python-keycloak is a Python package providing access to the Keycloak API.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for marcospereira from gravatar.com marcospereira

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Marcos Pereira
  • Tags keycloak, openid, oidc
  • Requires: Python >=3.7, <4.0
Classifiers

Project description

CircleCI Documentation Status

Python Keycloak

For review- see https://github.com/marcospereirampj/python-keycloak

python-keycloak is a Python package providing access to the Keycloak API.

Installation

Via Pypi Package:

$ pip install python-keycloak

Manually

$ python setup.py install

Dependencies

python-keycloak depends on:

Tests Dependencies

Bug reports

Please report bugs and feature requests at https://github.com/marcospereirampj/python-keycloak/issues

Documentation

The documentation for python-keycloak is available on readthedocs.

Contributors

Usage

from keycloak import KeycloakOpenID

# Configure client
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
                                 client_id="example_client",
                                 realm_name="example_realm",
                                 client_secret_key="secret")

# Get WellKnow
config_well_known = keycloak_openid.well_known()

# Get Code With Oauth Authorization Request
auth_url = keycloak_openid.auth_url(
    redirect_uri="your_call_back_url",
    scope="email",
    state="your_state_info")

# Get Access Token With Code
access_token = keycloak_openid.token(
    grant_type='authorization_code',
    code='the_code_you_get_from_auth_url_callback',
    redirect_uri="your_call_back_url")


# Get Token
token = keycloak_openid.token("user", "password")
token = keycloak_openid.token("user", "password", totp="012345")

# Get token using Token Exchange
token = keycloak_openid.exchange_token(token['access_token'], "my_client", "other_client", "some_user")

# Get Userinfo
userinfo = keycloak_openid.userinfo(token['access_token'])

# Refresh token
token = keycloak_openid.refresh_token(token['refresh_token'])

# Logout
keycloak_openid.logout(token['refresh_token'])

# Get Certs
certs = keycloak_openid.certs()

# Get RPT (Entitlement)
token = keycloak_openid.token("user", "password")
rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")

# Instropect RPT
token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'],
                                                                       token_type_hint="requesting_party_token"))

# Introspect Token
token_info = keycloak_openid.introspect(token['access_token'])

# Decode Token
KEYCLOAK_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
options = {"verify_signature": True, "verify_aud": True, "verify_exp": True}
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)

# Get permissions by token
token = keycloak_openid.token("user", "password")
keycloak_openid.load_authorization_config("example-authz-config.json")
policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')

# Get UMA-permissions by token
token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'])

# Get UMA-permissions by token with specific resource and scope requested
token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'], permissions="Resource#Scope")

# Get auth status for a specific resource and scope by token
token = keycloak_openid.token("user", "password")
auth_status = keycloak_openid.has_uma_access(token['access_token'], "Resource#Scope")


# KEYCLOAK ADMIN

from keycloak import KeycloakAdmin

keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/",
                               username='example-admin',
                               password='secret',
                               realm_name="master",
                               user_realm_name="only_if_other_realm_than_master",
                               client_secret_key="client-secret",
                               verify=True)

# Add user
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example"})

# Add user and raise exception if username already exists
# exist_ok currently defaults to True for backwards compatibility reasons
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example"},
                                      exist_ok=False)

# Add user and set password
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example",
                    "credentials": [{"value": "secret","type": "password",}]})

# Add user and specify a locale
new_user = keycloak_admin.create_user({"email": "example@example.fr",
                                       "username": "example@example.fr",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example",
                                       "attributes": {
                                           "locale": ["fr"]
                                       }})

# User counter
count_users = keycloak_admin.users_count()

# Get users Returns a list of users, filtered according to query parameters
users = keycloak_admin.get_users({})

# Get user ID from name
user_id_keycloak = keycloak_admin.get_user_id("example@example.com")

# Get User
user = keycloak_admin.get_user("user-id-keycloak")

# Update User
response = keycloak_admin.update_user(user_id="user-id-keycloak",
                                      payload={'firstName': 'Example Update'})

# Update User Password
response = keycloak_admin.set_user_password(user_id="user-id-keycloak", password="secret", temporary=True)

# Get User Credentials
credentials = keycloak_admin.get_credentials(user_id='user_id')

# Get User Credential by ID
credential = keycloak_admin.get_credential(user_id='user_id', credential_id='credential_id')

# Delete User Credential
response = keycloak_admin.delete_credential(user_id='user_id', credential_id='credential_id')

# Delete User
response = keycloak_admin.delete_user(user_id="user-id-keycloak")

# Get consents granted by the user
consents = keycloak_admin.consents_user(user_id="user-id-keycloak")

# Send User Action
response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
                                              payload=json.dumps(['UPDATE_PASSWORD']))

# Send Verify Email
response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")

# Get sessions associated with the user
sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak")

# Get themes, social providers, auth providers, and event listeners available on this server
server_info = keycloak_admin.get_server_info()

# Get clients belonging to the realm Returns a list of clients belonging to the realm
clients = keycloak_admin.get_clients()

# Get client - id (not client-id) from client by name
client_id = keycloak_admin.get_client_id("my-client")

# Get representation of the client - id of client (not client-id)
client = keycloak_admin.get_client(client_id="client_id")

# Get all roles for the realm or client
realm_roles = keycloak_admin.get_realm_roles()

# Get all roles for the client
client_roles = keycloak_admin.get_client_roles(client_id="client_id")

# Get client role
role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_name")

# Warning: Deprecated
# Get client role id from name
role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test")

# Create client role
keycloak_admin.create_client_role(client_role_id='client_id', payload={'name': 'roleName', 'clientRole': True})

# Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test")

# Retrieve client roles of a user.
keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id")

# Retrieve available client roles of a user.
keycloak_admin.get_available_client_roles_of_user(user_id="user_id", client_id="client_id")

# Retrieve composite client roles of a user.
keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id")

# Delete client roles of a user.
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles={"id": "role-id"})
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}])

# Get all client authorization resources
client_resources = get_client_authz_resources(client_id="client_id")

# Get all client authorization scopes
client_scopes = get_client_authz_scopes(client_id="client_id")

# Get all client authorization permissions
client_permissions = get_client_authz_permissions(client_id="client_id")

# Get all client authorization policies
client_policies = get_client_authz_policies(client_id="client_id")

# Create new group
group = keycloak_admin.create_group({"name": "Example Group"})

# Get all groups
groups = keycloak_admin.get_groups()

# Get group
group = keycloak_admin.get_group(group_id='group_id')

# Get group by name
group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True)

# Function to trigger user sync from provider
sync_users(storage_id="storage_di", action="action")

# Get client role id from name
role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test")

# Get all roles for the realm or client
realm_roles = keycloak_admin.get_roles()

# Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id=client_id, user_id=user_id, role_id=role_id, role_name="test")

# Assign realm roles to user
keycloak_admin.assign_realm_roles(user_id=user_id, roles=realm_roles)

# Assign realm roles to client's scope
keycloak_admin.assign_realm_roles_to_client_scope(client_id=client_id, roles=realm_roles)

# Get realm roles assigned to client's scope
keycloak_admin.get_realm_roles_of_client_scope(client_id=client_id)

# Remove realm roles assigned to client's scope
keycloak_admin.delete_realm_roles_of_client_scope(client_id=client_id, roles=realm_roles)

another_client_id = keycloak_admin.get_client_id("my-client-2")

# Assign client roles to client's scope
keycloak_admin.assign_client_roles_to_client_scope(client_id=another_client_id, client_roles_owner_id=client_id, roles=client_roles)

# Get client roles assigned to client's scope
keycloak_admin.get_client_roles_of_client_scope(client_id=another_client_id, client_roles_owner_id=client_id)

# Remove client roles assigned to client's scope
keycloak_admin.delete_client_roles_of_client_scope(client_id=another_client_id, client_roles_owner_id=client_id, roles=client_roles)

# Get all ID Providers
idps = keycloak_admin.get_idps()

# Create a new Realm
keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False)

# Changing Realm
keycloak_admin = KeycloakAdmin(realm_name="main", ...)
keycloak_admin.get_users() # Get user in main realm
keycloak_admin.realm_name = "demo" # Change realm to 'demo'
keycloak_admin.get_users() # Get users in realm 'demo'
keycloak_admin.create_user(...) # Creates a new user in 'demo'

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for marcospereira from gravatar.com marcospereira

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Marcos Pereira
  • Tags keycloak, openid, oidc
  • Requires: Python >=3.7, <4.0
Classifiers

Release history Release notifications | RSS feed

4.7.2

4.7.1

4.7.0

4.6.3

4.6.2

4.6.1

4.6.0

4.5.1

4.5.0

4.4.0

4.3.0

4.2.3

4.2.2

4.2.1

4.2.0

4.1.0

4.0.1

4.0.0

3.12.0

3.11.1

3.11.0

3.10.2

3.10.1

3.10.0

3.9.3

3.9.2

3.9.1

3.9.0

3.8.4

3.8.3

3.8.2

3.8.1

3.8.0

3.7.1

3.7.0

3.6.1

3.6.0

3.5.0

3.4.0

3.3.0

3.2.0

3.1.1

3.1.0

3.0.0

2.16.6

2.16.5

2.16.4

2.16.3

2.16.2

2.16.1

2.16.0

2.15.4

2.15.3

2.15.2

2.15.1

2.15.0

2.14.0

2.13.2

2.13.1

2.13.0

2.12.2

2.12.1

2.12.0

2.11.1

2.11.0

2.10.0

2.9.0

2.8.0

2.7.0

2.6.1

2.6.0

2.5.0

This version

2.4.0

2.3.0

2.2.0

2.1.1

2.1.0

2.0.0

1.9.1

1.9.0

1.8.1

1.8.0

1.7.0

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.29.1

0.29.0

0.28.3

0.28.2

0.28.1

0.28.0

0.27.1

0.27.0

0.26.1

0.25.0

0.24.0

0.23.0

0.22.0

0.21.0

0.20.0

0.19.0

0.18.0

0.17.6

0.17.5

0.17.4

0.17.3

0.17.2

0.17.1

0.17.0

0.16.0

0.15.0

0.14.4

0.14.3

0.14.2

0.14.1

0.13.3

0.13.2

0.13.1

0.12.0

0.11.1

0.11.0

0.10.2

0.9.0

0.8.4

0.8.2

0.8.0

0.7.0

0.6.5

0.6.4

0.6.2

0.6.0

0.5.1

0.5.0

0.4.1

0.4.0

0.3.1

0.2.0

0.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python-keycloak-2.4.0.tar.gz (38.1 kB view details)

Uploaded Source

Built Distribution

python_keycloak-2.4.0-py3-none-any.whl (45.8 kB view details)

Uploaded Python 3

File details

Details for the file python-keycloak-2.4.0.tar.gz.

File metadata

  • Download URL: python-keycloak-2.4.0.tar.gz
  • Upload date:
  • Size: 38.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.1 CPython/3.10.6

File hashes

Hashes for python-keycloak-2.4.0.tar.gz
Algorithm Hash digest
SHA256 7108357ff72949d2a397b37aba7542bcb968f7ed99c8eb60f70e8b6d20d5739d
MD5 a38eb05ccde2e56d1e467fc3f54af8f7
BLAKE2b-256 c2b3b14795a5b34b93de78fe810f5c2cfe1527d35a1d99fdbef63308dc724d9d

See more details on using hashes here.

File details

Details for the file python_keycloak-2.4.0-py3-none-any.whl.

File metadata

File hashes

Hashes for python_keycloak-2.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 001d50f9aba5cafb012a5e6f4842ea97d59d12287a86fa3c848ad97db0c3c2bc
MD5 e7ba5698cc216f82dede56f0b31b6279
BLAKE2b-256 a6db4640de6e2ea42397a94933cbbffbb05cb511d33e4b00a20fe820c8087598

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page