|
@ -47,7 +47,8 @@ from .urls_patterns import URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENT_AUTHZ_RESOURC |
|
|
URL_ADMIN_REALM_ROLES_MEMBERS, URL_ADMIN_CLIENT_PROTOCOL_MAPPER, URL_ADMIN_CLIENT_SCOPES_MAPPERS, \ |
|
|
URL_ADMIN_REALM_ROLES_MEMBERS, URL_ADMIN_CLIENT_PROTOCOL_MAPPER, URL_ADMIN_CLIENT_SCOPES_MAPPERS, \ |
|
|
URL_ADMIN_FLOWS_EXECUTIONS_EXEUCUTION, URL_ADMIN_FLOWS_EXECUTIONS_FLOW, URL_ADMIN_FLOWS_COPY, \ |
|
|
URL_ADMIN_FLOWS_EXECUTIONS_EXEUCUTION, URL_ADMIN_FLOWS_EXECUTIONS_FLOW, URL_ADMIN_FLOWS_COPY, \ |
|
|
URL_ADMIN_FLOWS_ALIAS, URL_ADMIN_CLIENT_SERVICE_ACCOUNT_USER, URL_ADMIN_AUTHENTICATOR_CONFIG, \ |
|
|
URL_ADMIN_FLOWS_ALIAS, URL_ADMIN_CLIENT_SERVICE_ACCOUNT_USER, URL_ADMIN_AUTHENTICATOR_CONFIG, \ |
|
|
URL_ADMIN_CLIENT_ROLES_COMPOSITE_CLIENT_ROLE, URL_ADMIN_CLIENT_ALL_SESSIONS, URL_ADMIN_EVENTS, URL_ADMIN_USER_LOGOUT |
|
|
|
|
|
|
|
|
URL_ADMIN_CLIENT_ROLES_COMPOSITE_CLIENT_ROLE, URL_ADMIN_CLIENT_ALL_SESSIONS, URL_ADMIN_EVENTS, \ |
|
|
|
|
|
URL_ADMIN_REALM_EXPORT, URL_ADMIN_DELETE_USER_ROLE, URL_ADMIN_USER_LOGOUT |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class KeycloakAdmin: |
|
|
class KeycloakAdmin: |
|
@ -223,6 +224,8 @@ class KeycloakAdmin: |
|
|
if not partial_results: |
|
|
if not partial_results: |
|
|
break |
|
|
break |
|
|
results.extend(partial_results) |
|
|
results.extend(partial_results) |
|
|
|
|
|
if len(partial_results) < query['max']: |
|
|
|
|
|
break |
|
|
page += 1 |
|
|
page += 1 |
|
|
return results |
|
|
return results |
|
|
|
|
|
|
|
@ -242,6 +245,22 @@ class KeycloakAdmin: |
|
|
data=json.dumps(payload)) |
|
|
data=json.dumps(payload)) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201]) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201]) |
|
|
|
|
|
|
|
|
|
|
|
def export_realm(self, export_clients=False, export_groups_and_role=False): |
|
|
|
|
|
""" |
|
|
|
|
|
Export the realm configurations in the json format |
|
|
|
|
|
|
|
|
|
|
|
RealmRepresentation |
|
|
|
|
|
https://www.keycloak.org/docs-api/5.0/rest-api/index.html#_partialexport |
|
|
|
|
|
|
|
|
|
|
|
:param export-clients: Skip if not want to export realm clients |
|
|
|
|
|
:param export-groups-and-roles: Skip if not want to export realm groups and roles |
|
|
|
|
|
|
|
|
|
|
|
:return: realm configurations JSON |
|
|
|
|
|
""" |
|
|
|
|
|
params_path = {"realm-name": self.realm_name, "export-clients": export_clients, "export-groups-and-roles": export_groups_and_role } |
|
|
|
|
|
data_raw = self.raw_post(URL_ADMIN_REALM_EXPORT.format(**params_path), data="") |
|
|
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
|
def get_realms(self): |
|
|
def get_realms(self): |
|
|
""" |
|
|
""" |
|
|
Lists all realms in Keycloak deployment |
|
|
Lists all realms in Keycloak deployment |
|
@ -1787,6 +1806,20 @@ class KeycloakAdmin: |
|
|
data=None, **query) |
|
|
data=None, **query) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
|
|
|
|
def set_events(self, payload): |
|
|
|
|
|
""" |
|
|
|
|
|
Set realm events configuration |
|
|
|
|
|
|
|
|
|
|
|
RealmEventsConfigRepresentation |
|
|
|
|
|
https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmeventsconfigrepresentation |
|
|
|
|
|
|
|
|
|
|
|
:return: Http response |
|
|
|
|
|
""" |
|
|
|
|
|
params_path = {"realm-name": self.realm_name} |
|
|
|
|
|
data_raw = self.raw_put(URL_ADMIN_EVENTS.format(**params_path), |
|
|
|
|
|
data=json.dumps(payload)) |
|
|
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) |
|
|
|
|
|
|
|
|
def raw_get(self, *args, **kwargs): |
|
|
def raw_get(self, *args, **kwargs): |
|
|
""" |
|
|
""" |
|
|
Calls connection.raw_get. |
|
|
Calls connection.raw_get. |
|
@ -1840,14 +1873,17 @@ class KeycloakAdmin: |
|
|
return r |
|
|
return r |
|
|
|
|
|
|
|
|
def get_token(self): |
|
|
def get_token(self): |
|
|
|
|
|
token_realm_name = 'master' if self.client_secret_key else self.user_realm_name or self.realm_name |
|
|
self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id, |
|
|
self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id, |
|
|
realm_name=self.user_realm_name or self.realm_name, verify=self.verify, |
|
|
|
|
|
|
|
|
realm_name=token_realm_name, verify=self.verify, |
|
|
client_secret_key=self.client_secret_key, |
|
|
client_secret_key=self.client_secret_key, |
|
|
custom_headers=self.custom_headers) |
|
|
custom_headers=self.custom_headers) |
|
|
|
|
|
|
|
|
grant_type = ["password"] |
|
|
grant_type = ["password"] |
|
|
if self.client_secret_key: |
|
|
if self.client_secret_key: |
|
|
grant_type = ["client_credentials"] |
|
|
grant_type = ["client_credentials"] |
|
|
|
|
|
if self.user_realm_name: |
|
|
|
|
|
self.realm_name = self.user_realm_name |
|
|
|
|
|
|
|
|
self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type) |
|
|
self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type) |
|
|
|
|
|
|
|
@ -1891,3 +1927,15 @@ class KeycloakAdmin: |
|
|
params_path = {"realm-name": self.realm_name, "id": client_id} |
|
|
params_path = {"realm-name": self.realm_name, "id": client_id} |
|
|
data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ALL_SESSIONS.format(**params_path)) |
|
|
data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ALL_SESSIONS.format(**params_path)) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def delete_user_realm_role(self, user_id, payload): |
|
|
|
|
|
""" |
|
|
|
|
|
Delete realm-level role mappings |
|
|
|
|
|
DELETE admin/realms/{realm-name}/users/{id}/role-mappings/realm |
|
|
|
|
|
|
|
|
|
|
|
""" |
|
|
|
|
|
params_path = {"realm-name": self.realm_name, "id": str(user_id) } |
|
|
|
|
|
data_raw = self.connection.raw_delete(URL_ADMIN_DELETE_USER_ROLE.format(**params_path), |
|
|
|
|
|
data=json.dumps(payload)) |
|
|
|
|
|
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) |