Python Adminの例

コード例 #1

def test_update_fed_provider(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kerb_provider = admin.Admin(session).realm('master').federation_provider(
        name='Test Kerb Provider')
    kerb_provider['config']['debug'] = ['true']

    updated_kerb_provider = admin.Admin(session).realm(
        'master').update_federation_provider(kerb_provider)
    assert updated_kerb_provider['config']['debug'] == ['true']

コード例 #2

def test_get_fed_provider_by_id(keycloak_server, admin_username,
                                admin_password):
    session = auth.AuthSession(admin_username, admin_password)

    fed_providers = admin.Admin(session).realm('master').federation_providers()
    assert len(
        fed_providers
    ) == 1, "Unanticipated number of federation providers.  Brittle test is unusable."

    fed_provider_by_id = admin.Admin(session).realm(
        'master').federation_provider(id=fed_providers[0]['id'])
    assert fed_provider_by_id is not None

コード例 #3

ファイル: test_admin.py プロジェクト: josh-cain/pycloak

def test_delete_realm(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    new_realm = kc_admin.add_realm('delete-realm-test')
    assert new_realm.id == 'delete-realm-test', 'could not successfully add new realm for delete test'
    kc_admin.delete_realm('delete-realm-test')
    assert kc_admin.realm('delete_realm_test') is None

コード例 #4

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_none_auth_flow_by_id(keycloak_server, admin_username,
                                  admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    auth_flow = master_realm.auth_flow(
        id='cdf3b8b6-5cdc-439d-b54a-5d375788af85')
    assert auth_flow is None

コード例 #5

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_update_client(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    created_client = kc_admin.realm('master').create_client('test-update-client', "openid-connect")
    created_client.json['name'] = 'Test Update Client'
    updated_client = kc_admin.realm('master').update_client(created_client.json)
    assert updated_client.json['name'] == 'Test Update Client', 'Failed to properly update client'

コード例 #6

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_execution(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    executions = master_realm.auth_flow(alias='browser').executions()
    execution = master_realm.auth_flow(alias='browser').execution(
        id=executions[0]['id'])
    assert execution is not None

コード例 #7

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_merge_client_preferred(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    created_client = kc_admin.realm('master').create_client('test-merge-prefer-client', "openid-connect")
    merging_client = client.Client(session, dict_rep={'clientId': 'test-merge-prefer-client', 'enabled': True, 'protocol': 'openid-connect', 'directAccessGrantsEnabled': False })
    merged_client = created_client.merge(merging_client, prefer_self=True)
    assert merged_client.json['directAccessGrantsEnabled'] == True

コード例 #8

ファイル: test_admin.py プロジェクト: josh-cain/pycloak

def test_merge_realm_preferring_self(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    new_realm = kc_admin.add_realm('merge-realm-test2')
    assert new_realm.id == 'merge-realm-test2', 'could not successfully add new realm for update test'
    merge_realm = realm.Realm(session, dict_rep={'id': 'merge-realm-test2', 'accessCodeLifespan': 33})
    merge_result = new_realm.merge(merge_realm, prefer_self=True)
    assert merge_result.json['accessCodeLifespan'] != 33

コード例 #9

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_create_execution(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    form_execution = json.loads(
        json.dumps({'provider': 'auth-username-password-form'}))
    created_execution = master_realm.auth_flow(
        alias='test flow').create_execution(form_execution)
    assert created_execution is not None

コード例 #10

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_filtered_executions(keycloak_server, admin_username,
                                 admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    executions = master_realm.auth_flow(alias='browser').executions(
        provider='auth-cookie')
    assert len(executions) == 1
    assert executions[0]['displayName'] == 'Cookie'

コード例 #11

ファイル: test_admin.py プロジェクト: josh-cain/pycloak

def test_update_realm(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    new_realm = kc_admin.add_realm('update-realm-test')
    assert new_realm.id == 'update-realm-test', 'could not successfully add new realm for update test'
    assert new_realm.json['sslRequired'] != 'none', 'sslRequired flag already set to "none", cannot perform update test'
    new_realm.json['sslRequired'] = 'none'
    updated_realm = kc_admin.update_realm(new_realm)
    assert updated_realm.json['sslRequired'] == 'none'

コード例 #12

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_delete_execution(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    executions = master_realm.auth_flow(alias='test flow').executions()
    executions_before_delete = len(executions)
    response = master_realm.auth_flow(alias='test flow').delete_execution(
        executions[0]['id'])
    assert response.status_code == 204
    assert len(master_realm.auth_flow(
        alias='test flow').executions()) < executions_before_delete

コード例 #13

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_delete_all_executions(keycloak_server, admin_username,
                               admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    auth_flow = {
        'alias': 'test flow2',
        'providerId': 'basic-flow',
        'description': 'This flow is used for test purposes',
        'topLevel': 'true',
        'builtIn': 'false'
    }
    test_flow2 = admin.Admin(session).realm('master').create_auth_flow(
        json.loads(json.dumps(auth_flow)))
    test_flow2.create_execution({'provider': 'auth-username-password-form'})
    test_flow2.create_execution({'provider': 'identity-provider-redirector'})
    test_flow2.create_execution({'provider': 'auth-spnego'})
    assert len(master_realm.auth_flow(alias='test flow2').executions()) == 3
    test_flow2.delete_all_executions()
    assert len(master_realm.auth_flow(alias='test flow2').executions()) == 0

コード例 #14

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_update_execution(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    form_execution = json.loads(
        json.dumps({'provider': 'auth-username-password-form'}))
    created_execution = master_realm.auth_flow(
        alias='test flow').create_execution(form_execution)
    assert created_execution.json[
        'requirement'] != 'REQUIRED', "test is brittle, assumes pre-conditions, and fails"
    created_execution.json['requirement'] = 'REQUIRED'
    assert master_realm.auth_flow(alias='test flow').update_execution(
        created_execution.json).json['requirement'] == 'REQUIRED'

コード例 #15

def test_get_offline_token(keycloak_server, admin_username, admin_password):
    # First, have to make sure that admin-cli has access to all roles, otherwise offline_token requests will fail
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    admin_cli = kc_admin.realm('master').client_id('admin-cli')
    admin_cli.json['fullScopeAllowed'] = 'true'
    kc_admin.realm('master').update_client(admin_cli.json)

    token_response = auth.direct_access_grant_token(admin_username,
                                                    admin_password,
                                                    include_offline=True)
    assert token_response.get('refresh_token') != None

コード例 #16

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_create_auth_flow(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    auth_flow = {
        'alias': 'test flow',
        'providerId': 'basic-flow',
        'description': 'This flow is used for test purposes',
        'topLevel': 'true',
        'builtIn': 'false'
    }
    created_auth_flow = admin.Admin(session).realm('master').create_auth_flow(
        json.loads(json.dumps(auth_flow)))
    assert created_auth_flow is not None

コード例 #17

ファイル: test_config.py プロジェクト: josh-cain/pycloak

def test_get_valid_config(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    executions = master_realm.auth_flow(
        alias='first broker login').executions()
    auth_config = next(
        filter(
            lambda execution: execution.get('authenticationConfig') is
            not None, executions), None)
    assert auth_config is not None, "couldn't find a configurable execution"
    print(auth_config['authenticationConfig'])
    assert master_realm.auth_config(
        auth_config['authenticationConfig']) is not None

コード例 #18

def test_add_fed_provider(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    provider_to_add = {
        'name': 'Test Kerb Provider',
        'providerId': 'kerberos',
        'providerType': 'org.keycloak.storage.UserStorageProvider',
        'parentId': 'master'
    }
    provider_to_add['config'] = {
        'priority': [0],
        'kerberosRealm': ['TESTKERB.COM'],
        'serverPrincipal': ['HTTP/[email protected]'],
        'keytab': ['/etc/krb5.keytab'],
        'debug': ['false'],
        'allowPasswordAuthentication': ['false']
    }
    provider_json = json.loads(json.dumps(provider_to_add))
    new_provider = admin.Admin(session).realm(
        'master').add_federation_provider(provider_json)
    assert new_provider is not None

    fed_providers = admin.Admin(session).realm('master').federation_providers()
    assert len(fed_providers) == 1

コード例 #19

ファイル: test_config.py プロジェクト: josh-cain/pycloak

def test_create_config(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    auth_flow = {
        'alias': 'test create config flow',
        'providerId': 'basic-flow',
        'description': 'This flow is used for testing config creation',
        'topLevel': 'true',
        'builtIn': 'false'
    }
    created_auth_flow = master_realm.create_auth_flow(auth_flow)
    idp_redirector = {'provider': 'identity-provider-redirector'}
    created_execution = created_auth_flow.create_execution(idp_redirector)
    new_config = created_execution.create_config({
        'alias': 'test create config',
        'config': {
            'defaultProvider': 'https://www.github.com'
        }
    })
    assert new_config is not None

コード例 #20

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_get_nonexistent_client(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    with pytest.raises(realm.RealmException, message="Invalid client did not raise RealmException"):
        kc_admin.realm('master').client('admin-cli')

コード例 #21

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_delete_client(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    created_client = kc_admin.realm('master').create_client('test-delete-client', "openid-connect")
    kc_admin.realm('master').delete_client(created_client.json['id'])
    assert kc_admin.realm('master').client_id('test-delete-client') is None

コード例 #22

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_get_client_by_id(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    admin_cli = kc_admin.realm('master').client_id('admin-cli')
    assert admin_cli is not None, 'Could not retrieve admin-cli by clientId'

コード例 #23

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_get_client(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    clients = kc_admin.realm('master').clients()
    kc_admin.realm('master').client(clients[0]['id'])

コード例 #24

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_auth_flows(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    auth_flows = admin.Admin(session).realm('master').auth_flows()
    assert auth_flows is not None

コード例 #25

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_empty_executions(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    executions = master_realm.auth_flow(alias='test flow').executions()
    assert len(executions) == 0

コード例 #26

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_get_nonexistent_client_by_id(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    none_client = kc_admin.realm('master').client_id('XXXXXX')
    assert none_client is None, 'Returned client object for non-existent clientId'

コード例 #27

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_none_auth_flow(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    auth_flow = master_realm.auth_flow(alias='not there')
    assert auth_flow is None

コード例 #28

ファイル: test_auth_flow.py プロジェクト: josh-cain/pycloak

def test_get_auth_flow_by_id(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    master_realm = admin.Admin(session).realm('master')
    auth_flow = master_realm.auth_flow(alias='test flow')
    auth_flow_by_id = master_realm.auth_flow(id=auth_flow.id)
    assert auth_flow_by_id is not None

コード例 #29

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_create_client(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    created_client = kc_admin.realm('master').create_client('test-create-client', "openid-connect")
    assert created_client is not None

コード例 #30

ファイル: test_client.py プロジェクト: josh-cain/pycloak

def test_list_clients(keycloak_server, admin_username, admin_password):
    session = auth.AuthSession(admin_username, admin_password)
    kc_admin = admin.Admin(session)
    clients = kc_admin.realm('master').clients()
    assert len(clients) != 0, "No clients returned by /clients endpoint"