Browse Source

feat: Add endpoints to get/update management permissions on IdP, and

delete mapper to IdP
pull/494/head
Kevin Bannier 1 year ago
committed by Kévin BANNIER
parent
commit
fe39ad3cfe
  1. 74
      src/keycloak/keycloak_admin.py
  2. 1
      src/keycloak/urls_patterns.py

74
src/keycloak/keycloak_admin.py

@ -29,7 +29,7 @@
import copy import copy
import json import json
from builtins import isinstance from builtins import isinstance
from typing import Optional
from typing import Any, Dict, Optional
import deprecation import deprecation
from requests_toolbelt import MultipartEncoder from requests_toolbelt import MultipartEncoder
@ -739,6 +739,27 @@ class KeycloakAdmin:
return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204]) return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204])
def delete_mapper_to_idp(self, idp_alias: str, mapper_id: str) -> Dict[str, Any]:
"""Delete an IDP mapper.
IdentityProviderRepresentation
https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_identityprovidermapperrepresentation
:param: idp_alias: alias for Idp to add mapper in
:type idp_alias: str
:param: mapper_id: ID of mapper
:type mapper_id: str
:returns: Keycloak server response
:rtype: dict
"""
params_path = {
"realm-name": self.connection.realm_name, # type:ignore
"idp-alias": idp_alias,
"mapper-id": mapper_id,
}
data_raw = self.raw_delete(urls_patterns.URL_ADMIN_IDP_MAPPER_UPDATE.format(**params_path))
return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])
def get_idp_mappers(self, idp_alias): def get_idp_mappers(self, idp_alias):
"""Get IDP mappers. """Get IDP mappers.
@ -785,6 +806,57 @@ class KeycloakAdmin:
data_raw = self.connection.raw_delete(urls_patterns.URL_ADMIN_IDP.format(**params_path)) data_raw = self.connection.raw_delete(urls_patterns.URL_ADMIN_IDP.format(**params_path))
return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204]) return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])
def get_idp_management_permissions(self, idp_alias: str) -> Dict[str, Any]:
"""Get management permissions for a client.
ManagementPermissionReference
https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
:param: idp_alias: idp alias name
:type idp_alias: str
:returns: Keycloak server response
:rtype: dict
"""
params_path = {
"realm-name": self.connection.realm_name, # type:ignore
"alias": idp_alias,
}
data_raw = self.raw_get(
urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path)
)
return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200])
def update_idp_management_permissions(
self, idp_alias: str, payload: Dict[str, Any]
) -> Dict[str, Any]:
"""Update management permissions for a client.
ManagementPermissionReference
https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
:param: idp_alias: idp alias name
:type idp_alias: str
:param payload: ManagementPermissionReference
:type payload: dict
:returns: Keycloak server response
:rtype: dict
Payload example::
payload={
"enabled": true
}
"""
params_path = {
"realm-name": self.connection.realm_name, # type:ignore
"alias": idp_alias,
}
data_raw = self.raw_put(
urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path),
data=json.dumps(payload),
)
return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[200])
def create_user(self, payload, exist_ok=False): def create_user(self, payload, exist_ok=False):
"""Create a new user. """Create a new user.

1
src/keycloak/urls_patterns.py

@ -147,6 +147,7 @@ URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances"
URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers" URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}" URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
URL_ADMIN_IDP = "admin/realms/{realm-name}/identity-provider/instances/{alias}" URL_ADMIN_IDP = "admin/realms/{realm-name}/identity-provider/instances/{alias}"
URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS = URL_ADMIN_IDP + "/management/permissions"
URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}" URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}"
URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = ( URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = (
"admin/realms/{realm-name}/roles/{role-name}/composites" "admin/realms/{realm-name}/roles/{role-name}/composites"

Loading…
Cancel
Save