feat: Add endpoints to get/update management permissions on IdP, and

delete mapper to IdP
1 year ago · fe39ad3cfe
2 changed files with 74 additions and 1 deletions
--- a/src/keycloak/keycloak_admin.py
+++ b/src/keycloak/keycloak_admin.py
@ -29,7 +29,7 @@
 import copy
 import json
 from builtins import isinstance
-from typing import Optional
+from typing import Any, Dict, Optional

 import deprecation
 from requests_toolbelt import MultipartEncoder
@ -739,6 +739,27 @@ class KeycloakAdmin:

        return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204])

+    def delete_mapper_to_idp(self, idp_alias: str, mapper_id: str) -> Dict[str, Any]:
+        """Delete an IDP mapper.
+
+        IdentityProviderRepresentation
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_identityprovidermapperrepresentation
+
+        :param: idp_alias: alias for Idp to add mapper in
+        :type idp_alias: str
+        :param: mapper_id: ID of mapper
+        :type mapper_id: str
+        :returns: Keycloak server response
+        :rtype: dict
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "idp-alias": idp_alias,
+            "mapper-id": mapper_id,
+        }
+        data_raw = self.raw_delete(urls_patterns.URL_ADMIN_IDP_MAPPER_UPDATE.format(**params_path))
+        return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])
+
    def get_idp_mappers(self, idp_alias):
        """Get IDP mappers.

@ -785,6 +806,57 @@ class KeycloakAdmin:
        data_raw = self.connection.raw_delete(urls_patterns.URL_ADMIN_IDP.format(**params_path))
        return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])

+    def get_idp_management_permissions(self, idp_alias: str) -> Dict[str, Any]:
+        """Get management permissions for a client.
+
+        ManagementPermissionReference
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
+
+        :param: idp_alias: idp alias name
+        :type idp_alias: str
+        :returns: Keycloak server response
+        :rtype: dict
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "alias": idp_alias,
+        }
+        data_raw = self.raw_get(
+            urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path)
+        )
+        return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200])
+
+    def update_idp_management_permissions(
+        self, idp_alias: str, payload: Dict[str, Any]
+    ) -> Dict[str, Any]:
+        """Update management permissions for a client.
+
+        ManagementPermissionReference
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
+
+        :param: idp_alias: idp alias name
+        :type idp_alias: str
+        :param payload: ManagementPermissionReference
+        :type payload: dict
+        :returns: Keycloak server response
+        :rtype: dict
+
+        Payload example::
+
+            payload={
+                "enabled": true
+            }
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "alias": idp_alias,
+        }
+        data_raw = self.raw_put(
+            urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path),
+            data=json.dumps(payload),
+        )
+        return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[200])
+
    def create_user(self, payload, exist_ok=False):
        """Create a new user.

--- a/src/keycloak/urls_patterns.py
+++ b/src/keycloak/urls_patterns.py
@ -147,6 +147,7 @@ URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances"
 URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
 URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
 URL_ADMIN_IDP = "admin/realms/{realm-name}/identity-provider/instances/{alias}"
+URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS = URL_ADMIN_IDP + "/management/permissions"
 URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}"
 URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = (
    "admin/realms/{realm-name}/roles/{role-name}/composites"