def add_user_group(id, body):
try:
get_keycloak().group_user_add(id, body['id'])
return {}, 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def delete_user_group(id):
try:
get_keycloak().group_user_remove(id, request.json['id'])
return {}, 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def delete_user(id):
try:
get_keycloak().user_delete(id)
logger.info(f'Deleted user {id}')
return {}, 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def create_user(body):
try:
user_id = get_keycloak().user_create(body)
logger.info(f'Created user {user_id}')
return get_keycloak().user_get(user_id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def update_user(id, body):
try:
get_keycloak().user_update(id, body)
logger.info(f'Updated user {id}')
return get_keycloak().user_get(id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def create_role(body):
try:
role_id = get_keycloak().role_create(body)
logger.info(f'Create role {role_id}')
return get_keycloak().role_get(role_id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def create_group(body):
try:
group_id = get_keycloak().group_create(body)
logger.info(f'Created group {id}')
return get_keycloak().group_get(group_id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def update_role(id, body):
try:
get_keycloak().role_update(id, body)
role_name = body['name']
logger.info(f'Updated role {id}')
return get_keycloak().role_get(role_name), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def list_user_groups(id):
try:
return get_keycloak().user_group_list(id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def get_current_user(user):
try:
return get_keycloak().user_get(user), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def get_role(id):
try:
return get_keycloak().role_get(id), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def get_token_info():
# Bearer auth is enforced by connexion (see openapi spec)
_, access_token = request.headers['Authorization'].split()
try:
return get_keycloak().token_info(access_token), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def create_token():
if not request.authorization:
return problem(401, 'Unauthorized', 'Missing basic auth credentials')
username = request.authorization['username']
password = request.authorization['password']
try:
return get_keycloak().login(username, password), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def refresh_token():
if 'Authorization' not in request.headers:
return problem(401, 'Unauthorized', 'Missing refresh token')
try:
_, refresh_token = request.headers['Authorization'].split()
except Exception:
return problem(401, 'Unauthorized', 'Invalid token')
try:
return get_keycloak().token_refresh(refresh_token), 200
except KeycloakGetError as e:
logger.exception(e)
return problem_from_keycloak_error(e)
except Exception as e:
logger.exception(e)
return problem(500, 'Unknown Error', str(e))
def basic_auth(username, password, required_scopes=None):
return get_keycloak().login(username, password)
def decode_token(token):
return get_keycloak().token_info(token)