Merge branch 'master' into auto-refresh-admin-token

Author: marcospereirampj

Pipfile.lock

@@ -60,9 +60,9 @@
 # built documents.
 #
 # The short X.Y version.
-version = '0.17.4'
+version = '0.17.6'
 # The full version, including alpha/beta/rc tags.
-release = '0.17.4'
+release = '0.17.6'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.

docs/source/conf.py

@@ -92,6 +92,14 @@ Main methods::
                         client_secret_key="secret",
                         verify=True)
 
+    # Optionally, you can pass custom headers that will be added to all HTTP calls
+    # keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
+    #                    client_id="example_client",
+    #                    realm_name="example_realm",
+    #                    client_secret_key="secret",
+    #                    verify=True,
+    #                    custom_headers={'CustomHeader': 'value'})
+
     # Get WellKnow
     config_well_know = keycloak_openid.well_know()
 
@@ -143,6 +151,14 @@ Main methods::
                                    realm_name="example_realm",
                                    verify=True)
 
+    # Optionally, you can pass custom headers that will be added to all HTTP calls
+    #keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
+    #                               username='example-admin',
+    #                               password='secret',
+    #                               realm_name="example_realm",
+    #                               verify=True,
+    #                               custom_headers={'CustomHeader': 'value'})
+
     # Add user
     new_user = keycloak_admin.create_user({"email": "[email protected]",
                         "username": "[email protected]",

docs/source/index.rst

@@ -1,19 +1,25 @@
 # -*- coding: utf-8 -*-
 #
+# The MIT License (MIT)
+#
 # Copyright (C) 2017 Marcos Pereira <[email protected]>
 #
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
 #
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
 #
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 from .keycloak_admin import *
 from .keycloak_openid import *

keycloak/__init__.py

@@ -1,19 +1,25 @@
 # -*- coding: utf-8 -*-
 #
+# The MIT License (MIT)
+#
 # Copyright (C) 2017 Marcos Pereira <[email protected]>
 #
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
 #
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
 #
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 import ast
 import json

keycloak/authorization/__init__.py

@@ -46,7 +46,7 @@
 class KeycloakAdmin:
 
     PAGE_SIZE = 100
-
+    
     _server_url = None
     _username = None
     _password = None
@@ -57,9 +57,11 @@ class KeycloakAdmin:
     _auto_refresh_token = None
     _connection = None
     _token = None
+    _custom_headers = None
+    _user_realm_name = None
 
-    def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True, client_secret_key=None,
-                 auto_refresh_token=None):
+    def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True,
+                 client_secret_key=None, custom_headers=None, user_realm_name=None, auto_refresh_token=None):
         """
 
         :param server_url: Keycloak server url
@@ -69,6 +71,7 @@ def __init__(self, server_url, username, password, realm_name='master', client_i
         :param client_id: client id
         :param verify: True if want check connection SSL
         :param client_secret_key: client secret key
+        :param custom_headers: dict of custom header to pass to each HTML request
         :param auto_refresh_token: list of methods that allows automatic token refresh. ex: ['get', 'put', 'post', 'delete']
         """
         self.server_url = server_url
@@ -79,11 +82,12 @@ def __init__(self, server_url, username, password, realm_name='master', client_i
         self.verify = verify
         self.client_secret_key = client_secret_key
         self.auto_refresh_token = auto_refresh_token or []
+        self.user_realm_name = user_realm_name
+        self.custom_headers = custom_headers
 
         # Get token Admin
         self.get_token()
 
-
     @property
     def server_url(self):
         return self._server_url
@@ -160,6 +164,22 @@ def token(self, value):
     def auto_refresh_token(self):
         return self._auto_refresh_token
 
+    @property
+    def user_realm_name(self):
+        return self._user_realm_name
+
+    @user_realm_name.setter
+    def user_realm_name(self, value):
+        self._user_realm_name = value
+
+    @property
+    def custom_headers(self):
+        return self._custom_headers
+
+    @custom_headers.setter
+    def custom_headers(self, value):
+        self._custom_headers = value
+
     @auto_refresh_token.setter
     def auto_refresh_token(self, value):
         allowed_methods = {'get', 'post', 'put', 'delete'}
@@ -226,13 +246,13 @@ def get_realms(self):
 
     def create_realm(self, payload, skip_exists=False):
         """
-        Create a client
+        Create a realm
 
         ClientRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_realmrepresentation
 
         :param skip_exists: Skip if Realm already exist.
         :param payload: RealmRepresentation
-        :return:  Keycloak server response (UserRepresentation)
+        :return:  Keycloak server response (RealmRepresentation)
         """
 
         data_raw = self.raw_post(URL_ADMIN_REALMS,
@@ -732,6 +752,20 @@ def create_client(self, payload, skip_exists=False):
                                  data=json.dumps(payload))
         return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
 
+    def update_client(self, client_id, payload):
+        """
+        Update a client
+
+        :param client_id: Client id
+        :param payload: ClientRepresentation
+
+        :return: Http response
+        """
+        params_path = {"realm-name": self.realm_name, "id": client_id}
+        data_raw = self.connection.raw_put(URL_ADMIN_CLIENT.format(**params_path),
+                                           data=json.dumps(payload))
+        return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
+
     def delete_client(self, client_id):
         """
         Get representation of the client
@@ -860,6 +894,21 @@ def assign_client_role(self, user_id, client_id, roles):
                                  data=json.dumps(payload))
         return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204)
 
+    def create_realm_role(self, payload, skip_exists=False):
+        """
+        Create a new role for the realm or client
+
+        :param realm: realm name (not id)
+        :param rep: RoleRepresentation https://www.keycloak.org/docs-api/5.0/rest-api/index.html#_rolerepresentation
+        :return Keycloak server response
+        """
+
+        params_path = {"realm-name": self.realm_name}
+        data_raw = self.connection.raw_post(URL_ADMIN_REALM_ROLES.format(**params_path),
+                                            data=json.dumps(payload))
+        return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201, skip_exists=skip_exists)
+
+
     def assign_realm_roles(self, user_id, client_id, roles):
         """
         Assign realm roles to a user
@@ -1109,16 +1158,27 @@ def raw_delete(self, *args, **kwargs):
 
     def get_token(self):
         self.keycloak_openid = KeycloakOpenID(server_url=self.server_url, client_id=self.client_id,
-                                              realm_name=self.realm_name, verify=self.verify,
-                                              client_secret_key=self.client_secret_key)
+                                              realm_name=self.user_realm_name or self.realm_name, verify=self.verify,
+                                              client_secret_key=self.client_secret_key
+                                              custom_headers=self.custom_headers)
 
         grant_type = ["password"]
         if self.client_secret_key:
             grant_type = ["client_credentials"]
+            
         self._token = self.keycloak_openid.token(self.username, self.password, grant_type=grant_type)
+
+        headers = {
+            'Authorization': 'Bearer ' + self.token.get('access_token'),
+            'Content-Type': 'application/json'
+        }
+        
+        if self.custom_headers is not None:
+            # merge custom headers to main headers
+            headers.update(self.custom_headers)
+            
         self._connection = ConnectionManager(base_url=self.server_url,
-                                             headers={'Authorization': 'Bearer ' + self.token.get('access_token'),
-                                                      'Content-Type': 'application/json'},
+                                             headers=headers,
                                              timeout=60,
                                              verify=self.verify)
 

keycloak/keycloak_admin.py

@@ -43,20 +43,25 @@
 
 class KeycloakOpenID:
 
-    def __init__(self, server_url, realm_name, client_id, client_secret_key=None, verify=True):
+    def __init__(self, server_url, realm_name, client_id, client_secret_key=None, verify=True, custom_headers=None):
         """
 
         :param server_url: Keycloak server url
         :param client_id: client id
         :param realm_name: realm name
         :param client_secret_key: client secret key
         :param verify: True if want check connection SSL
+        :param custom_headers: dict of custom header to pass to each HTML request
         """
         self._client_id = client_id
         self._client_secret_key = client_secret_key
         self._realm_name = realm_name
+        headers = dict()
+        if custom_headers is not None:
+            # merge custom headers to main headers
+            headers.update(custom_headers)
         self._connection = ConnectionManager(base_url=server_url,
-                                             headers={},
+                                             headers=headers,
                                              timeout=60,
                                              verify=verify)