresentation"]] = Field(None, alias="scopes")
class RoleRepresentation(KeycloakModel):
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
clientRole: Optional[bool] = Field(None, alias="clientRole")
composite: Optional[bool] = Field(None, alias="composite")
composites: Optional["RoleRepresentationComposites"] = Field(None, alias="composites")
containerId: Optional[str] = Field(None, alias="containerId")
description: Optional[str] = Field(None, alias="description")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
class RoleRepresentationComposites(KeycloakModel):
client: Optional[Dict[Any, Any]] = Field(None, alias="client")
realm: Optional[List[str]] = Field(None, alias="realm")
class RolesRepresentation(KeycloakModel):
client: Optional[Dict[Any, Any]] = Field(None, alias="client")
realm: Optional[List["RoleRepresentation"]] = Field(None, alias="realm")
class ScopeMappingRepresentation(KeycloakModel):
client: Optional[str] = Field(None, alias="client")
clientScope: Optional[str] = Field(None, alias="clientScope")
roles: Optional[List[str]] = Field(None, alias="roles")
self: Optional[str] = Field(None, alias="self")
class ScopeRepresentation(KeycloakModel):
displayName: Optional[str] = Field(None, alias="displayName")
iconUri: Optional[str] = Field(None, alias="iconUri")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
policies: Optional[List["PolicyRepresentation"]] = Field(None, alias="policies")
resources: Optional[List["ResourceRepresentation"]] = Field(None, alias="resources")
class ServerInfoRepresentation(KeycloakModel):
builtinProtocolMappers: Optional[Dict[Any, Any]] = Field(None, alias="builtinProtocolMappers")
clientImporters: Optional[List[Dict[Any, Any]]] = Field(None, alias="clientImporters")
clientInstallations: Optional[Dict[Any, Any]] = Field(None, alias="clientInstallations")
componentTypes: Optional[Dict[Any, Any]] = Field(None, alias="componentTypes")
enums: Optional[Dict[Any, Any]] = Field(None, alias="enums")
identityProviders: Optional[List[Dict[Any, Any]]] = Field(None, alias="identityProviders")
memoryInfo: Optional["MemoryInfoRepresentation"] = Field(None, alias="memoryInfo")
passwordPolicies: Optional[List["PasswordPolicyTypeRepresentation"]] = Field(None, alias="passwordPolicies")
profileInfo: Optional["ProfileInfoRepresentation"] = Field(None, alias="profileInfo")
protocolMapperTypes: Optional[Dict[Any, Any]] = Field(None, alias="protocolMapperTypes")
providers: Optional[Dict[Any, Any]] = Field(None, alias="providers")
socialProviders: Optional[List[Dict[Any, Any]]] = Field(None, alias="socialProviders")
systemInfo: Optional["SystemInfoRepresentation"] = Field(None, alias="systemInfo")
themes: Optional[Dict[Any, Any]] = Field(None, alias="themes")
class SpiInfoRepresentation(KeycloakModel):
internal: Optional[bool] = Field(None, alias="internal")
providers: Optional[Dict[Any, Any]] = Field(None, alias="providers")
class SynchronizationResult(KeycloakModel):
added: Optional[int] = Field(None, alias="added")
failed: Optional[int] = Field(None, alias="failed")
ignored: Optional[bool] = Field(None, alias="ignored")
removed: Optional[int] = Field(None, alias="removed")
status: Optional[str] = Field(None, alias="status")
updated: Optional[int] = Field(None, alias="updated")
class SystemInfoRepresentation(KeycloakModel):
fileEncoding: Optional[str] = Field(None, alias="fileEncoding")
javaHome: Optional[str] = Field(None, alias="javaHome")
javaRuntime: Optional[str] = Field(None, alias="javaRuntime")
javaVendor: Optional[str] = Field(None, alias="javaVendor")
javaVersion: Optional[str] = Field(None, alias="javaVersion")
javaVm: Optional[str] = Field(None, alias="javaVm")
javaVmVersion: Optional[str] = Field(None, alias="javaVmVersion")
osArchitecture: Optional[str] = Field(None, alias="osArchitecture")
osName: Optional[str] = Field(None, alias="osName")
osVersion: Optional[str] = Field(None, alias="osVersion")
serverTime: Optional[str] = Field(None, alias="serverTime")
uptime: Optional[str] = Field(None, alias="uptime")
uptimeMillis: Optional[int] = Field(None, alias="uptimeMillis")
userDir: Optional[str] = Field(None, alias="userDir")
userLocale: Optional[str] = Field(None, alias="userLocale")
userName: Optional[str] = Field(None, alias="userName")
userTimezone: Optional[str] = Field(None, alias="userTimezone")
version: Optional[str] = Field(None, alias="version")
class TestLdapConnectionRepresentation(KeycloakModel):
action: Optional[str] = Field(None, alias="action")
authType: Optional[str] = Field(None, alias="authType")
bindCredential: Optional[str] = Field(None, alias="bindCredential")
bindDn: Optional[str] = Field(None, alias="bindDn")
componentId: Optional[str] = Field(None, alias="componentId")
connectionTimeout: Optional[str] = Field(None, alias="connectionTimeout")
connectionUrl: Optional[str] = Field(None, alias="connectionUrl")
startTls: Optional[str] = Field(None, alias="startTls")
useTruststoreSpi: Optional[str] = Field(None, alias="useTruststoreSpi")
class UserConsentRepresentation(KeycloakModel):
clientId: Optional[str] = Field(None, alias="clientId")
createdDate: Optional[int] = Field(None, alias="createdDate")
grantedClientScopes: Optional[List[str]] = Field(None, alias="grantedClientScopes")
lastUpdatedDate: Optional[int] = Field(None, alias="lastUpdatedDate")
class UserFederationMapperRepresentation(KeycloakModel):
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
federationMapperType: Optional[str] = Field(None, alias="federationMapperType")
federationProviderDisplayName: Optional[str] = Field(None, alias="federationProviderDisplayName")
id: Optional[str] = Field(None, alias="id")
name: Optional[str] = Field(None, alias="name")
class UserFederationProviderRepresentation(KeycloakModel):
changedSyncPeriod: Optional[int] = Field(None, alias="changedSyncPeriod")
config: Optional[Dict[Any, Any]] = Field(None, alias="config")
displayName: Optional[str] = Field(None, alias="displayName")
fullSyncPeriod: Optional[int] = Field(None, alias="fullSyncPeriod")
id: Optional[str] = Field(None, alias="id")
lastSync: Optional[int] = Field(None, alias="lastSync")
priority: Optional[int] = Field(None, alias="priority")
providerName: Optional[str] = Field(None, alias="providerName")
class UserRepresentation(KeycloakModel):
access: Optional[Dict[Any, Any]] = Field(None, alias="access")
attributes: Optional[Dict[Any, Any]] = Field(None, alias="attributes")
clientConsents: Optional[List["UserConsentRepresentation"]] = Field(None, alias="clientConsents")
clientRoles: Optional[Dict[Any, Any]] = Field(None, alias="clientRoles")
createdTimestamp: Optional[int] = Field(None, alias="createdTimestamp")
credentials: Optional[List["CredentialRepresentation"]] = Field(None, alias="credentials")
disableableCredentialTypes: Optional[List[str]] = Field(None, alias="disableableCredentialTypes")
email: Optional[str] = Field(None, alias="email")
emailVerified: Optional[bool] = Field(None, alias="emailVerified")
enabled: Optional[bool] = Field(None, alias="enabled")
federatedIdentities: Optional[List["FederatedIdentityRepresentation"]] = Field(None, alias="federatedIdentities")
federationLink: Optional[str] = Field(None, alias="federationLink")
firstName: Optional[str] = Field(None, alias="firstName")
groups: Optional[List[str]] = Field(None, alias="groups")
id: Optional[str] = Field(None, alias="id")
lastName: Optional[str] = Field(None, alias="lastName")
notBefore: Optional[int] = Field(None, alias="notBefore")
origin: Optional[str] = Field(None, alias="origin")
realmRoles: Optional[List[str]] = Field(None, alias="realmRoles")
requiredActions: Optional[List[str]] = Field(None, alias="requiredActions")
self: Optional[str] = Field(None, alias="self")
serviceAccountClientId: Optional[str] = Field(None, alias="serviceAccountClientId")
username: Optional[str] = Field(None, alias="username")

109
src/keycloak/keycloak_openid.py
View File

@ -23,6 +23,8 @@
import json
from typing import TYPE_CHECKING, Any, TypeVar, Union, Dict, Optional, List, Iterable
from jose import jwt
from .authorization import Authorization
@ -49,6 +51,15 @@ from .urls_patterns import (
URL_USERINFO,
URL_WELL_KNOWN,
)
from keycloak.uma_permissions import AuthStatus
_T0 = TypeVar('_T0', bound=Dict)
R = Union[bytes, dict]
if TYPE_CHECKING:
from keycloak.uma_permissions import UMAPermission
class KeycloakOpenID:
@ -66,14 +77,14 @@ class KeycloakOpenID:
def __init__(
self,
server_url,
realm_name,
client_id,
client_secret_key=None,
verify=True,
custom_headers=None,
proxies=None,
timeout=60,
server_url: str,
realm_name: str,
client_id: str,
client_secret_key: Optional[str] = None,
verify: Optional[bool] = True,
custom_headers: Optional[Dict[str, str]] = None,
proxies: Optional[Dict[str, str]] = None,
timeout: Optional[int] = 60,
):
self.client_id = client_id
self.client_secret_key = client_secret_key
@ -125,7 +136,7 @@ class KeycloakOpenID:
def authorization(self, value):
self._authorization = value
def _add_secret_key(self, payload):
def _add_secret_key(self, payload: _T0) -> _T0:
"""
Add secret key if exist.
@ -137,7 +148,7 @@ class KeycloakOpenID:
return payload
def _build_name_role(self, role):
def _build_name_role(self, role: str) -> str:
"""
:param role:
@ -145,7 +156,7 @@ class KeycloakOpenID:
"""
return self.client_id + "/" + role
def _token_info(self, token, method_token_info, **kwargs):
def _token_info(self, token: str, method_token_info: str, **kwargs) -> Any:
"""
:param token:
@ -160,7 +171,7 @@ class KeycloakOpenID:
return token_info
def well_known(self):
def well_known(self) -> Union[bytes, dict]:
"""The most important endpoint to understand is the well-known configuration
endpoint. It lists endpoints and other configuration options relevant to
the OpenID Connect implementation in Keycloak.
@ -173,7 +184,7 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakGetError)
def auth_url(self, redirect_uri):
def auth_url(self, redirect_uri) -> str:
"""
http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint
@ -189,14 +200,14 @@ class KeycloakOpenID:
def token(
self,
username="",
password="",
grant_type=["password"],
code="",
redirect_uri="",
totp=None,
username: Optional[str] = "",
password: Optional[str] = "",
grant_type: Optional[List[str]] = None,
code: Optional[str] = "",
redirect_uri: Optional[str] = "",
totp: Optional[str] = None,
**extra
):
) -> Union[bytes, dict]:
"""
The token endpoint is used to obtain tokens. Tokens can either be obtained by
exchanging an authorization code or by supplying credentials directly depending on
@ -213,6 +224,7 @@ class KeycloakOpenID:
:param totp:
:return:
"""
grant_type = grant_type or ["password"]
params_path = {"realm-name": self.realm_name}
payload = {
"username": username,
@ -232,7 +244,11 @@ class KeycloakOpenID:
data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), data=payload)
return raise_error_from_response(data_raw, KeycloakGetError)
def refresh_token(self, refresh_token, grant_type=["refresh_token"]):
def refresh_token(
self,
refresh_token: str,
grant_type: Optional[List[str]] = None
) -> Union[bytes, dict]:
"""
The token endpoint is used to obtain tokens. Tokens can either be obtained by
exchanging an authorization code or by supplying credentials directly depending on
@ -245,6 +261,7 @@ class KeycloakOpenID:
:param grant_type:
:return:
"""
grant_type = grant_type or ["refresh_token"]
params_path = {"realm-name": self.realm_name}
payload = {
"client_id": self.client_id,
@ -255,7 +272,7 @@ class KeycloakOpenID:
data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), data=payload)
return raise_error_from_response(data_raw, KeycloakGetError)
def exchange_token(self, token: str, client_id: str, audience: str, subject: str) -> dict:
def exchange_token(self, token: str, client_id: str, audience: str, subject: str) -> Union[bytes, dict]:
"""
Use a token to obtain an entirely different token. See
https://www.keycloak.org/docs/latest/securing_apps/index.html#_token-exchange
@ -279,7 +296,7 @@ class KeycloakOpenID:
data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), data=payload)
return raise_error_from_response(data_raw, KeycloakGetError)
def userinfo(self, token):
def userinfo(self, token: str) -> Union[bytes, dict]:
"""
The userinfo endpoint returns standard claims about the authenticated user,
and is protected by a bearer token.
@ -297,7 +314,7 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakGetError)
def logout(self, refresh_token):
def logout(self, refresh_token: str) -> Union[bytes, dict]:
"""
The logout endpoint logs out the authenticated user.
:param refresh_token:
@ -311,7 +328,7 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
def certs(self):
def certs(self) -> Union[bytes, dict]:
"""
The certificate endpoint returns the public keys enabled by the realm, encoded as a
JSON Web Key (JWK). Depending on the realm settings there can be one or more keys enabled
@ -325,7 +342,7 @@ class KeycloakOpenID:
data_raw = self.connection.raw_get(URL_CERTS.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError)
def public_key(self):
def public_key(self) -> Union[bytes, dict]:
"""
The public key is exposed by the realm page directly.
@ -335,7 +352,7 @@ class KeycloakOpenID:
data_raw = self.connection.raw_get(URL_REALM.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError)["public_key"]
def entitlement(self, token, resource_server_id):
def entitlement(self, token: str, resource_server_id: str) -> Union[bytes, dict]:
"""
Client applications can use a specific endpoint to obtain a special security token
called a requesting party token (RPT). This token consists of all the entitlements
@ -354,7 +371,7 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakGetError)
def introspect(self, token, rpt=None, token_type_hint=None):
def introspect(self, token: str, rpt: Optional[str] = None, token_type_hint: Optional[str] = None) -> Union[bytes, dict]:
"""
The introspection endpoint is used to retrieve the active state of a token.
It is can only be invoked by confidential clients.
@ -384,7 +401,11 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakGetError)
def decode_token(self, token, key, algorithms=["RS256"], **kwargs):
def decode_token(
self,
token: str,
key: str,
algorithms: Optional[Union[str, list]] = None, **kwargs) -> dict:
"""
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data
structure that represents a cryptographic key. This specification
@ -400,10 +421,10 @@ class KeycloakOpenID:
:param algorithms:
:return:
"""
algorithms = algorithms or ["RS256"]
return jwt.decode(token, key, algorithms=algorithms, audience=self.client_id, **kwargs)
def load_authorization_config(self, path):
def load_authorization_config(self, path: str) -> None:
"""
Load Keycloak settings (authorization)
@ -415,11 +436,12 @@ class KeycloakOpenID:
self.authorization.load_config(authorization_json)
authorization_file.close()
def get_policies(self, token, method_token_info="introspect", **kwargs):
def get_policies(self, token: str, method_token_info: Optional[str] = "introspect", **kwargs) -> Optional[list]:
"""
Get policies by user token
:param token: user token
:param method_token_info: method token info
:return: policies list
"""
@ -447,7 +469,7 @@ class KeycloakOpenID:
return list(set(policies))
def get_permissions(self, token, method_token_info="introspect", **kwargs):
def get_permissions(self, token: str, method_token_info: Optional[str] = "introspect", **kwargs) -> Optional[list]:
"""
Get permission by user token
@ -481,7 +503,7 @@ class KeycloakOpenID:
return list(set(permissions))
def uma_permissions(self, token, permissions=""):
def uma_permissions(self, token: str, permissions: Optional[str] = "") -> Union[bytes, dict]:
"""
Get UMA permissions by user token with requested permissions
@ -510,7 +532,7 @@ class KeycloakOpenID:
return raise_error_from_response(data_raw, KeycloakPostError)
def has_uma_access(self, token, permissions):
def has_uma_access(self, token: str, permissions: Union["UMAPermission", str, dict, Iterable[str]]) -> AuthStatus:
"""
Determine whether user has uma permissions with specified user token
@ -532,14 +554,15 @@ class KeycloakOpenID:
)
raise
for resource_struct in granted:
resource = resource_struct["rsname"]
scopes = resource_struct.get("scopes", None)
if not scopes:
needed.discard(resource)
continue
for scope in scopes:
needed.discard("{}#{}".format(resource, scope))
if isinstance(granted, dict):
for _, resource_struct in granted.items():
resource = resource_struct["rsname"]
scopes = resource_struct.get("scopes", None)
if not scopes:
needed.discard(resource)
continue
for scope in scopes:
needed.discard("{}#{}".format(resource, scope))
return AuthStatus(
is_logged_in=True, is_authorized=len(needed) == 0, missing_permissions=needed

37
src/keycloak/uma_permissions.py
View File

@ -20,6 +20,7 @@
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
from typing import Type, Union, Optional, Set, Tuple, Iterable
from keycloak.exceptions import KeycloakPermissionFormatError, PermissionDefinitionError
@ -38,7 +39,12 @@ class UMAPermission:
"""
def __init__(self, permission=None, resource="", scope=""):
def __init__(
self,
permission: Optional[Type["UMAPermission"]] = None,
resource: Optional[str] = "",
scope: Optional[str] = ""
) -> None:
self.resource = resource
self.scope = scope
@ -52,7 +58,7 @@ class UMAPermission:
if permission.scope:
self.scope = str(permission.scope)
def __str__(self):
def __str__(self) -> str:
scope = self.scope
if scope:
scope = "#" + scope
@ -67,7 +73,12 @@ class UMAPermission:
def __hash__(self) -> int:
return hash(str(self))
def __call__(self, permission=None, resource="", scope="") -> object:
def __call__(
self,
permission: Union["UMAPermission", str, dict, Iterable[str]] = None,
resource: Optional[str] = "",
scope: Optional[str] = ""
) -> object:
result_resource = self.resource
result_scope = self.scope
@ -94,7 +105,7 @@ class Resource(UMAPermission):
The class itself is callable, and will return the assembled permission.
"""
def __init__(self, resource):
def __init__(self, resource: str) -> None:
super().__init__(resource=resource)
@ -103,7 +114,7 @@ class Scope(UMAPermission):
The class itself is callable, and will return the assembled permission.
"""
def __init__(self, scope):
def __init__(self, scope: str) -> None:
super().__init__(scope=scope)
@ -112,15 +123,15 @@ class AuthStatus:
This has to evaluate to True if and only if the user is properly authorized
for the requested resource."""
def __init__(self, is_logged_in, is_authorized, missing_permissions):
def __init__(self, is_logged_in: bool, is_authorized: bool, missing_permissions: Iterable) -> None:
self.is_logged_in = is_logged_in
self.is_authorized = is_authorized
self.missing_permissions = missing_permissions
def __bool__(self):
def __bool__(self) -> bool:
return self.is_authorized
def __repr__(self):
def __repr__(self) -> str:
return (
f"AuthStatus("
f"is_authorized={self.is_authorized}, "
@ -129,7 +140,9 @@ class AuthStatus:
)
def build_permission_param(permissions):
def build_permission_param(
permissions: Union["UMAPermission", str, dict, Iterable[str]]
) -> Union[Set[str], Set[Tuple[str]]]:
"""
Transform permissions to a set, so they are usable for requests
@ -142,13 +155,13 @@ def build_permission_param(permissions):
if permissions is None or permissions == "":
return set()
if isinstance(permissions, str):
return set((permissions,))
return {permissions}
if isinstance(permissions, UMAPermission):
return set((str(permissions),))
return {str(permissions)}
try: # treat as dictionary of permissions
result = set()
for resource, scopes in permissions.items():
for resource, scopes in permissions.items(): # pytype: disable=attribute-error
print(f"resource={resource}scopes={scopes}")
if scopes is None:
result.add(resource)

202
src/keycloak/urls_patterns.py
View File

@ -22,161 +22,161 @@
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
# OPENID URLS
URL_REALM = "realms/{realm-name}"
URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration"
URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token"
URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo"
URL_LOGOUT = "realms/{realm-name}/protocol/openid-connect/logout"
URL_CERTS = "realms/{realm-name}/protocol/openid-connect/certs"
URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect"
URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}"
URL_AUTH = (
URL_REALM: str = "realms/{realm-name}"
URL_WELL_KNOWN: str = "realms/{realm-name}/.well-known/openid-configuration"
URL_TOKEN: str = "realms/{realm-name}/protocol/openid-connect/token"
URL_USERINFO: str = "realms/{realm-name}/protocol/openid-connect/userinfo"
URL_LOGOUT: str = "realms/{realm-name}/protocol/openid-connect/logout"
URL_CERTS: str = "realms/{realm-name}/protocol/openid-connect/certs"
URL_INTROSPECT: str = "realms/{realm-name}/protocol/openid-connect/token/introspect"
URL_ENTITLEMENT: str = "realms/{realm-name}/authz/entitlement/{resource-server-id}"
URL_AUTH: str = (
"{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}"
)
# ADMIN URLS
URL_ADMIN_USERS = "admin/realms/{realm-name}/users"
URL_ADMIN_USERS_COUNT = "admin/realms/{realm-name}/users/count"
URL_ADMIN_USER = "admin/realms/{realm-name}/users/{id}"
URL_ADMIN_USER_CONSENTS = "admin/realms/{realm-name}/users/{id}/consents"
URL_ADMIN_SEND_UPDATE_ACCOUNT = "admin/realms/{realm-name}/users/{id}/execute-actions-email"
URL_ADMIN_SEND_VERIFY_EMAIL = "admin/realms/{realm-name}/users/{id}/send-verify-email"
URL_ADMIN_RESET_PASSWORD = "admin/realms/{realm-name}/users/{id}/reset-password"
URL_ADMIN_GET_SESSIONS = "admin/realms/{realm-name}/users/{id}/sessions"
URL_ADMIN_USER_CLIENT_ROLES = (
URL_ADMIN_USERS: str = "admin/realms/{realm-name}/users"
URL_ADMIN_USERS_COUNT: str = "admin/realms/{realm-name}/users/count"
URL_ADMIN_USER: str = "admin/realms/{realm-name}/users/{id}"
URL_ADMIN_USER_CONSENTS: str = "admin/realms/{realm-name}/users/{id}/consents"
URL_ADMIN_SEND_UPDATE_ACCOUNT: str = "admin/realms/{realm-name}/users/{id}/execute-actions-email"
URL_ADMIN_SEND_VERIFY_EMAIL: str = "admin/realms/{realm-name}/users/{id}/send-verify-email"
URL_ADMIN_RESET_PASSWORD: str = "admin/realms/{realm-name}/users/{id}/reset-password"
URL_ADMIN_GET_SESSIONS: str = "admin/realms/{realm-name}/users/{id}/sessions"
URL_ADMIN_USER_CLIENT_ROLES: str = (
"admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}"
)
URL_ADMIN_USER_REALM_ROLES = "admin/realms/{realm-name}/users/{id}/role-mappings/realm"
URL_ADMIN_USER_REALM_ROLES_AVAILABLE = (
URL_ADMIN_USER_REALM_ROLES: str = "admin/realms/{realm-name}/users/{id}/role-mappings/realm"
URL_ADMIN_USER_REALM_ROLES_AVAILABLE: str = (
"admin/realms/{realm-name}/users/{id}/role-mappings/realm/available"
)
URL_ADMIN_USER_REALM_ROLES_COMPOSITE = (
URL_ADMIN_USER_REALM_ROLES_COMPOSITE: str = (
"admin/realms/{realm-name}/users/{id}/role-mappings/realm/composite"
)
URL_ADMIN_GROUPS_REALM_ROLES = "admin/realms/{realm-name}/groups/{id}/role-mappings/realm"
URL_ADMIN_GROUPS_CLIENT_ROLES = (
URL_ADMIN_GROUPS_REALM_ROLES: str = "admin/realms/{realm-name}/groups/{id}/role-mappings/realm"
URL_ADMIN_GROUPS_CLIENT_ROLES: str = (
"admin/realms/{realm-name}/groups/{id}/role-mappings/clients/{client-id}"
)
URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE = (
URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE: str = (
"admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}/available"
)
URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE = (
URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE: str = (
"admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}/composite"
)
URL_ADMIN_USER_GROUP = "admin/realms/{realm-name}/users/{id}/groups/{group-id}"
URL_ADMIN_USER_GROUPS = "admin/realms/{realm-name}/users/{id}/groups"
URL_ADMIN_USER_CREDENTIALS = "admin/realms/{realm-name}/users/{id}/credentials"
URL_ADMIN_USER_CREDENTIAL = "admin/realms/{realm-name}/users/{id}/credentials/{credential_id}"
URL_ADMIN_USER_LOGOUT = "admin/realms/{realm-name}/users/{id}/logout"
URL_ADMIN_USER_STORAGE = "admin/realms/{realm-name}/user-storage/{id}/sync"
URL_ADMIN_USER_GROUP: str = "admin/realms/{realm-name}/users/{id}/groups/{group-id}"
URL_ADMIN_USER_GROUPS: str = "admin/realms/{realm-name}/users/{id}/groups"
URL_ADMIN_USER_CREDENTIALS: str = "admin/realms/{realm-name}/users/{id}/credentials"
URL_ADMIN_USER_CREDENTIAL: str = "admin/realms/{realm-name}/users/{id}/credentials/{credential_id}"
URL_ADMIN_USER_LOGOUT: str = "admin/realms/{realm-name}/users/{id}/logout"
URL_ADMIN_USER_STORAGE: str = "admin/realms/{realm-name}/user-storage/{id}/sync"
URL_ADMIN_SERVER_INFO = "admin/serverinfo"
URL_ADMIN_SERVER_INFO: str = "admin/serverinfo"
URL_ADMIN_GROUPS = "admin/realms/{realm-name}/groups"
URL_ADMIN_GROUP = "admin/realms/{realm-name}/groups/{id}"
URL_ADMIN_GROUP_CHILD = "admin/realms/{realm-name}/groups/{id}/children"
URL_ADMIN_GROUP_PERMISSIONS = "admin/realms/{realm-name}/groups/{id}/management/permissions"
URL_ADMIN_GROUP_MEMBERS = "admin/realms/{realm-name}/groups/{id}/members"
URL_ADMIN_GROUPS: str = "admin/realms/{realm-name}/groups"
URL_ADMIN_GROUP: str = "admin/realms/{realm-name}/groups/{id}"
URL_ADMIN_GROUP_CHILD: str = "admin/realms/{realm-name}/groups/{id}/children"
URL_ADMIN_GROUP_PERMISSIONS: str = "admin/realms/{realm-name}/groups/{id}/management/permissions"
URL_ADMIN_GROUP_MEMBERS: str = "admin/realms/{realm-name}/groups/{id}/members"
URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients"
URL_ADMIN_CLIENT = URL_ADMIN_CLIENTS + "/{id}"
URL_ADMIN_CLIENT_ALL_SESSIONS = URL_ADMIN_CLIENT + "/user-sessions"
URL_ADMIN_CLIENT_SECRETS = URL_ADMIN_CLIENT + "/client-secret"
URL_ADMIN_CLIENT_ROLES = URL_ADMIN_CLIENT + "/roles"
URL_ADMIN_CLIENT_ROLE = URL_ADMIN_CLIENT + "/roles/{role-name}"
URL_ADMIN_CLIENT_ROLES_COMPOSITE_CLIENT_ROLE = URL_ADMIN_CLIENT_ROLE + "/composites"
URL_ADMIN_CLIENT_ROLE_MEMBERS = URL_ADMIN_CLIENT + "/roles/{role-name}/users"
URL_ADMIN_CLIENT_ROLE_GROUPS = URL_ADMIN_CLIENT + "/roles/{role-name}/groups"
URL_ADMIN_CLIENT_MANAGEMENT_PERMISSIONS = URL_ADMIN_CLIENT + "/management/permissions"
URL_ADMIN_CLIENTS: str = "admin/realms/{realm-name}/clients"
URL_ADMIN_CLIENT: str = URL_ADMIN_CLIENTS + "/{id}"
URL_ADMIN_CLIENT_ALL_SESSIONS: str = URL_ADMIN_CLIENT + "/user-sessions"
URL_ADMIN_CLIENT_SECRETS: str = URL_ADMIN_CLIENT + "/client-secret"
URL_ADMIN_CLIENT_ROLES: str = URL_ADMIN_CLIENT + "/roles"
URL_ADMIN_CLIENT_ROLE: str = URL_ADMIN_CLIENT + "/roles/{role-name}"
URL_ADMIN_CLIENT_ROLES_COMPOSITE_CLIENT_ROLE: str = URL_ADMIN_CLIENT_ROLE + "/composites"
URL_ADMIN_CLIENT_ROLE_MEMBERS: str = URL_ADMIN_CLIENT + "/roles/{role-name}/users"
URL_ADMIN_CLIENT_ROLE_GROUPS: str = URL_ADMIN_CLIENT + "/roles/{role-name}/groups"
URL_ADMIN_CLIENT_MANAGEMENT_PERMISSIONS: str = URL_ADMIN_CLIENT + "/management/permissions"
URL_ADMIN_CLIENT_AUTHZ_SETTINGS = URL_ADMIN_CLIENT + "/authz/resource-server/settings"
URL_ADMIN_CLIENT_AUTHZ_RESOURCES = URL_ADMIN_CLIENT + "/authz/resource-server/resource?max=-1"
URL_ADMIN_CLIENT_AUTHZ_SCOPES = URL_ADMIN_CLIENT + "/authz/resource-server/scope?max=-1"
URL_ADMIN_CLIENT_AUTHZ_PERMISSIONS = URL_ADMIN_CLIENT + "/authz/resource-server/permission?max=-1"
URL_ADMIN_CLIENT_AUTHZ_POLICIES = (
URL_ADMIN_CLIENT_AUTHZ_SETTINGS: str = URL_ADMIN_CLIENT + "/authz/resource-server/settings"
URL_ADMIN_CLIENT_AUTHZ_RESOURCES: str = URL_ADMIN_CLIENT + "/authz/resource-server/resource?max=-1"
URL_ADMIN_CLIENT_AUTHZ_SCOPES: str = URL_ADMIN_CLIENT + "/authz/resource-server/scope?max=-1"
URL_ADMIN_CLIENT_AUTHZ_PERMISSIONS: str = URL_ADMIN_CLIENT + "/authz/resource-server/permission?max=-1"
URL_ADMIN_CLIENT_AUTHZ_POLICIES: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/policy?max=-1&permission=false"
)
URL_ADMIN_CLIENT_AUTHZ_ROLE_BASED_POLICY = (
URL_ADMIN_CLIENT_AUTHZ_ROLE_BASED_POLICY: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/policy/role?max=-1"
)
URL_ADMIN_CLIENT_AUTHZ_RESOURCE_BASED_PERMISSION = (
URL_ADMIN_CLIENT_AUTHZ_RESOURCE_BASED_PERMISSION: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/permission/resource?max=-1"
)
URL_ADMIN_CLIENT_AUTHZ_POLICY_SCOPES = (
URL_ADMIN_CLIENT_AUTHZ_POLICY_SCOPES: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/policy/{policy-id}/scopes"
)
URL_ADMIN_CLIENT_AUTHZ_POLICY_RESOURCES = (
URL_ADMIN_CLIENT_AUTHZ_POLICY_RESOURCES: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/policy/{policy-id}/resources"
)
URL_ADMIN_CLIENT_AUTHZ_SCOPE_PERMISSION = (
URL_ADMIN_CLIENT_AUTHZ_SCOPE_PERMISSION: str = (
URL_ADMIN_CLIENT + "/authz/resource-server/permission/scope/{scope-id}"
)
URL_ADMIN_CLIENT_AUTHZ_CLIENT_POLICY = URL_ADMIN_CLIENT + "/authz/resource-server/policy/client"
URL_ADMIN_CLIENT_AUTHZ_CLIENT_POLICY: str = URL_ADMIN_CLIENT + "/authz/resource-server/policy/client"
URL_ADMIN_CLIENT_SERVICE_ACCOUNT_USER = URL_ADMIN_CLIENT + "/service-account-user"
URL_ADMIN_CLIENT_CERTS = URL_ADMIN_CLIENT + "/certificates/{attr}"
URL_ADMIN_CLIENT_INSTALLATION_PROVIDER = URL_ADMIN_CLIENT + "/installation/providers/{provider-id}"
URL_ADMIN_CLIENT_PROTOCOL_MAPPERS = URL_ADMIN_CLIENT + "/protocol-mappers/models"
URL_ADMIN_CLIENT_PROTOCOL_MAPPER = URL_ADMIN_CLIENT_PROTOCOL_MAPPERS + "/{protocol-mapper-id}"
URL_ADMIN_CLIENT_SERVICE_ACCOUNT_USER: str = URL_ADMIN_CLIENT + "/service-account-user"
URL_ADMIN_CLIENT_CERTS: str = URL_ADMIN_CLIENT + "/certificates/{attr}"
URL_ADMIN_CLIENT_INSTALLATION_PROVIDER: str = URL_ADMIN_CLIENT + "/installation/providers/{provider-id}"
URL_ADMIN_CLIENT_PROTOCOL_MAPPERS: str = URL_ADMIN_CLIENT + "/protocol-mappers/models"
URL_ADMIN_CLIENT_PROTOCOL_MAPPER: str = URL_ADMIN_CLIENT_PROTOCOL_MAPPERS + "/{protocol-mapper-id}"
URL_ADMIN_CLIENT_SCOPES = "admin/realms/{realm-name}/client-scopes"
URL_ADMIN_CLIENT_SCOPE = URL_ADMIN_CLIENT_SCOPES + "/{scope-id}"
URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER = URL_ADMIN_CLIENT_SCOPE + "/protocol-mappers/models"
URL_ADMIN_CLIENT_SCOPES_MAPPERS = URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER + "/{protocol-mapper-id}"
URL_ADMIN_CLIENT_SCOPES: str = "admin/realms/{realm-name}/client-scopes"
URL_ADMIN_CLIENT_SCOPE: str = URL_ADMIN_CLIENT_SCOPES + "/{scope-id}"
URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER: str = URL_ADMIN_CLIENT_SCOPE + "/protocol-mappers/models"
URL_ADMIN_CLIENT_SCOPES_MAPPERS: str = URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER + "/{protocol-mapper-id}"
URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles"
URL_ADMIN_REALM_ROLES_MEMBERS = URL_ADMIN_REALM_ROLES + "/{role-name}/users"
URL_ADMIN_REALMS = "admin/realms"
URL_ADMIN_REALM = "admin/realms/{realm-name}"
URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances"
URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
URL_ADMIN_IDP = "admin/realms//{realm-name}/identity-provider/instances/{alias}"
URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}"
URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = (
URL_ADMIN_REALM_ROLES: str = "admin/realms/{realm-name}/roles"
URL_ADMIN_REALM_ROLES_MEMBERS: str = URL_ADMIN_REALM_ROLES + "/{role-name}/users"
URL_ADMIN_REALMS: str = "admin/realms"
URL_ADMIN_REALM: str = "admin/realms/{realm-name}"
URL_ADMIN_IDPS: str = "admin/realms/{realm-name}/identity-provider/instances"
URL_ADMIN_IDP_MAPPERS: str = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
URL_ADMIN_IDP_MAPPER_UPDATE: str = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
URL_ADMIN_IDP: str = "admin/realms//{realm-name}/identity-provider/instances/{alias}"
URL_ADMIN_REALM_ROLES_ROLE_BY_NAME: str = "admin/realms/{realm-name}/roles/{role-name}"
URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE: str = (
"admin/realms/{realm-name}/roles/{role-name}/composites"
)
URL_ADMIN_REALM_EXPORT = (
URL_ADMIN_REALM_EXPORT: str = (
"admin/realms/{realm-name}/partial-export?exportClients={export-clients}&"
+ "exportGroupsAndRoles={export-groups-and-roles}"
)
URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES = URL_ADMIN_REALM + "/default-default-client-scopes"
URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPE = URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES + "/{id}"
URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES = URL_ADMIN_REALM + "/default-optional-client-scopes"
URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPE = URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES + "/{id}"
URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES: str = URL_ADMIN_REALM + "/default-default-client-scopes"
URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPE: str = URL_ADMIN_DEFAULT_DEFAULT_CLIENT_SCOPES + "/{id}"
URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES: str = URL_ADMIN_REALM + "/default-optional-client-scopes"
URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPE: str = URL_ADMIN_DEFAULT_OPTIONAL_CLIENT_SCOPES + "/{id}"
URL_ADMIN_FLOWS = "admin/realms/{realm-name}/authentication/flows"
URL_ADMIN_FLOW = URL_ADMIN_FLOWS + "/{id}"
URL_ADMIN_FLOWS_ALIAS = "admin/realms/{realm-name}/authentication/flows/{flow-id}"
URL_ADMIN_FLOWS_COPY = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/copy"
URL_ADMIN_FLOWS_EXECUTIONS = (
URL_ADMIN_FLOWS: str = "admin/realms/{realm-name}/authentication/flows"
URL_ADMIN_FLOW: str = URL_ADMIN_FLOWS + "/{id}"
URL_ADMIN_FLOWS_ALIAS: str = "admin/realms/{realm-name}/authentication/flows/{flow-id}"
URL_ADMIN_FLOWS_COPY: str = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/copy"
URL_ADMIN_FLOWS_EXECUTIONS: str = (
"admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions"
)
URL_ADMIN_FLOWS_EXECUTION = "admin/realms/{realm-name}/authentication/executions/{id}"
URL_ADMIN_FLOWS_EXECUTIONS_EXECUTION = (
URL_ADMIN_FLOWS_EXECUTION: str = "admin/realms/{realm-name}/authentication/executions/{id}"
URL_ADMIN_FLOWS_EXECUTIONS_EXECUTION: str = (
"admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions/execution"
)
URL_ADMIN_FLOWS_EXECUTIONS_FLOW = (
URL_ADMIN_FLOWS_EXECUTIONS_FLOW: str = (
"admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions/flow"
)
URL_ADMIN_AUTHENTICATOR_PROVIDERS = (
URL_ADMIN_AUTHENTICATOR_PROVIDERS: str = (
"admin/realms/{realm-name}/authentication/authenticator-providers"
)
URL_ADMIN_AUTHENTICATOR_CONFIG_DESCRIPTION = (
URL_ADMIN_AUTHENTICATOR_CONFIG_DESCRIPTION: str = (
"admin/realms/{realm-name}/authentication/config-description/{provider-id}"
)
URL_ADMIN_AUTHENTICATOR_CONFIG = "admin/realms/{realm-name}/authentication/config/{id}"
URL_ADMIN_AUTHENTICATOR_CONFIG: str = "admin/realms/{realm-name}/authentication/config/{id}"
URL_ADMIN_COMPONENTS = "admin/realms/{realm-name}/components"
URL_ADMIN_COMPONENT = "admin/realms/{realm-name}/components/{component-id}"
URL_ADMIN_KEYS = "admin/realms/{realm-name}/keys"
URL_ADMIN_COMPONENTS: str = "admin/realms/{realm-name}/components"
URL_ADMIN_COMPONENT: str = "admin/realms/{realm-name}/components/{component-id}"
URL_ADMIN_KEYS: str = "admin/realms/{realm-name}/keys"
URL_ADMIN_USER_FEDERATED_IDENTITIES = "admin/realms/{realm-name}/users/{id}/federated-identity"
URL_ADMIN_USER_FEDERATED_IDENTITY = (
URL_ADMIN_USER_FEDERATED_IDENTITIES: str = "admin/realms/{realm-name}/users/{id}/federated-identity"
URL_ADMIN_USER_FEDERATED_IDENTITY: str = (
"admin/realms/{realm-name}/users/{id}/federated-identity/{provider}"
)
URL_ADMIN_EVENTS = "admin/realms/{realm-name}/events"
URL_ADMIN_EVENTS_CONFIG = URL_ADMIN_EVENTS + "/config"
URL_ADMIN_CLIENT_SESSION_STATS = "admin/realms/{realm-name}/client-session-stats"
URL_ADMIN_EVENTS: str = "admin/realms/{realm-name}/events"
URL_ADMIN_EVENTS_CONFIG: str = URL_ADMIN_EVENTS + "/config"
URL_ADMIN_CLIENT_SESSION_STATS: str = "admin/realms/{realm-name}/client-session-stats"
Write Preview
Loading…
Cancel
Save