warricksothr
/
python-keycloak
forked from Mirror/python-keycloak
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
336 Commits
5 Branches
0 Tags
420 KiB
Tree: 7e72aec707
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7e72aec707'
${ noResults }
python-keycloak/keycloak/keycloak_admin.py

1499 lines
58 KiB
Raw Normal View History

Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Updated docs.
7 years ago
Fixed new features.
7 years ago
Fixed conflict.
6 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
Release version 0.22.0
4 years ago
pep8 formatting
6 years ago
Updated docs.
7 years ago
pep8 formatting
6 years ago
converting 'import *' into individual imports
6 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
converting 'import *' into individual imports
6 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
fix indent
4 years ago
fix comma
4 years ago
Added code for fetching role users from role in realm and client
4 years ago
Methods: list users, get user, create user.
7 years ago
Add pagination wrapper
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Add support for Client Credentials Grant in KeycloakAdmin
4 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Updated docks
7 years ago
add ability to log into service account in KeycloakAdmin
5 years ago
[Feature] add custom headers. Closes #38
5 years ago
Updated documentation and links
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Updated docks
7 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add pagination wrapper
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add pagination wrapper
5 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Updated documentation and links
5 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
Add support to create a new Realm
5 years ago
Fix copy-pasted docstring
5 years ago
Add support to create a new Realm
5 years ago
Updated documentation and links
5 years ago
Add support to create a new Realm
5 years ago
Updated documentation and links
5 years ago
Fix copy-pasted docstring
5 years ago
Add support to create a new Realm
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add support to create a new Realm
5 years ago
Added routes for deleting and updating realms
4 years ago
Release version 0.22.0
4 years ago
Added routes for deleting and updating realms
4 years ago
Release version 0.22.0
4 years ago
Added routes for deleting and updating realms
4 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Paginate get_users
5 years ago
Methods: list users, get user, create user.
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Add get_idps
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_idps
6 years ago
revert to payload
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
revert to payload
7 years ago
Methods: list users, get user, create user.
7 years ago
Add get_idps
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
return user id on user creation
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed feature get user id.
6 years ago
Create 'get_client_secrets' method
5 years ago
[11] Fixed function get_user_id to return the correct value
6 years ago
Add Admin Tasks for user and client role management
7 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add get_user_groups function
6 years ago
Updated documentation and links
5 years ago
Add get_user_groups function
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_user_groups function
6 years ago
revert back to payload
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Fixed new features.
7 years ago
Updated documentation and links
5 years ago
Fixed new features.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Fixed new features.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py added capabilities to add and get user's social login
4 years ago
added description
4 years ago
Update keycloak_admin.py added capabilities to add and get user's social login
4 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Add groups functions
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Paginate get_groups
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Add get_idps
6 years ago
pep8 formatting
6 years ago
Fix get_subgroups iteration
5 years ago
Add get_idps
6 years ago
Add query params to get_group_members
6 years ago
method to get group members
6 years ago
comments
6 years ago
method to get group members
6 years ago
Updated documentation and links
5 years ago
method to get group members
6 years ago
Updated documentation and links
5 years ago
comments
6 years ago
method to get group members
6 years ago
Paginate get_group_members
5 years ago
method to get group members
6 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Fixed new features.
7 years ago
Refactoring code: groups and client.
7 years ago
Add get_idps
6 years ago
Refactoring code: groups and client.
7 years ago
Fix a bug in the subgroup searching
6 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Fixed create group.
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add groups functions
7 years ago
Add update_group
5 years ago
Updated documentation and links
5 years ago
Add update_group
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add update_group
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add groups functions
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Refactoring code: groups and client.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Refactoring code: groups and client.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Methods: list users, get user, create user.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Updated documentation and links
5 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Updated documentation and links
5 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_idps
6 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Initial commit
7 years ago
Add update method for clients
5 years ago
Modified update_client & create_realm_role to use keycloak_admin raw_put/post Modified update_client & create_realm_role to use the keycloak_admin raw_put/post instead of the connection's raw_put/post directly to allow for token refresh
4 years ago
Add update method for clients
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add update method for clients
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Added code for fetching role users from role in realm and client
4 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated docs.
7 years ago
Add groups functions
7 years ago
Updated docs.
7 years ago
Updated documentation and links
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add groups functions
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Updated documentation and links
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Initial commit
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Updated documentation and links
5 years ago
Refactoring all services for client and client-roles.
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add sync users function
7 years ago
Added code for fetching role users from role in realm and client
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Updated documentation and links
5 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Modified update_client & create_realm_role to use keycloak_admin raw_put/post Modified update_client & create_realm_role to use the keycloak_admin raw_put/post instead of the connection's raw_put/post directly to allow for token refresh
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Add update and delete role by name Add 'Update a role' and 'Delete a role' by name and without passing the client parameter
4 years ago
Release version 0.22.0
4 years ago
Add update and delete role by name Add 'Update a role' and 'Delete a role' by name and without passing the client parameter
4 years ago
Release version 0.22.0
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Updated documentation and links
5 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
add client-level operations for group roles
4 years ago
Release version 0.22.0
4 years ago
add client-level operations for group roles
4 years ago
improve comment
4 years ago
add client-level operations for group roles
4 years ago
Release version 0.22.0
4 years ago
add client-level operations for group roles
4 years ago
Add method to retrieve the client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve the client roles of a user
6 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Add method to retrieve the client roles of a user
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add method to retrieve the client roles of a user
6 years ago
Add method to delete client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to delete client roles of a user
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add method to delete client roles of a user
6 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Add authentication flow actions
6 years ago
Add sync users function
7 years ago
Added groups functions and client functions. Added Changedlog
7 years ago
Updated documentation and links
5 years ago
Added groups functions and client functions. Added Changedlog
7 years ago
Add sync users function
7 years ago
Merge develop
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add sync users function
7 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
fixing issue #91 and be backwards compatible with older keycloak versions
4 years ago
Create 'get_client_secrets' method
5 years ago
Add generate_client_secrets
4 years ago
Create 'get_client_secrets' method
5 years ago
Updated documentation and links
5 years ago
Create 'get_client_secrets' method
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add support to create a new Realm
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
feat: add components
4 years ago
fixes + add get_keys
4 years ago
feat: add components
4 years ago
Release version 0.22.0
4 years ago
feat: add components
4 years ago
fixes + add get_keys
4 years ago
feat: add components
4 years ago
fixes + add get_keys
4 years ago
feat: add components
4 years ago
Release version 0.22.0
4 years ago
feat: add components
4 years ago
fixes + add get_keys
4 years ago
feat: add components
4 years ago
Release version 0.22.0
4 years ago
feat: add components
4 years ago
fixes + add get_keys
4 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Fixed merge with external branch.
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Handle 'Token is not active' error in refresh_token If a token is acquired but not used before it times out, Keycloak will return a 400 response with the message 'Token is not active'. Change refresh_token to handle this error by getting a new token.
4 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  24. # Unless otherwise stated in the comments, "id", in e.g. user_id, refers to the
  25. # internal Keycloak server ID, usually a uuid string
  27. import json
  28. from builtins import isinstance
  29. from typing import List, Iterable
  31. from keycloak.urls_patterns import URL_ADMIN_GROUPS_REALM_ROLES, \
  32. URL_ADMIN_GET_GROUPS_REALM_ROLES, URL_ADMIN_REALM_ROLES_ROLE_BY_NAME, URL_ADMIN_GROUPS_CLIENT_ROLES
  33. from .connection import ConnectionManager
  34. from .exceptions import raise_error_from_response, KeycloakGetError
  35. from .keycloak_openid import KeycloakOpenID
  36. from .urls_patterns import URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENT_AUTHZ_RESOURCES, URL_ADMIN_CLIENT_ROLES, \
  37. URL_ADMIN_GET_SESSIONS, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_UPDATE_ACCOUNT, \
  38. URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, URL_ADMIN_USER_GROUP, URL_ADMIN_REALM_ROLES, URL_ADMIN_GROUP_CHILD, \
  39. URL_ADMIN_USER_CONSENTS, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_CLIENT, URL_ADMIN_USER, URL_ADMIN_CLIENT_ROLE, \
  40. URL_ADMIN_USER_GROUPS, URL_ADMIN_CLIENTS, URL_ADMIN_FLOWS_EXECUTIONS, URL_ADMIN_GROUPS, URL_ADMIN_USER_CLIENT_ROLES, \
  41. URL_ADMIN_REALMS, URL_ADMIN_USERS_COUNT, URL_ADMIN_FLOWS, URL_ADMIN_GROUP, URL_ADMIN_CLIENT_AUTHZ_SETTINGS, \
  42. URL_ADMIN_GROUP_MEMBERS, URL_ADMIN_USER_STORAGE, URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_IDPS, \
  43. URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, URL_ADMIN_USERS, URL_ADMIN_CLIENT_SCOPES, \
  44. URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER, URL_ADMIN_CLIENT_SCOPE, URL_ADMIN_CLIENT_SECRETS, \
  45. URL_ADMIN_USER_REALM_ROLES, URL_ADMIN_REALM, URL_ADMIN_COMPONENTS, URL_ADMIN_COMPONENT, URL_ADMIN_KEYS, \
  46. URL_ADMIN_USER_FEDERATED_IDENTITY, URL_ADMIN_USER_FEDERATED_IDENTITIES, URL_ADMIN_CLIENT_ROLE_MEMBERS, \
  47. URL_ADMIN_REALM_ROLES_MEMBERS
  50. class KeycloakAdmin:
  52. PAGE_SIZE = 100
  54. _server_url = None
  55. _username = None
  56. _password = None
  57. _realm_name = None
  58. _client_id = None
  59. _verify = None
  60. _client_secret_key = None
  61. _auto_refresh_token = None
  62. _connection = None
  63. _token = None
  64. _custom_headers = None
  65. _user_realm_name = None
  67. def __init__(self, server_url, username=None, password=None, realm_name='master', client_id='admin-cli', verify=True,
  68. client_secret_key=None, custom_headers=None, user_realm_name=None, auto_refresh_token=None):
  69. """
  71. :param server_url: Keycloak server url
  72. :param username: admin username
  73. :param password: admin password
  74. :param realm_name: realm name
  75. :param client_id: client id
  76. :param verify: True if want check connection SSL
  77. :param client_secret_key: client secret key
  78. :param custom_headers: dict of custom header to pass to each HTML request
  79. :param user_realm_name: The realm name of the user, if different from realm_name
  80. :param auto_refresh_token: list of methods that allows automatic token refresh. ex: ['get', 'put', 'post', 'delete']
  81. """
  82. self.server_url = server_url
  83. self.username = username
  84. self.password = password
  85. self.realm_name = realm_name
  86. self.client_id = client_id
  87. self.verify = verify
  88. self.client_secret_key = client_secret_key
  89. self.auto_refresh_token = auto_refresh_token or []
  90. self.user_realm_name = user_realm_name
  91. self.custom_headers = custom_headers
  93. # Get token Admin
  94. self.get_token()
  96. @property
  97. def server_url(self):
  98. return self._server_url
  100. @server_url.setter
  101. def server_url(self, value):
  102. self._server_url = value
  104. @property
  105. def realm_name(self):
  106. return self._realm_name
  108. @realm_name.setter
  109. def realm_name(self, value):
  110. self._realm_name = value
  112. @property
  113. def connection(self):
  114. return self._connection
  116. @connection.setter
  117. def connection(self, value):
  118. self._connection = value
  120. @property
  121. def client_id(self):
  122. return self._client_id
  124. @client_id.setter
  125. def client_id(self, value):
  126. self._client_id = value
  128. @property
  129. def client_secret_key(self):
  130. return self._client_secret_key
  132. @client_secret_key.setter
  133. def client_secret_key(self, value):
  134. self._client_secret_key = value
  136. @property
  137. def verify(self):
  138. return self._verify
  140. @verify.setter
  141. def verify(self, value):
  142. self._verify = value
  144. @property
  145. def username(self):
  146. return self._username
  148. @username.setter
  149. def username(self, value):
  150. self._username = value
  152. @property
  153. def password(self):
  154. return self._password
  156. @password.setter
  157. def password(self, value):
  158. self._password = value
  160. @property
  161. def token(self):
  162. return self._token
  164. @token.setter
  165. def token(self, value):
  166. self._token = value
  168. @property
  169. def auto_refresh_token(self):
  170. return self._auto_refresh_token
  172. @property
  173. def user_realm_name(self):
  174. return self._user_realm_name
  176. @user_realm_name.setter
  177. def user_realm_name(self, value):
  178. self._user_realm_name = value
  180. @property
  181. def custom_headers(self):
  182. return self._custom_headers
  184. @custom_headers.setter
  185. def custom_headers(self, value):
  186. self._custom_headers = value
  188. @auto_refresh_token.setter
  189. def auto_refresh_token(self, value):
  190. allowed_methods = {'get', 'post', 'put', 'delete'}
  191. if not isinstance(value, Iterable):
  192. raise TypeError('Expected a list of strings among {allowed}'.format(allowed=allowed_methods))
  193. if not all(method in allowed_methods for method in value):
  194. raise TypeError('Unexpected method in auto_refresh_token, accepted methods are {allowed}'.format(allowed=allowed_methods))
  196. self._auto_refresh_token = value
  198. def __fetch_all(self, url, query=None):
  199. '''Wrapper function to paginate GET requests
  201. :param url: The url on which the query is executed
  202. :param query: Existing query parameters (optional)
  204. :return: Combined results of paginated queries
  205. '''
  206. results = []
  208. # initalize query if it was called with None
  209. if not query:
  210. query = {}
  211. page = 0
  212. query['max'] = self.PAGE_SIZE
  214. # fetch until we can
  215. while True:
  216. query['first'] = page*self.PAGE_SIZE
  217. partial_results = raise_error_from_response(
  218. self.raw_get(url, **query),
  219. KeycloakGetError)
  220. if not partial_results:
  221. break
  222. results.extend(partial_results)
  223. page += 1
  224. return results
  226. def import_realm(self, payload):
  227. """
  228. Import a new realm from a RealmRepresentation. Realm name must be unique.
  230. RealmRepresentation
  231. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  233. :param payload: RealmRepresentation
  235. :return: RealmRepresentation
  236. """
  238. data_raw = self.raw_post(URL_ADMIN_REALMS,
  239. data=json.dumps(payload))
  240. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201])
  242. def get_realms(self):
  243. """
  244. Lists all realms in Keycloak deployment
  246. :return: realms list
  247. """
  248. data_raw = self.raw_get(URL_ADMIN_REALMS)
  249. return raise_error_from_response(data_raw, KeycloakGetError)
  251. def create_realm(self, payload, skip_exists=False):
  252. """
  253. Create a realm
  255. RealmRepresentation:
  256. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  258. :param payload: RealmRepresentation
  259. :param skip_exists: Skip if Realm already exist.
  260. :return: Keycloak server response (RealmRepresentation)
  261. """
  263. data_raw = self.raw_post(URL_ADMIN_REALMS,
  264. data=json.dumps(payload))
  265. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  267. def update_realm(self, realm_name, payload):
  268. """
  269. Update a realm. This wil only update top level attributes and will ignore any user,
  270. role, or client information in the payload.
  272. RealmRepresentation:
  273. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  275. :param realm_name: Realm name (not the realm id)
  276. :param payload: RealmRepresentation
  277. :return: Http response
  278. """
  280. params_path = {"realm-name": realm_name}
  281. data_raw = self.raw_put(URL_ADMIN_REALM.format(**params_path),
  282. data=json.dumps(payload))
  283. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  285. def delete_realm(self, realm_name):
  286. """
  287. Delete a realm
  289. :param realm_name: Realm name (not the realm id)
  290. :return: Http response
  291. """
  293. params_path = {"realm-name": realm_name}
  294. data_raw = self.raw_delete(URL_ADMIN_REALM.format(**params_path))
  295. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  297. def get_users(self, query=None):
  298. """
  299. Return a list of users, filtered according to query parameters
  301. UserRepresentation
  302. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  304. :param query: Query parameters (optional)
  305. :return: users list
  306. """
  307. params_path = {"realm-name": self.realm_name}
  308. return self.__fetch_all(URL_ADMIN_USERS.format(**params_path), query)
  310. def get_idps(self):
  311. """
  312. Returns a list of ID Providers,
  314. IdentityProviderRepresentation
  315. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_identityproviderrepresentation
  317. :return: array IdentityProviderRepresentation
  318. """
  319. params_path = {"realm-name": self.realm_name}
  320. data_raw = self.raw_get(URL_ADMIN_IDPS.format(**params_path))
  321. return raise_error_from_response(data_raw, KeycloakGetError)
  323. def create_user(self, payload):
  324. """
  325. Create a new user. Username must be unique
  327. UserRepresentation
  328. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  330. :param payload: UserRepresentation
  332. :return: UserRepresentation
  333. """
  334. params_path = {"realm-name": self.realm_name}
  336. exists = self.get_user_id(username=payload['username'])
  338. if exists is not None:
  339. return str(exists)
  341. data_raw = self.raw_post(URL_ADMIN_USERS.format(**params_path),
  342. data=json.dumps(payload))
  343. raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201])
  344. _last_slash_idx = data_raw.headers['Location'].rindex('/')
  345. return data_raw.headers['Location'][_last_slash_idx + 1:]
  347. def users_count(self):
  348. """
  349. User counter
  351. :return: counter
  352. """
  353. params_path = {"realm-name": self.realm_name}
  354. data_raw = self.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path))
  355. return raise_error_from_response(data_raw, KeycloakGetError)
  357. def get_user_id(self, username):
  358. """
  359. Get internal keycloak user id from username
  360. This is required for further actions against this user.
  362. UserRepresentation
  363. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  365. :param username: id in UserRepresentation
  367. :return: user_id
  368. """
  370. users = self.get_users(query={"search": username})
  371. return next((user["id"] for user in users if user["username"] == username), None)
  373. def get_user(self, user_id):
  374. """
  375. Get representation of the user
  377. :param user_id: User id
  379. UserRepresentation
  380. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  382. :return: UserRepresentation
  383. """
  384. params_path = {"realm-name": self.realm_name, "id": user_id}
  385. data_raw = self.raw_get(URL_ADMIN_USER.format(**params_path))
  386. return raise_error_from_response(data_raw, KeycloakGetError)
  388. def get_user_groups(self, user_id):
  389. """
  390. Returns a list of groups of which the user is a member
  392. :param user_id: User id
  394. :return: user groups list
  395. """
  396. params_path = {"realm-name": self.realm_name, "id": user_id}
  397. data_raw = self.raw_get(URL_ADMIN_USER_GROUPS.format(**params_path))
  398. return raise_error_from_response(data_raw, KeycloakGetError)
  400. def update_user(self, user_id, payload):
  401. """
  402. Update the user
  404. :param user_id: User id
  405. :param payload: UserRepresentation
  407. :return: Http response
  408. """
  409. params_path = {"realm-name": self.realm_name, "id": user_id}
  410. data_raw = self.raw_put(URL_ADMIN_USER.format(**params_path),
  411. data=json.dumps(payload))
  412. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  414. def delete_user(self, user_id):
  415. """
  416. Delete the user
  418. :param user_id: User id
  420. :return: Http response
  421. """
  422. params_path = {"realm-name": self.realm_name, "id": user_id}
  423. data_raw = self.raw_delete(URL_ADMIN_USER.format(**params_path))
  424. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  426. def set_user_password(self, user_id, password, temporary=True):
  427. """
  428. Set up a password for the user. If temporary is True, the user will have to reset
  429. the temporary password next time they log in.
  431. https://www.keycloak.org/docs-api/8.0/rest-api/#_users_resource
  432. https://www.keycloak.org/docs-api/8.0/rest-api/#_credentialrepresentation
  434. :param user_id: User id
  435. :param password: New password
  436. :param temporary: True if password is temporary
  438. :return:
  439. """
  440. payload = {"type": "password", "temporary": temporary, "value": password}
  441. params_path = {"realm-name": self.realm_name, "id": user_id}
  442. data_raw = self.raw_put(URL_ADMIN_RESET_PASSWORD.format(**params_path),
  443. data=json.dumps(payload))
  444. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  446. def consents_user(self, user_id):
  447. """
  448. Get consents granted by the user
  450. :param user_id: User id
  452. :return: consents
  453. """
  454. params_path = {"realm-name": self.realm_name, "id": user_id}
  455. data_raw = self.raw_get(URL_ADMIN_USER_CONSENTS.format(**params_path))
  456. return raise_error_from_response(data_raw, KeycloakGetError)
  458. def get_user_social_logins(self, user_id):
  459. """
  460. Returns a list of federated identities/social logins of which the user has been associated with
  461. :param user_id: User id
  462. :return: federated identities list
  463. """
  464. params_path = {"realm-name": self.realm_name, "id": user_id}
  465. data_raw = self.raw_get(URL_ADMIN_USER_FEDERATED_IDENTITIES.format(**params_path))
  466. return raise_error_from_response(data_raw, KeycloakGetError)
  468. def add_user_social_login(self, user_id, provider_id, provider_userid, provider_username):
  470. """
  471. Add a federated identity / social login provider to the user
  472. :param user_id: User id
  473. :param provider_id: Social login provider id
  474. :param provider_userid: userid specified by the provider
  475. :param provider_username: username specified by the provider
  476. :return:
  477. """
  478. payload = {"identityProvider": provider_id, "userId": provider_userid, "userName": provider_username}
  479. params_path = {"realm-name": self.realm_name, "id": user_id, "provider": provider_id}
  480. data_raw = self.raw_post(URL_ADMIN_USER_FEDERATED_IDENTITY.format(**params_path), data=json.dumps(payload))
  482. def send_update_account(self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None):
  483. """
  484. Send an update account email to the user. An email contains a
  485. link the user can click to perform a set of required actions.
  487. :param user_id: User id
  488. :param payload: A list of actions for the user to complete
  489. :param client_id: Client id (optional)
  490. :param lifespan: Number of seconds after which the generated token expires (optional)
  491. :param redirect_uri: The redirect uri (optional)
  493. :return:
  494. """
  495. params_path = {"realm-name": self.realm_name, "id": user_id}
  496. params_query = {"client_id": client_id, "lifespan": lifespan, "redirect_uri": redirect_uri}
  497. data_raw = self.raw_put(URL_ADMIN_SEND_UPDATE_ACCOUNT.format(**params_path),
  498. data=payload, **params_query)
  499. return raise_error_from_response(data_raw, KeycloakGetError)
  501. def send_verify_email(self, user_id, client_id=None, redirect_uri=None):
  502. """
  503. Send a update account email to the user An email contains a
  504. link the user can click to perform a set of required actions.
  506. :param user_id: User id
  507. :param client_id: Client id (optional)
  508. :param redirect_uri: Redirect uri (optional)
  510. :return:
  511. """
  512. params_path = {"realm-name": self.realm_name, "id": user_id}
  513. params_query = {"client_id": client_id, "redirect_uri": redirect_uri}
  514. data_raw = self.raw_put(URL_ADMIN_SEND_VERIFY_EMAIL.format(**params_path),
  515. data={}, **params_query)
  516. return raise_error_from_response(data_raw, KeycloakGetError)
  518. def get_sessions(self, user_id):
  519. """
  520. Get sessions associated with the user
  522. :param user_id: id of user
  524. UserSessionRepresentation
  525. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_usersessionrepresentation
  527. :return: UserSessionRepresentation
  528. """
  529. params_path = {"realm-name": self.realm_name, "id": user_id}
  530. data_raw = self.raw_get(URL_ADMIN_GET_SESSIONS.format(**params_path))
  531. return raise_error_from_response(data_raw, KeycloakGetError)
  533. def get_server_info(self):
  534. """
  535. Get themes, social providers, auth providers, and event listeners available on this server
  537. ServerInfoRepresentation
  538. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_serverinforepresentation
  540. :return: ServerInfoRepresentation
  541. """
  542. data_raw = self.raw_get(URL_ADMIN_SERVER_INFO)
  543. return raise_error_from_response(data_raw, KeycloakGetError)
  545. def get_groups(self):
  546. """
  547. Returns a list of groups belonging to the realm
  549. GroupRepresentation
  550. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  552. :return: array GroupRepresentation
  553. """
  554. params_path = {"realm-name": self.realm_name}
  555. return self.__fetch_all(URL_ADMIN_GROUPS.format(**params_path))
  557. def get_group(self, group_id):
  558. """
  559. Get group by id. Returns full group details
  561. GroupRepresentation
  562. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  564. :param group_id: The group id
  565. :return: Keycloak server response (GroupRepresentation)
  566. """
  567. params_path = {"realm-name": self.realm_name, "id": group_id}
  568. data_raw = self.raw_get(URL_ADMIN_GROUP.format(**params_path))
  569. return raise_error_from_response(data_raw, KeycloakGetError)
  571. def get_subgroups(self, group, path):
  572. """
  573. Utility function to iterate through nested group structures
  575. GroupRepresentation
  576. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  578. :param name: group (GroupRepresentation)
  579. :param path: group path (string)
  581. :return: Keycloak server response (GroupRepresentation)
  582. """
  584. for subgroup in group["subGroups"]:
  585. if subgroup['path'] == path:
  586. return subgroup
  587. elif subgroup["subGroups"]:
  588. for subgroup in group["subGroups"]:
  589. result = self.get_subgroups(subgroup, path)
  590. if result:
  591. return result
  592. # went through the tree without hits
  593. return None
  595. def get_group_members(self, group_id, **query):
  596. """
  597. Get members by group id. Returns group members
  599. GroupRepresentation
  600. https://www.keycloak.org/docs-api/8.0/rest-api/#_userrepresentation
  602. :param group_id: The group id
  603. :param query: Additional query parameters (see https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getmembers)
  604. :return: Keycloak server response (UserRepresentation)
  605. """
  606. params_path = {"realm-name": self.realm_name, "id": group_id}
  607. return self.__fetch_all(URL_ADMIN_GROUP_MEMBERS.format(**params_path), query)
  609. def get_group_by_path(self, path, search_in_subgroups=False):
  610. """
  611. Get group id based on name or path.
  612. A straight name or path match with a top-level group will return first.
  613. Subgroups are traversed, the first to match path (or name with path) is returned.
  615. GroupRepresentation
  616. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  618. :param path: group path
  619. :param search_in_subgroups: True if want search in the subgroups
  620. :return: Keycloak server response (GroupRepresentation)
  621. """
  623. groups = self.get_groups()
  625. # TODO: Review this code is necessary
  626. for group in groups:
  627. if group['path'] == path:
  628. return group
  629. elif search_in_subgroups and group["subGroups"]:
  630. for group in group["subGroups"]:
  631. if group['path'] == path:
  632. return group
  633. res = self.get_subgroups(group, path)
  634. if res != None:
  635. return res
  636. return None
  638. def create_group(self, payload, parent=None, skip_exists=False):
  639. """
  640. Creates a group in the Realm
  642. :param payload: GroupRepresentation
  643. :param parent: parent group's id. Required to create a sub-group.
  644. :param skip_exists: If true then do not raise an error if it already exists
  646. GroupRepresentation
  647. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  649. :return: Http response
  650. """
  652. if parent is None:
  653. params_path = {"realm-name": self.realm_name}
  654. data_raw = self.raw_post(URL_ADMIN_GROUPS.format(**params_path),
  655. data=json.dumps(payload))
  656. else:
  657. params_path = {"realm-name": self.realm_name, "id": parent, }
  658. data_raw = self.raw_post(URL_ADMIN_GROUP_CHILD.format(**params_path),
  659. data=json.dumps(payload))
  661. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  663. def update_group(self, group_id, payload):
  664. """
  665. Update group, ignores subgroups.
  667. :param group_id: id of group
  668. :param payload: GroupRepresentation with updated information.
  670. GroupRepresentation
  671. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  673. :return: Http response
  674. """
  676. params_path = {"realm-name": self.realm_name, "id": group_id}
  677. data_raw = self.raw_put(URL_ADMIN_GROUP.format(**params_path),
  678. data=json.dumps(payload))
  679. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  681. def group_set_permissions(self, group_id, enabled=True):
  682. """
  683. Enable/Disable permissions for a group. Cannot delete group if disabled
  685. :param group_id: id of group
  686. :param enabled: boolean
  687. :return: Keycloak server response
  688. """
  690. params_path = {"realm-name": self.realm_name, "id": group_id}
  691. data_raw = self.raw_put(URL_ADMIN_GROUP_PERMISSIONS.format(**params_path),
  692. data=json.dumps({"enabled": enabled}))
  693. return raise_error_from_response(data_raw, KeycloakGetError)
  695. def group_user_add(self, user_id, group_id):
  696. """
  697. Add user to group (user_id and group_id)
  699. :param user_id: id of user
  700. :param group_id: id of group to add to
  701. :return: Keycloak server response
  702. """
  704. params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id}
  705. data_raw = self.raw_put(URL_ADMIN_USER_GROUP.format(**params_path), data=None)
  706. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  708. def group_user_remove(self, user_id, group_id):
  709. """
  710. Remove user from group (user_id and group_id)
  712. :param user_id: id of user
  713. :param group_id: id of group to remove from
  714. :return: Keycloak server response
  715. """
  717. params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id}
  718. data_raw = self.raw_delete(URL_ADMIN_USER_GROUP.format(**params_path))
  719. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  721. def delete_group(self, group_id):
  722. """
  723. Deletes a group in the Realm
  725. :param group_id: id of group to delete
  726. :return: Keycloak server response
  727. """
  729. params_path = {"realm-name": self.realm_name, "id": group_id}
  730. data_raw = self.raw_delete(URL_ADMIN_GROUP.format(**params_path))
  731. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  733. def get_clients(self):
  734. """
  735. Returns a list of clients belonging to the realm
  737. ClientRepresentation
  738. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  740. :return: Keycloak server response (ClientRepresentation)
  741. """
  743. params_path = {"realm-name": self.realm_name}
  744. data_raw = self.raw_get(URL_ADMIN_CLIENTS.format(**params_path))
  745. return raise_error_from_response(data_raw, KeycloakGetError)
  747. def get_client(self, client_id):
  748. """
  749. Get representation of the client
  751. ClientRepresentation
  752. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  754. :param client_id: id of client (not client-id)
  755. :return: Keycloak server response (ClientRepresentation)
  756. """
  758. params_path = {"realm-name": self.realm_name, "id": client_id}
  759. data_raw = self.raw_get(URL_ADMIN_CLIENT.format(**params_path))
  760. return raise_error_from_response(data_raw, KeycloakGetError)
  762. def get_client_id(self, client_name):
  763. """
  764. Get internal keycloak client id from client-id.
  765. This is required for further actions against this client.
  767. :param client_name: name in ClientRepresentation
  768. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  769. :return: client_id (uuid as string)
  770. """
  772. clients = self.get_clients()
  774. for client in clients:
  775. if client_name == client.get('name') or client_name == client.get('clientId'):
  776. return client["id"]
  778. return None
  780. def get_client_authz_settings(self, client_id):
  781. """
  782. Get authorization json from client.
  784. :param client_id: id in ClientRepresentation
  785. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  786. :return: Keycloak server response
  787. """
  789. params_path = {"realm-name": self.realm_name, "id": client_id}
  790. data_raw = self.raw_get(URL_ADMIN_CLIENT_AUTHZ_SETTINGS.format(**params_path))
  791. return data_raw
  793. def get_client_authz_resources(self, client_id):
  794. """
  795. Get resources from client.
  797. :param client_id: id in ClientRepresentation
  798. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  799. :return: Keycloak server response
  800. """
  802. params_path = {"realm-name": self.realm_name, "id": client_id}
  803. data_raw = self.raw_get(URL_ADMIN_CLIENT_AUTHZ_RESOURCES.format(**params_path))
  804. return data_raw
  806. def create_client(self, payload, skip_exists=False):
  807. """
  808. Create a client
  810. ClientRepresentation: https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  812. :param skip_exists: If true then do not raise an error if client already exists
  813. :param payload: ClientRepresentation
  814. :return: Keycloak server response (UserRepresentation)
  815. """
  817. params_path = {"realm-name": self.realm_name}
  818. data_raw = self.raw_post(URL_ADMIN_CLIENTS.format(**params_path),
  819. data=json.dumps(payload))
  820. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  822. def update_client(self, client_id, payload):
  823. """
  824. Update a client
  826. :param client_id: Client id
  827. :param payload: ClientRepresentation
  829. :return: Http response
  830. """
  831. params_path = {"realm-name": self.realm_name, "id": client_id}
  832. data_raw = self.raw_put(URL_ADMIN_CLIENT.format(**params_path),
  833. data=json.dumps(payload))
  834. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  836. def delete_client(self, client_id):
  837. """
  838. Get representation of the client
  840. ClientRepresentation
  841. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  843. :param client_id: keycloak client id (not oauth client-id)
  844. :return: Keycloak server response (ClientRepresentation)
  845. """
  847. params_path = {"realm-name": self.realm_name, "id": client_id}
  848. data_raw = self.raw_delete(URL_ADMIN_CLIENT.format(**params_path))
  849. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  851. def get_realm_roles(self):
  852. """
  853. Get all roles for the realm or client
  855. RoleRepresentation
  856. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  858. :return: Keycloak server response (RoleRepresentation)
  859. """
  861. params_path = {"realm-name": self.realm_name}
  862. data_raw = self.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path))
  863. return raise_error_from_response(data_raw, KeycloakGetError)
  865. def get_realm_role_members(self, role_name, **query):
  866. """
  867. Get role members of realm by role name.
  868. :param role_name: Name of the role.
  869. :param query: Additional Query parameters (see https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_roles_resource)
  870. :return: Keycloak Server Response (UserRepresentation)
  871. """
  872. params_path = {"realm-name": self.realm_name, "role-name":role_name}
  873. return self.__fetch_all(URL_ADMIN_REALM_ROLES_MEMBERS.format(**params_path), query)
  875. def get_client_roles(self, client_id):
  876. """
  877. Get all roles for the client
  879. :param client_id: id of client (not client-id)
  881. RoleRepresentation
  882. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  884. :return: Keycloak server response (RoleRepresentation)
  885. """
  887. params_path = {"realm-name": self.realm_name, "id": client_id}
  888. data_raw = self.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path))
  889. return raise_error_from_response(data_raw, KeycloakGetError)
  891. def get_client_role(self, client_id, role_name):
  892. """
  893. Get client role id by name
  894. This is required for further actions with this role.
  896. :param client_id: id of client (not client-id)
  897. :param role_name: roles name (not id!)
  899. RoleRepresentation
  900. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  902. :return: role_id
  903. """
  904. params_path = {"realm-name": self.realm_name, "id": client_id, "role-name": role_name}
  905. data_raw = self.raw_get(URL_ADMIN_CLIENT_ROLE.format(**params_path))
  906. return raise_error_from_response(data_raw, KeycloakGetError)
  908. def get_client_role_id(self, client_id, role_name):
  909. """
  910. Warning: Deprecated
  912. Get client role id by name
  913. This is required for further actions with this role.
  915. :param client_id: id of client (not client-id)
  916. :param role_name: roles name (not id!)
  918. RoleRepresentation
  919. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  921. :return: role_id
  922. """
  923. role = self.get_client_role(client_id, role_name)
  924. return role.get("id")
  926. def create_client_role(self, client_role_id, payload, skip_exists=False):
  927. """
  928. Create a client role
  930. RoleRepresentation
  931. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  933. :param client_role_id: id of client (not client-id)
  934. :param payload: RoleRepresentation
  935. :param skip_exists: If true then do not raise an error if client role already exists
  936. :return: Keycloak server response (RoleRepresentation)
  937. """
  939. params_path = {"realm-name": self.realm_name, "id": client_role_id}
  940. data_raw = self.raw_post(URL_ADMIN_CLIENT_ROLES.format(**params_path),
  941. data=json.dumps(payload))
  942. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  944. def delete_client_role(self, client_role_id, role_name):
  945. """
  946. Delete a client role
  948. RoleRepresentation
  949. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  951. :param client_role_id: id of client (not client-id)
  952. :param role_name: roles name (not id!)
  953. """
  954. params_path = {"realm-name": self.realm_name, "id": client_role_id, "role-name": role_name}
  955. data_raw = self.raw_delete(URL_ADMIN_CLIENT_ROLE.format(**params_path))
  956. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  958. def assign_client_role(self, user_id, client_id, roles):
  959. """
  960. Assign a client role to a user
  962. :param user_id: id of user
  963. :param client_id: id of client (not client-id)
  964. :param roles: roles list or role (use RoleRepresentation)
  965. :return Keycloak server response
  966. """
  968. payload = roles if isinstance(roles, list) else [roles]
  969. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  970. data_raw = self.raw_post(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path),
  971. data=json.dumps(payload))
  972. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  974. def get_client_role_members(self, client_id, role_name, **query):
  975. """
  976. Get members by client role .
  977. :param client_id: The client id
  978. :param role_name: the name of role to be queried.
  979. :param query: Additional query parameters ( see https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_clients_resource)
  980. :return: Keycloak server response (UserRepresentation)
  981. """
  982. params_path = {"realm-name": self.realm_name, "id":client_id, "role-name":role_name}
  983. return self.__fetch_all(URL_ADMIN_CLIENT_ROLE_MEMBERS.format(**params_path) , query)
  986. def create_realm_role(self, payload, skip_exists=False):
  987. """
  988. Create a new role for the realm or client
  990. :param payload: The role (use RoleRepresentation)
  991. :param skip_exists: If true then do not raise an error if realm role already exists
  992. :return Keycloak server response
  993. """
  995. params_path = {"realm-name": self.realm_name}
  996. data_raw = self.raw_post(URL_ADMIN_REALM_ROLES.format(**params_path),
  997. data=json.dumps(payload))
  998. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  1000. def update_realm_role(self, role_name, payload):
  1001. """
  1002. Update a role for the realm by name
  1003. :param role_name: The name of the role to be updated
  1004. :param payload: The role (use RoleRepresentation)
  1005. :return Keycloak server response
  1006. """
  1008. params_path = {"realm-name": self.realm_name, "role-name": role_name}
  1009. data_raw = self.connection.raw_put(URL_ADMIN_REALM_ROLES_ROLE_BY_NAME.format(**params_path),
  1010. data=json.dumps(payload))
  1011. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1013. def delete_realm_role(self, role_name):
  1014. """
  1015. Delete a role for the realm by name
  1016. :param payload: The role name {'role-name':'name-of-the-role'}
  1017. :return Keycloak server response
  1018. """
  1020. params_path = {"realm-name": self.realm_name, "role-name": role_name}
  1021. data_raw = self.connection.raw_delete(
  1022. URL_ADMIN_REALM_ROLES_ROLE_BY_NAME.format(**params_path))
  1023. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1025. def assign_realm_roles(self, user_id, client_id, roles):
  1026. """
  1027. Assign realm roles to a user
  1029. :param user_id: id of user
  1030. :param client_id: id of client containing role (not client-id)
  1031. :param roles: roles list or role (use RoleRepresentation)
  1032. :return Keycloak server response
  1033. """
  1035. payload = roles if isinstance(roles, list) else [roles]
  1036. params_path = {"realm-name": self.realm_name, "id": user_id}
  1037. data_raw = self.raw_post(URL_ADMIN_USER_REALM_ROLES.format(**params_path),
  1038. data=json.dumps(payload))
  1039. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1041. def assign_group_realm_roles(self, group_id, roles):
  1042. """
  1043. Assign realm roles to a group
  1045. :param group_id: id of groupp
  1046. :param roles: roles list or role (use GroupRoleRepresentation)
  1047. :return Keycloak server response
  1048. """
  1050. payload = roles if isinstance(roles, list) else [roles]
  1051. params_path = {"realm-name": self.realm_name, "id": group_id}
  1052. data_raw = self.raw_post(URL_ADMIN_GROUPS_REALM_ROLES.format(**params_path),
  1053. data=json.dumps(payload))
  1054. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1056. def delete_group_realm_roles(self, group_id, roles):
  1057. """
  1058. Delete realm roles of a group
  1060. :param group_id: id of group
  1061. :param roles: roles list or role (use GroupRoleRepresentation)
  1062. :return Keycloak server response
  1063. """
  1065. payload = roles if isinstance(roles, list) else [roles]
  1066. params_path = {"realm-name": self.realm_name, "id": group_id}
  1067. data_raw = self.raw_delete(URL_ADMIN_GROUPS_REALM_ROLES.format(**params_path),
  1068. data=json.dumps(payload))
  1069. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1071. def get_group_realm_roles(self, group_id):
  1072. """
  1073. Get all realm roles for a group.
  1075. :param user_id: id of the group
  1076. :return: Keycloak server response (array RoleRepresentation)
  1077. """
  1078. params_path = {"realm-name": self.realm_name, "id": group_id}
  1079. data_raw = self.raw_get(URL_ADMIN_GET_GROUPS_REALM_ROLES.format(**params_path))
  1080. return raise_error_from_response(data_raw, KeycloakGetError)
  1082. def assign_group_client_roles(self, group_id, client_id, roles):
  1083. """
  1084. Assign client roles to a group
  1086. :param group_id: id of group
  1087. :param client_id: id of client (not client-id)
  1088. :param roles: roles list or role (use GroupRoleRepresentation)
  1089. :return Keycloak server response
  1090. """
  1092. payload = roles if isinstance(roles, list) else [roles]
  1093. params_path = {"realm-name": self.realm_name, "id": group_id, "client-id": client_id}
  1094. data_raw = self.raw_post(URL_ADMIN_GROUPS_CLIENT_ROLES.format(**params_path),
  1095. data=json.dumps(payload))
  1096. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1098. def delete_group_client_roles(self, group_id, client_id, roles):
  1099. """
  1100. Delete client roles of a group
  1102. :param group_id: id of group
  1103. :param client_id: id of client (not client-id)
  1104. :param roles: roles list or role (use GroupRoleRepresentation)
  1105. :return Keycloak server response
  1106. """
  1108. payload = roles if isinstance(roles, list) else [roles]
  1109. params_path = {"realm-name": self.realm_name, "id": group_id, "client-id": client_id}
  1110. data_raw = self.raw_get(URL_ADMIN_GROUPS_CLIENT_ROLES.format(**params_path))
  1111. return raise_error_from_response(data_raw, KeycloakGetError)
  1113. def get_group_client_roles(self, group_id, client_id, roles):
  1114. """
  1115. Get client roles of a group
  1117. :param group_id: id of group
  1118. :param client_id: id of client (not client-id)
  1119. :param roles: roles list or role (use GroupRoleRepresentation)
  1120. :return Keycloak server response (array RoleRepresentation)
  1121. """
  1123. payload = roles if isinstance(roles, list) else [roles]
  1124. params_path = {"realm-name": self.realm_name, "id": group_id, "client-id": client_id}
  1125. data_raw = self.raw_delete(URL_ADMIN_GROUPS_CLIENT_ROLES.format(**params_path),
  1126. data=json.dumps(payload))
  1127. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1129. def get_client_roles_of_user(self, user_id, client_id):
  1130. """
  1131. Get all client roles for a user.
  1133. :param user_id: id of user
  1134. :param client_id: id of client (not client-id)
  1135. :return: Keycloak server response (array RoleRepresentation)
  1136. """
  1137. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES, user_id, client_id)
  1139. def get_available_client_roles_of_user(self, user_id, client_id):
  1140. """
  1141. Get available client role-mappings for a user.
  1143. :param user_id: id of user
  1144. :param client_id: id of client (not client-id)
  1145. :return: Keycloak server response (array RoleRepresentation)
  1146. """
  1147. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, user_id, client_id)
  1149. def get_composite_client_roles_of_user(self, user_id, client_id):
  1150. """
  1151. Get composite client role-mappings for a user.
  1153. :param user_id: id of user
  1154. :param client_id: id of client (not client-id)
  1155. :return: Keycloak server response (array RoleRepresentation)
  1156. """
  1157. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, user_id, client_id)
  1159. def _get_client_roles_of_user(self, client_level_role_mapping_url, user_id, client_id):
  1160. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  1161. data_raw = self.raw_get(client_level_role_mapping_url.format(**params_path))
  1162. return raise_error_from_response(data_raw, KeycloakGetError)
  1164. def delete_client_roles_of_user(self, user_id, client_id, roles):
  1165. """
  1166. Delete client roles from a user.
  1168. :param user_id: id of user
  1169. :param client_id: id of client containing role (not client-id)
  1170. :param roles: roles list or role to delete (use RoleRepresentation)
  1171. :return: Keycloak server response
  1172. """
  1173. payload = roles if isinstance(roles, list) else [roles]
  1174. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  1175. data_raw = self.raw_delete(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path),
  1176. data=json.dumps(payload))
  1177. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1179. def get_authentication_flows(self):
  1180. """
  1181. Get authentication flows. Returns all flow details
  1183. AuthenticationFlowRepresentation
  1184. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationflowrepresentation
  1186. :return: Keycloak server response (AuthenticationFlowRepresentation)
  1187. """
  1188. params_path = {"realm-name": self.realm_name}
  1189. data_raw = self.raw_get(URL_ADMIN_FLOWS.format(**params_path))
  1190. return raise_error_from_response(data_raw, KeycloakGetError)
  1192. def create_authentication_flow(self, payload, skip_exists=False):
  1193. """
  1194. Create a new authentication flow
  1196. AuthenticationFlowRepresentation
  1197. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationflowrepresentation
  1199. :param payload: AuthenticationFlowRepresentation
  1200. :param skip_exists: If true then do not raise an error if authentication flow already exists
  1201. :return: Keycloak server response (RoleRepresentation)
  1202. """
  1204. params_path = {"realm-name": self.realm_name}
  1205. data_raw = self.raw_post(URL_ADMIN_FLOWS.format(**params_path),
  1206. data=payload)
  1207. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201], skip_exists=skip_exists)
  1209. def get_authentication_flow_executions(self, flow_alias):
  1210. """
  1211. Get authentication flow executions. Returns all execution steps
  1213. :param flow_alias: the flow alias
  1214. :return: Response(json)
  1215. """
  1216. params_path = {"realm-name": self.realm_name, "flow-alias": flow_alias}
  1217. data_raw = self.raw_get(URL_ADMIN_FLOWS_EXECUTIONS.format(**params_path))
  1218. return raise_error_from_response(data_raw, KeycloakGetError)
  1220. def update_authentication_flow_executions(self, payload, flow_alias):
  1221. """
  1222. Update an authentication flow execution
  1224. AuthenticationExecutionInfoRepresentation
  1225. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationexecutioninforepresentation
  1227. :param payload: AuthenticationExecutionInfoRepresentation
  1228. :param flow_alias: The flow alias
  1229. :return: Keycloak server response
  1230. """
  1232. params_path = {"realm-name": self.realm_name, "flow-alias": flow_alias}
  1233. data_raw = self.raw_put(URL_ADMIN_FLOWS_EXECUTIONS.format(**params_path),
  1234. data=payload)
  1235. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1237. def sync_users(self, storage_id, action):
  1238. """
  1239. Function to trigger user sync from provider
  1241. :param storage_id: The id of the user storage provider
  1242. :param action: Action can be "triggerFullSync" or "triggerChangedUsersSync"
  1243. :return:
  1244. """
  1245. data = {'action': action}
  1246. params_query = {"action": action}
  1248. params_path = {"realm-name": self.realm_name, "id": storage_id}
  1249. data_raw = self.raw_post(URL_ADMIN_USER_STORAGE.format(**params_path),
  1250. data=json.dumps(data), **params_query)
  1251. return raise_error_from_response(data_raw, KeycloakGetError)
  1253. def get_client_scopes(self):
  1254. """
  1255. Get representation of the client scopes for the realm where we are connected to
  1256. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientscopes
  1258. :return: Keycloak server response Array of (ClientScopeRepresentation)
  1259. """
  1261. params_path = {"realm-name": self.realm_name}
  1262. data_raw = self.raw_get(URL_ADMIN_CLIENT_SCOPES.format(**params_path))
  1263. return raise_error_from_response(data_raw, KeycloakGetError)
  1265. def get_client_scope(self, client_scope_id):
  1266. """
  1267. Get representation of the client scopes for the realm where we are connected to
  1268. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientscopes
  1270. :param client_scope_id: The id of the client scope
  1271. :return: Keycloak server response (ClientScopeRepresentation)
  1272. """
  1274. params_path = {"realm-name": self.realm_name, "scope-id": client_scope_id}
  1275. data_raw = self.raw_get(URL_ADMIN_CLIENT_SCOPE.format(**params_path))
  1276. return raise_error_from_response(data_raw, KeycloakGetError)
  1278. def add_mapper_to_client_scope(self, client_scope_id, payload):
  1279. """
  1280. Add a mapper to a client scope
  1281. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_create_mapper
  1283. :param client_scope_id: The id of the client scope
  1284. :param payload: ProtocolMapperRepresentation
  1285. :return: Keycloak server Response
  1286. """
  1288. params_path = {"realm-name": self.realm_name, "scope-id": client_scope_id}
  1290. data_raw = self.raw_post(
  1291. URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER.format(**params_path), data=json.dumps(payload))
  1293. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201])
  1295. def generate_client_secrets(self, client_id):
  1296. """
  1298. Generate a new secret for the client
  1299. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_regeneratesecret
  1301. :param client_id: id of client (not client-id)
  1302. :return: Keycloak server response (ClientRepresentation)
  1303. """
  1305. params_path = {"realm-name": self.realm_name, "id": client_id}
  1306. data_raw = self.raw_post(URL_ADMIN_CLIENT_SECRETS.format(**params_path), data=None)
  1307. return raise_error_from_response(data_raw, KeycloakGetError)
  1309. def get_client_secrets(self, client_id):
  1310. """
  1312. Get representation of the client secrets
  1313. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientsecret
  1315. :param client_id: id of client (not client-id)
  1316. :return: Keycloak server response (ClientRepresentation)
  1317. """
  1319. params_path = {"realm-name": self.realm_name, "id": client_id}
  1320. data_raw = self.raw_get(URL_ADMIN_CLIENT_SECRETS.format(**params_path))
  1321. return raise_error_from_response(data_raw, KeycloakGetError)
  1323. def get_components(self, query=None):
  1324. """
  1325. Return a list of components, filtered according to query parameters
  1327. ComponentRepresentation
  1328. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_componentrepresentation
  1330. :param query: Query parameters (optional)
  1331. :return: components list
  1332. """
  1333. params_path = {"realm-name": self.realm_name}
  1334. data_raw = self.raw_get(URL_ADMIN_COMPONENTS.format(**params_path),
  1335. data=None, **query)
  1336. return raise_error_from_response(data_raw, KeycloakGetError)
  1338. def create_component(self, payload):
  1339. """
  1340. Create a new component.
  1342. ComponentRepresentation
  1343. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_componentrepresentation
  1345. :param payload: ComponentRepresentation
  1347. :return: UserRepresentation
  1348. """
  1349. params_path = {"realm-name": self.realm_name}
  1351. data_raw = self.raw_post(URL_ADMIN_COMPONENTS.format(**params_path),
  1352. data=json.dumps(payload))
  1353. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[201])
  1355. def get_component(self, component_id):
  1356. """
  1357. Get representation of the component
  1359. :param component_id: Component id
  1361. ComponentRepresentation
  1362. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_componentrepresentation
  1364. :return: ComponentRepresentation
  1365. """
  1366. params_path = {"realm-name": self.realm_name, "component-id": component_id}
  1367. data_raw = self.raw_get(URL_ADMIN_COMPONENT.format(**params_path))
  1368. return raise_error_from_response(data_raw, KeycloakGetError)
  1370. def update_component(self, component_id, payload):
  1371. """
  1372. Update the component
  1374. :param component_id: Component id
  1375. :param payload: ComponentRepresentation
  1376. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_componentrepresentation
  1378. :return: Http response
  1379. """
  1380. params_path = {"realm-name": self.realm_name, "component-id": component_id}
  1381. data_raw = self.raw_put(URL_ADMIN_COMPONENT.format(**params_path),
  1382. data=json.dumps(payload))
  1383. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1385. def delete_component(self, component_id):
  1386. """
  1387. Delete the component
  1389. :param component_id: Component id
  1391. :return: Http response
  1392. """
  1393. params_path = {"realm-name": self.realm_name, "component-id": component_id}
  1394. data_raw = self.raw_delete(URL_ADMIN_COMPONENT.format(**params_path))
  1395. return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204])
  1397. def get_keys(self):
  1398. """
  1399. Return a list of keys, filtered according to query parameters
  1401. KeysMetadataRepresentation
  1402. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_key_resource
  1404. :return: keys list
  1405. """
  1406. params_path = {"realm-name": self.realm_name}
  1407. data_raw = self.raw_get(URL_ADMIN_KEYS.format(**params_path),
  1408. data=None)
  1409. return raise_error_from_response(data_raw, KeycloakGetError)
  1411. def raw_get(self, *args, **kwargs):
  1412. """
  1413. Calls connection.raw_get.
  1415. If auto_refresh is set for *get* and *access_token* is expired, it will refresh the token
  1416. and try *get* once more.
  1417. """
  1418. r = self.connection.raw_get(*args, **kwargs)
  1419. if 'get' in self.auto_refresh_token and r.status_code == 401:
  1420. self.refresh_token()
  1421. return self.connection.raw_get(*args, **kwargs)
  1422. return r
  1424. def raw_post(self, *args, **kwargs):
  1425. """
  1426. Calls connection.raw_post.
  1428. If auto_refresh is set for *post* and *access_token* is expired, it will refresh the token
  1429. and try *post* once more.
  1430. """
  1431. r = self.connection.raw_post(*args, **kwargs)
  1432. if 'post' in self.auto_refresh_token and r.status_code == 401:
  1433. self.refresh_token()
  1434. return self.connection.raw_post(*args, **kwargs)
  1435. return r
  1437. def raw_put(self, *args, **kwargs):
  1438. """
  1439. Calls connection.raw_put.
  1441. If auto_refresh is set for *put* and *access_token* is expired, it will refresh the token
  1442. and try *put* once more.
  1443. """
  1444. r = self.connection.raw_put(*args, **kwargs)
  1445. if 'put' in self.auto_refresh_token and r.status_code == 401:
  1446. self.refresh_token()
  1447. return self.connection.raw_put(*args, **kwargs)
  1448. return r
  1450. def raw_delete(self, *args, **kwargs):
  1451. """
  1452. Calls connection.raw_delete.
  1454. If auto_refresh is set for *delete* and *access_token* is expired, it will refresh the token
  1455. and try *delete* once more.
  1456. """
  1457. r = self.connection.raw_delete(*args, **kwargs)
  1458. if 'delete' in self.auto_refresh_token and r.status_code == 401:
  1459. self.refresh_token()
  1460. return self.connection.raw_delete(*args, **kwargs)
  1461. return r
  1463. def get_token(self):
  1464. self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id,
  1465. realm_name=self.user_realm_name or self.realm_name, verify=self.verify,
  1466. client_secret_key=self.client_secret_key,
  1467. custom_headers=self.custom_headers)
  1469. grant_type = ["password"]
  1470. if self.client_secret_key:
  1471. grant_type = ["client_credentials"]
  1473. self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type)
  1475. headers = {
  1476. 'Authorization': 'Bearer ' + self.token.get('access_token'),
  1477. 'Content-Type': 'application/json'
  1478. }
  1480. if self.custom_headers is not None:
  1481. # merge custom headers to main headers
  1482. headers.update(self.custom_headers)
  1484. self._connection = ConnectionManager(base_url=self.server_url,
  1485. headers=headers,
  1486. timeout=60,
  1487. verify=self.verify)
  1489. def refresh_token(self):
  1490. refresh_token = self.token.get('refresh_token')
  1491. try:
  1492. self.token = self.keycloak_openid.refresh_token(refresh_token)
  1493. except KeycloakGetError as e:
  1494. if e.response_code == 400 and (b'Refresh token expired' in e.response_body or
  1495. b'Token is not active' in e.response_body):
  1496. self.get_token()
  1497. else:
  1498. raise
  1499. self.connection.add_param_headers('Authorization', 'Bearer ' + self.token.get('access_token'))