Beispiel #1
0
    def put(self, user_id):
        args = user_update_parser.parse_args()
        username = args["username"]
        role, active = args["role"], args["active"]
        active = active == "true"
        status = "OK"
        error_msg = ""
        status_code = 200

        keycloak_client = KeyCloakClient()
        try:
            user_id = keycloak_client.get_user_id(username)
            body = {
                "attributes": {
                    "role": role,
                },
                "enabled": active
            }
            keycloak_client.update_user(user_id, body)
        except Exception as exc:
            error_msg = exc.message
            logger.warning(error_msg)
            status = "FAIL"
            status_code = 400

        return {"status": status, "error": error_msg}, status_code
Beispiel #2
0
    def put(self, user_id):
        args = user_update_parser.parse_args()
        username = args["username"]
        role, active = args["role"], args["active"]
        active = active == "true"
        status = "OK"
        error_msg = ""
        status_code = 200

        keycloak_client = KeyCloakClient()
        try:
            user_id = keycloak_client.get_user_id(username)
            body = {
                "attributes": {
                    "role": role,
                },
                "enabled": active
            }
            keycloak_client.update_user(user_id, body)
        except Exception as exc:
            error_msg = exc.message
            logger.warning(error_msg)
            status = "FAIL"
            status_code = 400

        return {"status": status, "error": error_msg}, status_code
Beispiel #3
0
    def post(self, user_id):
        args = user_password_parser.parse_args()
        new_password = args["new_password"]

        keycloak_client = KeyCloakClient()
        keycloak_client.reset_user_password(user_id, new_password)

        data = {"success": True}

        return data, 200
Beispiel #4
0
    def post(self, **kwargs):
        args = user_create_parser.parse_args()
        username, password = args["username"], args["password"]
        role, active = args["role"], args["active"]
        active = active == "true"
        status = "OK"
        status_code = 200
        user_id = ""
        keycloak_client = KeyCloakClient()

        try:
            create_user_body = {
                "username": username,
                "requiredActions": [],
                "enabled": active
            }

            keycloak_client.create_user(create_user_body)

            user_id = keycloak_client.get_user_id(username=username)
            keycloak_client.reset_user_password(user_id, password)
            keycloak_client.update_user(user_id, body={
                "attributes": {
                    "role": role,
                },
            })
        except Exception as exc:
            logger.error("exc %s", exc)
            status = "FAIL"
            status_code = 400

        return {"status": status, "id": user_id}, status_code
Beispiel #5
0
    def get(self, **kwargs):
        token_info = g.oidc_token_info
        # user_id = token_info.get("sub")
        # username = token_info.get("username")
        role = token_info.get("role", "")
        tenant = token_info.get("tenant", "")

        keycloak_client = KeyCloakClient()
        users = keycloak_client.list_users()
        user_list = []
        for user in users:
            user_role = user.get("attributes", {}).get("role", [])
            if len(user_role):
                user_role = user_role[0]
            else:
                user_role = "user"
            name = user.get("username", "")
            user_id = user.get("id")
            active = user.get("enabled", False)
            user_tenant = user.get("attributes", {}).get("tenant", [])
            if len(user_tenant):
                user_tenant = user_tenant[0]
            else:
                user_tenant = ""

            email = user.get("email", "")
            create_time_stamp = user.get("createdTimestamp", 0)
            if role == "administrator" or (role == "operator" and
                                           user_role != "administrator" and
                                           (user_tenant == tenant or
                                            user_tenant == "")):
                user_list.append({
                    "id": user_id,
                    "name": name,
                    "isAdmin": False,
                    "role": user_role,
                    "active": active,
                    "email": email,
                    "createdTimeStamp": create_time_stamp,
                    "tenant": user_tenant
                })

        user_count = len(user_list)

        result = {
            "users": {
                "result": user_list,
                "totalCount": user_count,
                "pageSize": 10,
                "pageNo": 1
            },
        }

        return result, 200
Beispiel #6
0
    def get(self, **kwargs):
        token_info = g.oidc_token_info
        # user_id = token_info.get("sub")
        # username = token_info.get("username")
        role = token_info.get("role", "")
        tenant = token_info.get("tenant", "")

        keycloak_client = KeyCloakClient()
        users = keycloak_client.list_users()
        user_list = []
        for user in users:
            user_role = user.get("attributes", {}).get("role", [])
            if len(user_role):
                user_role = user_role[0]
            else:
                user_role = "user"
            name = user.get("username", "")
            user_id = user.get("id")
            active = user.get("enabled", False)
            user_tenant = user.get("attributes", {}).get("tenant", [])
            if len(user_tenant):
                user_tenant = user_tenant[0]
            else:
                user_tenant = ""

            email = user.get("email", "")
            create_time_stamp = user.get("createdTimestamp", 0)
            if role == "administrator" or (role == "operator" and
                                           user_role != "administrator" and
                                           (user_tenant == tenant or
                                            user_tenant == "")):
                user_list.append({
                    "id": user_id,
                    "name": name,
                    "isAdmin": False,
                    "role": user_role,
                    "active": active,
                    "email": email,
                    "createdTimeStamp": create_time_stamp,
                    "tenant": user_tenant
                })

        user_count = len(user_list)

        result = {
            "users": {
                "result": user_list,
                "totalCount": user_count,
                "pageSize": 10,
                "pageNo": 1
            },
        }

        return result, 200
Beispiel #7
0
    def post(self, user_id):
        args = user_password_parser.parse_args()
        new_password = args["new_password"]

        keycloak_client = KeyCloakClient()
        keycloak_client.reset_user_password(user_id, new_password)

        data = {
            "success": True
        }

        return data, 200
Beispiel #8
0
    def post(self, **kwargs):
        args = user_create_parser.parse_args()
        username, password = args["username"], args["password"]
        role, active = args["role"], args["active"]
        active = active == "true"
        status = "OK"
        status_code = 200
        user_id = ""
        keycloak_client = KeyCloakClient()

        try:
            create_user_body = {
                "username": username,
                "requiredActions": [],
                "enabled": active
            }

            keycloak_client.create_user(create_user_body)

            user_id = keycloak_client.get_user_id(username=username)
            keycloak_client.reset_user_password(user_id, password)
            keycloak_client.update_user(user_id, body={
                "attributes": {
                    "role": role,
                },
            })
        except Exception as exc:
            logger.error("exc %s", exc)
            status = "FAIL"
            status_code = 400

        return {"status": status, "id": user_id}, status_code
Beispiel #9
0
    def get(self):
        """
        search user with username
        If user is existed return user info
        else return user_exists False
        :return:
        """
        args = user_search_parser.parse_args()
        username = args["username"]
        keycloak_client = KeyCloakClient()
        user = keycloak_client.get_user(username)
        logger.info("user {}".format(user))
        if not user:
            return {"user_exists": False}, 200

        data = {
            "username": username,
            "apikey": user.get("id"),
            "user_exists": True
        }

        return data, 200
Beispiel #10
0
    def delete(self, user_id):
        keycloak_client = KeyCloakClient()
        keycloak_client.delete_user(user_id)

        return {"status": "OK"}, 200
Beispiel #11
0
from common import KeyCloakClient

KEYCLOAK_REALM = os.environ.get("KEYCLOAK_REALM")
SERVER_PUBLIC_IP = os.environ.get("SERVER_PUBLIC_IP")
OPERATOR_DASHBOARD_SSO_KEY = os.environ.get("OPERATOR_DASHBOARD_SSO_KEY")
USER_DASHBOARD_SSO_KEY = os.environ.get("USER_DASHBOARD_SSO_KEY")
API_ENGINE_DOCKER_KEY = os.environ.get("API_ENGINE_DOCKER_KEY")
API_ENGINE_K8S_SSO_KEY = os.environ.get("API_ENGINE_K8S_SSO_KEY")
API_ENGINE_WEBROOT = os.environ.get("API_ENGINE_WEBROOT")
OPERATOR_DEFAULT_ADMIN_NAME = os.environ.get("OPERATOR_DEFAULT_ADMIN_NAME")
OPERATOR_DEFAULT_ADMIN_PASSWORD = os.environ.get(
    "OPERATOR_DEFAULT_ADMIN_PASSWORD"
)

keycloak_client = KeyCloakClient()

keycloak_client.create_realm(
    {
        "realm": KEYCLOAK_REALM,
        "sslRequired": "none",
        "enabled": True,
        "displayNameHtml": '<div class="kc-logo-text"><span>Cello</span></div>',
        "displayName": "Cello",
        "accessTokenLifespan": 86400,
        "accessTokenLifespanForImplicitFlow": 86400,
        "internationalizationEnabled": True,
        "supportedLocales": [
            "de",
            "no",
            "ru",
Beispiel #12
0
import os
import subprocess

from common import KeyCloakClient

KEYCLOAK_REALM = os.environ.get("KEYCLOAK_REALM")
SERVER_PUBLIC_IP = os.environ.get("SERVER_PUBLIC_IP")
OPERATOR_DASHBOARD_SSO_KEY = os.environ.get("OPERATOR_DASHBOARD_SSO_KEY")
USER_DASHBOARD_SSO_KEY = os.environ.get("USER_DASHBOARD_SSO_KEY")
OPERATOR_DEFAULT_ADMIN_NAME = os.environ.get("OPERATOR_DEFAULT_ADMIN_NAME")
OPERATOR_DEFAULT_ADMIN_PASSWORD = \
    os.environ.get("OPERATOR_DEFAULT_ADMIN_PASSWORD")

keycloak_client = KeyCloakClient()

keycloak_client.create_realm({
    "realm": KEYCLOAK_REALM,
    "sslRequired": "none",
    "enabled": True,
    "displayNameHtml": '<div class="kc-logo-text"><span>Cello</span></div>',
    "displayName": "Cello",
    "accessTokenLifespan": 86400,
    "accessTokenLifespanForImplicitFlow": 86400,
    "internationalizationEnabled": True,
    "supportedLocales": ['de', 'no', 'ru', 'sv', 'pt-BR', 'lt', 'en',
                         'it', 'fr', 'zh-CN', 'es', 'ja', 'sk', 'ca', 'nl']
})
realm = keycloak_client.get_realm(KEYCLOAK_REALM)

# Create new client scopes
client_scope_body = {
Beispiel #13
0
    def delete(self, user_id):
        keycloak_client = KeyCloakClient()
        keycloak_client.delete_user(user_id)

        return {"status": "OK"}, 200