* feat: add missing get_realm_role_by_id to KeycloakAdmin
* fix: test was using role_name instead role_id
---------
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* feat(api): add api url
* feat(api): add create permission function
* feat(api): add testcases for create permission function
* fix: linting
* fix: linting
* feat(api): add testcases for create permission function
* feat(api): add testcases for create permission function
* feat(api): apply formating
* feat(api): fix testing
* feat(api): fix testing
* feat(api): fix testing for create client_authz_scope_permission
* feat(api): add scope id for get client_authz_scope_permission
* fix create_client_authz_scope_permission test case
* fix: create_client_authz_scope_permission test case
* fix: add id in create client authz scope permissions
* fix: linting
* fix: test case of create client authz scope permissions
* fix: test case of create client authz scope permissions
---------
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* fix: remove internal use of deprecated methods
* fix: missing keycloak_openid during refresh (#431)
Error occurs when token is set so refresh_token is called before call
to get_token.
* feat: Add client update method
* fix: keycloak 22.0 dropped http challenge support
* fix: keycloak 22 changes default authenticator providers
* feat: add an optional search criteria to the get_realm_roles function
* style: reformat code to fix linting error
* test: add unit test for get_realm_roles function with search_text param
* feat: added KeycloakAdmin.update_client_authz_resource()
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: test expecting and different anwser from server
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: test expecting and different anwser from server
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
---------
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* feat: add create_client_authz_scope_permission and create_client_authz_policy to keycloak_admin
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed create_client_authz_policy url
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed test expect number of policies
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: fixed typo in test for create_client_authz_scope_based_permission
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: removed duplicated test
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: chenge url to use existing variables
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
* fix: linting
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
---------
Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
* refactor: Refactor exchange_token method
Add missing arguments:
- subject_token_type
- subject_issuer
- requested_issuer
Remove client_id argument. The client_id should come from self.
Add None defaults
* 🔥 chore(test_keycloak_openid.py): remove unused client_id parameter
Refactored the exchange_token method test to match the new interface
BREAKING CHANGE: Changes the exchange token API
* fix: initializing KeycloakAdmin without server_url
According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.
I made server_url optional and wrote a test for it.
* Revert "fix: initializing KeycloakAdmin without server_url"
This reverts commit 09cf503415.
* fix: initializing KeycloakAdmin without server_url
According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.
I made server_url optional and wrote a test for it.
* fix: check linting, formatting
---------
Co-authored-by: Armin Shoughi <a.shoughi@hesaba.co>
* feat: add tests and logic for deleting client authz resource
* feat: add tests and logic for getting client authz resource
* fix: update return type of get_client_authz_resource from bytes to dict
* fix: update return type of get_client_authz_resources admin method
* refactor: Factor our OpenIdConnectionManager class and deprecate old methods
* refactor: Refactor keycloak uma client to use openid connection manager
* fix: Perform token renewal at 90% of lifetime
* refactor: Add optional openid connection constructor param to keycloak admin
* refactor: Remove auto_refresh_token in favour of automatic refresh on expiry
* refactor: move KeycloakOpenIDConnectionManager to a separate file
* docs: uma additions and fixes
* refactor: rename token_renewal_fraction->token_lifetime_fraction
* refactor: shorten KeycloakOpenIDConnectionManager->KeycloakOpenIDConnection
* docs: incorporate review comments
Keycloak provides an API endpoint to directly load a group by its path.
This commit changes get_group_by_path to not filter the groups locally
and instead uses the API endpoint.
Remove the necessity for supplying client name for create a new client
request, also don't check existing clients based on client name as those
can be duplicate
BREAKING CHANGE: Renamed parameter client_name to client_id in get_client_id method
Closes#351