diff --git a/src/keycloak/keycloak_admin.py b/src/keycloak/keycloak_admin.py index 43dcf1e..43f16c4 100644 --- a/src/keycloak/keycloak_admin.py +++ b/src/keycloak/keycloak_admin.py @@ -4252,7 +4252,7 @@ class KeycloakAdmin: #async functions start async def a___fetch_all(self, url, query=None): - """Paginate over get requests. + """Paginate asynchronously over get requests . Wrapper function to paginate GET requests. @@ -4287,7 +4287,7 @@ class KeycloakAdmin: return results async def a___fetch_paginated(self, url, query=None): - """Make a specific paginated request. + """Make a specific paginated request asynchronously. :param url: The url on which the query is executed :type url: str @@ -4300,7 +4300,7 @@ class KeycloakAdmin: return raise_error_from_response(await self.connection.a_raw_get(url, **query), KeycloakGetError) async def a_get_current_realm(self) -> str: - """Return the currently configured realm. + """Return the currently configured realm asynchronously. :returns: Currently configured realm name :rtype: str @@ -4308,7 +4308,7 @@ class KeycloakAdmin: return self.connection.realm_name async def a_change_current_realm(self, realm_name: str) -> None: - """Change the current realm. + """Change the current realm asynchronously. :param realm_name: The name of the realm to be configured as current :type realm_name: str @@ -4316,7 +4316,7 @@ class KeycloakAdmin: self.connection.realm_name = realm_name async def a_import_realm(self, payload): - """Import a new realm from a RealmRepresentation. + """Import a new realm asynchronously from a RealmRepresentation. Realm name must be unique. @@ -4334,7 +4334,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_partial_import_realm(self, realm_name, payload): - """Partial import realm configuration from PartialImportRepresentation. + """Partial import realm configuration asynchronously from PartialImportRepresentation. Realm partialImport is used for modifying configuration of existing realm. @@ -4357,7 +4357,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[200]) async def a_export_realm(self, export_clients=False, export_groups_and_role=False): - """Export the realm configurations in the json format. + """Export the realm configurations asynchronously in the json format. RealmRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_partialexport @@ -4381,7 +4381,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError) async def a_get_realms(self): - """List all realms in Keycloak deployment. + """List all realms in asynchronouslyKeycloak deployment. :return: realms list :rtype: list @@ -4390,7 +4390,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_realm(self, realm_name): - """Get a specific realm. + """Get a specific realm asynchronously. RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation @@ -4405,7 +4405,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_create_realm(self, payload, skip_exists=False): - """Create a realm. + """Create a realm asynchronously. RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation @@ -4425,7 +4425,7 @@ class KeycloakAdmin: ) async def a_update_realm(self, realm_name, payload): - """Update a realm. + """Update a realm asynchronously. This will only update top level attributes and will ignore any user, role, or client information in the payload. @@ -4447,7 +4447,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_realm(self, realm_name): - """Delete a realm. + """Delete a realm asynchronously. :param realm_name: Realm name (not the realm id) :type realm_name: str @@ -4459,7 +4459,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_users(self, query=None): - """Get all users. + """Get all users asynchronously. Return a list of users, filtered according to query parameters @@ -4481,7 +4481,7 @@ class KeycloakAdmin: return await self.a___fetch_all(url, query) async def a_create_idp(self, payload): - """Create an ID Provider. + """Create an ID Provider asynchronously. IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation @@ -4498,7 +4498,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_update_idp(self, idp_alias, payload): - """Update an ID Provider. + """Update an ID Provider asynchronously. IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identity_providers_resource @@ -4517,7 +4517,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_add_mapper_to_idp(self, idp_alias, payload): - """Create an ID Provider. + """Create an ID Provider asynchronously. IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityprovidermapperrepresentation @@ -4536,7 +4536,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_update_mapper_in_idp(self, idp_alias, mapper_id, payload): - """Update an IdP mapper. + """Update an IdP mapper asynchronously. IdentityProviderMapperRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_update @@ -4564,7 +4564,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_idp_mappers(self, idp_alias): - """Get IDP mappers. + """Get IDP mappers asynchronously. Returns a list of ID Providers mappers @@ -4583,7 +4583,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_idps(self): - """Get IDPs. + """Get IDPs asynchronously. Returns a list of ID Providers, @@ -4598,7 +4598,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_idp(self, idp_alias): - """Get IDP provider. + """Get IDP provider asynchronously. Get the representation of a specific IDP Provider. @@ -4615,7 +4615,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_idp(self, idp_alias): - """Delete an ID Provider. + """Delete an ID Provider asynchronously. :param: idp_alias: idp alias name :type idp_alias: str @@ -4627,7 +4627,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_create_user(self, payload, exist_ok=False): - """Create a new user. + """Create a new user asynchronously. Username must be unique @@ -4659,7 +4659,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_users_count(self, query=None): - """Count users. + """Count users asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_users_resource @@ -4677,7 +4677,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_user_id(self, username): - """Get internal keycloak user id from username. + """Get internal keycloak user id from username asynchronously. This is required for further actions against this user. @@ -4695,7 +4695,7 @@ class KeycloakAdmin: return users[0]["id"] if len(users) == 1 else None async def a_get_user(self, user_id): - """Get representation of the user. + """Get representation of the user asynchronously. UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation @@ -4709,7 +4709,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_user_groups(self, user_id, query=None, brief_representation=True): - """Get user groups. + """Get user groups asynchronously. Returns a list of groups of which the user is a member @@ -4738,7 +4738,7 @@ class KeycloakAdmin: return await self.a___fetch_all(url, query) async def a_update_user(self, user_id, payload): - """Update the user. + """Update the user asynchronously. :param user_id: User id :type user_id: str @@ -4755,7 +4755,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_disable_user(self, user_id): - """Disable the user from the realm. Disabled users can not log in. + """Disable the user asynchronously from the realm. Disabled users can not log in. :param user_id: User id :type user_id: str @@ -4766,7 +4766,7 @@ class KeycloakAdmin: return await self.a_update_user(user_id=user_id, payload={"enabled": False}) async def a_enable_user(self, user_id): - """Enable the user from the realm. + """Enable the user from the realm asynchronously. :param user_id: User id :type user_id: str @@ -4777,21 +4777,21 @@ class KeycloakAdmin: return await self.a_update_user(user_id=user_id, payload={"enabled": True}) async def a_disable_all_users(self): - """Disable all existing users.""" + """Disable all existing users asynchronously.""" users = await self.a_get_users() for user in users: user_id = user["id"] await self.a_disable_user(user_id=user_id) async def a_enable_all_users(self): - """Disable all existing users.""" + """Disable all existing users asynchronously.""" users = await self.a_get_users() for user in users: user_id = user["id"] await self.a_enable_user(user_id=user_id) async def a_delete_user(self, user_id): - """Delete the user. + """Delete the user asynchronously. :param user_id: User id :type user_id: str @@ -4803,7 +4803,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_set_user_password(self, user_id, password, temporary=True): - """Set up a password for the user. + """Set up a password for the user asynchronously. If temporary is True, the user will have to reset the temporary password next time they log in. @@ -4828,7 +4828,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_credentials(self, user_id): - """Get user credentials. + """Get user credentials asynchronously. Returns a list of credential belonging to the user. @@ -4847,7 +4847,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_credential(self, user_id, credential_id): - """Delete credential of the user. + """Delete credential of the user asynchronously. CredentialRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_credentialrepresentation @@ -4886,7 +4886,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_user_consents(self, user_id): - """Get consents granted by the user. + """Get consents granted asynchronously by the user. UserConsentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userconsentrepresentation @@ -4903,7 +4903,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_user_social_logins(self, user_id): - """Get user social logins. + """Get user social logins asynchronously. Returns a list of federated identities/social logins of which the user has been associated with @@ -4919,7 +4919,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_add_user_social_login(self, user_id, provider_id, provider_userid, provider_username): - """Add a federated identity / social login provider to the user. + """Add a federated identity / social login provider asynchronously to the user. :param user_id: User id :type user_id: str @@ -4949,7 +4949,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201, 204]) async def a_delete_user_social_login(self, user_id, provider_id): - """Delete a federated identity / social login provider from the user. + """Delete a federated identity / social login provider asynchronously from the user. :param user_id: User id :type user_id: str @@ -4971,7 +4971,7 @@ class KeycloakAdmin: async def a_send_update_account( self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None ): - """Send an update account email to the user. + """Send an update account email to the user asynchronously. An email contains a link the user can click to perform a set of required actions. @@ -4999,7 +4999,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_send_verify_email(self, user_id, client_id=None, redirect_uri=None): - """Send a update account email to the user. + """Send a update account email to the user asynchronously. An email contains a link the user can click to perform a set of required actions. @@ -5023,7 +5023,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_get_sessions(self, user_id): - """Get sessions associated with the user. + """Get sessions associated with the user asynchronously. UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation @@ -5040,7 +5040,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_server_info(self): - """Get themes, social providers, etc. on this server. + """Get themes, social providers, etc. on this server asynchronously. ServerInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_serverinforepresentation @@ -5052,7 +5052,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_groups(self, query=None, full_hierarchy=False): - """Get groups. + """Get groups asynchronously. Returns a list of groups belonging to the realm @@ -5090,7 +5090,7 @@ class KeycloakAdmin: return groups async def a_get_group(self, group_id, full_hierarchy=False): - """Get group by id. + """Get group by id asynchronously. Returns full group details @@ -5121,7 +5121,7 @@ class KeycloakAdmin: return group async def a_get_subgroups(self, group, path): - """Get subgroups. + """Get subgroups asynchronously. Utility function to iterate through nested group structures @@ -5147,7 +5147,7 @@ class KeycloakAdmin: return None async def a_get_group_children(self, group_id, query=None, full_hierarchy=False): - """Get group children by parent id. + """Get group children by parent id asynchronously. Returns full group children details @@ -5183,7 +5183,7 @@ class KeycloakAdmin: return res async def a_get_group_members(self, group_id, query=None): - """Get members by group id. + """Get members by group id asynchronously. Returns group members @@ -5208,7 +5208,7 @@ class KeycloakAdmin: return await self.a___fetch_all(url, query) async def a_get_group_by_path(self, path): - """Get group id based on name or path. + """Get group id based on name or path asynchronously . Returns full group details for a group defined by path @@ -5227,7 +5227,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_group(self, payload, parent=None, skip_exists=False): - """Create a group in the Realm. + """Create a group in the Realm asynchronously. GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation @@ -5263,7 +5263,7 @@ class KeycloakAdmin: return async def a_update_group(self, group_id, payload): - """Update group, ignores subgroups. + """Update group, ignores subgroups asynchronously. GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation @@ -5283,7 +5283,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_groups_count(self, query=None): - """Count groups. + """Count groups asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_groups @@ -5301,7 +5301,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_group_set_permissions(self, group_id, enabled=True): - """Enable/Disable permissions for a group. + """Enable/Disable permissions for a group asynchronously. Cannot delete group if disabled @@ -5320,7 +5320,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_group_user_add(self, user_id, group_id): - """Add user to group (user_id and group_id). + """Add user to group (user_id and group_id) asynchronously. :param user_id: id of user :type user_id: str @@ -5340,7 +5340,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_group_user_remove(self, user_id, group_id): - """Remove user from group (user_id and group_id). + """Remove user from group (user_id and group_id) asynchronously. :param user_id: id of user :type user_id: str @@ -5360,7 +5360,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_delete_group(self, group_id): - """Delete a group in the Realm. + """Delete a group in the Realm asynchronously. :param group_id: id of group to delete :type group_id: str @@ -5372,7 +5372,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_clients(self): - """Get clients. + """Get clients asynchronously. Returns a list of clients belonging to the realm @@ -5387,7 +5387,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client(self, client_id): - """Get representation of the client. + """Get representation of the client asynchronously. ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5402,7 +5402,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_id(self, client_id): - """Get internal keycloak client id from client-id. + """Get internal keycloak client id from client-id asynchronously. This is required for further actions against this client. @@ -5425,7 +5425,7 @@ class KeycloakAdmin: return None async def a_get_client_authz_settings(self, client_id): - """Get authorization json from client. + """Get authorization json from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5440,7 +5440,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_client_authz_resource(self, client_id, payload, skip_exists=False): - """Create resources of client. + """Create resources of client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5465,7 +5465,7 @@ class KeycloakAdmin: ) async def a_update_client_authz_resource(self, client_id, resource_id, payload): - """Update resource of client. + """Update resource of client asynchronously. Any parameter missing from the ResourceRepresentation in the payload WILL be set to default by the Keycloak server. @@ -5498,7 +5498,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_client_authz_resource(self, client_id: str, resource_id: str): - """Delete a client resource. + """Delete a client resource asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5521,7 +5521,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_client_authz_resources(self, client_id): - """Get resources from client. + """Get resources from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5536,7 +5536,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_authz_resource(self, client_id: str, resource_id: str): - """Get a client resource. + """Get a client resource asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5559,7 +5559,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_create_client_authz_role_based_policy(self, client_id, payload, skip_exists=False): - """Create role-based policy of client. + """Create role-based policy of client asynchronously. Payload example:: @@ -5597,7 +5597,7 @@ class KeycloakAdmin: ) async def a_create_client_authz_policy(self, client_id, payload, skip_exists=False): - """Create an authz policy of client. + """Create an authz policy of client asynchronously. Payload example:: @@ -5634,7 +5634,7 @@ class KeycloakAdmin: ) async def a_create_client_authz_resource_based_permission(self, client_id, payload, skip_exists=False): - """Create resource-based permission of client. + """Create resource-based permission of client asynchronously. Payload example:: @@ -5673,7 +5673,7 @@ class KeycloakAdmin: ) async def a_get_client_authz_scopes(self, client_id): - """Get scopes from client. + """Get scopes from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5688,7 +5688,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_client_authz_scopes(self, client_id, payload): - """Create scopes for client. + """Create scopes for client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5707,7 +5707,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_get_client_authz_permissions(self, client_id): - """Get permissions from client. + """Get permissions from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5722,7 +5722,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_authz_policies(self, client_id): - """Get policies from client. + """Get policies from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5737,7 +5737,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_client_authz_policy(self, client_id, policy_id): - """Delete a policy from client. + """Delete a policy from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5759,7 +5759,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_client_authz_policy(self, client_id, policy_id): - """Get a policy from client. + """Get a policy from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5781,7 +5781,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_service_account_user(self, client_id): - """Get service account user from client. + """Get service account user from client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5796,7 +5796,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_default_client_scopes(self, client_id): - """Get all default client scopes from client. + """Get all default client scopes from client asynchronously. :param client_id: id of the client in which the new default client scope should be added :type client_id: str @@ -5811,7 +5811,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_add_client_default_client_scope(self, client_id, client_scope_id, payload): - """Add a client scope to the default client scopes from client. + """Add a client scope to the default client scopes from client asynchronously. Payload example:: @@ -5843,7 +5843,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_delete_client_default_client_scope(self, client_id, client_scope_id): - """Delete a client scope from the default client scopes of the client. + """Delete a client scope from the default client scopes of the client asynchronously. :param client_id: id of the client in which the default client scope should be deleted :type client_id: str @@ -5864,7 +5864,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError) async def a_get_client_optional_client_scopes(self, client_id): - """Get all optional client scopes from client. + """Get all optional client scopes from client asynchronously. :param client_id: id of the client in which the new optional client scope should be added :type client_id: str @@ -5879,7 +5879,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_add_client_optional_client_scope(self, client_id, client_scope_id, payload): - """Add a client scope to the optional client scopes from client. + """Add a client scope to the optional client scopes from client asynchronously. Payload example:: @@ -5911,7 +5911,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_delete_client_optional_client_scope(self, client_id, client_scope_id): - """Delete a client scope from the optional client scopes of the client. + """Delete a client scope from the optional client scopes of the client asynchronously. :param client_id: id of the client in which the optional client scope should be deleted :type client_id: str @@ -5932,7 +5932,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError) async def a_create_initial_access_token(self, count: int = 1, expiration: int = 1): - """Create an initial access token. + """Create an initial access token asynchronously. :param count: Number of clients that can be registered :type count: int @@ -5950,7 +5950,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[200]) async def a_create_client(self, payload, skip_exists=False): - """Create a client. + """Create a client asynchronously. ClientRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -5979,7 +5979,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_update_client(self, client_id, payload): - """Update a client. + """Update a client asynchronously. :param client_id: Client id :type client_id: str @@ -5996,7 +5996,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_client(self, client_id): - """Get representation of the client. + """Get representation of the client asynchronously. ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -6011,7 +6011,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_client_installation_provider(self, client_id, provider_id): - """Get content for given installation provider. + """Get content for given installation provider asynchronously. Related documentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource @@ -6037,7 +6037,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_get_realm_roles(self, brief_representation=True, search_text=""): - """Get all roles for the realm or client. + """Get all roles for the realm or client asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6065,7 +6065,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_realm_role_groups(self, role_name, query=None, brief_representation=True): - """Get role groups of realm by role name. + """Get role groups of realm by role name asynchronously. :param role_name: Name of the role. :type role_name: str @@ -6093,7 +6093,7 @@ class KeycloakAdmin: return await self.a___fetch_all(url, query) async def a_get_realm_role_members(self, role_name, query=None): - """Get role members of realm by role name. + """Get role members of realm by role name asynchronously. :param role_name: Name of the role. :type role_name: str @@ -6110,7 +6110,7 @@ class KeycloakAdmin: ) async def a_get_default_realm_role_id(self): - """Get the ID of the default realm role. + """Get the ID of the default realm role asynchronously. :return: Realm role ID :rtype: str @@ -6124,7 +6124,7 @@ class KeycloakAdmin: return default_realm_roles[0]["id"] async def a_get_realm_default_roles(self): - """Get all the default realm roles. + """Get all the default realm roles asyncho asynchronously. :return: Keycloak Server Response (UserRepresentation) :rtype: list @@ -6139,7 +6139,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_remove_realm_default_roles(self, payload): - """Remove a set of default realm roles. + """Remove a set of default realm roles asynchronously. :param payload: List of RoleRepresentations :type payload: list @@ -6157,7 +6157,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError) async def a_add_realm_default_roles(self, payload): - """Add a set of default realm roles. + """Add a set of default realm roles asynchronously. :param payload: List of RoleRepresentations :type payload: list @@ -6175,7 +6175,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError) async def a_get_client_roles(self, client_id, brief_representation=True): - """Get all roles for the client. + """Get all roles for the client asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6195,7 +6195,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_role(self, client_id, role_name): - """Get client role id by name. + """Get client role id by name asynchronously. This is required for further actions with this role. @@ -6220,7 +6220,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_role_id(self, client_id, role_name): - """Get client role id by name. + """Get client role id by name asynchronously. This is required for further actions with this role. @@ -6238,7 +6238,7 @@ class KeycloakAdmin: return role.get("id") async def a_create_client_role(self, client_role_id, payload, skip_exists=False): - """Create a client role. + """Create a client role asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6270,7 +6270,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_add_composite_client_roles_to_role(self, client_role_id, role_name, roles): - """Add composite roles to client role. + """Add composite roles to client role asynchronously. :param client_role_id: id of client (not client-id) :type client_role_id: str @@ -6294,7 +6294,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_update_client_role(self, client_id, role_name, payload): - """Update a client role. + """Update a client role asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6319,7 +6319,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_client_role(self, client_role_id, role_name): - """Delete a client role. + """Delete a client role asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6342,7 +6342,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_assign_client_role(self, user_id, client_id, roles): - """Assign a client role to a user. + """Assign a client role to a user asynchronously. :param user_id: id of user :type user_id: str @@ -6366,7 +6366,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_get_client_role_members(self, client_id, role_name, **query): - """Get members by client role. + """Get members by client role asynchronously. :param client_id: The client id :type client_id: str @@ -6388,7 +6388,7 @@ class KeycloakAdmin: ) async def a_get_client_role_groups(self, client_id, role_name, **query): - """Get group members by client role. + """Get group members by client role asynchronously. :param client_id: The client id :type client_id: str @@ -6410,7 +6410,7 @@ class KeycloakAdmin: ) async def a_get_role_by_id(self, role_id): - """Get a specific role’s representation. + """Get a specific role’s representation asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6427,7 +6427,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_update_role_by_id(self, role_id, payload): - """Update the role. + """Update the role asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6447,7 +6447,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_role_by_id(self, role_id): - """Delete a role by its id. + """Delete a role by its id asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6464,7 +6464,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_create_realm_role(self, payload, skip_exists=False): - """Create a new role for the realm or client. + """Create a new role for the realm or client asynchronously. :param payload: The role (use RoleRepresentation) :type payload: dict @@ -6491,7 +6491,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_get_realm_role(self, role_name): - """Get realm role by role name. + """Get realm role by role name asynchronously. RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation @@ -6525,7 +6525,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_realm_role(self, role_name, payload): - """Update a role for the realm by name. + """Update a role for the realm by name asynchronously. :param role_name: The name of the role to be updated :type role_name: str @@ -6542,7 +6542,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_realm_role(self, role_name): - """Delete a role for the realm by name. + """Delete a role for the realm by name asynchronously. :param role_name: The role name :type role_name: str @@ -6556,7 +6556,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_add_composite_realm_roles_to_role(self, role_name, roles): - """Add composite roles to the role. + """Add composite roles to the role asynchronously. :param role_name: The name of the role :type role_name: str @@ -6574,7 +6574,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_remove_composite_realm_roles_to_role(self, role_name, roles): - """Remove composite roles from the role. + """Remove composite roles from the role asynchronously. :param role_name: The name of the role :type role_name: str @@ -6592,7 +6592,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_composite_realm_roles_of_role(self, role_name): - """Get composite roles of the role. + """Get composite roles of the role asynchronously. :param role_name: The name of the role :type role_name: str @@ -6606,7 +6606,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_assign_realm_roles_to_client_scope(self, client_id, roles): - """Assign realm roles to a client's scope. + """Assign realm roles to a client's scope asynchronously. :param client_id: id of client (not client-id) :type client_id: str @@ -6624,7 +6624,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_delete_realm_roles_of_client_scope(self, client_id, roles): - """Delete realm roles of a client's scope. + """Delete realm roles of a client's scope asynchronously. :param client_id: id of client (not client-id) :type client_id: str @@ -6656,7 +6656,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_assign_client_roles_to_client_scope(self, client_id, client_roles_owner_id, roles): - """Assign client roles to a client's scope. + """Assign client roles to a client's scope asynchronously. :param client_id: id of client (not client-id) who is assigned the roles :type client_id: str @@ -6680,7 +6680,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_delete_client_roles_of_client_scope(self, client_id, client_roles_owner_id, roles): - """Delete client roles of a client's scope. + """Delete client roles of a client's scope asynchronously. :param client_id: id of client (not client-id) who is assigned the roles :type client_id: str @@ -6704,7 +6704,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_client_roles_of_client_scope(self, client_id, client_roles_owner_id): - """Get all client roles for a client's scope. + """Get all client roles for a client's scope asynchronously. :param client_id: id of client (not client-id) :type client_id: str @@ -6724,7 +6724,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_assign_realm_roles(self, user_id, roles): - """Assign realm roles to a user. + """Assign realm roles to a user asynchronously. :param user_id: id of user :type user_id: str @@ -6742,7 +6742,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_delete_realm_roles_of_user(self, user_id, roles): - """Delete realm roles of a user. + """Delete realm roles of a user asynchronously. :param user_id: id of user :type user_id: str @@ -6760,7 +6760,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_realm_roles_of_user(self, user_id): - """Get all realm roles for a user. + """Get all realm roles for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6774,7 +6774,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_available_realm_roles_of_user(self, user_id): - """Get all available (i.e. unassigned) realm roles for a user. + """Get all available (i.e. unassigned) realm roles for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6788,7 +6788,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_composite_realm_roles_of_user(self, user_id, brief_representation=True): - """Get all composite (i.e. implicit) realm roles for a user. + """Get all composite (i.e. implicit) realm roles for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6805,7 +6805,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_assign_group_realm_roles(self, group_id, roles): - """Assign realm roles to a group. + """Assign realm roles to a group asynchronously. :param group_id: id of group :type group_id: str @@ -6823,7 +6823,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_delete_group_realm_roles(self, group_id, roles): - """Delete realm roles of a group. + """Delete realm roles of a group asynchronously. :param group_id: id of group :type group_id: str @@ -6841,7 +6841,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_group_realm_roles(self, group_id, brief_representation=True): - """Get all realm roles for a group. + """Get all realm roles for a group asynchronously. :param group_id: id of the group :type group_id: str @@ -6858,7 +6858,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_assign_group_client_roles(self, group_id, client_id, roles): - """Assign client roles to a group. + """Assign client roles to a group asynchronously. :param group_id: id of group :type group_id: str @@ -6882,7 +6882,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_get_group_client_roles(self, group_id, client_id): - """Get client roles of a group. + """Get client roles of a group asynchronously. :param group_id: id of group :type group_id: str @@ -6902,7 +6902,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_group_client_roles(self, group_id, client_id, roles): - """Delete client roles of a group. + """Delete client roles of a group asynchronously. :param group_id: id of group :type group_id: str @@ -6926,7 +6926,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_all_roles_of_user(self, user_id): - """Get all level roles for a user. + """Get all level roles for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6940,7 +6940,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_roles_of_user(self, user_id, client_id): - """Get all client roles for a user. + """Get all client roles for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6954,7 +6954,7 @@ class KeycloakAdmin: ) async def a_get_available_client_roles_of_user(self, user_id, client_id): - """Get available client role-mappings for a user. + """Get available client role-mappings for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6968,7 +6968,7 @@ class KeycloakAdmin: ) async def a_get_composite_client_roles_of_user(self, user_id, client_id, brief_representation=False): - """Get composite client role-mappings for a user. + """Get composite client role-mappings for a user asynchronously. :param user_id: id of user :type user_id: str @@ -6987,7 +6987,7 @@ class KeycloakAdmin: async def a__get_client_roles_of_user( self, client_level_role_mapping_url, user_id, client_id, **params ): - """Get client roles of a single user helper. + """Get client roles of a single user helper asynchronously. :param client_level_role_mapping_url: Url for the client role mapping :type client_level_role_mapping_url: str @@ -7011,7 +7011,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_client_roles_of_user(self, user_id, client_id, roles): - """Delete client roles from a user. + """Delete client roles from a user asynchronously. :param user_id: id of user :type user_id: str @@ -7035,7 +7035,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_authentication_flows(self): - """Get authentication flows. + """Get authentication flows asynchronously. Returns all flow details @@ -7050,7 +7050,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_authentication_flow_for_id(self, flow_id): - """Get one authentication flow by it's id. + """Get one authentication flow by it's id asynchronously. Returns all flow details @@ -7069,7 +7069,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_authentication_flow(self, payload, skip_exists=False): - """Create a new authentication flow. + """Create a new authentication flow asynchronously. AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation @@ -7090,7 +7090,7 @@ class KeycloakAdmin: ) async def a_copy_authentication_flow(self, payload, flow_alias): - """Copy existing authentication flow under a new name. + """Copy existing authentication flow under a new name asynchronously. The new name is given as 'newName' attribute of the passed payload. @@ -7108,7 +7108,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_delete_authentication_flow(self, flow_id): - """Delete authentication flow. + """Delete authentication flow asynchronously. AuthenticationInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationinforepresentation @@ -7123,7 +7123,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_authentication_flow_executions(self, flow_alias): - """Get authentication flow executions. + """Get authentication flow executions asynchronously. Returns all execution steps @@ -7139,7 +7139,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_authentication_flow_executions(self, payload, flow_alias): - """Update an authentication flow execution. + """Update an authentication flow execution asynchronously. AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation @@ -7159,7 +7159,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[202, 204]) async def a_get_authentication_flow_execution(self, execution_id): - """Get authentication flow execution. + """Get authentication flow execution asynchronously. AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation @@ -7176,7 +7176,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_authentication_flow_execution(self, payload, flow_alias): - """Create an authentication flow execution. + """Create an authentication flow execution asynchronously. AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation @@ -7196,7 +7196,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_delete_authentication_flow_execution(self, execution_id): - """Delete authentication flow execution. + """Delete authentication flow execution asynchronously. AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation @@ -7213,7 +7213,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_create_authentication_flow_subflow(self, payload, flow_alias, skip_exists=False): - """Create a new sub authentication flow for a given authentication flow. + """Create a new sub authentication flow for a given authentication flow asynchronously. AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation @@ -7237,7 +7237,7 @@ class KeycloakAdmin: ) async def a_get_authenticator_providers(self): - """Get authenticator providers list. + """Get authenticator providers list asynchronously. :return: Authenticator providers :rtype: list @@ -7249,7 +7249,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_authenticator_provider_config_description(self, provider_id): - """Get authenticator's provider configuration description. + """Get authenticator's provider configuration description asynchronously. AuthenticatorConfigInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfiginforepresentation @@ -7266,7 +7266,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_authenticator_config(self, config_id): - """Get authenticator configuration. + """Get authenticator configuration asynchronously. Returns all configuration details. @@ -7282,7 +7282,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_authenticator_config(self, payload, config_id): - """Update an authenticator configuration. + """Update an authenticator configuration asynchronously. AuthenticatorConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfigrepresentation @@ -7302,7 +7302,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_authenticator_config(self, config_id): - """Delete a authenticator configuration. + """Delete a authenticator configuration asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authentication_management_resource @@ -7318,7 +7318,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_sync_users(self, storage_id, action): - """Trigger user sync from provider. + """Trigger user sync from provider asynchronously. :param storage_id: The id of the user storage provider :type storage_id: str @@ -7339,7 +7339,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError) async def a_get_client_scopes(self): - """Get client scopes. + """Get client scopes asynchronously. Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes @@ -7354,7 +7354,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_scope(self, client_scope_id): - """Get client scope. + """Get client scope asynchronously. Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes @@ -7371,7 +7371,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_scope_by_name(self, client_scope_name): - """Get client scope by name. + """Get client scope by name asynchronously. Get representation of the client scope identified by the client scope name. @@ -7389,7 +7389,7 @@ class KeycloakAdmin: return None async def a_create_client_scope(self, payload, skip_exists=False): - """Create a client scope. + """Create a client scope asynchronously. ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes @@ -7418,7 +7418,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_update_client_scope(self, client_scope_id, payload): - """Update a client scope. + """Update a client scope asynchronously. ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource @@ -7437,7 +7437,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_client_scope(self, client_scope_id): - """Delete existing client scope. + """Delete existing client scope asynchronously. ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource @@ -7454,7 +7454,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_mappers_from_client_scope(self, client_scope_id): - """Get a list of all mappers connected to the client scope. + """Get a list of all mappers connected to the client scope asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource :param client_scope_id: Client scope id @@ -7469,7 +7469,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_add_mapper_to_client_scope(self, client_scope_id, payload): - """Add a mapper to a client scope. + """Add a mapper to a client scope asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper @@ -7490,7 +7490,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_delete_mapper_from_client_scope(self, client_scope_id, protocol_mapper_id): - """Delete a mapper from a client scope. + """Delete a mapper from a client scope asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_delete_mapper @@ -7513,7 +7513,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_update_mapper_in_client_scope(self, client_scope_id, protocol_mapper_id, payload): - """Update an existing protocol mapper in a client scope. + """Update an existing protocol mapper in a client scope asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource @@ -7541,7 +7541,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_default_default_client_scopes(self): - """Get default default client scopes. + """Get default default client scopes asynchronously. Return list of default default client scopes @@ -7555,7 +7555,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_default_default_client_scope(self, scope_id): - """Delete default default client scope. + """Delete default default client scope asynchronously. :param scope_id: default default client scope id :type scope_id: str @@ -7569,7 +7569,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_add_default_default_client_scope(self, scope_id): - """Add default default client scope. + """Add default default client scope asynchronously. :param scope_id: default default client scope id :type scope_id: str @@ -7585,7 +7585,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_default_optional_client_scopes(self): - """Get default optional client scopes. + """Get default optional client scopes asynchronously. Return list of default optional client scopes @@ -7599,7 +7599,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_delete_default_optional_client_scope(self, scope_id): - """Delete default optional client scope. + """Delete default optional client scope asynchronously. :param scope_id: default optional client scope id :type scope_id: str @@ -7613,7 +7613,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_add_default_optional_client_scope(self, scope_id): - """Add default optional client scope. + """Add default optional client scope asynchronously. :param scope_id: default optional client scope id :type scope_id: str @@ -7629,7 +7629,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_mappers_from_client(self, client_id): - """List of all client mappers. + """List of all client mappers asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocolmapperrepresentation @@ -7647,7 +7647,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[200]) async def a_add_mapper_to_client(self, client_id, payload): - """Add a mapper to a client. + """Add a mapper to a client asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper @@ -7668,7 +7668,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_update_client_mapper(self, client_id, mapper_id, payload): - """Update client mapper. + """Update client mapper asynchronously. :param client_id: The id of the client :type client_id: str @@ -7693,7 +7693,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_remove_client_mapper(self, client_id, client_mapper_id): - """Remove a mapper from the client. + """Remove a mapper from the client asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource @@ -7716,7 +7716,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_generate_client_secrets(self, client_id): - """Generate a new secret for the client. + """Generate a new secret for the client asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_regeneratesecret @@ -7732,7 +7732,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError) async def a_get_client_secrets(self, client_id): - """Get representation of the client secrets. + """Get representation of the client secrets asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsecret @@ -7748,7 +7748,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_components(self, query=None): - """Get components. + """Get components asynchronously. Return a list of components, filtered according to query parameters @@ -7768,7 +7768,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_component(self, payload): - """Create a new component. + """Create a new component asynchronously. ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation @@ -7787,7 +7787,7 @@ class KeycloakAdmin: return data_raw.headers["Location"][_last_slash_idx + 1 :] # noqa: E203 async def a_get_component(self, component_id): - """Get representation of the component. + """Get representation of the component asynchronously. :param component_id: Component id @@ -7804,7 +7804,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_component(self, component_id, payload): - """Update the component. + """Update the component asynchronously. :param component_id: Component id :type component_id: str @@ -7821,7 +7821,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_delete_component(self, component_id): - """Delete the component. + """Delete the component asynchronously. :param component_id: Component id :type component_id: str @@ -7835,7 +7835,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) async def a_get_keys(self): - """Get keys. + """Get keys asynchronously. Return a list of keys, filtered according to query parameters @@ -7852,7 +7852,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_admin_events(self, query=None): - """Get Administrative events. + """Get Administrative events asynchronously. Return a list of events, filtered according to query parameters @@ -7873,7 +7873,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_events(self, query=None): - """Get events. + """Get events asynchronously. Return a list of events, filtered according to query parameters @@ -7893,7 +7893,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_set_events(self, payload): - """Set realm events configuration. + """Set realm events configuration asynchronously. RealmEventsConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmeventsconfigrepresentation @@ -7910,7 +7910,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) async def a_get_client_all_sessions(self, client_id): - """Get sessions associated with the client. + """Get sessions associated with the client asynchronously. UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation @@ -7927,7 +7927,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_sessions_stats(self): - """Get current session count for all clients with active sessions. + """Get current session count for all clients with active sessions asynchronously. https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsessionstats @@ -7941,7 +7941,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_management_permissions(self, client_id): - """Get management permissions for a client. + """Get management permissions for a client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -7956,7 +7956,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_client_management_permissions(self, payload, client_id): - """Update management permissions for a client. + """Update management permissions for a client asynchronously. ManagementPermissionReference https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_managementpermissionreference @@ -7983,7 +7983,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[200]) async def a_get_client_authz_policy_scopes(self, client_id, policy_id): - """Get scopes for a given policy. + """Get scopes for a given policy asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -8004,7 +8004,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_authz_policy_resources(self, client_id, policy_id): - """Get resources for a given policy. + """Get resources for a given policy asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -8025,7 +8025,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_client_authz_scope_permission(self, client_id, scope_id): - """Get permissions for a given scope. + """Get permissions for a given scope asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -8046,7 +8046,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_create_client_authz_scope_permission(self, payload, client_id): - """Create permissions for a authz scope. + """Create permissions for a authz scope asynchronously. Payload example:: @@ -8076,7 +8076,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_update_client_authz_scope_permission(self, payload, client_id, scope_id): - """Update permissions for a given scope. + """Update permissions for a given scope asynchronously. Payload example:: @@ -8113,7 +8113,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[201]) async def a_get_client_authz_client_policies(self, client_id): - """Get policies for a given client. + """Get policies for a given client asynchronously. :param client_id: id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation @@ -8128,7 +8128,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) async def a_create_client_authz_client_policy(self, payload, client_id): - """Create a new policy for a given client. + """Create a new policy for a given client asynchronously. Payload example:: @@ -8156,7 +8156,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) async def a_get_composite_client_roles_of_group(self, client_id, group_id, brief_representation=True): - """Get the composite client roles of the given group for the given client. + """Get the composite client roles of the given group for the given client asynchronously. :param client_id: id of the client. :type client_id: str @@ -8179,7 +8179,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_get_role_client_level_children(self, client_id, role_id): - """Get the child roles of which the given composite client role is composed of. + """Get the child roles asynchronously of which the given composite client role is composed of. :param client_id: id of the client. :type client_id: str @@ -8199,7 +8199,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_upload_certificate(self, client_id, certcont): - """Upload a new certificate for the client. + """Upload a new certificate for the client asynchronously. :param client_id: id of the client. :type client_id: str @@ -8226,7 +8226,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError) async def a_get_required_action_by_alias(self, action_alias): - """Get a required action by its alias. + """Get a required action by its alias asynchronously. :param action_alias: the alias of the required action. :type action_alias: str @@ -8240,7 +8240,7 @@ class KeycloakAdmin: return None async def a_get_required_actions(self): - """Get the required actions for the realms. + """Get the required actions for the realms asynchronously. :return: the required actions (list of RequiredActionProviderRepresentation). :rtype: list @@ -8252,7 +8252,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_update_required_action(self, action_alias, payload): - """Update a required action. + """Update a required action asynchronously. :param action_alias: the action alias. :type action_alias: str @@ -8270,7 +8270,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPutError) async def a_get_bruteforce_detection_status(self, user_id): - """Get bruteforce detection status for user. + """Get bruteforce detection status for user asynchronously. :param user_id: User id :type user_id: str @@ -8284,7 +8284,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakGetError) async def a_clear_bruteforce_attempts_for_user(self, user_id): - """Clear bruteforce attempts for user. + """Clear bruteforce attempts for user asynchronously. :param user_id: User id :type user_id: str @@ -8298,7 +8298,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError) async def a_clear_all_bruteforce_attempts(self): - """Clear bruteforce attempts for all users in realm. + """Clear bruteforce attempts for all users in realm asynchronously. :return: empty dictionary. :rtype: dict @@ -8310,7 +8310,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakDeleteError) async def a_clear_keys_cache(self): - """Clear keys cache. + """Clear keys cache asynchronously. :return: empty dictionary. :rtype: dict @@ -8322,7 +8322,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_clear_realm_cache(self): - """Clear realm cache. + """Clear realm cache asynchronously. :return: empty dictionary. :rtype: dict @@ -8334,7 +8334,7 @@ class KeycloakAdmin: return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[204]) async def a_clear_user_cache(self): - """Clear user cache. + """Clear user cache asynchronously. :return: empty dictionary. :rtype: dict diff --git a/src/keycloak/keycloak_uma.py b/src/keycloak/keycloak_uma.py index 2f3deb3..97ac1d8 100644 --- a/src/keycloak/keycloak_uma.py +++ b/src/keycloak/keycloak_uma.py @@ -415,3 +415,328 @@ class KeycloakUMA: data_raw = self.connection.raw_get(self.uma_well_known["policy_endpoint"], **query) return raise_error_from_response(data_raw, KeycloakGetError) + + async def a__fetch_well_known(self): + params_path = {"realm-name": self.connection.realm_name} + data_raw = await self.connection.a_raw_get(URL_UMA_WELL_KNOWN.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + async def a_resource_set_create(self, payload): + """Create a resource set. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#rfc.section.2.2.1 + + ResourceRepresentation + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation + + :param payload: ResourceRepresentation + :type payload: dict + :return: ResourceRepresentation with the _id property assigned + :rtype: dict + """ + data_raw = await self.connection.a_raw_post( + self.uma_well_known["resource_registration_endpoint"], data=json.dumps(payload) + ) + return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201]) + + async def a_resource_set_update(self, resource_id, payload): + """Update a resource set. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#update-resource-set + + ResourceRepresentation + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation + + :param resource_id: id of the resource + :type resource_id: str + :param payload: ResourceRepresentation + :type payload: dict + :return: Response dict (empty) + :rtype: dict + """ + url = self.format_url( + self.uma_well_known["resource_registration_endpoint"] + "/{id}", id=resource_id + ) + data_raw = await self.connection.a_raw_put(url, data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) + + async def a_resource_set_read(self, resource_id): + """Read a resource set. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#read-resource-set + + ResourceRepresentation + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation + + :param resource_id: id of the resource + :type resource_id: str + :return: ResourceRepresentation + :rtype: dict + """ + url = self.format_url( + self.uma_well_known["resource_registration_endpoint"] + "/{id}", id=resource_id + ) + data_raw = await self.connection.a_raw_get(url) + return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) + + async def a_resource_set_delete(self, resource_id): + """Delete a resource set. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#delete-resource-set + + :param resource_id: id of the resource + :type resource_id: str + :return: Response dict (empty) + :rtype: dict + """ + url = self.format_url( + self.uma_well_known["resource_registration_endpoint"] + "/{id}", id=resource_id + ) + data_raw = await self.connection.a_raw_delete(url) + return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) + + async def a_resource_set_list_ids( + self, + name: str = "", + exact_name: bool = False, + uri: str = "", + owner: str = "", + resource_type: str = "", + scope: str = "", + first: int = 0, + maximum: int = -1, + ): + """Query for list of resource set ids. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#list-resource-sets + + :param name: query resource name + :type name: str + :param exact_name: query exact match for resource name + :type exact_name: bool + :param uri: query resource uri + :type uri: str + :param owner: query resource owner + :type owner: str + :param resource_type: query resource type + :type resource_type: str + :param scope: query resource scope + :type scope: str + :param first: index of first matching resource to return + :type first: int + :param maximum: maximum number of resources to return (-1 for all) + :type maximum: int + :return: List of ids + :rtype: List[str] + """ + query = dict() + if name: + query["name"] = name + if exact_name: + query["exactName"] = "true" + if uri: + query["uri"] = uri + if owner: + query["owner"] = owner + if resource_type: + query["type"] = resource_type + if scope: + query["scope"] = scope + if first > 0: + query["first"] = first + if maximum >= 0: + query["max"] = maximum + + data_raw = await self.connection.a_raw_get( + self.uma_well_known["resource_registration_endpoint"], **query + ) + return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) + + async def a_resource_set_list(self): + """List all resource sets. + + Spec + https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#list-resource-sets + + ResourceRepresentation + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation + + :yields: Iterator over a list of ResourceRepresentations + :rtype: Iterator[dict] + """ + for resource_id in await self.a_resource_set_list_ids(): + resource = await self.a_resource_set_read(resource_id) + yield resource + + async def a_permission_ticket_create(self, permissions: Iterable[UMAPermission]): + """Create a permission ticket. + + :param permissions: Iterable of uma permissions to validate the token against + :type permissions: Iterable[UMAPermission] + :returns: Keycloak decision + :rtype: boolean + :raises KeycloakPostError: In case permission resource not found + """ + resources = dict() + for permission in permissions: + resource_id = getattr(permission, "resource_id", None) + + if resource_id is None: + resource_ids = await self.a_resource_set_list_ids( + exact_name=True, name=permission.resource, first=0, maximum=1 + ) + + if not resource_ids: + raise KeycloakPostError("Invalid resource specified") + + setattr(permission, "resource_id", resource_ids[0]) + + resources.setdefault(resource_id, set()) + if permission.scope: + resources[resource_id].add(permission.scope) + + payload = [ + {"resource_id": resource_id, "resource_scopes": list(scopes)} + for resource_id, scopes in resources.items() + ] + + data_raw = await self.connection.a_raw_post( + self.uma_well_known["permission_endpoint"], data=json.dumps(payload) + ) + return raise_error_from_response(data_raw, KeycloakPostError) + + async def a_permissions_check(self, token, permissions: Iterable[UMAPermission]): + """Check UMA permissions by user token with requested permissions. + + The token endpoint is used to check UMA permissions from Keycloak. It can only be + invoked by confidential clients. + + https://www.keycloak.org/docs/latest/authorization_services/#_service_authorization_api + + :param token: user token + :type token: str + :param permissions: Iterable of uma permissions to validate the token against + :type permissions: Iterable[UMAPermission] + :returns: Keycloak decision + :rtype: boolean + """ + payload = { + "grant_type": "urn:ietf:params:oauth:grant-type:uma-ticket", + "permission": ",".join(str(permission) for permission in permissions), + "response_mode": "decision", + "audience": self.connection.client_id, + } + + # Everyone always has the null set of permissions + # However keycloak cannot evaluate the null set + if len(payload["permission"]) == 0: + return True + + connection = ConnectionManager(self.connection.base_url) + connection.add_param_headers("Authorization", "Bearer " + token) + connection.add_param_headers("Content-Type", "application/x-www-form-urlencoded") + data_raw = await connection.a_raw_post(self.uma_well_known["token_endpoint"], data=payload) + try: + data = raise_error_from_response(data_raw, KeycloakPostError) + except KeycloakPostError: + return False + return data.get("result", False) + + async def a_policy_resource_create(self, resource_id, payload): + """Create permission policy for resource. + + Supports name, description, scopes, roles, groups, clients + + https://www.keycloak.org/docs/latest/authorization_services/#associating-a-permission-with-a-resource + + :param resource_id: _id of resource + :type resource_id: str + :param payload: permission configuration + :type payload: dict + :return: PermissionRepresentation + :rtype: dict + """ + data_raw = await self.connection.a_raw_post( + self.uma_well_known["policy_endpoint"] + f"/{resource_id}", data=json.dumps(payload) + ) + return raise_error_from_response(data_raw, KeycloakPostError) + + async def a_policy_update(self, policy_id, payload): + """Update permission policy. + + https://www.keycloak.org/docs/latest/authorization_services/#associating-a-permission-with-a-resource + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation + + :param policy_id: id of policy permission + :type policy_id: str + :param payload: policy permission configuration + :type payload: dict + :return: PermissionRepresentation + :rtype: dict + """ + data_raw = await self.connection.a_raw_put( + self.uma_well_known["policy_endpoint"] + f"/{policy_id}", data=json.dumps(payload) + ) + return raise_error_from_response(data_raw, KeycloakPutError) + + async def a_policy_delete(self, policy_id): + """Delete permission policy. + + https://www.keycloak.org/docs/latest/authorization_services/#removing-a-permission + https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation + + :param policy_id: id of permission policy + :type policy_id: str + :return: PermissionRepresentation + :rtype: dict + """ + data_raw = await self.connection.a_raw_delete( + self.uma_well_known["policy_endpoint"] + f"/{policy_id}" + ) + return raise_error_from_response(data_raw, KeycloakDeleteError) + + async def a_policy_query( + self, + resource: str = "", + name: str = "", + scope: str = "", + first: int = 0, + maximum: int = -1, + ): + """Query permission policies. + + https://www.keycloak.org/docs/latest/authorization_services/#querying-permission + + :param resource: query resource id + :type resource: str + :param name: query resource name + :type name: str + :param scope: query resource scope + :type scope: str + :param first: index of first matching resource to return + :type first: int + :param maximum: maximum number of resources to return (-1 for all) + :type maximum: int + :return: List of ids + :return: List of ids + :rtype: List[str] + """ + query = dict() + if name: + query["name"] = name + if resource: + query["resource"] = resource + if scope: + query["scope"] = scope + if first > 0: + query["first"] = first + if maximum >= 0: + query["max"] = maximum + + data_raw = await self.connection.a_raw_get(self.uma_well_known["policy_endpoint"], **query) + return raise_error_from_response(data_raw, KeycloakGetError)