Browse Source

fixes + add get_keys

master
Romain Philibert 5 years ago
parent
commit
77d5325c07
  1. 24
      docs/source/index.rst
  2. 30
      keycloak/keycloak_admin.py
  3. 3
      keycloak/urls_patterns.py

24
docs/source/index.rst

@ -277,22 +277,18 @@ Main methods::
# Function to trigger user sync from provider # Function to trigger user sync from provider
sync_users(storage_id="storage_di", action="action") sync_users(storage_id="storage_di", action="action")
# Rotate RSA realm keys
# List existing rsa keys
# List public RSA keys
components = keycloak_admin.keys
# List all keys
components = keycloak_admin.get_components(query={"parent":"example_realm", "type":"org.keycloak.keys.KeyProvider"}) components = keycloak_admin.get_components(query={"parent":"example_realm", "type":"org.keycloak.keys.KeyProvider"})
components_rsa_generated = list(filter(lambda component: component["provider-id"] == "rsa-generated"))
# Create a new one
keycloak_admin.create_component({"name":"rsa-generated","providerId":"rsa-generated","providerType":"org.keycloak.keys.KeyProvider","parentId":"example_realm","config":{"priority":["100"],"enabled":["true"],"active":["true"],"algorithm":["RS256"],"keySize":["2048"]}})
# Create a new RSA key
component = keycloak_admin.create_component({"name":"rsa-generated","providerId":"rsa-generated","providerType":"org.keycloak.keys.KeyProvider","parentId":"example_realm","config":{"priority":["100"],"enabled":["true"],"active":["true"],"algorithm":["RS256"],"keySize":["2048"]}})
for component in components_rsa_generated:
component_details = keycloak_admin.get_component(component['id'])
# Update the key
component_details['config']['active'] = ["false"]
keycloak_admin.update_component(component['id'])
# Delete inactive keys
if component_details['config']['active'] == ["false"]:
# Delete the key
keycloak_admin.delete_component(component['id']) keycloak_admin.delete_component(component['id'])
# Make previous keys inactive
else:
component_details['config']['active'] = ["false"]
keycloak_admin.update_component(component['id'], component_details)

30
keycloak/keycloak_admin.py

@ -41,8 +41,8 @@ from .urls_patterns import URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENT_AUTHZ_RESOURC
URL_ADMIN_REALMS, URL_ADMIN_USERS_COUNT, URL_ADMIN_FLOWS, URL_ADMIN_GROUP, URL_ADMIN_CLIENT_AUTHZ_SETTINGS, \ URL_ADMIN_REALMS, URL_ADMIN_USERS_COUNT, URL_ADMIN_FLOWS, URL_ADMIN_GROUP, URL_ADMIN_CLIENT_AUTHZ_SETTINGS, \
URL_ADMIN_GROUP_MEMBERS, URL_ADMIN_USER_STORAGE, URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_IDPS, \ URL_ADMIN_GROUP_MEMBERS, URL_ADMIN_USER_STORAGE, URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_IDPS, \
URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, URL_ADMIN_USERS, URL_ADMIN_CLIENT_SCOPES, \ URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, URL_ADMIN_USERS, URL_ADMIN_CLIENT_SCOPES, \
URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER, URL_ADMIN_CLIENT_SCOPE, URL_ADMIN_CLIENT_SECRETS, \
URL_ADMIN_USER_REALM_ROLES, URL_ADMIN_COMPONENTS, URL_ADMIN_COMPONENT
URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER, URL_ADMIN_CLIENT_SCOPE, URL_ADMIN_CLIENT_SECRETS,
URL_ADMIN_USER_REALM_ROLES, URL_ADMIN_COMPONENTS, URL_ADMIN_COMPONENT, URL_ADMIN_KEYS
class KeycloakAdmin: class KeycloakAdmin:
@ -1185,7 +1185,9 @@ class KeycloakAdmin:
:return: components list :return: components list
""" """
params_path = {"realm-name": self.realm_name} params_path = {"realm-name": self.realm_name}
return self.__fetch_all(URL_ADMIN_COMPONENTS.format(**params_path), query)
data_raw = self.raw_get(URL_ADMIN_COMPONENTS.format(**params_path),
data=None, **query)
return raise_error_from_response(data_raw, KeycloakGetError)
def create_component(self, payload): def create_component(self, payload):
""" """
@ -1202,7 +1204,7 @@ class KeycloakAdmin:
data_raw = self.raw_post(URL_ADMIN_COMPONENTS.format(**params_path), data_raw = self.raw_post(URL_ADMIN_COMPONENTS.format(**params_path),
data=json.dumps(payload)) data=json.dumps(payload))
return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
def get_component(self, component_id): def get_component(self, component_id):
""" """
@ -1215,7 +1217,7 @@ class KeycloakAdmin:
:return: ComponentRepresentation :return: ComponentRepresentation
""" """
params_path = {"realm-name": self.realm_name, "id": component_id}
params_path = {"realm-name": self.realm_name, "component-id": component_id}
data_raw = self.raw_get(URL_ADMIN_COMPONENT.format(**params_path)) data_raw = self.raw_get(URL_ADMIN_COMPONENT.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError) return raise_error_from_response(data_raw, KeycloakGetError)
@ -1229,7 +1231,7 @@ class KeycloakAdmin:
:return: Http response :return: Http response
""" """
params_path = {"realm-name": self.realm_name, "id": component_id}
params_path = {"realm-name": self.realm_name, "component-id": component_id}
data_raw = self.raw_put(URL_ADMIN_COMPONENT.format(**params_path), data_raw = self.raw_put(URL_ADMIN_COMPONENT.format(**params_path),
data=json.dumps(payload)) data=json.dumps(payload))
return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
@ -1242,10 +1244,24 @@ class KeycloakAdmin:
:return: Http response :return: Http response
""" """
params_path = {"realm-name": self.realm_name, "id": component_id}
params_path = {"realm-name": self.realm_name, "component-id": component_id}
data_raw = self.raw_delete(URL_ADMIN_COMPONENT.format(**params_path)) data_raw = self.raw_delete(URL_ADMIN_COMPONENT.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
def get_keys(self):
"""
Return a list of keys, filtered according to query parameters
KeysMetadataRepresentation
https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_key_resource
:return: keys list
"""
params_path = {"realm-name": self.realm_name}
data_raw = self.raw_get(URL_ADMIN_KEYS.format(**params_path),
data=None)
return raise_error_from_response(data_raw, KeycloakGetError)
def raw_get(self, *args, **kwargs): def raw_get(self, *args, **kwargs):
""" """

3
keycloak/urls_patterns.py

@ -81,4 +81,5 @@ URL_ADMIN_FLOWS = "admin/realms/{realm-name}/authentication/flows"
URL_ADMIN_FLOWS_EXECUTIONS = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions" URL_ADMIN_FLOWS_EXECUTIONS = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions"
URL_ADMIN_COMPONENTS = "admin/realms/{realm-name}/components" URL_ADMIN_COMPONENTS = "admin/realms/{realm-name}/components"
URL_ADMIN_COMPONENT = "admin/realms/{realm-name}/component/{component-id}"
URL_ADMIN_COMPONENT = "admin/realms/{realm-name}/components/{component-id}"
URL_ADMIN_KEYS = "admin/realms/{realm-name}/components/keys"
Loading…
Cancel
Save