warricksothr
/
python-keycloak
forked from Mirror/python-keycloak
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
308 Commits
5 Branches
0 Tags
420 KiB
Tree: ab1fe9edc0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ab1fe9edc0'
${ noResults }
python-keycloak/keycloak/keycloak_admin.py

1319 lines
50 KiB
Raw Normal View History

Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Methods: list users, get user, create user.
7 years ago
Fixed README and setup.py. Updated docs.
6 years ago
Updated docs.
7 years ago
Fixed new features.
7 years ago
Fixed conflict.
6 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
Add update and delete role by name Add 'Update a role' and 'Delete a role' by name and without passing the client parameter
4 years ago
pep8 formatting
6 years ago
Updated docs.
7 years ago
pep8 formatting
6 years ago
converting 'import *' into individual imports
6 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
converting 'import *' into individual imports
6 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Fix missing import for assign_realm_roles method
5 years ago
Added routes for deleting and updating realms
4 years ago
Methods: list users, get user, create user.
7 years ago
Add pagination wrapper
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Add support for Client Credentials Grant in KeycloakAdmin
4 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Updated docks
7 years ago
add ability to log into service account in KeycloakAdmin
5 years ago
[Feature] add custom headers. Closes #38
5 years ago
Updated documentation and links
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Updated docks
7 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Update keycloak_admin.py fixes auto_refresh_token property not using setter on KeyclaokAdmin initialization
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add pagination wrapper
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add pagination wrapper
5 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Updated documentation and links
5 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Admin - adding 'Import Realm' to pass a RealmRepresentation and create a new Realm
6 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create method to list all realms from a Keycloak deployment
5 years ago
Add support to create a new Realm
5 years ago
Fix copy-pasted docstring
5 years ago
Add support to create a new Realm
5 years ago
Updated documentation and links
5 years ago
Add support to create a new Realm
5 years ago
Updated documentation and links
5 years ago
Fix copy-pasted docstring
5 years ago
Add support to create a new Realm
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add support to create a new Realm
5 years ago
Added routes for deleting and updating realms
4 years ago
Add support to create a new Realm
5 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Paginate get_users
5 years ago
Methods: list users, get user, create user.
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Add get_idps
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_idps
6 years ago
revert to payload
7 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
revert to payload
7 years ago
Methods: list users, get user, create user.
7 years ago
Add get_idps
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
return user id on user creation
5 years ago
Methods: list users, get user, create user.
7 years ago
Updated docs.
7 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed feature get user id.
6 years ago
Create 'get_client_secrets' method
5 years ago
[11] Fixed function get_user_id to return the correct value
6 years ago
Add Admin Tasks for user and client role management
7 years ago
Methods: list users, get user, create user.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
Methods: list users, get user, create user.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Methods: list users, get user, create user.
7 years ago
Add get_user_groups function
6 years ago
Updated documentation and links
5 years ago
Add get_user_groups function
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_user_groups function
6 years ago
revert back to payload
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Fixed new features.
7 years ago
Updated documentation and links
5 years ago
Fixed new features.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Fixed new features.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Add groups functions
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Paginate get_groups
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Add get_idps
6 years ago
pep8 formatting
6 years ago
Fix get_subgroups iteration
5 years ago
Add get_idps
6 years ago
Add query params to get_group_members
6 years ago
method to get group members
6 years ago
comments
6 years ago
method to get group members
6 years ago
Updated documentation and links
5 years ago
method to get group members
6 years ago
Updated documentation and links
5 years ago
comments
6 years ago
method to get group members
6 years ago
Paginate get_group_members
5 years ago
method to get group members
6 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Fixed new features.
7 years ago
Refactoring code: groups and client.
7 years ago
Add get_idps
6 years ago
Refactoring code: groups and client.
7 years ago
Fix a bug in the subgroup searching
6 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Add groups functions
7 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
pep8 formatting
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Fixed create group.
5 years ago
Add get_idps
6 years ago
Add groups functions
7 years ago
Add update_group
5 years ago
Updated documentation and links
5 years ago
Add update_group
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add update_group
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Add groups functions
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add groups functions
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Updated documentation and links
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Refactoring code: groups and client.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Refactoring code: groups and client.
7 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
added send_verify_email, reset_password, send_update_account, server_info, get_sessions, get_clients.
7 years ago
Methods: list users, get user, create user.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Updated documentation and links
5 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Fix bug in get_client_id method. Add get_client_authz_settings method
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Updated documentation and links
5 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_client_authz_resources to retrieve resources
6 years ago
Add get_idps
6 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_idps
6 years ago
Initial commit
7 years ago
Add update method for clients
5 years ago
Modified update_client & create_realm_role to use keycloak_admin raw_put/post Modified update_client & create_realm_role to use the keycloak_admin raw_put/post instead of the connection's raw_put/post directly to allow for token refresh
4 years ago
Add update method for clients
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Add groups functions
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Initial commit
7 years ago
Refactoring code: groups and client.
7 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated docs.
7 years ago
Add groups functions
7 years ago
Updated docs.
7 years ago
Updated documentation and links
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add groups functions
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Updated documentation and links
5 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Refactoring code: groups and client.
7 years ago
Updated docs.
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Add Admin Tasks for user and client role management
7 years ago
Updated documentation and links
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Updated documentation and links
5 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring code: groups and client.
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add get_idps
6 years ago
Add Admin Tasks for user and client role management
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Updated documentation and links
5 years ago
Initial commit
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Refactoring code: groups and client.
7 years ago
Initial commit
7 years ago
Fixed the create_client_role and delete_client_role.
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Initial commit
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Updated documentation and links
5 years ago
Refactoring all services for client and client-roles.
7 years ago
Refactoring code: groups and client.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Refactoring all services for client and client-roles.
7 years ago
Add Admin Tasks for user and client role management
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add Admin Tasks for user and client role management
7 years ago
Add sync users function
7 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Updated documentation and links
5 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Modified update_client & create_realm_role to use keycloak_admin raw_put/post Modified update_client & create_realm_role to use the keycloak_admin raw_put/post instead of the connection's raw_put/post directly to allow for token refresh
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Add update and delete role by name Add 'Update a role' and 'Delete a role' by name and without passing the client parameter
4 years ago
Add function to KeycloakAdmin to add a role to a realm
5 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Updated documentation and links
5 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Implement assign_realm_roles method Increment package version Update docstring Remove client_id from path params Fix raw_post with correct url
5 years ago
Add group realm roles delete, get and add Signed-off-by: Paolo Romolini Signed-off-by: Tamara Noncentini
4 years ago
Add method to retrieve the client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve the client roles of a user
6 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to retrieve avaialbe and composite client roles of a user
6 years ago
Add method to retrieve the client roles of a user
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add method to retrieve the client roles of a user
6 years ago
Add method to delete client roles of a user
6 years ago
Updated documentation and links
5 years ago
Add method to delete client roles of a user
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add method to delete client roles of a user
6 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Updated documentation and links
5 years ago
Add authentication flow actions
6 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add authentication flow actions
6 years ago
Add sync users function
7 years ago
Added groups functions and client functions. Added Changedlog
7 years ago
Updated documentation and links
5 years ago
Added groups functions and client functions. Added Changedlog
7 years ago
Add sync users function
7 years ago
Merge develop
7 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add sync users function
7 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Updated documentation and links
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Create methods to retrieve all client scopes, a single client scope, and to add a mapper to a client scope
5 years ago
Create 'get_client_secrets' method
5 years ago
Add generate_client_secrets
4 years ago
Create 'get_client_secrets' method
5 years ago
Updated documentation and links
5 years ago
Create 'get_client_secrets' method
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Add support to create a new Realm
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Fixed merge with external branch.
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
Merge branch 'master' into auto-refresh-admin-token
5 years ago
Update keycloak_admin.py automatically refresh stale token
5 years ago
  1. # -*- coding: utf-8 -*-
  2. #
  3. # The MIT License (MIT)
  4. #
  5. # Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>
  6. #
  7. # Permission is hereby granted, free of charge, to any person obtaining a copy of
  8. # this software and associated documentation files (the "Software"), to deal in
  9. # the Software without restriction, including without limitation the rights to
  10. # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
  11. # the Software, and to permit persons to whom the Software is furnished to do so,
  12. # subject to the following conditions:
  13. #
  14. # The above copyright notice and this permission notice shall be included in all
  15. # copies or substantial portions of the Software.
  16. #
  17. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  19. # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  20. # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  21. # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  22. # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  24. # Unless otherwise stated in the comments, "id", in e.g. user_id, refers to the
  25. # internal Keycloak server ID, usually a uuid string
  27. import json
  28. from builtins import isinstance
  29. from typing import List, Iterable
  31. from keycloak.urls_patterns import URL_ADMIN_GROUPS_REALM_ROLES, \
  32. URL_ADMIN_GET_GROUPS_REALM_ROLES, URL_ADMIN_REALM_ROLES_ROLE_BY_NAME
  33. from .connection import ConnectionManager
  34. from .exceptions import raise_error_from_response, KeycloakGetError
  35. from .keycloak_openid import KeycloakOpenID
  36. from .urls_patterns import URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENT_AUTHZ_RESOURCES, URL_ADMIN_CLIENT_ROLES, \
  37. URL_ADMIN_GET_SESSIONS, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_UPDATE_ACCOUNT, \
  38. URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, URL_ADMIN_USER_GROUP, URL_ADMIN_REALM_ROLES, URL_ADMIN_GROUP_CHILD, \
  39. URL_ADMIN_USER_CONSENTS, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_CLIENT, URL_ADMIN_USER, URL_ADMIN_CLIENT_ROLE, \
  40. URL_ADMIN_USER_GROUPS, URL_ADMIN_CLIENTS, URL_ADMIN_FLOWS_EXECUTIONS, URL_ADMIN_GROUPS, URL_ADMIN_USER_CLIENT_ROLES, \
  41. URL_ADMIN_REALMS, URL_ADMIN_USERS_COUNT, URL_ADMIN_FLOWS, URL_ADMIN_GROUP, URL_ADMIN_CLIENT_AUTHZ_SETTINGS, \
  42. URL_ADMIN_GROUP_MEMBERS, URL_ADMIN_USER_STORAGE, URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_IDPS, \
  43. URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, URL_ADMIN_USERS, URL_ADMIN_CLIENT_SCOPES, \
  44. URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER, URL_ADMIN_CLIENT_SCOPE, URL_ADMIN_CLIENT_SECRETS, \
  45. URL_ADMIN_USER_REALM_ROLES, URL_ADMIN_REALM
  48. class KeycloakAdmin:
  50. PAGE_SIZE = 100
  52. _server_url = None
  53. _username = None
  54. _password = None
  55. _realm_name = None
  56. _client_id = None
  57. _verify = None
  58. _client_secret_key = None
  59. _auto_refresh_token = None
  60. _connection = None
  61. _token = None
  62. _custom_headers = None
  63. _user_realm_name = None
  65. def __init__(self, server_url, username=None, password=None, realm_name='master', client_id='admin-cli', verify=True,
  66. client_secret_key=None, custom_headers=None, user_realm_name=None, auto_refresh_token=None):
  67. """
  69. :param server_url: Keycloak server url
  70. :param username: admin username
  71. :param password: admin password
  72. :param realm_name: realm name
  73. :param client_id: client id
  74. :param verify: True if want check connection SSL
  75. :param client_secret_key: client secret key
  76. :param custom_headers: dict of custom header to pass to each HTML request
  77. :param user_realm_name: The realm name of the user, if different from realm_name
  78. :param auto_refresh_token: list of methods that allows automatic token refresh. ex: ['get', 'put', 'post', 'delete']
  79. """
  80. self.server_url = server_url
  81. self.username = username
  82. self.password = password
  83. self.realm_name = realm_name
  84. self.client_id = client_id
  85. self.verify = verify
  86. self.client_secret_key = client_secret_key
  87. self.auto_refresh_token = auto_refresh_token or []
  88. self.user_realm_name = user_realm_name
  89. self.custom_headers = custom_headers
  91. # Get token Admin
  92. self.get_token()
  94. @property
  95. def server_url(self):
  96. return self._server_url
  98. @server_url.setter
  99. def server_url(self, value):
  100. self._server_url = value
  102. @property
  103. def realm_name(self):
  104. return self._realm_name
  106. @realm_name.setter
  107. def realm_name(self, value):
  108. self._realm_name = value
  110. @property
  111. def connection(self):
  112. return self._connection
  114. @connection.setter
  115. def connection(self, value):
  116. self._connection = value
  118. @property
  119. def client_id(self):
  120. return self._client_id
  122. @client_id.setter
  123. def client_id(self, value):
  124. self._client_id = value
  126. @property
  127. def client_secret_key(self):
  128. return self._client_secret_key
  130. @client_secret_key.setter
  131. def client_secret_key(self, value):
  132. self._client_secret_key = value
  134. @property
  135. def verify(self):
  136. return self._verify
  138. @verify.setter
  139. def verify(self, value):
  140. self._verify = value
  142. @property
  143. def username(self):
  144. return self._username
  146. @username.setter
  147. def username(self, value):
  148. self._username = value
  150. @property
  151. def password(self):
  152. return self._password
  154. @password.setter
  155. def password(self, value):
  156. self._password = value
  158. @property
  159. def token(self):
  160. return self._token
  162. @token.setter
  163. def token(self, value):
  164. self._token = value
  166. @property
  167. def auto_refresh_token(self):
  168. return self._auto_refresh_token
  170. @property
  171. def user_realm_name(self):
  172. return self._user_realm_name
  174. @user_realm_name.setter
  175. def user_realm_name(self, value):
  176. self._user_realm_name = value
  178. @property
  179. def custom_headers(self):
  180. return self._custom_headers
  182. @custom_headers.setter
  183. def custom_headers(self, value):
  184. self._custom_headers = value
  186. @auto_refresh_token.setter
  187. def auto_refresh_token(self, value):
  188. allowed_methods = {'get', 'post', 'put', 'delete'}
  189. if not isinstance(value, Iterable):
  190. raise TypeError('Expected a list of strings among {allowed}'.format(allowed=allowed_methods))
  191. if not all(method in allowed_methods for method in value):
  192. raise TypeError('Unexpected method in auto_refresh_token, accepted methods are {allowed}'.format(allowed=allowed_methods))
  194. self._auto_refresh_token = value
  197. def __fetch_all(self, url, query=None):
  198. '''Wrapper function to paginate GET requests
  200. :param url: The url on which the query is executed
  201. :param query: Existing query parameters (optional)
  203. :return: Combined results of paginated queries
  204. '''
  205. results = []
  207. # initalize query if it was called with None
  208. if not query:
  209. query = {}
  210. page = 0
  211. query['max'] = self.PAGE_SIZE
  213. # fetch until we can
  214. while True:
  215. query['first'] = page*self.PAGE_SIZE
  216. partial_results = raise_error_from_response(
  217. self.raw_get(url, **query),
  218. KeycloakGetError)
  219. if not partial_results:
  220. break
  221. results.extend(partial_results)
  222. page += 1
  223. return results
  225. def import_realm(self, payload):
  226. """
  227. Import a new realm from a RealmRepresentation. Realm name must be unique.
  229. RealmRepresentation
  230. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  232. :param payload: RealmRepresentation
  234. :return: RealmRepresentation
  235. """
  237. data_raw = self.raw_post(URL_ADMIN_REALMS,
  238. data=json.dumps(payload))
  239. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
  241. def get_realms(self):
  242. """
  243. Lists all realms in Keycloak deployment
  245. :return: realms list
  246. """
  247. data_raw = self.raw_get(URL_ADMIN_REALMS)
  248. return raise_error_from_response(data_raw, KeycloakGetError)
  250. def create_realm(self, payload, skip_exists=False):
  251. """
  252. Create a realm
  254. RealmRepresentation:
  255. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  257. :param payload: RealmRepresentation
  258. :param skip_exists: Skip if Realm already exist.
  259. :return: Keycloak server response (RealmRepresentation)
  260. """
  262. data_raw = self.raw_post(URL_ADMIN_REALMS,
  263. data=json.dumps(payload))
  264. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  266. def update_realm(self, realm_name, payload):
  267. """
  268. Update a realm. This wil only update top level attributes and will ignore any user,
  269. role, or client information in the payload.
  271. RealmRepresentation:
  272. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_realmrepresentation
  274. :param realm_name: Realm name (not the realm id)
  275. :param payload: RealmRepresentation
  276. :return: Http response
  277. """
  279. params_path = {"realm-name": realm_name}
  280. data_raw = self.raw_put(URL_ADMIN_REALM.format(**params_path),
  281. data=json.dumps(payload))
  282. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  284. def delete_realm(self, realm_name):
  285. """
  286. Delete a realm
  288. :param realm_name: Realm name (not the realm id)
  289. :return: Http response
  290. """
  292. params_path = {"realm-name": realm_name}
  293. data_raw = self.raw_delete(URL_ADMIN_REALM.format(**params_path))
  294. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  297. def get_users(self, query=None):
  298. """
  299. Return a list of users, filtered according to query parameters
  301. UserRepresentation
  302. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  304. :param query: Query parameters (optional)
  305. :return: users list
  306. """
  307. params_path = {"realm-name": self.realm_name}
  308. return self.__fetch_all(URL_ADMIN_USERS.format(**params_path), query)
  310. def get_idps(self):
  311. """
  312. Returns a list of ID Providers,
  314. IdentityProviderRepresentation
  315. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_identityproviderrepresentation
  317. :return: array IdentityProviderRepresentation
  318. """
  319. params_path = {"realm-name": self.realm_name}
  320. data_raw = self.raw_get(URL_ADMIN_IDPS.format(**params_path))
  321. return raise_error_from_response(data_raw, KeycloakGetError)
  323. def create_user(self, payload):
  324. """
  325. Create a new user. Username must be unique
  327. UserRepresentation
  328. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  330. :param payload: UserRepresentation
  332. :return: UserRepresentation
  333. """
  334. params_path = {"realm-name": self.realm_name}
  336. exists = self.get_user_id(username=payload['username'])
  338. if exists is not None:
  339. return str(exists)
  341. data_raw = self.raw_post(URL_ADMIN_USERS.format(**params_path),
  342. data=json.dumps(payload))
  343. raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
  344. _last_slash_idx = data_raw.headers['Location'].rindex('/')
  345. return data_raw.headers['Location'][_last_slash_idx + 1:]
  347. def users_count(self):
  348. """
  349. User counter
  351. :return: counter
  352. """
  353. params_path = {"realm-name": self.realm_name}
  354. data_raw = self.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path))
  355. return raise_error_from_response(data_raw, KeycloakGetError)
  357. def get_user_id(self, username):
  358. """
  359. Get internal keycloak user id from username
  360. This is required for further actions against this user.
  362. UserRepresentation
  363. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  365. :param username: id in UserRepresentation
  367. :return: user_id
  368. """
  370. users = self.get_users(query={"search": username})
  371. return next((user["id"] for user in users if user["username"] == username), None)
  373. def get_user(self, user_id):
  374. """
  375. Get representation of the user
  377. :param user_id: User id
  379. UserRepresentation
  380. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_userrepresentation
  382. :return: UserRepresentation
  383. """
  384. params_path = {"realm-name": self.realm_name, "id": user_id}
  385. data_raw = self.raw_get(URL_ADMIN_USER.format(**params_path))
  386. return raise_error_from_response(data_raw, KeycloakGetError)
  388. def get_user_groups(self, user_id):
  389. """
  390. Returns a list of groups of which the user is a member
  392. :param user_id: User id
  394. :return: user groups list
  395. """
  396. params_path = {"realm-name": self.realm_name, "id": user_id}
  397. data_raw = self.raw_get(URL_ADMIN_USER_GROUPS.format(**params_path))
  398. return raise_error_from_response(data_raw, KeycloakGetError)
  400. def update_user(self, user_id, payload):
  401. """
  402. Update the user
  404. :param user_id: User id
  405. :param payload: UserRepresentation
  407. :return: Http response
  408. """
  409. params_path = {"realm-name": self.realm_name, "id": user_id}
  410. data_raw = self.raw_put(URL_ADMIN_USER.format(**params_path),
  411. data=json.dumps(payload))
  412. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  414. def delete_user(self, user_id):
  415. """
  416. Delete the user
  418. :param user_id: User id
  420. :return: Http response
  421. """
  422. params_path = {"realm-name": self.realm_name, "id": user_id}
  423. data_raw = self.raw_delete(URL_ADMIN_USER.format(**params_path))
  424. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  426. def set_user_password(self, user_id, password, temporary=True):
  427. """
  428. Set up a password for the user. If temporary is True, the user will have to reset
  429. the temporary password next time they log in.
  431. https://www.keycloak.org/docs-api/8.0/rest-api/#_users_resource
  432. https://www.keycloak.org/docs-api/8.0/rest-api/#_credentialrepresentation
  434. :param user_id: User id
  435. :param password: New password
  436. :param temporary: True if password is temporary
  438. :return:
  439. """
  440. payload = {"type": "password", "temporary": temporary, "value": password}
  441. params_path = {"realm-name": self.realm_name, "id": user_id}
  442. data_raw = self.raw_put(URL_ADMIN_RESET_PASSWORD.format(**params_path),
  443. data=json.dumps(payload))
  444. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  446. def consents_user(self, user_id):
  447. """
  448. Get consents granted by the user
  450. :param user_id: User id
  452. :return: consents
  453. """
  454. params_path = {"realm-name": self.realm_name, "id": user_id}
  455. data_raw = self.raw_get(URL_ADMIN_USER_CONSENTS.format(**params_path))
  456. return raise_error_from_response(data_raw, KeycloakGetError)
  458. def send_update_account(self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None):
  459. """
  460. Send an update account email to the user. An email contains a
  461. link the user can click to perform a set of required actions.
  463. :param user_id: User id
  464. :param payload: A list of actions for the user to complete
  465. :param client_id: Client id (optional)
  466. :param lifespan: Number of seconds after which the generated token expires (optional)
  467. :param redirect_uri: The redirect uri (optional)
  469. :return:
  470. """
  471. params_path = {"realm-name": self.realm_name, "id": user_id}
  472. params_query = {"client_id": client_id, "lifespan": lifespan, "redirect_uri": redirect_uri}
  473. data_raw = self.raw_put(URL_ADMIN_SEND_UPDATE_ACCOUNT.format(**params_path),
  474. data=payload, **params_query)
  475. return raise_error_from_response(data_raw, KeycloakGetError)
  477. def send_verify_email(self, user_id, client_id=None, redirect_uri=None):
  478. """
  479. Send a update account email to the user An email contains a
  480. link the user can click to perform a set of required actions.
  482. :param user_id: User id
  483. :param client_id: Client id (optional)
  484. :param redirect_uri: Redirect uri (optional)
  486. :return:
  487. """
  488. params_path = {"realm-name": self.realm_name, "id": user_id}
  489. params_query = {"client_id": client_id, "redirect_uri": redirect_uri}
  490. data_raw = self.raw_put(URL_ADMIN_SEND_VERIFY_EMAIL.format(**params_path),
  491. data={}, **params_query)
  492. return raise_error_from_response(data_raw, KeycloakGetError)
  494. def get_sessions(self, user_id):
  495. """
  496. Get sessions associated with the user
  498. :param user_id: id of user
  500. UserSessionRepresentation
  501. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_usersessionrepresentation
  503. :return: UserSessionRepresentation
  504. """
  505. params_path = {"realm-name": self.realm_name, "id": user_id}
  506. data_raw = self.raw_get(URL_ADMIN_GET_SESSIONS.format(**params_path))
  507. return raise_error_from_response(data_raw, KeycloakGetError)
  509. def get_server_info(self):
  510. """
  511. Get themes, social providers, auth providers, and event listeners available on this server
  513. ServerInfoRepresentation
  514. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_serverinforepresentation
  516. :return: ServerInfoRepresentation
  517. """
  518. data_raw = self.raw_get(URL_ADMIN_SERVER_INFO)
  519. return raise_error_from_response(data_raw, KeycloakGetError)
  521. def get_groups(self):
  522. """
  523. Returns a list of groups belonging to the realm
  525. GroupRepresentation
  526. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  528. :return: array GroupRepresentation
  529. """
  530. params_path = {"realm-name": self.realm_name}
  531. return self.__fetch_all(URL_ADMIN_GROUPS.format(**params_path))
  533. def get_group(self, group_id):
  534. """
  535. Get group by id. Returns full group details
  537. GroupRepresentation
  538. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  540. :param group_id: The group id
  541. :return: Keycloak server response (GroupRepresentation)
  542. """
  543. params_path = {"realm-name": self.realm_name, "id": group_id}
  544. data_raw = self.raw_get(URL_ADMIN_GROUP.format(**params_path))
  545. return raise_error_from_response(data_raw, KeycloakGetError)
  547. def get_subgroups(self, group, path):
  548. """
  549. Utility function to iterate through nested group structures
  551. GroupRepresentation
  552. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  554. :param name: group (GroupRepresentation)
  555. :param path: group path (string)
  557. :return: Keycloak server response (GroupRepresentation)
  558. """
  560. for subgroup in group["subGroups"]:
  561. if subgroup['path'] == path:
  562. return subgroup
  563. elif subgroup["subGroups"]:
  564. for subgroup in group["subGroups"]:
  565. result = self.get_subgroups(subgroup, path)
  566. if result:
  567. return result
  568. # went through the tree without hits
  569. return None
  571. def get_group_members(self, group_id, **query):
  572. """
  573. Get members by group id. Returns group members
  575. GroupRepresentation
  576. https://www.keycloak.org/docs-api/8.0/rest-api/#_userrepresentation
  578. :param group_id: The group id
  579. :param query: Additional query parameters (see https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getmembers)
  580. :return: Keycloak server response (UserRepresentation)
  581. """
  582. params_path = {"realm-name": self.realm_name, "id": group_id}
  583. return self.__fetch_all(URL_ADMIN_GROUP_MEMBERS.format(**params_path), query)
  585. def get_group_by_path(self, path, search_in_subgroups=False):
  586. """
  587. Get group id based on name or path.
  588. A straight name or path match with a top-level group will return first.
  589. Subgroups are traversed, the first to match path (or name with path) is returned.
  591. GroupRepresentation
  592. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  594. :param path: group path
  595. :param search_in_subgroups: True if want search in the subgroups
  596. :return: Keycloak server response (GroupRepresentation)
  597. """
  599. groups = self.get_groups()
  601. # TODO: Review this code is necessary
  602. for group in groups:
  603. if group['path'] == path:
  604. return group
  605. elif search_in_subgroups and group["subGroups"]:
  606. for group in group["subGroups"]:
  607. if group['path'] == path:
  608. return group
  609. res = self.get_subgroups(group, path)
  610. if res != None:
  611. return res
  612. return None
  614. def create_group(self, payload, parent=None, skip_exists=False):
  615. """
  616. Creates a group in the Realm
  618. :param payload: GroupRepresentation
  619. :param parent: parent group's id. Required to create a sub-group.
  620. :param skip_exists: If true then do not raise an error if it already exists
  622. GroupRepresentation
  623. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  625. :return: Http response
  626. """
  628. if parent is None:
  629. params_path = {"realm-name": self.realm_name}
  630. data_raw = self.raw_post(URL_ADMIN_GROUPS.format(**params_path),
  631. data=json.dumps(payload))
  632. else:
  633. params_path = {"realm-name": self.realm_name, "id": parent, }
  634. data_raw = self.raw_post(URL_ADMIN_GROUP_CHILD.format(**params_path),
  635. data=json.dumps(payload))
  637. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  639. def update_group(self, group_id, payload):
  640. """
  641. Update group, ignores subgroups.
  643. :param group_id: id of group
  644. :param payload: GroupRepresentation with updated information.
  646. GroupRepresentation
  647. https://www.keycloak.org/docs-api/8.0/rest-api/#_grouprepresentation
  649. :return: Http response
  650. """
  652. params_path = {"realm-name": self.realm_name, "id": group_id}
  653. data_raw = self.raw_put(URL_ADMIN_GROUP.format(**params_path),
  654. data=json.dumps(payload))
  655. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  657. def group_set_permissions(self, group_id, enabled=True):
  658. """
  659. Enable/Disable permissions for a group. Cannot delete group if disabled
  661. :param group_id: id of group
  662. :param enabled: boolean
  663. :return: Keycloak server response
  664. """
  666. params_path = {"realm-name": self.realm_name, "id": group_id}
  667. data_raw = self.raw_put(URL_ADMIN_GROUP_PERMISSIONS.format(**params_path),
  668. data=json.dumps({"enabled": enabled}))
  669. return raise_error_from_response(data_raw, KeycloakGetError)
  671. def group_user_add(self, user_id, group_id):
  672. """
  673. Add user to group (user_id and group_id)
  675. :param user_id: id of user
  676. :param group_id: id of group to add to
  677. :return: Keycloak server response
  678. """
  680. params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id}
  681. data_raw = self.raw_put(URL_ADMIN_USER_GROUP.format(**params_path), data=None)
  682. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  684. def group_user_remove(self, user_id, group_id):
  685. """
  686. Remove user from group (user_id and group_id)
  688. :param user_id: id of user
  689. :param group_id: id of group to remove from
  690. :return: Keycloak server response
  691. """
  693. params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id}
  694. data_raw = self.raw_delete(URL_ADMIN_USER_GROUP.format(**params_path))
  695. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  697. def delete_group(self, group_id):
  698. """
  699. Deletes a group in the Realm
  701. :param group_id: id of group to delete
  702. :return: Keycloak server response
  703. """
  705. params_path = {"realm-name": self.realm_name, "id": group_id}
  706. data_raw = self.raw_delete(URL_ADMIN_GROUP.format(**params_path))
  707. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  709. def get_clients(self):
  710. """
  711. Returns a list of clients belonging to the realm
  713. ClientRepresentation
  714. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  716. :return: Keycloak server response (ClientRepresentation)
  717. """
  719. params_path = {"realm-name": self.realm_name}
  720. data_raw = self.raw_get(URL_ADMIN_CLIENTS.format(**params_path))
  721. return raise_error_from_response(data_raw, KeycloakGetError)
  723. def get_client(self, client_id):
  724. """
  725. Get representation of the client
  727. ClientRepresentation
  728. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  730. :param client_id: id of client (not client-id)
  731. :return: Keycloak server response (ClientRepresentation)
  732. """
  734. params_path = {"realm-name": self.realm_name, "id": client_id}
  735. data_raw = self.raw_get(URL_ADMIN_CLIENT.format(**params_path))
  736. return raise_error_from_response(data_raw, KeycloakGetError)
  738. def get_client_id(self, client_name):
  739. """
  740. Get internal keycloak client id from client-id.
  741. This is required for further actions against this client.
  743. :param client_name: name in ClientRepresentation
  744. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  745. :return: client_id (uuid as string)
  746. """
  748. clients = self.get_clients()
  750. for client in clients:
  751. if client_name == client.get('name') or client_name == client.get('clientId'):
  752. return client["id"]
  754. return None
  756. def get_client_authz_settings(self, client_id):
  757. """
  758. Get authorization json from client.
  760. :param client_id: id in ClientRepresentation
  761. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  762. :return: Keycloak server response
  763. """
  765. params_path = {"realm-name": self.realm_name, "id": client_id}
  766. data_raw = self.raw_get(URL_ADMIN_CLIENT_AUTHZ_SETTINGS.format(**params_path))
  767. return data_raw
  769. def get_client_authz_resources(self, client_id):
  770. """
  771. Get resources from client.
  773. :param client_id: id in ClientRepresentation
  774. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  775. :return: Keycloak server response
  776. """
  778. params_path = {"realm-name": self.realm_name, "id": client_id}
  779. data_raw = self.raw_get(URL_ADMIN_CLIENT_AUTHZ_RESOURCES.format(**params_path))
  780. return data_raw
  782. def create_client(self, payload, skip_exists=False):
  783. """
  784. Create a client
  786. ClientRepresentation: https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  788. :param skip_exists: If true then do not raise an error if client already exists
  789. :param payload: ClientRepresentation
  790. :return: Keycloak server response (UserRepresentation)
  791. """
  793. params_path = {"realm-name": self.realm_name}
  794. data_raw = self.raw_post(URL_ADMIN_CLIENTS.format(**params_path),
  795. data=json.dumps(payload))
  796. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  798. def update_client(self, client_id, payload):
  799. """
  800. Update a client
  802. :param client_id: Client id
  803. :param payload: ClientRepresentation
  805. :return: Http response
  806. """
  807. params_path = {"realm-name": self.realm_name, "id": client_id}
  808. data_raw = self.raw_put(URL_ADMIN_CLIENT.format(**params_path),
  809. data=json.dumps(payload))
  810. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  812. def delete_client(self, client_id):
  813. """
  814. Get representation of the client
  816. ClientRepresentation
  817. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_clientrepresentation
  819. :param client_id: keycloak client id (not oauth client-id)
  820. :return: Keycloak server response (ClientRepresentation)
  821. """
  823. params_path = {"realm-name": self.realm_name, "id": client_id}
  824. data_raw = self.raw_delete(URL_ADMIN_CLIENT.format(**params_path))
  825. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  827. def get_realm_roles(self):
  828. """
  829. Get all roles for the realm or client
  831. RoleRepresentation
  832. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  834. :return: Keycloak server response (RoleRepresentation)
  835. """
  837. params_path = {"realm-name": self.realm_name}
  838. data_raw = self.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path))
  839. return raise_error_from_response(data_raw, KeycloakGetError)
  841. def get_client_roles(self, client_id):
  842. """
  843. Get all roles for the client
  845. :param client_id: id of client (not client-id)
  847. RoleRepresentation
  848. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  850. :return: Keycloak server response (RoleRepresentation)
  851. """
  853. params_path = {"realm-name": self.realm_name, "id": client_id}
  854. data_raw = self.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path))
  855. return raise_error_from_response(data_raw, KeycloakGetError)
  857. def get_client_role(self, client_id, role_name):
  858. """
  859. Get client role id by name
  860. This is required for further actions with this role.
  862. :param client_id: id of client (not client-id)
  863. :param role_name: roles name (not id!)
  865. RoleRepresentation
  866. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  868. :return: role_id
  869. """
  870. params_path = {"realm-name": self.realm_name, "id": client_id, "role-name": role_name}
  871. data_raw = self.raw_get(URL_ADMIN_CLIENT_ROLE.format(**params_path))
  872. return raise_error_from_response(data_raw, KeycloakGetError)
  874. def get_client_role_id(self, client_id, role_name):
  875. """
  876. Warning: Deprecated
  878. Get client role id by name
  879. This is required for further actions with this role.
  881. :param client_id: id of client (not client-id)
  882. :param role_name: roles name (not id!)
  884. RoleRepresentation
  885. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  887. :return: role_id
  888. """
  889. role = self.get_client_role(client_id, role_name)
  890. return role.get("id")
  892. def create_client_role(self, client_role_id, payload, skip_exists=False):
  893. """
  894. Create a client role
  896. RoleRepresentation
  897. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  899. :param client_role_id: id of client (not client-id)
  900. :param payload: RoleRepresentation
  901. :param skip_exists: If true then do not raise an error if client role already exists
  902. :return: Keycloak server response (RoleRepresentation)
  903. """
  905. params_path = {"realm-name": self.realm_name, "id": client_role_id}
  906. data_raw = self.raw_post(URL_ADMIN_CLIENT_ROLES.format(**params_path),
  907. data=json.dumps(payload))
  908. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  910. def delete_client_role(self, client_role_id, role_name):
  911. """
  912. Delete a client role
  914. RoleRepresentation
  915. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation
  917. :param client_role_id: id of client (not client-id)
  918. :param role_name: roles name (not id!)
  919. """
  920. params_path = {"realm-name": self.realm_name, "id": client_role_id, "role-name": role_name}
  921. data_raw = self.raw_delete(URL_ADMIN_CLIENT_ROLE.format(**params_path))
  922. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  924. def assign_client_role(self, user_id, client_id, roles):
  925. """
  926. Assign a client role to a user
  928. :param user_id: id of user
  929. :param client_id: id of client (not client-id)
  930. :param roles: roles list or role (use RoleRepresentation)
  931. :return Keycloak server response
  932. """
  934. payload = roles if isinstance(roles, list) else [roles]
  935. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  936. data_raw = self.raw_post(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path),
  937. data=json.dumps(payload))
  938. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  940. def create_realm_role(self, payload, skip_exists=False):
  941. """
  942. Create a new role for the realm or client
  944. :param payload: The role (use RoleRepresentation)
  945. :param skip_exists: If true then do not raise an error if realm role already exists
  946. :return Keycloak server response
  947. """
  949. params_path = {"realm-name": self.realm_name}
  950. data_raw = self.raw_post(URL_ADMIN_REALM_ROLES.format(**params_path),
  951. data=json.dumps(payload))
  952. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  954. def update_realm_role(self, role_name, payload):
  955. """
  956. Update a role for the realm by name
  957. :param role_name: The name of the role to be updated
  958. :param payload: The role (use RoleRepresentation)
  959. :return Keycloak server response
  960. """
  962. params_path = {"realm-name": self.realm_name, "role-name": role_name}
  963. data_raw = self.connection.raw_put(URL_ADMIN_REALM_ROLES_ROLE_BY_NAME.format(**params_path),
  964. data=json.dumps(payload))
  965. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  967. def delete_realm_role(self, role_name):
  968. """
  969. Delete a role for the realm by name
  970. :param payload: The role name {'role-name':'name-of-the-role'}
  971. :return Keycloak server response
  972. """
  974. params_path = {"realm-name": self.realm_name, "role-name": role_name}
  975. data_raw = self.connection.raw_delete(
  976. URL_ADMIN_REALM_ROLES_ROLE_BY_NAME.format(**params_path))
  977. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  979. def assign_realm_roles(self, user_id, client_id, roles):
  980. """
  981. Assign realm roles to a user
  983. :param user_id: id of user
  984. :param client_id: id of client containing role (not client-id)
  985. :param roles: roles list or role (use RoleRepresentation)
  986. :return Keycloak server response
  987. """
  989. payload = roles if isinstance(roles, list) else [roles]
  990. params_path = {"realm-name": self.realm_name, "id": user_id}
  991. data_raw = self.raw_post(URL_ADMIN_USER_REALM_ROLES.format(**params_path),
  992. data=json.dumps(payload))
  993. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  995. def assign_group_realm_roles(self, group_id, roles):
  996. """
  997. Assign realm roles to a group
  999. :param group_id: id of groupp
  1000. :param roles: roles list or role (use GroupRoleRepresentation)
  1001. :return Keycloak server response
  1002. """
  1004. payload = roles if isinstance(roles, list) else [roles]
  1005. params_path = {"realm-name": self.realm_name, "id": group_id}
  1006. data_raw = self.raw_post(URL_ADMIN_GROUPS_REALM_ROLES.format(**params_path),
  1007. data=json.dumps(payload))
  1008. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  1010. def delete_group_realm_roles(self, group_id, roles):
  1011. """
  1012. Delete realm roles of a group
  1014. :param group_id: id of group
  1015. :param roles: roles list or role (use GroupRoleRepresentation)
  1016. :return Keycloak server response
  1017. """
  1019. payload = roles if isinstance(roles, list) else [roles]
  1020. params_path = {"realm-name": self.realm_name, "id": group_id}
  1021. data_raw = self.raw_delete(URL_ADMIN_GROUPS_REALM_ROLES.format(**params_path),
  1022. data=json.dumps(payload))
  1023. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  1025. def get_group_realm_roles(self, group_id):
  1026. """
  1027. Get all realm roles for a group.
  1029. :param user_id: id of the group
  1030. :return: Keycloak server response (array RoleRepresentation)
  1031. """
  1032. params_path = {"realm-name": self.realm_name, "id": group_id}
  1033. data_raw = self.raw_get(URL_ADMIN_GET_GROUPS_REALM_ROLES.format(**params_path))
  1034. return raise_error_from_response(data_raw, KeycloakGetError)
  1036. def get_client_roles_of_user(self, user_id, client_id):
  1037. """
  1038. Get all client roles for a user.
  1040. :param user_id: id of user
  1041. :param client_id: id of client (not client-id)
  1042. :return: Keycloak server response (array RoleRepresentation)
  1043. """
  1044. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES, user_id, client_id)
  1046. def get_available_client_roles_of_user(self, user_id, client_id):
  1047. """
  1048. Get available client role-mappings for a user.
  1050. :param user_id: id of user
  1051. :param client_id: id of client (not client-id)
  1052. :return: Keycloak server response (array RoleRepresentation)
  1053. """
  1054. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, user_id, client_id)
  1056. def get_composite_client_roles_of_user(self, user_id, client_id):
  1057. """
  1058. Get composite client role-mappings for a user.
  1060. :param user_id: id of user
  1061. :param client_id: id of client (not client-id)
  1062. :return: Keycloak server response (array RoleRepresentation)
  1063. """
  1064. return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, user_id, client_id)
  1066. def _get_client_roles_of_user(self, client_level_role_mapping_url, user_id, client_id):
  1067. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  1068. data_raw = self.raw_get(client_level_role_mapping_url.format(**params_path))
  1069. return raise_error_from_response(data_raw, KeycloakGetError)
  1071. def delete_client_roles_of_user(self, user_id, client_id, roles):
  1072. """
  1073. Delete client roles from a user.
  1075. :param user_id: id of user
  1076. :param client_id: id of client containing role (not client-id)
  1077. :param roles: roles list or role to delete (use RoleRepresentation)
  1078. :return: Keycloak server response
  1079. """
  1080. payload = roles if isinstance(roles, list) else [roles]
  1081. params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id}
  1082. data_raw = self.raw_delete(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path),
  1083. data=json.dumps(payload))
  1084. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  1086. def get_authentication_flows(self):
  1087. """
  1088. Get authentication flows. Returns all flow details
  1090. AuthenticationFlowRepresentation
  1091. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationflowrepresentation
  1093. :return: Keycloak server response (AuthenticationFlowRepresentation)
  1094. """
  1095. params_path = {"realm-name": self.realm_name}
  1096. data_raw = self.raw_get(URL_ADMIN_FLOWS.format(**params_path))
  1097. return raise_error_from_response(data_raw, KeycloakGetError)
  1099. def create_authentication_flow(self, payload, skip_exists=False):
  1100. """
  1101. Create a new authentication flow
  1103. AuthenticationFlowRepresentation
  1104. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationflowrepresentation
  1106. :param payload: AuthenticationFlowRepresentation
  1107. :param skip_exists: If true then do not raise an error if authentication flow already exists
  1108. :return: Keycloak server response (RoleRepresentation)
  1109. """
  1111. params_path = {"realm-name": self.realm_name}
  1112. data_raw = self.raw_post(URL_ADMIN_FLOWS.format(**params_path),
  1113. data=payload)
  1114. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
  1116. def get_authentication_flow_executions(self, flow_alias):
  1117. """
  1118. Get authentication flow executions. Returns all execution steps
  1120. :param flow_alias: the flow alias
  1121. :return: Response(json)
  1122. """
  1123. params_path = {"realm-name": self.realm_name, "flow-alias": flow_alias}
  1124. data_raw = self.raw_get(URL_ADMIN_FLOWS_EXECUTIONS.format(**params_path))
  1125. return raise_error_from_response(data_raw, KeycloakGetError)
  1127. def update_authentication_flow_executions(self, payload, flow_alias):
  1128. """
  1129. Update an authentication flow execution
  1131. AuthenticationExecutionInfoRepresentation
  1132. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_authenticationexecutioninforepresentation
  1134. :param payload: AuthenticationExecutionInfoRepresentation
  1135. :param flow_alias: The flow alias
  1136. :return: Keycloak server response
  1137. """
  1139. params_path = {"realm-name": self.realm_name, "flow-alias": flow_alias}
  1140. data_raw = self.raw_put(URL_ADMIN_FLOWS_EXECUTIONS.format(**params_path),
  1141. data=payload)
  1142. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
  1144. def sync_users(self, storage_id, action):
  1145. """
  1146. Function to trigger user sync from provider
  1148. :param storage_id: The id of the user storage provider
  1149. :param action: Action can be "triggerFullSync" or "triggerChangedUsersSync"
  1150. :return:
  1151. """
  1152. data = {'action': action}
  1153. params_query = {"action": action}
  1155. params_path = {"realm-name": self.realm_name, "id": storage_id}
  1156. data_raw = self.raw_post(URL_ADMIN_USER_STORAGE.format(**params_path),
  1157. data=json.dumps(data), **params_query)
  1158. return raise_error_from_response(data_raw, KeycloakGetError)
  1160. def get_client_scopes(self):
  1161. """
  1162. Get representation of the client scopes for the realm where we are connected to
  1163. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientscopes
  1165. :return: Keycloak server response Array of (ClientScopeRepresentation)
  1166. """
  1168. params_path = {"realm-name": self.realm_name}
  1169. data_raw = self.raw_get(URL_ADMIN_CLIENT_SCOPES.format(**params_path))
  1170. return raise_error_from_response(data_raw, KeycloakGetError)
  1172. def get_client_scope(self, client_scope_id):
  1173. """
  1174. Get representation of the client scopes for the realm where we are connected to
  1175. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientscopes
  1177. :param client_scope_id: The id of the client scope
  1178. :return: Keycloak server response (ClientScopeRepresentation)
  1179. """
  1181. params_path = {"realm-name": self.realm_name, "scope-id": client_scope_id}
  1182. data_raw = self.raw_get(URL_ADMIN_CLIENT_SCOPE.format(**params_path))
  1183. return raise_error_from_response(data_raw, KeycloakGetError)
  1186. def add_mapper_to_client_scope(self, client_scope_id, payload):
  1187. """
  1188. Add a mapper to a client scope
  1189. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_create_mapper
  1191. :param client_scope_id: The id of the client scope
  1192. :param payload: ProtocolMapperRepresentation
  1193. :return: Keycloak server Response
  1194. """
  1196. params_path = {"realm-name": self.realm_name, "scope-id": client_scope_id}
  1198. data_raw = self.raw_post(
  1199. URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER.format(**params_path), data=json.dumps(payload))
  1201. return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
  1203. def generate_client_secrets(self, client_id):
  1204. """
  1206. Generate a new secret for the client
  1207. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_regeneratesecret
  1209. :param client_id: id of client (not client-id)
  1210. :return: Keycloak server response (ClientRepresentation)
  1211. """
  1213. params_path = {"realm-name": self.realm_name, "id": client_id}
  1214. data_raw = self.raw_post(URL_ADMIN_CLIENT_SECRETS.format(**params_path), data=None)
  1215. return raise_error_from_response(data_raw, KeycloakGetError)
  1217. def get_client_secrets(self, client_id):
  1218. """
  1220. Get representation of the client secrets
  1221. https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_getclientsecret
  1223. :param client_id: id of client (not client-id)
  1224. :return: Keycloak server response (ClientRepresentation)
  1225. """
  1227. params_path = {"realm-name": self.realm_name, "id": client_id}
  1228. data_raw = self.raw_get(URL_ADMIN_CLIENT_SECRETS.format(**params_path))
  1229. return raise_error_from_response(data_raw, KeycloakGetError)
  1232. def raw_get(self, *args, **kwargs):
  1233. """
  1234. Calls connection.raw_get.
  1236. If auto_refresh is set for *get* and *access_token* is expired, it will refresh the token
  1237. and try *get* once more.
  1238. """
  1239. r = self.connection.raw_get(*args, **kwargs)
  1240. if 'get' in self.auto_refresh_token and r.status_code == 401:
  1241. self.refresh_token()
  1242. return self.connection.raw_get(*args, **kwargs)
  1243. return r
  1245. def raw_post(self, *args, **kwargs):
  1246. """
  1247. Calls connection.raw_post.
  1249. If auto_refresh is set for *post* and *access_token* is expired, it will refresh the token
  1250. and try *post* once more.
  1251. """
  1252. r = self.connection.raw_post(*args, **kwargs)
  1253. if 'post' in self.auto_refresh_token and r.status_code == 401:
  1254. self.refresh_token()
  1255. return self.connection.raw_post(*args, **kwargs)
  1256. return r
  1258. def raw_put(self, *args, **kwargs):
  1259. """
  1260. Calls connection.raw_put.
  1262. If auto_refresh is set for *put* and *access_token* is expired, it will refresh the token
  1263. and try *put* once more.
  1264. """
  1265. r = self.connection.raw_put(*args, **kwargs)
  1266. if 'put' in self.auto_refresh_token and r.status_code == 401:
  1267. self.refresh_token()
  1268. return self.connection.raw_put(*args, **kwargs)
  1269. return r
  1271. def raw_delete(self, *args, **kwargs):
  1272. """
  1273. Calls connection.raw_delete.
  1275. If auto_refresh is set for *delete* and *access_token* is expired, it will refresh the token
  1276. and try *delete* once more.
  1277. """
  1278. r = self.connection.raw_delete(*args, **kwargs)
  1279. if 'delete' in self.auto_refresh_token and r.status_code == 401:
  1280. self.refresh_token()
  1281. return self.connection.raw_delete(*args, **kwargs)
  1282. return r
  1284. def get_token(self):
  1285. self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id,
  1286. realm_name=self.user_realm_name or self.realm_name, verify=self.verify,
  1287. client_secret_key=self.client_secret_key,
  1288. custom_headers=self.custom_headers)
  1290. grant_type = ["password"]
  1291. if self.client_secret_key:
  1292. grant_type = ["client_credentials"]
  1294. self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type)
  1296. headers = {
  1297. 'Authorization': 'Bearer ' + self.token.get('access_token'),
  1298. 'Content-Type': 'application/json'
  1299. }
  1301. if self.custom_headers is not None:
  1302. # merge custom headers to main headers
  1303. headers.update(self.custom_headers)
  1305. self._connection = ConnectionManager(base_url=self.server_url,
  1306. headers=headers,
  1307. timeout=60,
  1308. verify=self.verify)
  1310. def refresh_token(self):
  1311. refresh_token = self.token.get('refresh_token')
  1312. try:
  1313. self.token = self.keycloak_openid.refresh_token(refresh_token)
  1314. except KeycloakGetError as e:
  1315. if e.response_code == 400 and b'Refresh token expired' in e.response_body:
  1316. self.get_token()
  1317. else:
  1318. raise
  1319. self.connection.add_param_headers('Authorization', 'Bearer ' + self.token.get('access_token'))