Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
Browse Source

test: initial test for readme

test/readme
Richard Nemeth 3 years ago
parent
d54d024aac
commit
aef17fd40f
No known key found for this signature in database GPG Key ID: 21C39470DF3DEC39
2 changed files with 193 additions and 63 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 203
      README.md
  2. 53
      tests/test_readme.py

203
README.md
View File

@ -60,114 +60,178 @@ The documentation for python-keycloak is available on [readthedocs](http://pytho
## Usage ## Usage
### Well-known
```python ```python
from keycloak import KeycloakOpenID from keycloak import KeycloakOpenID
# Configure client # Configure client
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
client_id="example_client",
realm_name="example_realm",
client_secret_key="secret")
keycloak_openid = KeycloakOpenID(
server_url="http://localhost:8080/",
client_id="example_client",
realm_name="example_realm",
client_secret_key="secret",
)
# Get WellKnow # Get WellKnow
config_well_known = keycloak_openid.well_known() config_well_known = keycloak_openid.well_known()
```
### User authentication
```python
# Get Token # Get Token
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
token = keycloak_openid.token("user", "password", totp="012345") token = keycloak_openid.token("user", "password", totp="012345")
```
### User info
```python
# Get Userinfo # Get Userinfo
userinfo = keycloak_openid.userinfo(token['access_token']) userinfo = keycloak_openid.userinfo(token['access_token'])
```
### Token refresh
```python
# Refresh token # Refresh token
token = keycloak_openid.refresh_token(token['refresh_token']) token = keycloak_openid.refresh_token(token['refresh_token'])
# Logout # Logout
keycloak_openid.logout(token['refresh_token']) keycloak_openid.logout(token['refresh_token'])
```
### Certificates
```python
# Get Certs # Get Certs
certs = keycloak_openid.certs() certs = keycloak_openid.certs()
```
### RPT
```python
# Get RPT (Entitlement) # Get RPT (Entitlement)
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
rpt = keycloak_openid.entitlement(token["access_token"], "resource_id")
# Instropect RPT # Instropect RPT
token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'],
token_type_hint="requesting_party_token"))
token_rpt_info = keycloak_openid.introspect(
keycloak_openid.introspect(
token["access_token"], rpt=rpt["rpt"], token_type_hint="requesting_party_token"
)
)
```
### Token inspection
```python
# Introspect Token # Introspect Token
token_info = keycloak_openid.introspect(token['access_token'])
token_info = keycloak_openid.introspect(token["access_token"])
# Decode Token # Decode Token
KEYCLOAK_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
KEYCLOAK_PUBLIC_KEY = (
"-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
)
options = {"verify_signature": True, "verify_aud": True, "verify_exp": True} options = {"verify_signature": True, "verify_aud": True, "verify_exp": True}
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
token_info = keycloak_openid.decode_token(
token["access_token"], key=KEYCLOAK_PUBLIC_KEY, options=options
)
```
### Permissions
```python
# Get permissions by token # Get permissions by token
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
keycloak_openid.load_authorization_config("example-authz-config.json") keycloak_openid.load_authorization_config("example-authz-config.json")
policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')
policies = keycloak_openid.get_policies(
token["access_token"], method_token_info="decode", key=KEYCLOAK_PUBLIC_KEY
)
permissions = keycloak_openid.get_permissions(
token["access_token"], method_token_info="introspect"
)
# Get UMA-permissions by token # Get UMA-permissions by token
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'])
permissions = keycloak_openid.uma_permissions(token["access_token"])
# Get UMA-permissions by token with specific resource and scope requested # Get UMA-permissions by token with specific resource and scope requested
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'], permissions="Resource#Scope")
permissions = keycloak_openid.uma_permissions(token["access_token"], permissions="Resource#Scope")
# Get auth status for a specific resource and scope by token # Get auth status for a specific resource and scope by token
token = keycloak_openid.token("user", "password") token = keycloak_openid.token("user", "password")
auth_status = keycloak_openid.has_uma_access(token['access_token'], "Resource#Scope")
auth_status = keycloak_openid.has_uma_access(token["access_token"], "Resource#Scope")
# KEYCLOAK ADMIN # KEYCLOAK ADMIN
from keycloak import KeycloakAdmin from keycloak import KeycloakAdmin
keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
username='example-admin',
password='secret',
realm_name="master",
user_realm_name="only_if_other_realm_than_master",
client_secret_key="client-secret",
verify=True)
keycloak_admin = KeycloakAdmin(
server_url="http://localhost:8080/auth/",
username="example-admin",
password="secret",
realm_name="master",
user_realm_name="only_if_other_realm_than_master",
client_secret_key="client-secret",
verify=True,
)
# Add user # Add user
new_user = keycloak_admin.create_user({"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example"})
new_user = keycloak_admin.create_user(
{
"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
}
)
# Add user and raise exception if username already exists # Add user and raise exception if username already exists
# exist_ok currently defaults to True for backwards compatibility reasons # exist_ok currently defaults to True for backwards compatibility reasons
new_user = keycloak_admin.create_user({"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example"},
exist_ok=False)
new_user = keycloak_admin.create_user(
{
"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
},
exist_ok=False,
)
# Add user and set password # Add user and set password
new_user = keycloak_admin.create_user({"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"credentials": [{"value": "secret","type": "password",}]})
new_user = keycloak_admin.create_user(
{
"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"credentials": [
{
"value": "secret",
"type": "password",
}
],
}
)
# Add user and specify a locale # Add user and specify a locale
new_user = keycloak_admin.create_user({"email": "example@example.fr",
"username": "example@example.fr",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"attributes": {
"locale": ["fr"]
}})
new_user = keycloak_admin.create_user(
{
"email": "example@example.fr",
"username": "example@example.fr",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"attributes": {"locale": ["fr"]},
}
)
# User counter # User counter
count_users = keycloak_admin.users_count() count_users = keycloak_admin.users_count()
@ -182,20 +246,23 @@ user_id_keycloak = keycloak_admin.get_user_id("example@example.com")
user = keycloak_admin.get_user("user-id-keycloak") user = keycloak_admin.get_user("user-id-keycloak")
# Update User # Update User
response = keycloak_admin.update_user(user_id="user-id-keycloak",
payload={'firstName': 'Example Update'})
response = keycloak_admin.update_user(
user_id="user-id-keycloak", payload={"firstName": "Example Update"}
)
# Update User Password # Update User Password
response = keycloak_admin.set_user_password(user_id="user-id-keycloak", password="secret", temporary=True)
response = keycloak_admin.set_user_password(
user_id="user-id-keycloak", password="secret", temporary=True
)
# Get User Credentials # Get User Credentials
credentials = keycloak_admin.get_credentials(user_id='user_id')
credentials = keycloak_admin.get_credentials(user_id="user_id")
# Get User Credential by ID # Get User Credential by ID
credential = keycloak_admin.get_credential(user_id='user_id', credential_id='credential_id')
credential = keycloak_admin.get_credential(user_id="user_id", credential_id="credential_id")
# Delete User Credential # Delete User Credential
response = keycloak_admin.delete_credential(user_id='user_id', credential_id='credential_id')
response = keycloak_admin.delete_credential(user_id="user_id", credential_id="credential_id")
# Delete User # Delete User
response = keycloak_admin.delete_user(user_id="user-id-keycloak") response = keycloak_admin.delete_user(user_id="user-id-keycloak")
@ -204,8 +271,9 @@ response = keycloak_admin.delete_user(user_id="user-id-keycloak")
consents = keycloak_admin.consents_user(user_id="user-id-keycloak") consents = keycloak_admin.consents_user(user_id="user-id-keycloak")
# Send User Action # Send User Action
response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
payload=json.dumps(['UPDATE_PASSWORD']))
response = keycloak_admin.send_update_account(
user_id="user-id-keycloak", payload=json.dumps(["UPDATE_PASSWORD"])
)
# Send Verify Email # Send Verify Email
response = keycloak_admin.send_verify_email(user_id="user-id-keycloak") response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")
@ -239,10 +307,14 @@ role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_nam
role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test") role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test")
# Create client role # Create client role
keycloak_admin.create_client_role(client_role_id='client_id', payload={'name': 'roleName', 'clientRole': True})
keycloak_admin.create_client_role(
client_role_id="client_id", payload={"name": "roleName", "clientRole": True}
)
# Assign client role to user. Note that BOTH role_name and role_id appear to be required. # Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test")
keycloak_admin.assign_client_role(
client_id="client_id", user_id="user_id", role_id="role_id", role_name="test"
)
# Retrieve client roles of a user. # Retrieve client roles of a user.
keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id") keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id")
@ -254,8 +326,12 @@ keycloak_admin.get_available_client_roles_of_user(user_id="user_id", client_id="
keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id") keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id")
# Delete client roles of a user. # Delete client roles of a user.
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles={"id": "role-id"})
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}])
keycloak_admin.delete_client_roles_of_user(
client_id="client_id", user_id="user_id", roles={"id": "role-id"}
)
keycloak_admin.delete_client_roles_of_user(
client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}]
)
# Get all client authorization resources # Get all client authorization resources
client_resources = get_client_authz_resources(client_id="client_id") client_resources = get_client_authz_resources(client_id="client_id")
@ -276,10 +352,10 @@ group = keycloak_admin.create_group({"name": "Example Group"})
groups = keycloak_admin.get_groups() groups = keycloak_admin.get_groups()
# Get group # Get group
group = keycloak_admin.get_group(group_id='group_id')
group = keycloak_admin.get_group(group_id="group_id")
# Get group by name # Get group by name
group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True)
group = keycloak_admin.get_group_by_path(path="/group/subgroup", search_in_subgroups=True)
# Function to trigger user sync from provider # Function to trigger user sync from provider
sync_users(storage_id="storage_di", action="action") sync_users(storage_id="storage_di", action="action")
@ -291,7 +367,9 @@ role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test
realm_roles = keycloak_admin.get_roles() realm_roles = keycloak_admin.get_roles()
# Assign client role to user. Note that BOTH role_name and role_id appear to be required. # Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id=client_id, user_id=user_id, role_id=role_id, role_name="test")
keycloak_admin.assign_client_role(
client_id=client_id, user_id=user_id, role_id=role_id, role_name="test"
)
# Assign realm roles to user # Assign realm roles to user
keycloak_admin.assign_realm_roles(user_id=user_id, roles=realm_roles) keycloak_admin.assign_realm_roles(user_id=user_id, roles=realm_roles)
@ -302,5 +380,4 @@ idps = keycloak_admin.get_idps()
# Create a new Realm # Create a new Realm
keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False) keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False)
``` ```

53
tests/test_readme.py
View File

@ -0,0 +1,53 @@
import pytest
from keycloak.keycloak_admin import KeycloakAdmin
def find_code_blocks(readme_text):
code_blocks = list()
start_index = readme_text.find("```python")
if start_index == -1:
return list()
code_block_full = readme_text[start_index + 9 :] # noqa: E203
end_index = code_block_full.find("```")
code_block = code_block_full[:end_index]
code_blocks.append(code_block)
code_blocks.extend(find_code_blocks(code_block_full[end_index + 3 :])) # noqa: E203
return code_blocks
# @pytest.mark.skip()
def test_readme(admin: KeycloakAdmin):
admin.create_realm(payload={"realm": "example_realm", "enabled": True})
admin.realm_name = "example_realm"
admin.create_client(
payload={
"name": "example_client",
"enabled": True,
"protocol": "openid-connect",
"publicClient": False,
"redirectUris": ["http://localhost/*"],
"webOrigins": ["+"],
"clientId": "example_client",
"secret": "secret",
"clientAuthenticatorType": "client-secret",
}
)
admin.create_user(
payload={
"username": "user",
"email": "user@test.test",
"enabled": True,
"credentials": [{"type": "password", "value": "password"}],
}
)
with open("README.md", "r") as fp:
readme = fp.read()
code_blocks = find_code_blocks(readme)
for code in code_blocks:
print("=" * 50)
print(code)
exec(code)
print("OK")
print("=" * 50)
Write Preview
Loading…
Cancel
Save