diff --git a/config.py b/config.py index d1b4f08..af334c7 100644 --- a/config.py +++ b/config.py @@ -53,7 +53,7 @@ Keycloak = conf.registerPlugin('Keycloak') # registry.Boolean(False, _("""Help for someConfigVariableName."""))) ### -# API related settings below: +# API backend related settings below: ### conf.registerGroup(Keycloak, 'backend') conf.registerGlobalValue(Keycloak.backend, 'server', @@ -90,4 +90,27 @@ conf.registerGlobalValue(Keycloak.replies, 'error', , private=False )) +### +# API call settings below: +### +conf.registerGroup(Keycloak, 'options') +conf.registerGlobalValue(Keycloak.options, 'emailVerified', + registry.Boolean(False, + """ + Keycloak: Whether to set newly created users email addresses to having been verified \(true, default\) or not \(false\) + """ +)) +conf.registerGlobalValue(Keycloak.options, 'firstName', + registry.String('Foo', + """ + Keycloak: What to set as the firstName value for newly created users. + """ +)) +conf.registerGlobalValue(Keycloak.options, 'lastName', + registry.String('Bar', + """ + Keycloak: What to set as the lastName value for newly created users. + """ +)) + # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79: diff --git a/plugin.py b/plugin.py index 0ca7894..561fcb0 100644 --- a/plugin.py +++ b/plugin.py @@ -32,7 +32,7 @@ import re import requests import secrets import string -from supybot import utils, plugins, ircutils, callbacks +from supybot import utils, plugins, ircutils, callbacks, ircmsgs from supybot.commands import * from supybot.ircmsgs import nick try: @@ -56,62 +56,73 @@ class Keycloak(callbacks.Plugin): realm = self.registryValue('backend.realm') tokenurl = self.registryValue('backend.token') usererr = self.registryValue('replies.error') + emailverified = self.registryValue('options.emailVerified') + firstname = self.registryValue('options.firstName') + lastname = self.registryValue('options.lastName') + alphabet = string.ascii_letters + string.digits + random = ''.join(secrets.choice(alphabet) for i in range(64)) try: tokendl = requests.get(tokenurl) tokendata = tokendl.json() token = tokendata['access_token'] url = server + '/auth/admin/realms/' + realm + '/users' - if re.match(r"[^@]+@[^@]+\.[^@]+", email): - payload = { - "firstName": "Foo", - "lastName": "Bar", - "email": email, - "enabled": "true", - "username": msg.nick, - "credentials": [{"type": "password", "value": "test123", "temporary": "true"}] - } - response = requests.post( - url, - headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token}, - json = payload - ) - print("Keycloak: HTTP Status ", response.status_code) - if response.text: - print("Keycloak: Response Text: ", response.text) - print("Keycloak: Response JSON: ", response.json()) - status = response.status_code - #To-Do: figure out why this needs to bere instead of being fed from the usererr config variable defined above - #usererr = irc.error("Something went wrong. Please contact an administrator.") - if status == 201: - print(" SSO User " + msg.nick + " created.") - irc.reply("OK, please log in and change your password NOW.") - if status == 400: - print("ERROR: Keycloak indicated that the request is invalid.") - irc.error(usererr) - if status == 401: - print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.") - irc.error(usererr) - if status == 403: - print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.") - irc.error(usererr) - if status == 404: - print("ERROR: Keycloak indicated that the requested resource does not exist.") - irc.error(usererr) - if status == 409: - print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.") - irc.reply("Your username seems to already be registerd.") - if status == 415: - print("ERROR: Keycloak indicated that the requested media type is not supported.") - irc.error(usererr) - if status == 500: - print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".") - irc.error(usererr) - else: - irc.error("Is that a valid email address?") except: print("ERROR: Keycloak token could not be installed.") irc.error(usererr) + if re.match(r"[^@]+@[^@]+\.[^@]+", email): + pw = random + payload = { + "firstName": firstname, + "lastName": lastname, + "email": email, + "enabled": "true", + "username": msg.nick, + "credentials": [{"type": "password", "value": pw, "temporary": emailverified,}], + "emailVerified": "false" + } + response = requests.post( + url, + headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token}, + json = payload + ) + print("Keycloak: HTTP Status ", response.status_code) + try: + print("Keycloak: Response Text: ", response.text) + except: + print("Keycloak: No or invalid response text. This is not an error.") + try: + print("Keycloak: Response JSON: ", response.json()) + except: + print("Keycloak: No or invalid response JSON. This it not an error.") + status = response.status_code + if status == 201: + print(" SSO User " + msg.nick + " created.") + irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(msg.nick, f'{pw}'))) + irc.reply("OK, I sent you a private message.") + if status == 400: + print("ERROR: Keycloak indicated that the request is invalid.") + irc.error(usererr) + if status == 401: + print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.") + irc.error(usererr) + if status == 403: + print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.") + irc.error(usererr) + if status == 404: + print("ERROR: Keycloak indicated that the requested resource does not exist.") + irc.error(usererr) + if status == 409: + print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.") + irc.reply("Your username seems to already be registerd.") + if status == 415: + print("ERROR: Keycloak indicated that the requested media type is not supported.") + irc.error(usererr) + if status == 500: + print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".") + irc.error(usererr) + else: + irc.error("Is that a valid email address?") register = wrap(register, ['anything'])