python-keycloak/keycloak/keycloak_admin.py


								# -*- coding: utf-8 -*-

								#

								# Copyright (C) 2017 Marcos Pereira <marcospereira.mpj@gmail.com>

								#

								# This program is free software: you can redistribute it and/or modify

								# it under the terms of the GNU Lesser General Public License as published by

								# the Free Software Foundation, either version 3 of the License, or

								# (at your option) any later version.

								#

								# This program is distributed in the hope that it will be useful,

								# but WITHOUT ANY WARRANTY; without even the implied warranty of

								# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

								# GNU Lesser General Public License for more details.

								#

								# You should have received a copy of the GNU Lesser General Public License

								# along with this program.  If not, see <http://www.gnu.org/licenses/>.

								from keycloak.urls_patterns import URL_ADMIN_USERS_COUNT, URL_ADMIN_USER

								from .keycloak_openid import KeycloakOpenID


								from .exceptions import raise_error_from_response, KeycloakGetError, KeycloakSecretNotFound, \

								    KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError


								from .urls_patterns import (

								    URL_ADMIN_USERS,

								)


								from .connection import ConnectionManager

								from jose import jwt

								import json


								class KeycloakAdmin:


								    def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli'):

								        self._username = username

								        self._password = password

								        self._client_id = client_id

								        self._realm_name = realm_name


								        # Get token Admin

								        keycloak_openid = KeycloakOpenID(server_url, client_id, realm_name)

								        self._token = keycloak_openid.token(username, password)


								        self._connection = ConnectionManager(base_url=server_url,

								                                             headers={'Authorization': 'Bearer ' + self.token.get('access_token'),

								                                                      'Content-Type': 'application/json'},

								                                             timeout=60)


								    @property

								    def realm_name(self):

								        return self._realm_name


								    @realm_name.setter

								    def realm_name(self, value):

								        self._realm_name = value


								    @property

								    def connection(self):

								        return self._connection


								    @connection.setter

								    def connection(self, value):

								        self._connection = value


								    @property

								    def client_id(self):

								        return self._client_id


								    @client_id.setter

								    def client_id(self, value):

								        self._client_id = value


								    @property

								    def username(self):

								        return self._username


								    @username.setter

								    def username(self, value):

								        self._username = value


								    @property

								    def password(self):

								        return self._password


								    @password.setter

								    def password(self, value):

								        self._password = value


								    @property

								    def token(self):

								        return self._token


								    @token.setter

								    def token(self, value):

								        self._token = value


								    def list_users(self, query=None):

								        """

								        Get users Returns a list of users, filtered according to query parameters


								        :return: users list

								        """

								        params_path = {"realm-name": self.realm_name}

								        data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path), **query)

								        return raise_error_from_response(data_raw, KeycloakGetError)


								    def create_user(self, payload):

								        """

								        Create a new user Username must be unique


								        UserRepresentation

								        http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation


								        :return: UserRepresentation

								        """

								        params_path = {"realm-name": self.realm_name}

								        data_raw = self.connection.raw_post(URL_ADMIN_USERS.format(**params_path),

								                                            data=json.dumps(payload))

								        return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201)


								    def count_users(self):

								        """

								        User counter


								        :return: counter

								        """

								        params_path = {"realm-name": self.realm_name}

								        data_raw = self.connection.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path))

								        return raise_error_from_response(data_raw, KeycloakGetError)


								    def get_user(self, user_id):

								        """

								        Get representation of the user


								        UserRepresentation

								        http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation


								        :return: UserRepresentation

								        """

								        params_path = {"realm-name": self.realm_name, "id": user_id}

								        data_raw = self.connection.raw_get(URL_ADMIN_USER.format(**params_path))

								        return raise_error_from_response(data_raw, KeycloakGetError)