warricksothr
/
python-keycloak
forked from Mirror/python-keycloak
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Updated docs.

hotfix/merge
Marcos Pereira 7 years ago
parent
153bedbb71
commit
df7e0e1132
4 changed files with 212 additions and 56 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 95
      README.md
  2. 96
      docs/source/index.rst
  3. 73
      keycloak/keycloak_admin.py
  4. 4
      keycloak/urls_patterns.py

95
README.md
View File

@ -44,49 +44,112 @@ The documentation for python-keycloak is available on [readthedocs](http://pytho
## Usage ## Usage
```python ```python
from keycloak import Keycloak
from keycloak import KeycloakOpenID
# Configure client # Configure client
keycloak = Keycloak(server_url="http://localhost:8080/auth/",
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
client_id="example_client", client_id="example_client",
realm_name="example_realm", realm_name="example_realm",
client_secret_key="secret") client_secret_key="secret")
# Get WellKnow # Get WellKnow
config_well_know = keycloak.well_know()
config_well_know = keycloak_openid.well_know()
# Get Token # Get Token
token = keycloak.token("user", "password")
token = keycloak_openid.token("user", "password")
# Get Userinfo # Get Userinfo
userinfo = keycloak.userinfo(token['access_token'])
userinfo = keycloak_openid.userinfo(token['access_token'])
# Logout # Logout
keycloak.logout(token['refresh_token'])
keycloak_openid.logout(token['refresh_token'])
# Get Certs # Get Certs
certs = keycloak.certs()
certs = keycloak_openid.certs()
# Get RPT (Entitlement) # Get RPT (Entitlement)
token = keycloak.token("user", "password")
rpt = keycloak.entitlement(token['access_token'], "resource_id")
token = keycloak_openid.token("user", "password")
rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
# Instropect RPT # Instropect RPT
token_rpt_info = keycloak.instropect(keycloak.instropect(token['access_token'], rpt=rpt['rpt'],
token_rpt_info = keycloak_openid.instropect(keycloak_openid.instropect(token['access_token'], rpt=rpt['rpt'],
token_type_hint="requesting_party_token")) token_type_hint="requesting_party_token"))
# Introspect Token # Introspect Token
token_info = keycloak.introspect(token['access_token']))
token_info = keycloak_openid.introspect(token['access_token']))
# Decode Token # Decode Token
KEYCLOAK_PUBLIC_KEY = "secret" KEYCLOAK_PUBLIC_KEY = "secret"
options = {"verify_signature": True, "verify_aud": True, "exp": True} options = {"verify_signature": True, "verify_aud": True, "exp": True}
token_info = keycloak.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
# Get permissions by token # Get permissions by token
token = keycloak.token("user", "password")
keycloak.load_authorization_config("example-authz-config.json")
policies = keycloak.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak.get_permissions(token['access_token'], method_token_info='introspect')
token = keycloak_openid.token("user", "password")
keycloak_openid.load_authorization_config("example-authz-config.json")
policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')
# KEYCLOAK ADMIN
from keycloak import KeycloakAdmin
keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
username='example-admin',
password='secret',
realm_name="example_realm")
# Add user
new_user = keycloak_admin.create_user({"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"realmRoles": ["user_default", ],
"attributes": {"example": "1,2,3,3,"}})
# User counter
count_users = keycloak_admin.users_count()
# Get users Returns a list of users, filtered according to query parameters
users = keycloak_admin.get_users({})
# Get User
user = keycloak_admin.get_user("user-id-keycloak")
# Update User
response = keycloak_admin.update_user(user_id="user-id-keycloak",
payload={'firstName': 'Example Update'})
# Delete User
response = keycloak_admin.delete_user(user_id="user-id-keycloak")
# Get consents granted by the user
consents = keycloak_admin.consents_user(user_id="user-id-keycloak")
# Send User Action
response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
payload=json.dumps(['UPDATE_PASSWORD']))
# Send Verify Email
response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")
# Get sessions associated with the user
sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak")
# Get themes, social providers, auth providers, and event listeners available on this server
server_info = keycloak_admin.get_server_info()
# Get clients belonging to the realm Returns a list of clients belonging to the realm
clients = keycloak_admin.get_clients()
# Get representation of the client - id of client (not client-id)
client = keycloak_admin.get_client(client_id='id-client')
# Get all roles for the client
client_roles = keycloak_admin.get_client_role(client_id='id-client')
# Get all roles for the realm or client
realm_roles = keycloak_admin.get_roles()
``` ```

96
docs/source/index.rst
View File

@ -71,48 +71,112 @@ Usage
Main methods:: Main methods::
from keycloak import Keycloak
from keycloak import KeycloakOpenID
# Configure client # Configure client
keycloak = Keycloak(server_url="http://localhost:8080/auth/",
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
client_id="example_client", client_id="example_client",
realm_name="example_realm", realm_name="example_realm",
client_secret_key="secret") client_secret_key="secret")
# Get WellKnow # Get WellKnow
config_well_know = keycloak.well_know()
config_well_know = keycloak_openid.well_know()
# Get Token # Get Token
token = keycloak.token("user", "password")
token = keycloak_openid.token("user", "password")
# Get Userinfo # Get Userinfo
userinfo = keycloak.userinfo(token['access_token'])
userinfo = keycloak_openid.userinfo(token['access_token'])
# Logout # Logout
keycloak.logout(token['refresh_token'])
keycloak_openid.logout(token['refresh_token'])
# Get Certs # Get Certs
certs = keycloak.certs()
certs = keycloak_openid.certs()
# Get RPT (Entitlement) # Get RPT (Entitlement)
token = keycloak.token("user", "password")
rpt = keycloak.entitlement(token['access_token'], "resource_id")
token = keycloak_openid.token("user", "password")
rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
# Instropect RPT # Instropect RPT
token_rpt_info = keycloak.instropect(keycloak.instropect(token['access_token'], rpt=rpt['rpt'],
token_rpt_info = keycloak_openid.instropect(keycloak_openid.instropect(token['access_token'], rpt=rpt['rpt'],
token_type_hint="requesting_party_token")) token_type_hint="requesting_party_token"))
# Introspect Token # Introspect Token
token_info = keycloak.introspect(token['access_token']))
token_info = keycloak_openid.introspect(token['access_token']))
# Decode Token # Decode Token
KEYCLOAK_PUBLIC_KEY = "secret" KEYCLOAK_PUBLIC_KEY = "secret"
options = {"verify_signature": True, "verify_aud": True, "exp": True} options = {"verify_signature": True, "verify_aud": True, "exp": True}
token_info = keycloak.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)
# Get permissions by token # Get permissions by token
token = keycloak.token("user", "password")
keycloak.load_authorization_config("example-authz-config.json")
policies = keycloak.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak.get_permissions(token['access_token'], method_token_info='introspect')
token = keycloak_openid.token("user", "password")
keycloak_openid.load_authorization_config("example-authz-config.json")
policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')
# KEYCLOAK ADMIN
from keycloak import KeycloakAdmin
keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
username='example-admin',
password='secret',
realm_name="example_realm")
# Add user
new_user = keycloak_admin.create_user({"email": "example@example.com",
"username": "example@example.com",
"enabled": True,
"firstName": "Example",
"lastName": "Example",
"realmRoles": ["user_default", ],
"attributes": {"example": "1,2,3,3,"}})
# User counter
count_users = keycloak_admin.users_count()
# Get users Returns a list of users, filtered according to query parameters
users = keycloak_admin.get_users({})
# Get User
user = keycloak_admin.get_user("user-id-keycloak")
# Update User
response = keycloak_admin.update_user(user_id="user-id-keycloak",
payload={'firstName': 'Example Update'})
# Delete User
response = keycloak_admin.delete_user(user_id="user-id-keycloak")
# Get consents granted by the user
consents = keycloak_admin.consents_user(user_id="user-id-keycloak")
# Send User Action
response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
payload=json.dumps(['UPDATE_PASSWORD']))
# Send Verify Email
response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")
# Get sessions associated with the user
sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak")
# Get themes, social providers, auth providers, and event listeners available on this server
server_info = keycloak_admin.get_server_info()
# Get clients belonging to the realm Returns a list of clients belonging to the realm
clients = keycloak_admin.get_clients()
# Get representation of the client - id of client (not client-id)
client = keycloak_admin.get_client(client_id='id-client')
# Get all roles for the client
client_roles = keycloak_admin.get_client_role(client_id='id-client')
# Get all roles for the realm or client
realm_roles = keycloak_admin.get_roles()

73
keycloak/keycloak_admin.py
View File

@ -14,20 +14,19 @@
# #
# You should have received a copy of the GNU Lesser General Public License # You should have received a copy of the GNU Lesser General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
from keycloak.urls_patterns import URL_ADMIN_USERS_COUNT, URL_ADMIN_USER, URL_ADMIN_USER_CONSENTS, \
from .urls_patterns import URL_ADMIN_USERS_COUNT, URL_ADMIN_USER, URL_ADMIN_USER_CONSENTS, \
URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \ URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \
URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS
URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES
from .keycloak_openid import KeycloakOpenID from .keycloak_openid import KeycloakOpenID
from .exceptions import raise_error_from_response, KeycloakGetError, KeycloakSecretNotFound, \
KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError
from .exceptions import raise_error_from_response, KeycloakGetError
from .urls_patterns import ( from .urls_patterns import (
URL_ADMIN_USERS, URL_ADMIN_USERS,
) )
from .connection import ConnectionManager from .connection import ConnectionManager
from jose import jwt
import json import json
@ -96,7 +95,7 @@ class KeycloakAdmin:
def token(self, value): def token(self, value):
self._token = value self._token = value
def list_users(self, query=None):
def get_users(self, query=None):
""" """
Get users Returns a list of users, filtered according to query parameters Get users Returns a list of users, filtered according to query parameters
@ -122,7 +121,7 @@ class KeycloakAdmin:
data=json.dumps(payload)) data=json.dumps(payload))
return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)
def count_users(self):
def users_count(self):
""" """
User counter User counter
@ -203,21 +202,6 @@ class KeycloakAdmin:
data=payload, **params_query) data=payload, **params_query)
return raise_error_from_response(data_raw, KeycloakGetError) return raise_error_from_response(data_raw, KeycloakGetError)
def reset_password(self, user_id, password):
"""
Set up a temporary password for the user User will have to reset the
temporary password next time they log in.
:param user_id: User id
:param password: A Temporary password
:return:
"""
params_path = {"realm-name": self.realm_name, "id": user_id}
data_raw = self.connection.raw_put(URL_ADMIN_RESET_PASSWORD.format(**params_path),
data=json.dumps({'pass': password}))
return raise_error_from_response(data_raw, KeycloakGetError)
def send_verify_email(self, user_id, client_id=None, redirect_uri=None): def send_verify_email(self, user_id, client_id=None, redirect_uri=None):
""" """
Send a update account email to the user An email contains a Send a update account email to the user An email contains a
@ -254,8 +238,6 @@ class KeycloakAdmin:
""" """
Get themes, social providers, auth providers, and event listeners available on this server Get themes, social providers, auth providers, and event listeners available on this server
:param user_id: User id
ServerInfoRepresentation ServerInfoRepresentation
http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_serverinforepresentation http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_serverinforepresentation
@ -277,3 +259,46 @@ class KeycloakAdmin:
data_raw = self.connection.raw_get(URL_ADMIN_CLIENTS.format(**params_path)) data_raw = self.connection.raw_get(URL_ADMIN_CLIENTS.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError) return raise_error_from_response(data_raw, KeycloakGetError)
def get_client(self, client_id):
"""
Get representation of the client
ClientRepresentation
http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation
:param client_id: id of client (not client-id)
:return: ClientRepresentation
"""
params_path = {"realm-name": self.realm_name, "id": client_id}
data_raw = self.connection.raw_get(URL_ADMIN_CLIENT.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError)
def get_client_role(self, client_id):
"""
Get all roles for the client
RoleRepresentation
http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation
:param client_id: id of client (not client-id)
:return: RoleRepresentation
"""
params_path = {"realm-name": self.realm_name, "id": client_id}
data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError)
def get_roles(self):
"""
Get all roles for the realm or client
RoleRepresentation
http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation
:return: RoleRepresentation
"""
params_path = {"realm-name": self.realm_name}
data_raw = self.connection.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path))
return raise_error_from_response(data_raw, KeycloakGetError)

4
keycloak/urls_patterns.py
View File

@ -36,5 +36,9 @@ URL_ADMIN_GET_SESSIONS = "admin/realms/{realm-name}/users/{id}/sessions"
URL_ADMIN_SERVER_INFO = "admin/serverinfo" URL_ADMIN_SERVER_INFO = "admin/serverinfo"
URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients" URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients"
URL_ADMIN_CLIENT = "admin/realms/{realm-name}/clients/{id}"
URL_ADMIN_CLIENT_ROLES = "admin/realms/{realm-name}/clients/{id}/roles"
URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles"
Write Preview
Loading…
Cancel
Save