test: initial test for readme

2 years ago · aef17fd40f
2 changed files with 193 additions and 63 deletions
--- a/README.md
+++ b/README.md
@ -60,114 +60,178 @@ The documentation for python-keycloak is available on [readthedocs](http://pytho

 ## Usage

+### Well-known
+
 ```python
 from keycloak import KeycloakOpenID

 # Configure client
-keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
-                    client_id="example_client",
-                    realm_name="example_realm",
-                    client_secret_key="secret")
+keycloak_openid = KeycloakOpenID(
+    server_url="http://localhost:8080/",
+    client_id="example_client",
+    realm_name="example_realm",
+    client_secret_key="secret",
+)

 # Get WellKnow
 config_well_known = keycloak_openid.well_known()
+```
+
+### User authentication

+```python
 # Get Token
 token = keycloak_openid.token("user", "password")
 token = keycloak_openid.token("user", "password", totp="012345")
+```
+
+### User info

+```python
 # Get Userinfo
 userinfo = keycloak_openid.userinfo(token['access_token'])
+```
+
+### Token refresh

+```python
 # Refresh token
 token = keycloak_openid.refresh_token(token['refresh_token'])

 # Logout
 keycloak_openid.logout(token['refresh_token'])
+```
+
+### Certificates

+```python
 # Get Certs
 certs = keycloak_openid.certs()
+```
+
+### RPT

+```python
 # Get RPT (Entitlement)
 token = keycloak_openid.token("user", "password")
-rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
+rpt = keycloak_openid.entitlement(token["access_token"], "resource_id")

 # Instropect RPT
-token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'],
-                                     token_type_hint="requesting_party_token"))
+token_rpt_info = keycloak_openid.introspect(
+    keycloak_openid.introspect(
+        token["access_token"], rpt=rpt["rpt"], token_type_hint="requesting_party_token"
+    )
+)
+```
+
+### Token inspection

+```python
 # Introspect Token
-token_info = keycloak_openid.introspect(token['access_token'])
+token_info = keycloak_openid.introspect(token["access_token"])

 # Decode Token
-KEYCLOAK_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
+KEYCLOAK_PUBLIC_KEY = (
+    "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
+)
 options = {"verify_signature": True, "verify_aud": True, "verify_exp": True}
-token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
+token_info = keycloak_openid.decode_token(
+    token["access_token"], key=KEYCLOAK_PUBLIC_KEY, options=options
+)
+```
+
+### Permissions

+```python
 # Get permissions by token
 token = keycloak_openid.token("user", "password")
 keycloak_openid.load_authorization_config("example-authz-config.json")
-policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
-permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')
+policies = keycloak_openid.get_policies(
+    token["access_token"], method_token_info="decode", key=KEYCLOAK_PUBLIC_KEY
+)
+permissions = keycloak_openid.get_permissions(
+    token["access_token"], method_token_info="introspect"
+)

 # Get UMA-permissions by token
 token = keycloak_openid.token("user", "password")
-permissions = keycloak_openid.uma_permissions(token['access_token'])
+permissions = keycloak_openid.uma_permissions(token["access_token"])

 # Get UMA-permissions by token with specific resource and scope requested
 token = keycloak_openid.token("user", "password")
-permissions = keycloak_openid.uma_permissions(token['access_token'], permissions="Resource#Scope")
+permissions = keycloak_openid.uma_permissions(token["access_token"], permissions="Resource#Scope")

 # Get auth status for a specific resource and scope by token
 token = keycloak_openid.token("user", "password")
-auth_status = keycloak_openid.has_uma_access(token['access_token'], "Resource#Scope")
+auth_status = keycloak_openid.has_uma_access(token["access_token"], "Resource#Scope")


 # KEYCLOAK ADMIN

 from keycloak import KeycloakAdmin

-keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
-                               username='example-admin',
-                               password='secret',
-                               realm_name="master",
-                               user_realm_name="only_if_other_realm_than_master",
-                               client_secret_key="client-secret",
-                               verify=True)
+keycloak_admin = KeycloakAdmin(
+    server_url="http://localhost:8080/auth/",
+    username="example-admin",
+    password="secret",
+    realm_name="master",
+    user_realm_name="only_if_other_realm_than_master",
+    client_secret_key="client-secret",
+    verify=True,
+)

 # Add user
-new_user = keycloak_admin.create_user({"email": "example@example.com",
-                    "username": "example@example.com",
-                    "enabled": True,
-                    "firstName": "Example",
-                    "lastName": "Example"})
+new_user = keycloak_admin.create_user(
+    {
+        "email": "example@example.com",
+        "username": "example@example.com",
+        "enabled": True,
+        "firstName": "Example",
+        "lastName": "Example",
+    }
+)

 # Add user and raise exception if username already exists
 # exist_ok currently defaults to True for backwards compatibility reasons
-new_user = keycloak_admin.create_user({"email": "example@example.com",
-                    "username": "example@example.com",
-                    "enabled": True,
-                    "firstName": "Example",
-                    "lastName": "Example"},
-                    exist_ok=False)
+new_user = keycloak_admin.create_user(
+    {
+        "email": "example@example.com",
+        "username": "example@example.com",
+        "enabled": True,
+        "firstName": "Example",
+        "lastName": "Example",
+    },
+    exist_ok=False,
+)

 # Add user and set password
-new_user = keycloak_admin.create_user({"email": "example@example.com",
-                    "username": "example@example.com",
-                    "enabled": True,
-                    "firstName": "Example",
-                    "lastName": "Example",
-                    "credentials": [{"value": "secret","type": "password",}]})
+new_user = keycloak_admin.create_user(
+    {
+        "email": "example@example.com",
+        "username": "example@example.com",
+        "enabled": True,
+        "firstName": "Example",
+        "lastName": "Example",
+        "credentials": [
+            {
+                "value": "secret",
+                "type": "password",
+            }
+        ],
+    }
+)

 # Add user and specify a locale
-new_user = keycloak_admin.create_user({"email": "example@example.fr",
-                    "username": "example@example.fr",
-                    "enabled": True,
-                    "firstName": "Example",
-                    "lastName": "Example",
-                    "attributes": {
-                      "locale": ["fr"]
-                    }})
+new_user = keycloak_admin.create_user(
+    {
+        "email": "example@example.fr",
+        "username": "example@example.fr",
+        "enabled": True,
+        "firstName": "Example",
+        "lastName": "Example",
+        "attributes": {"locale": ["fr"]},
+    }
+)

 # User counter
 count_users = keycloak_admin.users_count()
@ -182,20 +246,23 @@ user_id_keycloak = keycloak_admin.get_user_id("example@example.com")
 user = keycloak_admin.get_user("user-id-keycloak")

 # Update User
-response = keycloak_admin.update_user(user_id="user-id-keycloak",
-                                      payload={'firstName': 'Example Update'})
+response = keycloak_admin.update_user(
+    user_id="user-id-keycloak", payload={"firstName": "Example Update"}
+)

 # Update User Password
-response = keycloak_admin.set_user_password(user_id="user-id-keycloak", password="secret", temporary=True)
+response = keycloak_admin.set_user_password(
+    user_id="user-id-keycloak", password="secret", temporary=True
+)

 # Get User Credentials
-credentials = keycloak_admin.get_credentials(user_id='user_id')
+credentials = keycloak_admin.get_credentials(user_id="user_id")

 # Get User Credential by ID
-credential = keycloak_admin.get_credential(user_id='user_id', credential_id='credential_id')
+credential = keycloak_admin.get_credential(user_id="user_id", credential_id="credential_id")

 # Delete User Credential
-response = keycloak_admin.delete_credential(user_id='user_id', credential_id='credential_id')
+response = keycloak_admin.delete_credential(user_id="user_id", credential_id="credential_id")

 # Delete User
 response = keycloak_admin.delete_user(user_id="user-id-keycloak")
@ -204,8 +271,9 @@ response = keycloak_admin.delete_user(user_id="user-id-keycloak")
 consents = keycloak_admin.consents_user(user_id="user-id-keycloak")

 # Send User Action
-response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
-                                              payload=json.dumps(['UPDATE_PASSWORD']))
+response = keycloak_admin.send_update_account(
+    user_id="user-id-keycloak", payload=json.dumps(["UPDATE_PASSWORD"])
+)

 # Send Verify Email
 response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")
@ -239,10 +307,14 @@ role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_nam
 role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test")

 # Create client role
-keycloak_admin.create_client_role(client_role_id='client_id', payload={'name': 'roleName', 'clientRole': True})
+keycloak_admin.create_client_role(
+    client_role_id="client_id", payload={"name": "roleName", "clientRole": True}
+)

 # Assign client role to user. Note that BOTH role_name and role_id appear to be required.
-keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test")
+keycloak_admin.assign_client_role(
+    client_id="client_id", user_id="user_id", role_id="role_id", role_name="test"
+)

 # Retrieve client roles of a user.
 keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id")
@ -254,8 +326,12 @@ keycloak_admin.get_available_client_roles_of_user(user_id="user_id", client_id="
 keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id")

 # Delete client roles of a user.
-keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles={"id": "role-id"})
-keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}])
+keycloak_admin.delete_client_roles_of_user(
+    client_id="client_id", user_id="user_id", roles={"id": "role-id"}
+)
+keycloak_admin.delete_client_roles_of_user(
+    client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}]
+)

 # Get all client authorization resources
 client_resources = get_client_authz_resources(client_id="client_id")
@ -276,10 +352,10 @@ group = keycloak_admin.create_group({"name": "Example Group"})
 groups = keycloak_admin.get_groups()

 # Get group
-group = keycloak_admin.get_group(group_id='group_id')
+group = keycloak_admin.get_group(group_id="group_id")

 # Get group by name
-group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True)
+group = keycloak_admin.get_group_by_path(path="/group/subgroup", search_in_subgroups=True)

 # Function to trigger user sync from provider
 sync_users(storage_id="storage_di", action="action")
@ -291,7 +367,9 @@ role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test
 realm_roles = keycloak_admin.get_roles()

 # Assign client role to user. Note that BOTH role_name and role_id appear to be required.
-keycloak_admin.assign_client_role(client_id=client_id, user_id=user_id, role_id=role_id, role_name="test")
+keycloak_admin.assign_client_role(
+    client_id=client_id, user_id=user_id, role_id=role_id, role_name="test"
+)

 # Assign realm roles to user
 keycloak_admin.assign_realm_roles(user_id=user_id, roles=realm_roles)
@ -302,5 +380,4 @@ idps = keycloak_admin.get_idps()

 # Create a new Realm
 keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False)
-
 ```
--- a/tests/test_readme.py
+++ b/tests/test_readme.py
@ -0,0 +1,53 @@
+import pytest
+
+from keycloak.keycloak_admin import KeycloakAdmin
+
+
+def find_code_blocks(readme_text):
+    code_blocks = list()
+    start_index = readme_text.find("```python")
+    if start_index == -1:
+        return list()
+    code_block_full = readme_text[start_index + 9 :]  # noqa: E203
+    end_index = code_block_full.find("```")
+    code_block = code_block_full[:end_index]
+    code_blocks.append(code_block)
+    code_blocks.extend(find_code_blocks(code_block_full[end_index + 3 :]))  # noqa: E203
+    return code_blocks
+
+
+# @pytest.mark.skip()
+def test_readme(admin: KeycloakAdmin):
+    admin.create_realm(payload={"realm": "example_realm", "enabled": True})
+    admin.realm_name = "example_realm"
+    admin.create_client(
+        payload={
+            "name": "example_client",
+            "enabled": True,
+            "protocol": "openid-connect",
+            "publicClient": False,
+            "redirectUris": ["http://localhost/*"],
+            "webOrigins": ["+"],
+            "clientId": "example_client",
+            "secret": "secret",
+            "clientAuthenticatorType": "client-secret",
+        }
+    )
+    admin.create_user(
+        payload={
+            "username": "user",
+            "email": "user@test.test",
+            "enabled": True,
+            "credentials": [{"type": "password", "value": "password"}],
+        }
+    )
+
+    with open("README.md", "r") as fp:
+        readme = fp.read()
+    code_blocks = find_code_blocks(readme)
+    for code in code_blocks:
+        print("=" * 50)
+        print(code)
+        exec(code)
+        print("OK")
+        print("=" * 50)