def put(self, user_id):
args = user_update_parser.parse_args()
username = args["username"]
role, active = args["role"], args["active"]
active = active == "true"
status = "OK"
error_msg = ""
status_code = 200
keycloak_client = KeyCloakClient()
try:
user_id = keycloak_client.get_user_id(username)
body = {
"attributes": {
"role": role,
},
"enabled": active
}
keycloak_client.update_user(user_id, body)
except Exception as exc:
error_msg = exc.message
logger.warning(error_msg)
status = "FAIL"
status_code = 400
return {"status": status, "error": error_msg}, status_code
def put(self, user_id):
args = user_update_parser.parse_args()
username = args["username"]
role, active = args["role"], args["active"]
active = active == "true"
status = "OK"
error_msg = ""
status_code = 200
keycloak_client = KeyCloakClient()
try:
user_id = keycloak_client.get_user_id(username)
body = {
"attributes": {
"role": role,
},
"enabled": active
}
keycloak_client.update_user(user_id, body)
except Exception as exc:
error_msg = exc.message
logger.warning(error_msg)
status = "FAIL"
status_code = 400
return {"status": status, "error": error_msg}, status_code
def post(self, user_id):
args = user_password_parser.parse_args()
new_password = args["new_password"]
keycloak_client = KeyCloakClient()
keycloak_client.reset_user_password(user_id, new_password)
data = {"success": True}
return data, 200
def post(self, **kwargs):
args = user_create_parser.parse_args()
username, password = args["username"], args["password"]
role, active = args["role"], args["active"]
active = active == "true"
status = "OK"
status_code = 200
user_id = ""
keycloak_client = KeyCloakClient()
try:
create_user_body = {
"username": username,
"requiredActions": [],
"enabled": active
}
keycloak_client.create_user(create_user_body)
user_id = keycloak_client.get_user_id(username=username)
keycloak_client.reset_user_password(user_id, password)
keycloak_client.update_user(user_id, body={
"attributes": {
"role": role,
},
})
except Exception as exc:
logger.error("exc %s", exc)
status = "FAIL"
status_code = 400
return {"status": status, "id": user_id}, status_code
def get(self, **kwargs):
token_info = g.oidc_token_info
# user_id = token_info.get("sub")
# username = token_info.get("username")
role = token_info.get("role", "")
tenant = token_info.get("tenant", "")
keycloak_client = KeyCloakClient()
users = keycloak_client.list_users()
user_list = []
for user in users:
user_role = user.get("attributes", {}).get("role", [])
if len(user_role):
user_role = user_role[0]
else:
user_role = "user"
name = user.get("username", "")
user_id = user.get("id")
active = user.get("enabled", False)
user_tenant = user.get("attributes", {}).get("tenant", [])
if len(user_tenant):
user_tenant = user_tenant[0]
else:
user_tenant = ""
email = user.get("email", "")
create_time_stamp = user.get("createdTimestamp", 0)
if role == "administrator" or (role == "operator" and
user_role != "administrator" and
(user_tenant == tenant or
user_tenant == "")):
user_list.append({
"id": user_id,
"name": name,
"isAdmin": False,
"role": user_role,
"active": active,
"email": email,
"createdTimeStamp": create_time_stamp,
"tenant": user_tenant
})
user_count = len(user_list)
result = {
"users": {
"result": user_list,
"totalCount": user_count,
"pageSize": 10,
"pageNo": 1
},
}
return result, 200
def get(self, **kwargs):
token_info = g.oidc_token_info
# user_id = token_info.get("sub")
# username = token_info.get("username")
role = token_info.get("role", "")
tenant = token_info.get("tenant", "")
keycloak_client = KeyCloakClient()
users = keycloak_client.list_users()
user_list = []
for user in users:
user_role = user.get("attributes", {}).get("role", [])
if len(user_role):
user_role = user_role[0]
else:
user_role = "user"
name = user.get("username", "")
user_id = user.get("id")
active = user.get("enabled", False)
user_tenant = user.get("attributes", {}).get("tenant", [])
if len(user_tenant):
user_tenant = user_tenant[0]
else:
user_tenant = ""
email = user.get("email", "")
create_time_stamp = user.get("createdTimestamp", 0)
if role == "administrator" or (role == "operator" and
user_role != "administrator" and
(user_tenant == tenant or
user_tenant == "")):
user_list.append({
"id": user_id,
"name": name,
"isAdmin": False,
"role": user_role,
"active": active,
"email": email,
"createdTimeStamp": create_time_stamp,
"tenant": user_tenant
})
user_count = len(user_list)
result = {
"users": {
"result": user_list,
"totalCount": user_count,
"pageSize": 10,
"pageNo": 1
},
}
return result, 200
def post(self, user_id):
args = user_password_parser.parse_args()
new_password = args["new_password"]
keycloak_client = KeyCloakClient()
keycloak_client.reset_user_password(user_id, new_password)
data = {
"success": True
}
return data, 200
def post(self, **kwargs):
args = user_create_parser.parse_args()
username, password = args["username"], args["password"]
role, active = args["role"], args["active"]
active = active == "true"
status = "OK"
status_code = 200
user_id = ""
keycloak_client = KeyCloakClient()
try:
create_user_body = {
"username": username,
"requiredActions": [],
"enabled": active
}
keycloak_client.create_user(create_user_body)
user_id = keycloak_client.get_user_id(username=username)
keycloak_client.reset_user_password(user_id, password)
keycloak_client.update_user(user_id, body={
"attributes": {
"role": role,
},
})
except Exception as exc:
logger.error("exc %s", exc)
status = "FAIL"
status_code = 400
return {"status": status, "id": user_id}, status_code
def get(self):
"""
search user with username
If user is existed return user info
else return user_exists False
:return:
"""
args = user_search_parser.parse_args()
username = args["username"]
keycloak_client = KeyCloakClient()
user = keycloak_client.get_user(username)
logger.info("user {}".format(user))
if not user:
return {"user_exists": False}, 200
data = {
"username": username,
"apikey": user.get("id"),
"user_exists": True
}
return data, 200
def delete(self, user_id):
keycloak_client = KeyCloakClient()
keycloak_client.delete_user(user_id)
return {"status": "OK"}, 200
from common import KeyCloakClient
KEYCLOAK_REALM = os.environ.get("KEYCLOAK_REALM")
SERVER_PUBLIC_IP = os.environ.get("SERVER_PUBLIC_IP")
OPERATOR_DASHBOARD_SSO_KEY = os.environ.get("OPERATOR_DASHBOARD_SSO_KEY")
USER_DASHBOARD_SSO_KEY = os.environ.get("USER_DASHBOARD_SSO_KEY")
API_ENGINE_DOCKER_KEY = os.environ.get("API_ENGINE_DOCKER_KEY")
API_ENGINE_K8S_SSO_KEY = os.environ.get("API_ENGINE_K8S_SSO_KEY")
API_ENGINE_WEBROOT = os.environ.get("API_ENGINE_WEBROOT")
OPERATOR_DEFAULT_ADMIN_NAME = os.environ.get("OPERATOR_DEFAULT_ADMIN_NAME")
OPERATOR_DEFAULT_ADMIN_PASSWORD = os.environ.get(
"OPERATOR_DEFAULT_ADMIN_PASSWORD"
)
keycloak_client = KeyCloakClient()
keycloak_client.create_realm(
{
"realm": KEYCLOAK_REALM,
"sslRequired": "none",
"enabled": True,
"displayNameHtml": '<div class="kc-logo-text"><span>Cello</span></div>',
"displayName": "Cello",
"accessTokenLifespan": 86400,
"accessTokenLifespanForImplicitFlow": 86400,
"internationalizationEnabled": True,
"supportedLocales": [
"de",
"no",
"ru",
import os
import subprocess
from common import KeyCloakClient
KEYCLOAK_REALM = os.environ.get("KEYCLOAK_REALM")
SERVER_PUBLIC_IP = os.environ.get("SERVER_PUBLIC_IP")
OPERATOR_DASHBOARD_SSO_KEY = os.environ.get("OPERATOR_DASHBOARD_SSO_KEY")
USER_DASHBOARD_SSO_KEY = os.environ.get("USER_DASHBOARD_SSO_KEY")
OPERATOR_DEFAULT_ADMIN_NAME = os.environ.get("OPERATOR_DEFAULT_ADMIN_NAME")
OPERATOR_DEFAULT_ADMIN_PASSWORD = \
os.environ.get("OPERATOR_DEFAULT_ADMIN_PASSWORD")
keycloak_client = KeyCloakClient()
keycloak_client.create_realm({
"realm": KEYCLOAK_REALM,
"sslRequired": "none",
"enabled": True,
"displayNameHtml": '<div class="kc-logo-text"><span>Cello</span></div>',
"displayName": "Cello",
"accessTokenLifespan": 86400,
"accessTokenLifespanForImplicitFlow": 86400,
"internationalizationEnabled": True,
"supportedLocales": ['de', 'no', 'ru', 'sv', 'pt-BR', 'lt', 'en',
'it', 'fr', 'zh-CN', 'es', 'ja', 'sk', 'ca', 'nl']
})
realm = keycloak_client.get_realm(KEYCLOAK_REALM)
# Create new client scopes
client_scope_body = {
def delete(self, user_id):
keycloak_client = KeyCloakClient()
keycloak_client.delete_user(user_id)
return {"status": "OK"}, 200