Merge branch 'marcospereirampj:master' into feat_disable_user

.github/workflows/bump.yaml

@@ -2,8 +2,8 @@ name: Bump version
 
 on:
   workflow_run:
-    workflows: [ "Lint" ]
-    branches: [ master ]
+    workflows: ["Lint"]
+    branches: [master]
     types:
       - completed
 
@@ -11,22 +11,22 @@ jobs:
   tag-version:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-      with:
-        token: ${{ secrets.PAT_TOKEN }}
-    - uses: actions/setup-node@v3
-      with:
-        node-version: 18
-    - name: determine-version
-      run: |
-        VERSION=$(npx semantic-release --branches master --dry-run | { grep -i 'the next release version is' || test $? = 1; } | sed -E 's/.* ([[:digit:].]+)$/\1/')
-        echo "VERSION=$VERSION" >> $GITHUB_ENV
-      id: version
-    - uses: rickstaa/action-create-tag@v1
-      continue-on-error: true
-      env:
-        GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
-      with:
-        tag: v${{ env.VERSION }}
-        message: "Releasing v${{ env.VERSION }}"
-        github_token: ${{ secrets.PAT_TOKEN }}
+      - uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT_TOKEN }}
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+      - name: determine-version
+        run: |
+          VERSION=$(npx semantic-release --branches master --dry-run | { grep -i 'the next release version is' || test $? = 1; } | sed -E 's/.* ([[:digit:].]+)$/\1/')
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+        id: version
+      - uses: rickstaa/action-create-tag@v1
+        continue-on-error: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
+        with:
+          tag: v${{ env.VERSION }}
+          message: "Releasing v${{ env.VERSION }}"
+          github_token: ${{ secrets.PAT_TOKEN }}

.github/workflows/daily.yaml

@@ -2,7 +2,7 @@ name: Daily check
 
 on:
   schedule:
-    - cron: '0 4 * * *'
+    - cron: "0 4 * * *"
 
 jobs:
   test:
@@ -12,16 +12,17 @@ jobs:
       matrix:
         python-version: ["3.7", "3.8", "3.9", "3.10"]
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: ${{ matrix.python-version }}
-    - uses: docker-practice/actions-setup-docker@master
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox
-    - name: Run tests
-      run: |
-        tox -e tests
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+      - uses: docker-practice/actions-setup-docker@master
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Run tests
+        run: |
+          poetry run tox -e tests

.github/workflows/lint.yaml

@@ -2,94 +2,98 @@ name: Lint
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
-    branches: [ master ]
+    branches: [master]
 
 jobs:
   check-commits:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - uses: webiny/action-conventional-commits@v1.0.3
+      - uses: actions/checkout@v3
+      - uses: webiny/action-conventional-commits@v1.0.3
 
   check-linting:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python 3.10
-      uses: actions/setup-python@v3
-      with:
-        python-version: "3.10"
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox
-    - name: Check linting, formatting
-      run: |
-        tox -e check
+      - uses: actions/checkout@v3
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v3
+        with:
+          python-version: "3.10"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Check linting, formatting
+        run: |
+          poetry run tox -e check
 
   check-docs:
     runs-on: ubuntu-latest
     needs:
-    - check-commits
-    - check-linting
+      - check-commits
+      - check-linting
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python 3.10
-      uses: actions/setup-python@v3
-      with:
-        python-version: "3.10"
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox
-    - name: Check documentation build
-      run: |
-        tox -e docs
+      - uses: actions/checkout@v3
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v3
+        with:
+          python-version: "3.10"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Check documentation build
+        run: |
+          poetry run tox -e docs
 
   test:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
     needs:
-    - check-commits
-    - check-linting
+      - check-commits
+      - check-linting
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: ${{ matrix.python-version }}
-    - uses: docker-practice/actions-setup-docker@master
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox
-    - name: Run tests
-      run: |
-        tox -e tests
-    - name: Keycloak logs
-      run: |
-        cat keycloak_test_logs.txt
+      - uses: actions/checkout@v3
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+      - uses: docker-practice/actions-setup-docker@master
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Run tests
+        run: |
+          poetry run tox -e tests
+      - name: Keycloak logs
+        run: |
+          cat keycloak_test_logs.txt
 
   build:
     runs-on: ubuntu-latest
     needs:
-    - test
-    - check-docs
+      - test
+      - check-docs
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python 3.10
-      uses: actions/setup-python@v3
-      with:
-        python-version: "3.10"
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox
-    - name: Run build
-      run: |
-        tox -e build
+      - uses: actions/checkout@v3
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v3
+        with:
+          python-version: "3.10"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Run build
+        run: |
+          poetry run tox -e build

.github/workflows/publish.yaml

@@ -3,41 +3,42 @@ name: Publish
 on:
   push:
     tags:
-      - 'v*'
+      - "v*"
 
 jobs:
   publish:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: '0'
-    - name: Set up Python 3.10
-      uses: actions/setup-python@v3
-      with:
-        python-version: "3.10"
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install tox wheel twine
-    - name: Apply the tag version
-      run: |
-        version=${{ github.ref_name }}
-        sed -Ei '/^version = /s|= "[0-9.]+"$|= "'${version:-1}'"|' pyproject.toml
-    - name: Run build
-      run: |
-        tox -e build
-    - name: Publish to PyPi
-      env:
-        TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }}
-        TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
-      run: |
-        twine upload -u $TWINE_USERNAME -p $TWINE_PASSWORD dist/*
-    - name: Run changelog
-      run: |
-        tox -e changelog
-    - uses: stefanzweifel/git-auto-commit-action@v4
-      with:
-        commit_message: "docs: changelog update"
-        branch: master
-        file_pattern: CHANGELOG.md
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: "0"
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v3
+        with:
+          python-version: "3.10"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install poetry
+          poetry install
+      - name: Apply the tag version
+        run: |
+          version=${{ github.ref_name }}
+          sed -Ei '/^version = /s|= "[0-9.]+"$|= "'${version:-1}'"|' pyproject.toml
+      - name: Run build
+        run: |
+          poetry run tox -e build
+      - name: Publish to PyPi
+        env:
+          TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }}
+          TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
+        run: |
+          poetry run twine upload -u $TWINE_USERNAME -p $TWINE_PASSWORD dist/*
+      - name: Run changelog
+        run: |
+          poetry run tox -e changelog
+      - uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          commit_message: "docs: changelog update"
+          branch: master
+          file_pattern: CHANGELOG.md

.readthedocs.yaml

@@ -6,6 +6,6 @@ build:
     python: "3.10"
   jobs:
     post_install:
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m pip install poetry
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m poetry config virtualenvs.create false
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m poetry install -E docs
+      - pip install -U poetry
+      - poetry config virtualenvs.create false
+      - poetry install -E docs

CHANGELOG.md

@@ -1,3 +1,10 @@
+## v2.6.1 (2022-12-13)
+
+### Fix
+
+- use version from the package
+- default scope to openid
+
 ## v2.6.0 (2022-10-03)
 
 ### Feat

pyproject.toml

@@ -37,14 +37,27 @@ mock = {version = "^4.0.3", optional = true}
 alabaster = {version = "^0.7.12", optional = true}
 commonmark = {version = "^0.9.1", optional = true}
 recommonmark = {version = "^0.7.1", optional = true}
-Sphinx = {version = "^5.0.2", optional = true}
+Sphinx = {version = "^5.3.0", optional = true}
 sphinx-rtd-theme = {version = "^1.0.0", optional = true}
-readthedocs-sphinx-ext = {version = "^2.1.8", optional = true}
+readthedocs-sphinx-ext = {version = "^2.1.9", optional = true}
 m2r2 = {version = "^0.3.2", optional = true}
-sphinx-autoapi = {version = "^1.8.4", optional = true}
+sphinx-autoapi = {version = "^2.0.0", optional = true}
 requests-toolbelt = "^0.9.1"
 
-[tool.poetry.dev-dependencies]
+[tool.poetry.extras]
+docs = [
+    "mock",
+    "alabaster",
+    "commonmark",
+    "recommonmark",
+    "sphinx",
+    "sphinx-rtd-theme",
+    "readthedocs-sphinx-ext",
+    "m2r2",
+    "sphinx-autoapi",
+]
+
+[tool.poetry.group.dev.dependencies]
 tox = "^3.25.0"
 pytest = "^7.1.2"
 pytest-cov = "^3.0.0"
@@ -58,19 +71,7 @@ commitizen = "^2.28.0"
 cryptography = "^37.0.4"
 codespell = "^2.1.0"
 darglint = "^1.8.1"
-
-[tool.poetry.extras]
-docs = [
-    "mock",
-    "alabaster",
-    "commonmark",
-    "recommonmark",
-    "sphinx",
-    "sphinx-rtd-theme",
-    "readthedocs-sphinx-ext",
-    "m2r2",
-    "sphinx-autoapi",
-]
+twine = "^4.0.2"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

src/keycloak/_version.py

@@ -21,4 +21,6 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
-__version__ = "0.0.0"
+import pkg_resources
+
+__version__ = pkg_resources.get_distribution("python-keycloak").version

src/keycloak/keycloak_openid.py

@@ -260,6 +260,7 @@ class KeycloakOpenID:
         code="",
         redirect_uri="",
         totp=None,
+        scope="openid",
         **extra
     ):
         """Retrieve user token.
@@ -283,6 +284,8 @@ class KeycloakOpenID:
         :type redirect_uri: str
         :param totp: Time-based one-time password
         :type totp: int
+        :param scope: Scope, defaults to openid
+        :type scope: str
         :param extra: Additional extra arguments
         :type extra: dict
         :returns: Keycloak token
@@ -296,6 +299,7 @@ class KeycloakOpenID:
             "grant_type": grant_type,
             "code": code,
             "redirect_uri": redirect_uri,
+            "scope": scope,
         }
         if extra:
             payload.update(extra)
@@ -341,7 +345,7 @@ class KeycloakOpenID:
         audience: str,
         subject: str,
         requested_token_type: str = "urn:ietf:params:oauth:token-type:refresh_token",
-        scope: str = "",
+        scope: str = "openid",
     ) -> dict:
         """Exchange user token.
 
@@ -358,7 +362,7 @@ class KeycloakOpenID:
         :type subject: str
         :param requested_token_type: Token type specification
         :type requested_token_type: str
-        :param scope: Scope
+        :param scope: Scope, defaults to openid
         :type scope: str
         :returns: Exchanged token
         :rtype: dict

test_keycloak_init.sh

@@ -13,7 +13,7 @@ function keycloak_stop() {
 
 function keycloak_start() {
     echo "Starting keycloak docker container"
-    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
+    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange,admin-fine-grained-authz" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
     SECONDS=0
     until curl --silent --output /dev/null localhost:$KEYCLOAK_PORT; do
       sleep 5;

tests/test_keycloak_admin.py

@@ -506,21 +506,24 @@ def test_server_info(admin: KeycloakAdmin):
     :type admin: KeycloakAdmin
     """
     info = admin.get_server_info()
-    assert set(info.keys()) == {
-        "systemInfo",
-        "memoryInfo",
-        "profileInfo",
-        "themes",
-        "socialProviders",
-        "identityProviders",
-        "providers",
-        "protocolMapperTypes",
-        "builtinProtocolMappers",
-        "clientInstallations",
-        "componentTypes",
-        "passwordPolicies",
-        "enums",
-    }, info.keys()
+    assert set(info.keys()).issubset(
+        {
+            "systemInfo",
+            "memoryInfo",
+            "profileInfo",
+            "themes",
+            "socialProviders",
+            "identityProviders",
+            "providers",
+            "protocolMapperTypes",
+            "builtinProtocolMappers",
+            "clientInstallations",
+            "componentTypes",
+            "passwordPolicies",
+            "enums",
+            "cryptoInfo",
+        }
+    ), info.keys()
 
 
 def test_groups(admin: KeycloakAdmin, user: str):
@@ -790,7 +793,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_settings(client_id=client_id)
-    assert err.match('500: b\'{"error":"HTTP 500 Internal Server Error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Authz resources
     res = admin.get_client_authz_resources(client_id=auth_client_id)
@@ -799,7 +802,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_resources(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     res = admin.create_client_authz_resource(
         client_id=auth_client_id, payload={"name": "test-resource"}
@@ -885,7 +888,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_scopes(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Test service account user
     res = admin.get_client_service_account_user(client_id=auth_client_id)

tests/test_keycloak_openid.py

@@ -135,6 +135,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -148,6 +149,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -161,6 +163,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,

tox.ini

@@ -2,6 +2,7 @@
 requires =
     tox-poetry
     poetry
+    tox<4.0.0
 envlist = check, apply-check, docs, tests, build, changelog
 
 [testenv]