* fix: tox.ini config fixed for testenv:check
* feat: functions for updating reource permissions and getting associated policies
* fix: linting issues resolved
* revert: brought back all functions which were mistakenly removed in commit
* fix: linting issue resolved to prevent unintended changes in file
* fix: comments fixed for docs
* fix: async functions created for new functionality
* feat: test cases completed for new functionality
* chore: tox and deps update
---------
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* chore: add async client to connection
* chore: add async client to keycloak openid
* chore: add async client to keycloak uma
* chore: add async client and methods to keycloak admin
* chore: add async tests for connection and uma class
* chore: add async tests for keycloak openid class
* chore: add async tests for keycloak admin class
* chore: update poetry lock
* chore: update poetry lock
* fix: poetry files
* fix: lint issues
* fix: conftest fix
* fix: lint test fix
* fix: lint test fix
* fix: lint test fix
* fix: lint test fix
* fix: lint test fix
* fix: added setuptools
* fix: delete request fix and test cases fix
* fix: email test case
* fix: email test case for older versions
* fix: set correct content type on token endpoint
* fix: async on missing calls
* test: updated tests
* chore: deps
* fix: preserve original bearer
* fix: dont set bearer in refresh token directly
* fix: default content type
* fix: content type for initial access token
* fix: content type for async initial access token
* chore: add divergence test
* chore: add divergence test for uma and conneciton class
* chore: add docs for async module
* fix: sphinx error fixes
* test: verify signature
* test: final divergence tests
---------
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
Most of the methods rely on the role name within python keycloak, which for the vast majority is fine, however there are some role names which cannot be used by the API endpoint as they contain characters that cannot be encoded properly. Therefore this change is to allow the use of the role's id to get, update and delete roles by their id instead.'
* feat: added support for Admin Events api
* test: fix auth_flow test and authentication_configs based on KC 22 pre-settings
* docs: update readme
* revert: "test: fix auth_flow test and authentication_configs based on KC 22 pre-settings"
This reverts commit 392b71b351.
* test: trying to support old and new Keycloak versions for test_auth_flows & test_authentication_configs
test: trying to support old and new Keycloak versions for test_auth_flows & test_authentication_configs
https://github.com/keycloak/keycloak/issues/20497
* chore: revert Update tox.ini
These tools should be coming from the poetry virtual env
---------
Co-authored-by: Simone Ferrigno <simone.ferrigno@vorwerk.de>
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* feat: add missing get_realm_role_by_id to KeycloakAdmin
* fix: test was using role_name instead role_id
---------
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* feat(api): add api url
* feat(api): add create permission function
* feat(api): add testcases for create permission function
* fix: linting
* fix: linting
* feat(api): add testcases for create permission function
* feat(api): add testcases for create permission function
* feat(api): apply formating
* feat(api): fix testing
* feat(api): fix testing
* feat(api): fix testing for create client_authz_scope_permission
* feat(api): add scope id for get client_authz_scope_permission
* fix create_client_authz_scope_permission test case
* fix: create_client_authz_scope_permission test case
* fix: add id in create client authz scope permissions
* fix: linting
* fix: test case of create client authz scope permissions
* fix: test case of create client authz scope permissions
---------
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* fix: remove internal use of deprecated methods
* fix: missing keycloak_openid during refresh (#431)
Error occurs when token is set so refresh_token is called before call
to get_token.
* feat: Add client update method
* fix: keycloak 22.0 dropped http challenge support
* fix: keycloak 22 changes default authenticator providers
* feat: add an optional search criteria to the get_realm_roles function
* style: reformat code to fix linting error
* test: add unit test for get_realm_roles function with search_text param
* feat: added KeycloakAdmin.update_client_authz_resource()
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: test expecting and different anwser from server
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: test expecting and different anwser from server
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
---------
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* feat: add create_client_authz_scope_permission and create_client_authz_policy to keycloak_admin
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed create_client_authz_policy url
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed test expect number of policies
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed typo in test for create_client_authz_scope_based_permission
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: removed duplicated test
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: chenge url to use existing variables
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
---------
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: initializing KeycloakAdmin without server_url
According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.
I made server_url optional and wrote a test for it.
* Revert "fix: initializing KeycloakAdmin without server_url"
This reverts commit 09cf503415.
* fix: initializing KeycloakAdmin without server_url
According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.
I made server_url optional and wrote a test for it.
* fix: check linting, formatting
---------
Co-authored-by: Armin Shoughi <a.shoughi@hesaba.co>
* feat: add tests and logic for deleting client authz resource
* feat: add tests and logic for getting client authz resource
* fix: update return type of get_client_authz_resource from bytes to dict
* fix: update return type of get_client_authz_resources admin method
* refactor: Factor our OpenIdConnectionManager class and deprecate old methods
* refactor: Refactor keycloak uma client to use openid connection manager
* fix: Perform token renewal at 90% of lifetime
* refactor: Add optional openid connection constructor param to keycloak admin
* refactor: Remove auto_refresh_token in favour of automatic refresh on expiry
* refactor: move KeycloakOpenIDConnectionManager to a separate file
* docs: uma additions and fixes
* refactor: rename token_renewal_fraction->token_lifetime_fraction
* refactor: shorten KeycloakOpenIDConnectionManager->KeycloakOpenIDConnection
* docs: incorporate review comments
Keycloak provides an API endpoint to directly load a group by its path.
This commit changes get_group_by_path to not filter the groups locally
and instead uses the API endpoint.
Syzygeezus
Nehuen Gonzalez-Montoro
Philipp Böhm
Mohsin Anees
Richard Nemeth
pyaiman
Côme Mary-Vallée
ThanhPT
Tobias Genannt
Nathan Furnal
Geoff Owen
Marcos Pereira Jr
Zima
Cainã
Igor Pronin
satolo_ez
Hadeer Elsaeed
Lucy Linder
mklassen
Salem Wafi
Ana Paula Mendes
armin shoughi
Raspreet Singh
Petr Hála
Nuwan Goonasekera
PizZaKatZe
Tobias Genannt
Jerónimo Mendes
Philippe Moll
hadeer_e