Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added functionality for scope base permission and group based policies #430

Open
wants to merge 65 commits into
base: master
Choose a base branch
from

Conversation

NoDataIsAvailable
Copy link

added create_client_authz_group_based_policy, create_client_authz_scope_based_permission and their corresponding urls

…pe_based_permission and their corresponding urls
Copy link
Collaborator

@ryshoooo ryshoooo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @NoDataIsAvailable

Thanks a lot for your contribution! :)
Please make sure you follow the Contribution guidelines in https://github.com/marcospereirampj/python-keycloak/blob/master/CONTRIBUTING.md.

To do that specifically:

  • Make sure your commit messages follow the conventional commits convention
  • Please add unit tests for these new methods
  • Additionally you can also add examples into the README.md of how these methods are utilized

ryshoooo and others added 23 commits January 8, 2024 17:22
* test: fixed tests for new keycloak

* test: make tests compatible with previous keycloak versions
…ncy (marcospereirampj#434)

* fix(pyproject.toml): loose requests pgk and remove urllib3 as dependency

* build: update poetry.lock

* revert: everything

* revert: revert-ception
…reirampj#435)

* feat: add tests and logic for deleting client authz resource

* feat: add tests and logic for getting client authz resource

* fix: update return type of get_client_authz_resource from bytes to dict

* fix: update return type of get_client_authz_resources admin method
)

* fix: initializing KeycloakAdmin without server_url

According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.

I made server_url optional and wrote a test for it.

* Revert "fix: initializing KeycloakAdmin without server_url"

This reverts commit 09cf503.

* fix: initializing KeycloakAdmin without server_url

According to the project readme, we could initialize a KeycloakAdmin object with a KeycloakOpenIDConnection object without other arguments but, server_url is required.

I made server_url optional and wrote a test for it.

* fix: check linting, formatting

---------

Co-authored-by: Armin Shoughi <a.shoughi@hesaba.co>
…reirampj#442)

* Updating the version of requestrequests-toolbelt which removed the usage of google app engine and uses urllib3

Signed-off-by: isccarrasco <mario.carrasco@gmail.com>

* Updating the version of requestrequests-toolbelt which removed the usage of google app engine and uses urllib3

Signed-off-by: isccarrasco <mario.carrasco@gmail.com>

---------

Signed-off-by: isccarrasco <mario.carrasco@gmail.com>
…ission is linked with anything other than a role based policy. Fixes marcospereirampj#445 (marcospereirampj#446)
* refactor: Refactor exchange_token method

Add missing arguments:
  - subject_token_type
  - subject_issuer
  - requested_issuer

Remove client_id argument. The client_id should come from self.

Add None defaults

* 🔥 chore(test_keycloak_openid.py): remove unused client_id parameter

Refactored the exchange_token method test to match the new interface

BREAKING CHANGE: Changes the exchange token API
…ospereirampj#444)

* fix: Add query to get users group method and permit pagination

* test: Add test to user groups pagination

* fix: Add blank line
cainotis and others added 30 commits January 8, 2024 17:23
…rampj#462)

* feat: added KeycloakAdmin.update_client_authz_resource()

Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>

* fix: linting

Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>

* fix: test expecting and different anwser from server

Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>

* fix: test expecting and different anwser from server

Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>

---------

Signed-off-by: Cainã S. G <p-caina.galante@pd.tec.br>
Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
…marcospereirampj#504)

* feat: add an optional search criteria to the get_realm_roles function

* style: reformat code to fix linting error

* test: add unit test for get_realm_roles function with search_text param
* fix: Add typing to Keycloak admin connection

* fix: Backwards compatibility for type hinting

* fix: Use typing.Optional over typing.Union
…reirampj#491)

* fix: remove internal use of deprecated methods

* fix: missing keycloak_openid during refresh (marcospereirampj#431)

Error occurs when token is set so refresh_token is called before call
to get_token.

* feat: Add client update method

* fix: keycloak 22.0 dropped http challenge support

* fix: keycloak 22 changes default authenticator providers
* feat(api): add api url

* feat(api): add create permission function

* feat(api): add testcases for create permission function

* fix: linting

* fix: linting

* feat(api): add testcases for create permission function

* feat(api): add testcases for create permission function

* feat(api): apply formating

* feat(api): fix testing

* feat(api): fix testing

* feat(api): fix testing for create client_authz_scope_permission

* feat(api): add scope id for get client_authz_scope_permission

* fix create_client_authz_scope_permission test case

* fix: create_client_authz_scope_permission test case

* fix: add id in create client authz scope permissions

* fix: linting

* fix: test case of create client authz scope permissions

* fix: test case of create client authz scope permissions

---------

Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
…rampj#468)

* feat: add missing get_realm_role_by_id to KeycloakAdmin

* fix: test was using role_name instead role_id

---------

Co-authored-by: Cainã S. G <p-caina.galante@pd.tec.br>
The "requests-toolbelt" library is only used for "MultipartEncoder"
which has been part of the library since it's initial release.

This patch loosens up the requests-toolbelt dependency to allow for
more flexible co-installability.
…mpj#469)

Remove option search_in_subgroups from get_group_by_path usage example on README. This option was removed on b3dd7d4
* feat: added support for Admin Events api

* test: fix auth_flow test and authentication_configs based on KC 22 pre-settings

* docs: update readme

* revert: "test: fix auth_flow test and authentication_configs based on KC 22 pre-settings"

This reverts commit 392b71b.

* test: trying to support old and new Keycloak versions for test_auth_flows & test_authentication_configs

test: trying to support old and new Keycloak versions for test_auth_flows & test_authentication_configs

keycloak/keycloak#20497

* chore: revert Update tox.ini

These tools should be coming from the poetry virtual env

---------

Co-authored-by: Simone Ferrigno <simone.ferrigno@vorwerk.de>
Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* feat: Add device authorization grant

* fix: device doc and url

* fix: reformat url import

* fix: import in alphabetical order

---------

Co-authored-by: Richard Nemeth <ryshoooo@gmail.com>
* chore: deps update

* test: fix tests

* ci: update

* fix: dependencies

* ci: drop python 3.7

* fix: docs, lint etc

* test: fixed exchange

* chore: docs lint

* ci: ignore e231

* fix: upgrade sphinx

* docs: read the docs updated

* chore: removed setuptools
…pe_based_permission and their corresponding urls
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.