Services surrounding KeyCloak, that use the REST API to read/update state
Project description
keycloak-rest-services
Services surrounding Keycloak, that use the REST API to read/update state.
JavaScript claims mappers
In the custom-jars directory are custom extensions to Keycloak. This is most useful
for adding JavaScript claims mappers that can edit a token before it is issued.
Each mapper requires meta-inf info and one or more script files. Then it needs to be
packaged into a jar for deployment to Keycloak. The build.sh script will build
all subdirectories into jars.
These jars need to be added to /opt/keycloak/providers/ during the Keycloak build
process or before Keycloak starts. After Keycloak is started no changes are allowed.
Running Tests
The tests run automatically in CircleCI, but for those that want to run them locally, there is a way.
First, build and load the local python environment:
./setupenv.sh
. env/bin/activate
Then, start instances of Keycloak, LDAP, and RabbitMQ in other terminals:
./resources/start-keycloak.sh
./resources/start-ldap.sh
./resources/start-rabbitmq.sh
Note that version of Keycloak server used for testing is set in resources/keycloak-image/Dockerfile.
Keycloak may take a minute to start. If it does not, check your network settings, as it does not play well with VPNs and other more exotic network situations.
Finally, run the tests:
source ./resources/pytest-env.sh
pytest
Getting Test Coverage
If you want a coverage report, instead of running pytest directly, run it under the coverage tool:
keycloak_url=http://localhost:8080 username=admin password=admin coverage run -m pytest
coverage html --include='krs*'
Manually Running Scripts
It is possible to manually run all of the basic operations for controlling users and groups.
-
Bootstrap Keycloak
If you do not already have a Keycloak instance, start a test instance as shown above. Then, run the bootstrap script to create a realm and the REST service account:
keycloak_url=http://localhost:8080 username=admin password=admin realm=test python3 -m krs.bootstrap
Save the
client_secretthat gets printed, as you will need this. -
User and group actions
Now you can actually run the scripts, which take the format:
keycloak_url=http://localhost:8080 client_id=rest-access client_secret=<SECRET> realm=test python -m krs.<SCRIPT> <ARGS>
As an example, to list all groups:
keycloak_url=http://localhost:8080 client_id=rest-access client_secret=<SECRET> realm=test python -m krs.groups list
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file wipac_keycloak_rest_services-1.5.1.tar.gz.
File metadata
- Download URL: wipac_keycloak_rest_services-1.5.1.tar.gz
- Upload date:
- Size: 1.5 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f2cf1b2663ccc790dba50e82687465a5fd760a44b3b7824df68aece58a1262da
|
|
| MD5 |
abd9373a151e37fad0628e4541499d88
|
|
| BLAKE2b-256 |
df2fe23a72e4d1de8c86736aa8b86d024d917d7d84a3e83042d5797f39ff53f3
|
File details
Details for the file wipac_keycloak_rest_services-1.5.1-py3-none-any.whl.
File metadata
- Download URL: wipac_keycloak_rest_services-1.5.1-py3-none-any.whl
- Upload date:
- Size: 31.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
61c994c3409baef05dac81d1a5e5c55c5de64360907a4f4a7a13a6bf3244af48
|
|
| MD5 |
d477d55b0fc66bf5c7e989d6ffe44c96
|
|
| BLAKE2b-256 |
b683d7fa55c1160364373acb3fa497769263ce5d6eae7258d476077065ca4a7b
|
