Merge branch 'marcospereirampj:master' into feat_disable_user

.github/workflows/bump.yaml

@@ -2,8 +2,8 @@ name: Bump version
 
 on:
   workflow_run:
-    workflows: [ "Lint" ]
-    branches: [ master ]
+    workflows: ["Lint"]
+    branches: [master]
     types:
       - completed
 

.github/workflows/daily.yaml

@@ -2,7 +2,7 @@ name: Daily check
 
 on:
   schedule:
-    - cron: '0 4 * * *'
+    - cron: "0 4 * * *"
 
 jobs:
   test:
@@ -21,7 +21,8 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox
+          python -m pip install poetry
+          poetry install
       - name: Run tests
         run: |
-        tox -e tests
+          poetry run tox -e tests

.github/workflows/lint.yaml

@@ -2,9 +2,9 @@ name: Lint
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
-    branches: [ master ]
+    branches: [master]
 
 jobs:
   check-commits:
@@ -24,10 +24,11 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox
+          python -m pip install poetry
+          poetry install
       - name: Check linting, formatting
         run: |
-        tox -e check
+          poetry run tox -e check
 
   check-docs:
     runs-on: ubuntu-latest
@@ -43,17 +44,18 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox
+          python -m pip install poetry
+          poetry install
       - name: Check documentation build
         run: |
-        tox -e docs
+          poetry run tox -e docs
 
   test:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
     needs:
       - check-commits
       - check-linting
@@ -67,10 +69,11 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox
+          python -m pip install poetry
+          poetry install
       - name: Run tests
         run: |
-        tox -e tests
+          poetry run tox -e tests
       - name: Keycloak logs
         run: |
           cat keycloak_test_logs.txt
@@ -89,7 +92,8 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox
+          python -m pip install poetry
+          poetry install
       - name: Run build
         run: |
-        tox -e build
+          poetry run tox -e build

.github/workflows/publish.yaml

@@ -3,7 +3,7 @@ name: Publish
 on:
   push:
     tags:
-      - 'v*'
+      - "v*"
 
 jobs:
   publish:
@@ -11,7 +11,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
         with:
-        fetch-depth: '0'
+          fetch-depth: "0"
       - name: Set up Python 3.10
         uses: actions/setup-python@v3
         with:
@@ -19,23 +19,24 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-        python -m pip install tox wheel twine
+          python -m pip install poetry
+          poetry install
       - name: Apply the tag version
         run: |
           version=${{ github.ref_name }}
           sed -Ei '/^version = /s|= "[0-9.]+"$|= "'${version:-1}'"|' pyproject.toml
       - name: Run build
         run: |
-        tox -e build
+          poetry run tox -e build
       - name: Publish to PyPi
         env:
           TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }}
           TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
         run: |
-        twine upload -u $TWINE_USERNAME -p $TWINE_PASSWORD dist/*
+          poetry run twine upload -u $TWINE_USERNAME -p $TWINE_PASSWORD dist/*
       - name: Run changelog
         run: |
-        tox -e changelog
+          poetry run tox -e changelog
       - uses: stefanzweifel/git-auto-commit-action@v4
         with:
           commit_message: "docs: changelog update"

.readthedocs.yaml

@@ -6,6 +6,6 @@ build:
     python: "3.10"
   jobs:
     post_install:
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m pip install poetry
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m poetry config virtualenvs.create false
-      - /home/docs/checkouts/readthedocs.org/user_builds/python-keycloak/envs/latest/bin/python -m poetry install -E docs
+      - pip install -U poetry
+      - poetry config virtualenvs.create false
+      - poetry install -E docs

CHANGELOG.md

@@ -1,3 +1,10 @@
+## v2.6.1 (2022-12-13)
+
+### Fix
+
+- use version from the package
+- default scope to openid
+
 ## v2.6.0 (2022-10-03)
 
 ### Feat

pyproject.toml

@@ -37,14 +37,27 @@ mock = {version = "^4.0.3", optional = true}
 alabaster = {version = "^0.7.12", optional = true}
 commonmark = {version = "^0.9.1", optional = true}
 recommonmark = {version = "^0.7.1", optional = true}
-Sphinx = {version = "^5.0.2", optional = true}
+Sphinx = {version = "^5.3.0", optional = true}
 sphinx-rtd-theme = {version = "^1.0.0", optional = true}
-readthedocs-sphinx-ext = {version = "^2.1.8", optional = true}
+readthedocs-sphinx-ext = {version = "^2.1.9", optional = true}
 m2r2 = {version = "^0.3.2", optional = true}
-sphinx-autoapi = {version = "^1.8.4", optional = true}
+sphinx-autoapi = {version = "^2.0.0", optional = true}
 requests-toolbelt = "^0.9.1"
 
-[tool.poetry.dev-dependencies]
+[tool.poetry.extras]
+docs = [
+    "mock",
+    "alabaster",
+    "commonmark",
+    "recommonmark",
+    "sphinx",
+    "sphinx-rtd-theme",
+    "readthedocs-sphinx-ext",
+    "m2r2",
+    "sphinx-autoapi",
+]
+
+[tool.poetry.group.dev.dependencies]
 tox = "^3.25.0"
 pytest = "^7.1.2"
 pytest-cov = "^3.0.0"
@@ -58,19 +71,7 @@ commitizen = "^2.28.0"
 cryptography = "^37.0.4"
 codespell = "^2.1.0"
 darglint = "^1.8.1"
-
-[tool.poetry.extras]
-docs = [
-    "mock",
-    "alabaster",
-    "commonmark",
-    "recommonmark",
-    "sphinx",
-    "sphinx-rtd-theme",
-    "readthedocs-sphinx-ext",
-    "m2r2",
-    "sphinx-autoapi",
-]
+twine = "^4.0.2"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

src/keycloak/_version.py

@@ -21,4 +21,6 @@
 # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
-__version__ = "0.0.0"
+import pkg_resources
+
+__version__ = pkg_resources.get_distribution("python-keycloak").version

src/keycloak/keycloak_openid.py

@@ -260,6 +260,7 @@ class KeycloakOpenID:
         code="",
         redirect_uri="",
         totp=None,
+        scope="openid",
         **extra
     ):
         """Retrieve user token.
@@ -283,6 +284,8 @@ class KeycloakOpenID:
         :type redirect_uri: str
         :param totp: Time-based one-time password
         :type totp: int
+        :param scope: Scope, defaults to openid
+        :type scope: str
         :param extra: Additional extra arguments
         :type extra: dict
         :returns: Keycloak token
@@ -296,6 +299,7 @@ class KeycloakOpenID:
             "grant_type": grant_type,
             "code": code,
             "redirect_uri": redirect_uri,
+            "scope": scope,
         }
         if extra:
             payload.update(extra)
@@ -341,7 +345,7 @@ class KeycloakOpenID:
         audience: str,
         subject: str,
         requested_token_type: str = "urn:ietf:params:oauth:token-type:refresh_token",
-        scope: str = "",
+        scope: str = "openid",
     ) -> dict:
         """Exchange user token.
 
@@ -358,7 +362,7 @@ class KeycloakOpenID:
         :type subject: str
         :param requested_token_type: Token type specification
         :type requested_token_type: str
-        :param scope: Scope
+        :param scope: Scope, defaults to openid
         :type scope: str
         :returns: Exchanged token
         :rtype: dict

test_keycloak_init.sh

@@ -13,7 +13,7 @@ function keycloak_stop() {
 
 function keycloak_start() {
     echo "Starting keycloak docker container"
-    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
+    docker run -d --name unittest_keycloak -e KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN}" -e KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD}" -e KC_FEATURES="token-exchange,admin-fine-grained-authz" -p "${KEYCLOAK_PORT}:8080" "${KEYCLOAK_DOCKER_IMAGE}" start-dev
     SECONDS=0
     until curl --silent --output /dev/null localhost:$KEYCLOAK_PORT; do
       sleep 5;

tests/test_keycloak_admin.py

@@ -506,7 +506,8 @@ def test_server_info(admin: KeycloakAdmin):
     :type admin: KeycloakAdmin
     """
     info = admin.get_server_info()
-    assert set(info.keys()) == {
+    assert set(info.keys()).issubset(
+        {
             "systemInfo",
             "memoryInfo",
             "profileInfo",
@@ -520,7 +521,9 @@ def test_server_info(admin: KeycloakAdmin):
             "componentTypes",
             "passwordPolicies",
             "enums",
-    }, info.keys()
+            "cryptoInfo",
+        }
+    ), info.keys()
 
 
 def test_groups(admin: KeycloakAdmin, user: str):
@@ -790,7 +793,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_settings(client_id=client_id)
-    assert err.match('500: b\'{"error":"HTTP 500 Internal Server Error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Authz resources
     res = admin.get_client_authz_resources(client_id=auth_client_id)
@@ -799,7 +802,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_resources(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     res = admin.create_client_authz_resource(
         client_id=auth_client_id, payload={"name": "test-resource"}
@@ -885,7 +888,7 @@ def test_clients(admin: KeycloakAdmin, realm: str):
 
     with pytest.raises(KeycloakGetError) as err:
         admin.get_client_authz_scopes(client_id=client_id)
-    assert err.match('500: b\'{"error":"unknown_error"}\'')
+    assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
     # Test service account user
     res = admin.get_client_service_account_user(client_id=auth_client_id)

tests/test_keycloak_openid.py

@@ -135,6 +135,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -148,6 +149,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,
@@ -161,6 +163,7 @@ def test_token(oid_with_credentials: Tuple[KeycloakOpenID, str, str]):
     assert token == {
         "access_token": mock.ANY,
         "expires_in": 300,
+        "id_token": mock.ANY,
         "not-before-policy": 0,
         "refresh_expires_in": 1800,
         "refresh_token": mock.ANY,

tox.ini

@@ -2,6 +2,7 @@
 requires =
     tox-poetry
     poetry
+    tox<4.0.0
 envlist = check, apply-check, docs, tests, build, changelog
 
 [testenv]