First fully functional user registration.
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
b747836374
commit
474d16ba94
25
config.py
25
config.py
@ -53,7 +53,7 @@ Keycloak = conf.registerPlugin('Keycloak')
|
||||
# registry.Boolean(False, _("""Help for someConfigVariableName.""")))
|
||||
|
||||
###
|
||||
# API related settings below:
|
||||
# API backend related settings below:
|
||||
###
|
||||
conf.registerGroup(Keycloak, 'backend')
|
||||
conf.registerGlobalValue(Keycloak.backend, 'server',
|
||||
@ -90,4 +90,27 @@ conf.registerGlobalValue(Keycloak.replies, 'error',
|
||||
, private=False
|
||||
))
|
||||
|
||||
###
|
||||
# API call settings below:
|
||||
###
|
||||
conf.registerGroup(Keycloak, 'options')
|
||||
conf.registerGlobalValue(Keycloak.options, 'emailVerified',
|
||||
registry.Boolean(False,
|
||||
"""
|
||||
Keycloak: Whether to set newly created users email addresses to having been verified \(true, default\) or not \(false\)
|
||||
"""
|
||||
))
|
||||
conf.registerGlobalValue(Keycloak.options, 'firstName',
|
||||
registry.String('Foo',
|
||||
"""
|
||||
Keycloak: What to set as the firstName value for newly created users.
|
||||
"""
|
||||
))
|
||||
conf.registerGlobalValue(Keycloak.options, 'lastName',
|
||||
registry.String('Bar',
|
||||
"""
|
||||
Keycloak: What to set as the lastName value for newly created users.
|
||||
"""
|
||||
))
|
||||
|
||||
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:
|
||||
|
107
plugin.py
107
plugin.py
@ -32,7 +32,7 @@ import re
|
||||
import requests
|
||||
import secrets
|
||||
import string
|
||||
from supybot import utils, plugins, ircutils, callbacks
|
||||
from supybot import utils, plugins, ircutils, callbacks, ircmsgs
|
||||
from supybot.commands import *
|
||||
from supybot.ircmsgs import nick
|
||||
try:
|
||||
@ -56,62 +56,73 @@ class Keycloak(callbacks.Plugin):
|
||||
realm = self.registryValue('backend.realm')
|
||||
tokenurl = self.registryValue('backend.token')
|
||||
usererr = self.registryValue('replies.error')
|
||||
emailverified = self.registryValue('options.emailVerified')
|
||||
firstname = self.registryValue('options.firstName')
|
||||
lastname = self.registryValue('options.lastName')
|
||||
alphabet = string.ascii_letters + string.digits
|
||||
random = ''.join(secrets.choice(alphabet) for i in range(64))
|
||||
|
||||
try:
|
||||
tokendl = requests.get(tokenurl)
|
||||
tokendata = tokendl.json()
|
||||
token = tokendata['access_token']
|
||||
url = server + '/auth/admin/realms/' + realm + '/users'
|
||||
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
|
||||
payload = {
|
||||
"firstName": "Foo",
|
||||
"lastName": "Bar",
|
||||
"email": email,
|
||||
"enabled": "true",
|
||||
"username": msg.nick,
|
||||
"credentials": [{"type": "password", "value": "test123", "temporary": "true"}]
|
||||
}
|
||||
response = requests.post(
|
||||
url,
|
||||
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
|
||||
json = payload
|
||||
)
|
||||
print("Keycloak: HTTP Status ", response.status_code)
|
||||
if response.text:
|
||||
print("Keycloak: Response Text: ", response.text)
|
||||
print("Keycloak: Response JSON: ", response.json())
|
||||
status = response.status_code
|
||||
#To-Do: figure out why this needs to bere instead of being fed from the usererr config variable defined above
|
||||
#usererr = irc.error("Something went wrong. Please contact an administrator.")
|
||||
if status == 201:
|
||||
print(" SSO User " + msg.nick + " created.")
|
||||
irc.reply("OK, please log in and change your password NOW.")
|
||||
if status == 400:
|
||||
print("ERROR: Keycloak indicated that the request is invalid.")
|
||||
irc.error(usererr)
|
||||
if status == 401:
|
||||
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
|
||||
irc.error(usererr)
|
||||
if status == 403:
|
||||
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
|
||||
irc.error(usererr)
|
||||
if status == 404:
|
||||
print("ERROR: Keycloak indicated that the requested resource does not exist.")
|
||||
irc.error(usererr)
|
||||
if status == 409:
|
||||
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
|
||||
irc.reply("Your username seems to already be registerd.")
|
||||
if status == 415:
|
||||
print("ERROR: Keycloak indicated that the requested media type is not supported.")
|
||||
irc.error(usererr)
|
||||
if status == 500:
|
||||
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
|
||||
irc.error(usererr)
|
||||
else:
|
||||
irc.error("Is that a valid email address?")
|
||||
except:
|
||||
print("ERROR: Keycloak token could not be installed.")
|
||||
irc.error(usererr)
|
||||
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
|
||||
pw = random
|
||||
payload = {
|
||||
"firstName": firstname,
|
||||
"lastName": lastname,
|
||||
"email": email,
|
||||
"enabled": "true",
|
||||
"username": msg.nick,
|
||||
"credentials": [{"type": "password", "value": pw, "temporary": emailverified,}],
|
||||
"emailVerified": "false"
|
||||
}
|
||||
response = requests.post(
|
||||
url,
|
||||
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
|
||||
json = payload
|
||||
)
|
||||
print("Keycloak: HTTP Status ", response.status_code)
|
||||
try:
|
||||
print("Keycloak: Response Text: ", response.text)
|
||||
except:
|
||||
print("Keycloak: No or invalid response text. This is not an error.")
|
||||
try:
|
||||
print("Keycloak: Response JSON: ", response.json())
|
||||
except:
|
||||
print("Keycloak: No or invalid response JSON. This it not an error.")
|
||||
status = response.status_code
|
||||
if status == 201:
|
||||
print(" SSO User " + msg.nick + " created.")
|
||||
irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(msg.nick, f'{pw}')))
|
||||
irc.reply("OK, I sent you a private message.")
|
||||
if status == 400:
|
||||
print("ERROR: Keycloak indicated that the request is invalid.")
|
||||
irc.error(usererr)
|
||||
if status == 401:
|
||||
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
|
||||
irc.error(usererr)
|
||||
if status == 403:
|
||||
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
|
||||
irc.error(usererr)
|
||||
if status == 404:
|
||||
print("ERROR: Keycloak indicated that the requested resource does not exist.")
|
||||
irc.error(usererr)
|
||||
if status == 409:
|
||||
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
|
||||
irc.reply("Your username seems to already be registerd.")
|
||||
if status == 415:
|
||||
print("ERROR: Keycloak indicated that the requested media type is not supported.")
|
||||
irc.error(usererr)
|
||||
if status == 500:
|
||||
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
|
||||
irc.error(usererr)
|
||||
else:
|
||||
irc.error("Is that a valid email address?")
|
||||
|
||||
register = wrap(register, ['anything'])
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user