From eeb2fbb6281b626db5c9741bc4d6856f0ab19b38 Mon Sep 17 00:00:00 2001
From: hadeer_e <Hadeer.e@trufla.com>
Date: Wed, 28 Dec 2022 21:15:16 +0200
Subject: [PATCH] feat(api): add tests for create_authz_scopes

---
 src/keycloak/keycloak_admin.py | 19 +++++++++++++++++++
 tests/test_keycloak_admin.py   | 18 ++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/src/keycloak/keycloak_admin.py b/src/keycloak/keycloak_admin.py
index ac1f46e..6d74a8c 100644
--- a/src/keycloak/keycloak_admin.py
+++ b/src/keycloak/keycloak_admin.py
@@ -1475,6 +1475,25 @@ class KeycloakAdmin:
         data_raw = self.raw_get(urls_patterns.URL_ADMIN_CLIENT_AUTHZ_SCOPES.format(**params_path))
         return raise_error_from_response(data_raw, KeycloakGetError)
 
+    def create_client_authz_scopes(self, client_id, payload):
+        """Create scopes for client.
+
+        :param client_id: id in ClientRepresentation
+            https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_clientrepresentation
+        :param payload: ScopeRepresentation
+            https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_ScopeRepresentation
+        :type payload: dict
+        :type client_id: str
+        :return: Keycloak server response
+        :rtype: bytes
+        """
+        params_path = {"realm-name": self.realm_name, "id": client_id}
+        data_raw = self.raw_post(
+            urls_patterns.URL_ADMIN_CLIENT_AUTHZ_SCOPES.format(**params_path),
+            data=json.dumps(payload),
+        )
+        return raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201])
+
     def get_client_authz_permissions(self, client_id):
         """Get permissions from client.
 
diff --git a/tests/test_keycloak_admin.py b/tests/test_keycloak_admin.py
index 1420c56..29d9e13 100644
--- a/tests/test_keycloak_admin.py
+++ b/tests/test_keycloak_admin.py
@@ -890,6 +890,24 @@ def test_clients(admin: KeycloakAdmin, realm: str):
         admin.get_client_authz_scopes(client_id=client_id)
     assert err.match('404: b\'{"error":"HTTP 404 Not Found"}\'')
 
+    res = admin.create_client_authz_scopes(
+        client_id=auth_client_id, payload={"name": "test-authz-scope"}
+    )
+    assert res["name"] == "test-authz-scope", res
+
+    with pytest.raises(KeycloakPostError) as err:
+        admin.create_client_authz_scopes(
+            client_id=auth_client_id, payload={"name": "test-authz-scope"}
+        )
+    assert err.match('409: b\'{"error":"invalid_request"')
+    assert admin.create_client_authz_scopes(
+        client_id=auth_client_id, payload={"name": "test-authz-scope"}, skip_exists=True
+    ) == {"msg": "Already exists"}
+
+    res = admin.get_client_authz_scopes(client_id=auth_client_id)
+    assert len(res) == 2
+    assert {x["name"] for x in res} == {"Default Scope", "test-authz-scope"}
+
     # Test service account user
     res = admin.get_client_service_account_user(client_id=auth_client_id)
     assert res["username"] == "service-account-authz-client", res