warricksothr
/
python-keycloak
forked from Mirror/python-keycloak
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
90 Commits
5 Branches
0 Tags
420 KiB
Tree: 300bf61f92
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '300bf61f92'
${ noResults }
python-keycloak/keycloak/keycloak_admin.py

304 lines
10 KiB
Raw Normal View History

Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  4. #
  5. # This program is free software: you can redistribute it and/or modify
  6. # it under the terms of the GNU Lesser General Public License as published by
  7. # the Free Software Foundation, either version 3 of the License, or
  8. # (at your option) any later version.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU Lesser General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU Lesser General Public License
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  18. from .urls_patterns import URL_ADMIN_USERS_COUNT, URL_ADMIN_USER, URL_ADMIN_USER_CONSENTS, \
  19. URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \
  20. URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES
  21. from .keycloak_openid import KeycloakOpenID
  23. from .exceptions import raise_error_from_response, KeycloakGetError
  25. from .urls_patterns import (
  26. URL_ADMIN_USERS,
  27. )
  29. from .connection import ConnectionManager
  30. import json
  33. class KeycloakAdmin:
  35. def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli'):
  36. self._username = username
  37. self._password = password
  38. self._client_id = client_id
  39. self._realm_name = realm_name
  41. # Get token Admin
  42. keycloak_openid = KeycloakOpenID(server_url, client_id, realm_name)
  43. self._token = keycloak_openid.token(username, password)
  45. self._connection = ConnectionManager(base_url=server_url,
  46. headers={'Authorization': 'Bearer ' + self.token.get('access_token'),
  47. 'Content-Type': 'application/json'},
  48. timeout=60)
  50. @property
  51. def realm_name(self):
  52. return self._realm_name
  54. @realm_name.setter
  55. def realm_name(self, value):
  56. self._realm_name = value
  58. @property
  59. def connection(self):
  60. return self._connection
  62. @connection.setter
  63. def connection(self, value):
  64. self._connection = value
  66. @property
  67. def client_id(self):
  68. return self._client_id
  70. @client_id.setter
  71. def client_id(self, value):
  72. self._client_id = value
  74. @property
  75. def username(self):
  76. return self._username
  78. @username.setter
  79. def username(self, value):
  80. self._username = value
  82. @property
  83. def password(self):
  84. return self._password
  86. @password.setter
  87. def password(self, value):
  88. self._password = value
  90. @property
  91. def token(self):
  92. return self._token
  94. @token.setter
  95. def token(self, value):
  96. self._token = value
  98. def get_users(self, query=None):
  99. """
  100. Get users Returns a list of users, filtered according to query parameters
  102. :return: users list
  103. """
  104. params_path = {"realm-name": self.realm_name}
  105. data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path), **query)
  106. return raise_error_from_response(data_raw, KeycloakGetError)
  108. def create_user(self, payload):
  109. """
  110. Create a new user Username must be unique
  112. UserRepresentation
  113. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation
  115. :param payload: UserRepresentation
  117. :return: UserRepresentation
  118. """
  119. params_path = {"realm-name": self.realm_name}
  120. data_raw = self.connection.raw_post(URL_ADMIN_USERS.format(**params_path),
  121. data=json.dumps(payload))
  122. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
  124. def users_count(self):
  125. """
  126. User counter
  128. :return: counter
  129. """
  130. params_path = {"realm-name": self.realm_name}
  131. data_raw = self.connection.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path))
  132. return raise_error_from_response(data_raw, KeycloakGetError)
  134. def get_user(self, user_id):
  135. """
  136. Get representation of the user
  138. :param user_id: User id
  140. UserRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation
  142. :return: UserRepresentation
  143. """
  144. params_path = {"realm-name": self.realm_name, "id": user_id}
  145. data_raw = self.connection.raw_get(URL_ADMIN_USER.format(**params_path))
  146. return raise_error_from_response(data_raw, KeycloakGetError)
  148. def update_user(self, user_id, payload):
  149. """
  150. Update the user
  152. :param user_id: User id
  153. :param payload: UserRepresentation
  155. :return: Http response
  156. """
  157. params_path = {"realm-name": self.realm_name, "id": user_id}
  158. data_raw = self.connection.raw_put(URL_ADMIN_USER.format(**params_path),
  159. data=json.dumps(payload))
  160. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  162. def delete_user(self, user_id):
  163. """
  164. Delete the user
  166. :param user_id: User id
  168. :return: Http response
  169. """
  170. params_path = {"realm-name": self.realm_name, "id": user_id}
  171. data_raw = self.connection.raw_delete(URL_ADMIN_USER.format(**params_path))
  172. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  174. def consents_user(self, user_id):
  175. """
  176. Get consents granted by the user
  178. :param user_id: User id
  180. :return: consents
  181. """
  182. params_path = {"realm-name": self.realm_name, "id": user_id}
  183. data_raw = self.connection.raw_get(URL_ADMIN_USER_CONSENTS.format(**params_path))
  184. return raise_error_from_response(data_raw, KeycloakGetError)
  186. def send_update_account(self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None):
  187. """
  188. Send a update account email to the user An email contains a
  189. link the user can click to perform a set of required actions.
  191. :param user_id:
  192. :param payload:
  193. :param client_id:
  194. :param lifespan:
  195. :param redirect_uri:
  197. :return:
  198. """
  199. params_path = {"realm-name": self.realm_name, "id": user_id}
  200. params_query = {"client_id": client_id, "lifespan": lifespan, "redirect_uri": redirect_uri}
  201. data_raw = self.connection.raw_put(URL_ADMIN_SEND_UPDATE_ACCOUNT.format(**params_path),
  202. data=payload, **params_query)
  203. return raise_error_from_response(data_raw, KeycloakGetError)
  205. def send_verify_email(self, user_id, client_id=None, redirect_uri=None):
  206. """
  207. Send a update account email to the user An email contains a
  208. link the user can click to perform a set of required actions.
  210. :param user_id: User id
  211. :param client_id: Client id
  212. :param redirect_uri: Redirect uri
  214. :return:
  215. """
  216. params_path = {"realm-name": self.realm_name, "id": user_id}
  217. params_query = {"client_id": client_id, "redirect_uri": redirect_uri}
  218. data_raw = self.connection.raw_put(URL_ADMIN_SEND_VERIFY_EMAIL.format(**params_path),
  219. data={}, **params_query)
  220. return raise_error_from_response(data_raw, KeycloakGetError)
  222. def get_sessions(self, user_id):
  223. """
  224. Get sessions associated with the user
  226. :param user_id: User id
  228. UserSessionRepresentation
  229. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_usersessionrepresentation
  231. :return: UserSessionRepresentation
  232. """
  233. params_path = {"realm-name": self.realm_name, "id": user_id}
  234. data_raw = self.connection.raw_get(URL_ADMIN_GET_SESSIONS.format(**params_path))
  235. return raise_error_from_response(data_raw, KeycloakGetError)
  237. def get_server_info(self):
  238. """
  239. Get themes, social providers, auth providers, and event listeners available on this server
  241. ServerInfoRepresentation
  242. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_serverinforepresentation
  244. :return: ServerInfoRepresentation
  245. """
  246. data_raw = self.connection.raw_get(URL_ADMIN_SERVER_INFO)
  247. return raise_error_from_response(data_raw, KeycloakGetError)
  249. def get_clients(self):
  250. """
  251. Get clients belonging to the realm Returns a list of clients belonging to the realm
  253. ClientRepresentation
  254. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation
  256. :return: ClientRepresentation
  257. """
  258. params_path = {"realm-name": self.realm_name}
  259. data_raw = self.connection.raw_get(URL_ADMIN_CLIENTS.format(**params_path))
  260. return raise_error_from_response(data_raw, KeycloakGetError)
  262. def get_client(self, client_id):
  263. """
  264. Get representation of the client
  266. ClientRepresentation
  267. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation
  269. :param client_id: id of client (not client-id)
  271. :return: ClientRepresentation
  272. """
  273. params_path = {"realm-name": self.realm_name, "id": client_id}
  274. data_raw = self.connection.raw_get(URL_ADMIN_CLIENT.format(**params_path))
  275. return raise_error_from_response(data_raw, KeycloakGetError)
  277. def get_client_role(self, client_id):
  278. """
  279. Get all roles for the client
  281. RoleRepresentation
  282. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation
  284. :param client_id: id of client (not client-id)
  286. :return: RoleRepresentation
  287. """
  288. params_path = {"realm-name": self.realm_name, "id": client_id}
  289. data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path))
  290. return raise_error_from_response(data_raw, KeycloakGetError)
  292. def get_roles(self):
  293. """
  294. Get all roles for the realm or client
  296. RoleRepresentation
  297. http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation
  299. :return: RoleRepresentation
  300. """
  301. params_path = {"realm-name": self.realm_name}
  302. data_raw = self.connection.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path))
  303. return raise_error_from_response(data_raw, KeycloakGetError)