Georg
/
limnoria-keycloak
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Admin interface group query, join and unjoin. 

Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
Georg Pfuetzenreuter 2021-09-04 08:17:06 +02:00
parent 4f9b155d66
commit 7777e637fd
Signed by: Georg
GPG Key ID: 1DAF57F49F8E8F22
2 changed files with 96 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config.py
View File

@ -122,5 +122,12 @@ conf.registerGlobalValue(Keycloak.options, 'ircgroup',
"""
, private=True
))
conf.registerGlobalValue(Keycloak.options, 'confluencegroup',
registry.String('',
"""
Keycloak: Group ID for admin grant: confluencegroup
""",
private=True
))
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:

90
plugin.py
View File

@ -32,7 +32,6 @@ import re
import requests
import secrets
import string
import json
from supybot import utils, plugins, ircutils, callbacks, ircmsgs
from supybot.commands import *
from supybot.ircmsgs import nick
@ -260,6 +259,95 @@ class Keycloak(callbacks.Plugin):
user = wrap(user, ['anything'])
def admin(self, irc, msg, args, name, option1, option2, option3):
"""<name> <option> [option]
Administration Interface"""
user = name
server = self.registryValue('backend.server')
realm = self.registryValue('backend.realm')
tokenurl = self.registryValue('backend.token')
usererr = self.registryValue('replies.error')
tokendl = requests.get(tokenurl)
tokendata = tokendl.json()
token = tokendata['access_token']
url = server + '/auth/admin/realms/' + realm + '/users'
userdata = requests.get(url, params = {'username': user}, headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
userresp = userdata.json()
uid = userresp[0]['id']
print(user, uid)
if option1 == 'groups' or option1 == 'group':
if not option2:
try:
url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups'
response = requests.get(
url,
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
test = "{}"
print(url)
usergroups = response.json()
if usergroups:
for group in usergroups:
groupname = usergroups[0]['name']
irc.reply(groupname)
else:
irc.reply("No groups.")
except:
print('Operation failed.')
irc.reply(usererr)
if option2 == 'join':
if not option3:
irc.reply('The following group shortcuts are currently joinable: confluence')
elif option3 == 'confluence':
try:
gid = self.registryValue('options.confluencegroup')
url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
response = requests.put(
url,
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
status = response.status_code
print("Keycloak: HTTP Status ", status)
if status == 204:
print(" SSO user " + user + " has been added to group, if it wasn't already.")
irc.reply("Success.")
if status != 204:
print("ERROR: HTTP request did not succeed. I tried these values:")
print("URL: " + url)
print("Group: " + gid)
print("User: " + uid)
irc.error(usererr)
except:
print('Operation failed.')
else:
irc.error('Unknown group.')
if option2 == 'unjoin':
if not option3:
irc.reply('The following group shortcuts are currently joinable: confluence')
elif option3 == 'confluence':
try:
gid = self.registryValue('options.confluencegroup')
url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
response = requests.delete(
url,
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
status = response.status_code
print("Keycloak: HTTP Status ", status)
if status == 204:
print(" SSO user " + user + " has been added to group, if it wasn't already.")
irc.reply("Success.")
if status != 204:
print("ERROR: HTTP request did not succeed. I tried these values:")
print("URL: " + url)
print("Group: " + gid)
print("User: " + uid)
irc.error(usererr)
except:
print('Operation failed.')
else:
irc.error('Invalid operation.')
admin = wrap(admin, ['anything', 'anything', optional('anything'), optional('anything')])
Class = Keycloak