class KeycloakAdminUsersTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').users.create(
username='******',
credentials={'some': 'value'},
first_name='my-first-name',
last_name='my-last-name',
email='my-email',
enabled=True)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"username": "******", '
'"credentials": [{"some": "value"}], '
'"firstName": "my-first-name", '
'"lastName": "my-last-name", '
'"email": "my-email", '
'"enabled": true}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
class KeycloakAdminGroupsTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').groups.create("group-name")
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"name": "group-name"}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_all(self):
self.admin.realms.by_name('realm-name').groups.all()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def setUp(self):
self.realm = asynctest.MagicMock(spec_set=KeycloakRealm)
self.realm.client = asynctest.MagicMock(spec_set=KeycloakClient)()
self.realm.client.get = asynctest.CoroutineMock()
self.realm.client.post = asynctest.CoroutineMock()
self.realm.client.put = asynctest.CoroutineMock()
self.realm.client.delete = asynctest.CoroutineMock()
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def admin(self):
return KeycloakAdmin(realm=self)
class KeycloakAdminGroupsTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').groups.create(
name='group-name'
)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups'
)
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"name": "group-name"}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def test_all(self):
self.admin.realms.by_name('realm-name').groups.all()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups'
)
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def test_delete(self):
self.admin.realms.by_name('realm-name').groups.by_id('abc').delete()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/abc'
)
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def test_get_members(self, **kwargs):
self.admin.realms.by_name('realm-name').\
groups.by_id('abc').get_members()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/abc/members', kwargs
)
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def test_get_members_with_query_params(self, **kwargs):
kwargs['max'] = 20
self.admin.realms.by_name('realm-name').\
groups.by_id('abc').get_members(**kwargs)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/abc/members', kwargs
)
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
class KeycloakAdminClientRolesTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').clients.by_id('#123').roles. \
create(
name='my-role-name',
description='my-description',
id='my-id',
client_role='my-client-role',
composite=False,
composites='my-composites',
container_id='my-container-id',
scope_param_required=True
)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/clients/#123/roles')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{'
'"clientRole": "my-client-role", '
'"composite": false, '
'"composites": "my-composites", '
'"containerId": "my-container-id", '
'"description": "my-description", '
'"id": "my-id", '
'"name": "my-role-name", '
'"scopeParamRequired": true'
'}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_update(self):
self.admin.realms.by_name('realm-name').clients.by_id(
'#123').roles.by_name('role-name').update(
name='my-role-name',
description='my-description',
id='my-id',
clientRole='my-client-role',
composite=False,
composites='my-composites',
containerId='my-container-id',
scopeParamRequired=True)
self.realm.client.put.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{'
'"clientRole": "my-client-role", '
'"composite": false, '
'"composites": "my-composites", '
'"containerId": "my-container-id", '
'"description": "my-description", '
'"id": "my-id", '
'"name": "my-role-name", '
'"scopeParamRequired": true'
'}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
class KeycloakAdminRolesTestCase(asynctest.TestCase):
def setUp(self):
self.realm = asynctest.MagicMock(spec_set=KeycloakRealm)
self.realm.client = asynctest.MagicMock(spec_set=KeycloakClient)()
self.realm.client.get = asynctest.CoroutineMock()
self.realm.client.post = asynctest.CoroutineMock()
self.realm.client.put = asynctest.CoroutineMock()
self.realm.client.delete = asynctest.CoroutineMock()
self.realm.realm_name = 'realm-name'
self.client_id = 'client-id'
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
async def tearDown(self):
await self.realm.close()
async def test_create(self):
await self.admin \
.realms.by_name('realm-name') \
.clients.by_id('#123') \
.roles.create(
name='my-role-name',
description='my-description',
id='my-id',
client_role='my-client-role',
composite=False,
composites='my-composites',
container_id='my-container-id',
scope_param_required=True
)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/clients/#123/roles'
)
self.realm.client.post.assert_awaited_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"clientRole": "my-client-role", '
'"composite": false, '
'"composites": "my-composites", '
'"containerId": "my-container-id", '
'"description": "my-description", '
'"id": "my-id", '
'"name": "my-role-name", '
'"scopeParamRequired": true}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
async def test_update(self):
await self.admin \
.realms.by_name('realm-name') \
.clients.by_id('#123') \
.roles.by_name('role-name') \
.update(
name='my-role-name',
description='my-description',
id='my-id',
client_role='my-client-role',
composite=False,
composites='my-composites',
container_id='my-container-id',
scope_param_required=True
)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/clients/#123/roles/role-name'
)
self.realm.client.put.assert_awaited_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"clientRole": "my-client-role", '
'"composite": false, '
'"composites": "my-composites", '
'"containerId": "my-container-id", '
'"description": "my-description", '
'"id": "my-id", "name": '
'"my-role-name", '
'"scopeParamRequired": true}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
}
)
def setUp(self):
self.realm = asynctest.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
class KeycloakAdminUsersTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').users.create(
username='******',
credentials=[{
'some': 'value'
}],
first_name='my-first-name',
last_name='my-last-name',
email='my-email',
enabled=True)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{'
'"credentials": ['
'{'
'"some": "value"'
'}'
'], '
'"email": "my-email", '
'"enabled": true, '
'"firstName": "my-first-name", '
'"lastName": "my-last-name", '
'"username": "******"'
'}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_collection(self):
self.admin.realms.by_name('realm-name').users.all()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_single(self):
self.admin.realms.by_name('realm-name').users.by_id('an-id').get()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/an-id')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_single_user(self):
self.admin.realms.by_name('realm-name').users.by_id('an-id').user
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/an-id')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
@mock.patch('keycloak.admin.users.User.user', {"id": "user-id"})
def test_update(self):
user = self.admin.realms.by_name('realm-name').users.by_id("user-id")
user.update(credentials=[{
'some': 'value'
}],
first_name='my-first-name',
last_name='my-last-name',
email='my-email',
enabled=True)
self.realm.client.get_full_url.assert_called_with(
'/auth/admin/realms/realm-name/users/user-id')
self.realm.client.put.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{'
'"credentials": ['
'{'
'"some": "value"'
'}'
'], '
'"email": "my-email", '
'"enabled": true, '
'"firstName": "my-first-name", '
'"id": "user-id", '
'"lastName": "my-last-name"'
'}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
@mock.patch('keycloak.admin.users.User.user', {"id": "user-id"})
def test_delete(self):
user = self.admin.realms.by_name('realm-name').users.by_id("user-id")
user.delete()
self.realm.client.get_full_url.assert_called_with(
'/auth/admin/realms/realm-name/users/user-id')
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
@mock.patch('keycloak.admin.users.User.user', {"id": "user-id"})
def test_delete_group(self):
user = self.admin.realms.by_name('realm-name').users.by_id("user-id")
user.groups.delete('group-id')
self.realm.client.get_full_url.assert_called_with(
'/auth/admin/realms/realm-name/users/user-id/groups/group-id')
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
@mock.patch('keycloak.admin.users.User.user', {"id": "user-id"})
def test_reset_password(self):
user = self.admin.realms.by_name('realm-name').users.by_id("user-id")
user.reset_password("password", True)
self.realm.client.get_full_url.assert_called_with(
'/auth/admin/realms/realm-name/users/user-id/reset-password')
self.realm.client.put.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"temporary": true, '
'"type": "password", '
'"value": "password"}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
class KeycloakAdminUsersTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_create(self):
self.admin.realms.by_name('realm-name').users.create(
username='******',
credentials={'some': 'value'},
first_name='my-first-name',
last_name='my-last-name',
email='my-email',
enabled=True)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='{"username": "******", '
'"credentials": [{"some": "value"}], '
'"firstName": "my-first-name", '
'"lastName": "my-last-name", '
'"email": "my-email", '
'"enabled": true}',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_all(self):
self.admin.realms.by_name('realm-name').users.all()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_delete(self):
self.admin.realms.by_name('realm-name').users.by_id('abc').delete()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/abc')
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_group_memberships(self, **kwargs):
self.admin.realms.by_name('realm-name').users.by_id(
'abc').get_group_memberships()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/abc/groups', kwargs)
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_join_group(self, **kwargs):
self.admin.realms.by_name('realm-name').users.by_id('abc').join_group(
'group1')
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/abc/groups/group1', kwargs)
self.realm.client.put.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data={},
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_leave_group(self, **kwargs):
self.admin.realms.by_name('realm-name').users.by_id('abc').leave_group(
'group1')
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/abc/groups/group1', kwargs)
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
class KeycloakAdminUserRolesTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_add_role(self):
role_representations = [{
"id": "00000000-0000-0000-0000-000000000000",
"name": "Admin",
"description": "${Admin}",
"composite": True,
"clientRole": False,
"containerId": "master"
}]
self.admin.realms.by_name('realm-name').users.by_id(
'user-id').role_mappings.realm.add(role_representations)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/user-id' +
'/role-mappings/realm')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='['
'{'
'"clientRole": false, '
'"composite": true, '
'"containerId": "master", '
'"description": "${Admin}", '
'"id": "00000000-0000-0000-0000-000000000000", '
'"name": "Admin"'
'}'
']',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_available_realm_role(self):
self.admin.realms.by_name('realm-name').users.by_id(
'user-id').role_mappings.realm.available()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/user-id' +
'/role-mappings/realm/available')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_get_realm_role(self):
self.admin.realms.by_name('realm-name').users.by_id(
'user-id').role_mappings.realm.get()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/user-id' +
'/role-mappings/realm')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_delete_role(self):
role_representations = [{
"id": "00000000-0000-0000-0000-000000000000",
"name": "Admin",
"description": "${Admin}",
"composite": True,
"clientRole": False,
"containerId": "master"
}]
self.admin.realms.by_name('realm-name').users.by_id(
'user-id').role_mappings.realm.delete(role_representations)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/user-id' +
'/role-mappings/realm')
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data='['
'{'
'"clientRole": false, '
'"composite": true, '
'"containerId": "master", '
'"description": "${Admin}", '
'"id": "00000000-0000-0000-0000-000000000000", '
'"name": "Admin"'
'}'
']',
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
class KeycloakAdminRoleMappingsTestCase(TestCase):
def setUp(self):
self.realm = mock.MagicMock(spec_set=KeycloakRealm)
self.admin = KeycloakAdmin(realm=self.realm)
self.admin.set_token('some-token')
def test_details_group(self):
self.admin.realms.by_name('realm-name').clients.by_id(
'#123').role_mappings.by_group('group1').details()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/group1/'
'role-mappings/clients/#123')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_create_group(self):
roles = [{'id': '123'}]
self.admin.realms.by_name('realm-name').clients.by_id(
'#123').role_mappings.by_group('group1').create(roles=roles)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/group1/'
'role-mappings/clients/#123')
self.realm.client.post.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data=json.dumps(roles),
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_delete_group(self):
roles = [{'id': '123'}]
self.admin.realms.by_name('realm-name').clients.by_id(
'#123').role_mappings.by_group('group1').delete(roles=roles)
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/groups/group1/'
'role-mappings/clients/#123')
self.realm.client.delete.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
data=json.dumps(roles),
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
def test_details_user(self):
self.admin.realms.by_name('realm-name').clients.by_id(
'#123').role_mappings.by_user('user1').details()
self.realm.client.get_full_url.assert_called_once_with(
'/auth/admin/realms/realm-name/users/user1/'
'role-mappings/clients/#123')
self.realm.client.get.assert_called_once_with(
url=self.realm.client.get_full_url.return_value,
headers={
'Authorization': 'Bearer some-token',
'Content-Type': 'application/json'
})
