Fixed python-keycloak for new keycloak version.

3 months ago · abd6b8c3a4
3 changed files with 14 additions and 15 deletions
--- a/src/keycloak/keycloak_admin.py
+++ b/src/keycloak/keycloak_admin.py
@ -1322,14 +1322,14 @@ class KeycloakAdmin:
        :return: Keycloak server response (GroupRepresentation)
        :rtype: dict
        """
-        for subgroup in group["subGroups"]:
+
+        params_path = {"realm-name": self.connection.realm_name, "id": group.get('id')}
+        data_raw = self.connection.raw_get(urls_patterns.URL_ADMIN_GROUP_CHILD.format(**params_path))
+
+        for subgroup in data_raw.json():
            if subgroup["path"] == path:
                return subgroup
-            elif subgroup["subGroups"]:
-                for subgroup in group["subGroups"]:
-                    result = self.get_subgroups(subgroup, path)
-                    if result:
-                        return result
+
        # went through the tree without hits
        return None

--- a/src/keycloak/keycloak_openid.py
+++ b/src/keycloak/keycloak_openid.py
@ -477,7 +477,7 @@ class KeycloakOpenID:
        params_path = {"realm-name": self.realm_name, "resource-server-id": resource_server_id}
        data_raw = self.connection.raw_get(URL_ENTITLEMENT.format(**params_path))

-        if data_raw.status_code == 404:
+        if data_raw.status_code == 405:
            return raise_error_from_response(data_raw, KeycloakDeprecationError)

        return raise_error_from_response(data_raw, KeycloakGetError)  # pragma: no cover
--- a/tests/test_keycloak_admin.py
+++ b/tests/test_keycloak_admin.py
@ -660,16 +660,14 @@ def test_groups(admin: KeycloakAdmin, user: str):
    # Test get groups again
    groups = admin.get_groups()
    assert len(groups) == 1, groups
-    assert len(groups[0]["subGroups"]) == 2, groups["subGroups"]
+    assert groups[0]["subGroupCount"] == 2
    assert groups[0]["id"] == group_id
-    assert {x["id"] for x in groups[0]["subGroups"]} == {subgroup_id_1, subgroup_id_2}

    # Test get groups query
    groups = admin.get_groups(query={"max": 10})
    assert len(groups) == 1, groups
-    assert len(groups[0]["subGroups"]) == 2, groups["subGroups"]
+    assert groups[0]["subGroupCount"] == 2
    assert groups[0]["id"] == group_id
-    assert {x["id"] for x in groups[0]["subGroups"]} == {subgroup_id_1, subgroup_id_2}

    # Test get group
    res = admin.get_group(group_id=subgroup_id_1)
@ -685,9 +683,10 @@ def test_groups(admin: KeycloakAdmin, user: str):
    # Create 1 more subgroup
    subsubgroup_id_1 = admin.create_group(payload={"name": "subsubgroup-1"}, parent=subgroup_id_2)
    main_group = admin.get_group(group_id=group_id)
+    subgroup_2 = admin.get_group(group_id=subgroup_id_2)

    # Test nested searches
-    res = admin.get_subgroups(group=main_group, path="/main-group/subgroup-2/subsubgroup-1")
+    res = admin.get_subgroups(group=subgroup_2, path="/main-group/subgroup-2/subsubgroup-1")
    assert res is not None, res
    assert res["id"] == subsubgroup_id_1

@ -2445,10 +2444,10 @@ def test_auto_refresh(admin_frozen: KeycloakAdmin, realm: str):
    assert err.match('401: b\'{"error":"HTTP 401 Unauthorized"}\'')

    # Freeze time to simulate the access token expiring
-    with freezegun.freeze_time("2023-02-25 10:05:00"):
-        assert admin.connection.expires_at < datetime_parser.parse("2023-02-25 10:05:00")
+    with freezegun.freeze_time("2023-02-25 10:02:00"):
+        assert admin.connection.expires_at < datetime_parser.parse("2023-02-25 10:01:00")
        assert admin.get_realm(realm_name=realm)
-        assert admin.connection.expires_at > datetime_parser.parse("2023-02-25 10:05:00")
+        assert admin.connection.expires_at > datetime_parser.parse("2023-02-25 10:01:00")

    # Test bad refresh token, but first make sure access token has expired again
    with freezegun.freeze_time("2023-02-25 10:10:00"):