You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

192 lines
6.1 KiB

7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
  1. .. python-keycloak documentation master file, created by
  2. sphinx-quickstart on Tue Aug 15 11:02:59 2017.
  3. You can adapt this file completely to your liking, but it should at least
  4. contain the root `toctree` directive.
  5. .. toctree::
  6. :maxdepth: 2
  7. :caption: Contents:
  8. Indices and tables
  9. ==================
  10. * :ref:`genindex`
  11. * :ref:`modindex`
  12. * :ref:`search`
  13. .. image:: https://readthedocs.org/projects/python-keycloak/badge/?version=latest
  14. :target: http://python-keycloak.readthedocs.io/en/latest/?badge=latest
  15. Welcome to python-keycloak's documentation!
  16. ===========================================
  17. **python-keycloak** is a Python package providing access to the Keycloak API.
  18. Installation
  19. ==================
  20. Via Pypi Package::
  21. $ pip install python-keycloak
  22. Manually::
  23. $ python setup.py install
  24. Dependencies
  25. ==================
  26. python-keycloak depends on:
  27. * Python 3
  28. * `requests <http://docs.python-requests.org/en/master/>`_
  29. * `python-jose <http://python-jose.readthedocs.io/en/latest/>`_
  30. * `simplejson <https://simplejson.readthedocs.io/en/latest/>`_
  31. Tests Dependencies
  32. ------------------
  33. * unittest
  34. * `httmock <https://github.com/patrys/httmock>`_
  35. Bug reports
  36. ==================
  37. Please report bugs and feature requests at
  38. `https://bitbucket.org/agriness/python-keycloak/issues <https://bitbucket.org/agriness/python-keycloak/issues>`_
  39. Documentation
  40. ==================
  41. The documentation for python-keycloak is available on `readthedocs <http://python-keycloak.readthedocs.io>`_.
  42. Contributors
  43. ==================
  44. * `Agriness Team <http://www.agriness.com/pt/>`_
  45. Usage
  46. =====
  47. Main methods::
  48. from keycloak import KeycloakOpenID
  49. # Configure client
  50. keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
  51. client_id="example_client",
  52. realm_name="example_realm",
  53. client_secret_key="secret")
  54. # Get WellKnow
  55. config_well_know = keycloak_openid.well_know()
  56. # Get Token
  57. token = keycloak_openid.token("user", "password")
  58. # Get Userinfo
  59. userinfo = keycloak_openid.userinfo(token['access_token'])
  60. # Logout
  61. keycloak_openid.logout(token['refresh_token'])
  62. # Get Certs
  63. certs = keycloak_openid.certs()
  64. # Get RPT (Entitlement)
  65. token = keycloak_openid.token("user", "password")
  66. rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
  67. # Instropect RPT
  68. token_rpt_info = keycloak_openid.instropect(keycloak_openid.instropect(token['access_token'], rpt=rpt['rpt'],
  69. token_type_hint="requesting_party_token"))
  70. # Introspect Token
  71. token_info = keycloak_openid.introspect(token['access_token']))
  72. # Decode Token
  73. KEYCLOAK_PUBLIC_KEY = "secret"
  74. options = {"verify_signature": True, "verify_aud": True, "exp": True}
  75. token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
  76. # Get permissions by token
  77. token = keycloak_openid.token("user", "password")
  78. keycloak_openid.load_authorization_config("example-authz-config.json")
  79. policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
  80. permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')
  81. # KEYCLOAK ADMIN
  82. from keycloak import KeycloakAdmin
  83. keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
  84. username='example-admin',
  85. password='secret',
  86. realm_name="example_realm")
  87. # Add user
  88. new_user = keycloak_admin.create_user({"email": "example@example.com",
  89. "username": "example@example.com",
  90. "enabled": True,
  91. "firstName": "Example",
  92. "lastName": "Example",
  93. "realmRoles": ["user_default", ],
  94. "attributes": {"example": "1,2,3,3,"}})
  95. # User counter
  96. count_users = keycloak_admin.users_count()
  97. # Get users Returns a list of users, filtered according to query parameters
  98. users = keycloak_admin.get_users({})
  99. # Get User
  100. user = keycloak_admin.get_user("user-id-keycloak")
  101. # Update User
  102. response = keycloak_admin.update_user(user_id="user-id-keycloak",
  103. payload={'firstName': 'Example Update'})
  104. # Delete User
  105. response = keycloak_admin.delete_user(user_id="user-id-keycloak")
  106. # Get consents granted by the user
  107. consents = keycloak_admin.consents_user(user_id="user-id-keycloak")
  108. # Send User Action
  109. response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
  110. payload=json.dumps(['UPDATE_PASSWORD']))
  111. # Send Verify Email
  112. response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")
  113. # Get sessions associated with the user
  114. sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak")
  115. # Get themes, social providers, auth providers, and event listeners available on this server
  116. server_info = keycloak_admin.get_server_info()
  117. # Get clients belonging to the realm Returns a list of clients belonging to the realm
  118. clients = keycloak_admin.get_clients()
  119. # Get client - id (not client-id) from client by name
  120. client_id=keycloak_admin.get_client_id("my-client")
  121. # Get representation of the client - id of client (not client-id)
  122. client_roles = keycloak_admin.get_client_role(client_id=client_id)
  123. # Get all roles for the client
  124. client_roles = keycloak_admin.get_client_role(client_id=client_id)
  125. # Create client role
  126. keycloak_admin.create_client_role(client_id, "test")
  127. # Get client role id from name
  128. role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test")
  129. # Get all roles for the realm or client
  130. realm_roles = keycloak_admin.get_roles()
  131. # Assign client role to user. Note that BOTH role_name and role_id appear to be required.
  132. keycloak_admin.assign_client_role(client_id=client_id, user_id=user_id, role_id=role_id, role_name="test")