First fully functional user registration.
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
b747836374
commit
474d16ba94
25
config.py
25
config.py
@ -53,7 +53,7 @@ Keycloak = conf.registerPlugin('Keycloak')
|
|||||||
# registry.Boolean(False, _("""Help for someConfigVariableName.""")))
|
# registry.Boolean(False, _("""Help for someConfigVariableName.""")))
|
||||||
|
|
||||||
###
|
###
|
||||||
# API related settings below:
|
# API backend related settings below:
|
||||||
###
|
###
|
||||||
conf.registerGroup(Keycloak, 'backend')
|
conf.registerGroup(Keycloak, 'backend')
|
||||||
conf.registerGlobalValue(Keycloak.backend, 'server',
|
conf.registerGlobalValue(Keycloak.backend, 'server',
|
||||||
@ -90,4 +90,27 @@ conf.registerGlobalValue(Keycloak.replies, 'error',
|
|||||||
, private=False
|
, private=False
|
||||||
))
|
))
|
||||||
|
|
||||||
|
###
|
||||||
|
# API call settings below:
|
||||||
|
###
|
||||||
|
conf.registerGroup(Keycloak, 'options')
|
||||||
|
conf.registerGlobalValue(Keycloak.options, 'emailVerified',
|
||||||
|
registry.Boolean(False,
|
||||||
|
"""
|
||||||
|
Keycloak: Whether to set newly created users email addresses to having been verified \(true, default\) or not \(false\)
|
||||||
|
"""
|
||||||
|
))
|
||||||
|
conf.registerGlobalValue(Keycloak.options, 'firstName',
|
||||||
|
registry.String('Foo',
|
||||||
|
"""
|
||||||
|
Keycloak: What to set as the firstName value for newly created users.
|
||||||
|
"""
|
||||||
|
))
|
||||||
|
conf.registerGlobalValue(Keycloak.options, 'lastName',
|
||||||
|
registry.String('Bar',
|
||||||
|
"""
|
||||||
|
Keycloak: What to set as the lastName value for newly created users.
|
||||||
|
"""
|
||||||
|
))
|
||||||
|
|
||||||
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:
|
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:
|
||||||
|
107
plugin.py
107
plugin.py
@ -32,7 +32,7 @@ import re
|
|||||||
import requests
|
import requests
|
||||||
import secrets
|
import secrets
|
||||||
import string
|
import string
|
||||||
from supybot import utils, plugins, ircutils, callbacks
|
from supybot import utils, plugins, ircutils, callbacks, ircmsgs
|
||||||
from supybot.commands import *
|
from supybot.commands import *
|
||||||
from supybot.ircmsgs import nick
|
from supybot.ircmsgs import nick
|
||||||
try:
|
try:
|
||||||
@ -56,62 +56,73 @@ class Keycloak(callbacks.Plugin):
|
|||||||
realm = self.registryValue('backend.realm')
|
realm = self.registryValue('backend.realm')
|
||||||
tokenurl = self.registryValue('backend.token')
|
tokenurl = self.registryValue('backend.token')
|
||||||
usererr = self.registryValue('replies.error')
|
usererr = self.registryValue('replies.error')
|
||||||
|
emailverified = self.registryValue('options.emailVerified')
|
||||||
|
firstname = self.registryValue('options.firstName')
|
||||||
|
lastname = self.registryValue('options.lastName')
|
||||||
|
alphabet = string.ascii_letters + string.digits
|
||||||
|
random = ''.join(secrets.choice(alphabet) for i in range(64))
|
||||||
|
|
||||||
try:
|
try:
|
||||||
tokendl = requests.get(tokenurl)
|
tokendl = requests.get(tokenurl)
|
||||||
tokendata = tokendl.json()
|
tokendata = tokendl.json()
|
||||||
token = tokendata['access_token']
|
token = tokendata['access_token']
|
||||||
url = server + '/auth/admin/realms/' + realm + '/users'
|
url = server + '/auth/admin/realms/' + realm + '/users'
|
||||||
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
|
|
||||||
payload = {
|
|
||||||
"firstName": "Foo",
|
|
||||||
"lastName": "Bar",
|
|
||||||
"email": email,
|
|
||||||
"enabled": "true",
|
|
||||||
"username": msg.nick,
|
|
||||||
"credentials": [{"type": "password", "value": "test123", "temporary": "true"}]
|
|
||||||
}
|
|
||||||
response = requests.post(
|
|
||||||
url,
|
|
||||||
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
|
|
||||||
json = payload
|
|
||||||
)
|
|
||||||
print("Keycloak: HTTP Status ", response.status_code)
|
|
||||||
if response.text:
|
|
||||||
print("Keycloak: Response Text: ", response.text)
|
|
||||||
print("Keycloak: Response JSON: ", response.json())
|
|
||||||
status = response.status_code
|
|
||||||
#To-Do: figure out why this needs to bere instead of being fed from the usererr config variable defined above
|
|
||||||
#usererr = irc.error("Something went wrong. Please contact an administrator.")
|
|
||||||
if status == 201:
|
|
||||||
print(" SSO User " + msg.nick + " created.")
|
|
||||||
irc.reply("OK, please log in and change your password NOW.")
|
|
||||||
if status == 400:
|
|
||||||
print("ERROR: Keycloak indicated that the request is invalid.")
|
|
||||||
irc.error(usererr)
|
|
||||||
if status == 401:
|
|
||||||
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
|
|
||||||
irc.error(usererr)
|
|
||||||
if status == 403:
|
|
||||||
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
|
|
||||||
irc.error(usererr)
|
|
||||||
if status == 404:
|
|
||||||
print("ERROR: Keycloak indicated that the requested resource does not exist.")
|
|
||||||
irc.error(usererr)
|
|
||||||
if status == 409:
|
|
||||||
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
|
|
||||||
irc.reply("Your username seems to already be registerd.")
|
|
||||||
if status == 415:
|
|
||||||
print("ERROR: Keycloak indicated that the requested media type is not supported.")
|
|
||||||
irc.error(usererr)
|
|
||||||
if status == 500:
|
|
||||||
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
|
|
||||||
irc.error(usererr)
|
|
||||||
else:
|
|
||||||
irc.error("Is that a valid email address?")
|
|
||||||
except:
|
except:
|
||||||
print("ERROR: Keycloak token could not be installed.")
|
print("ERROR: Keycloak token could not be installed.")
|
||||||
irc.error(usererr)
|
irc.error(usererr)
|
||||||
|
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
|
||||||
|
pw = random
|
||||||
|
payload = {
|
||||||
|
"firstName": firstname,
|
||||||
|
"lastName": lastname,
|
||||||
|
"email": email,
|
||||||
|
"enabled": "true",
|
||||||
|
"username": msg.nick,
|
||||||
|
"credentials": [{"type": "password", "value": pw, "temporary": emailverified,}],
|
||||||
|
"emailVerified": "false"
|
||||||
|
}
|
||||||
|
response = requests.post(
|
||||||
|
url,
|
||||||
|
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
|
||||||
|
json = payload
|
||||||
|
)
|
||||||
|
print("Keycloak: HTTP Status ", response.status_code)
|
||||||
|
try:
|
||||||
|
print("Keycloak: Response Text: ", response.text)
|
||||||
|
except:
|
||||||
|
print("Keycloak: No or invalid response text. This is not an error.")
|
||||||
|
try:
|
||||||
|
print("Keycloak: Response JSON: ", response.json())
|
||||||
|
except:
|
||||||
|
print("Keycloak: No or invalid response JSON. This it not an error.")
|
||||||
|
status = response.status_code
|
||||||
|
if status == 201:
|
||||||
|
print(" SSO User " + msg.nick + " created.")
|
||||||
|
irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(msg.nick, f'{pw}')))
|
||||||
|
irc.reply("OK, I sent you a private message.")
|
||||||
|
if status == 400:
|
||||||
|
print("ERROR: Keycloak indicated that the request is invalid.")
|
||||||
|
irc.error(usererr)
|
||||||
|
if status == 401:
|
||||||
|
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
|
||||||
|
irc.error(usererr)
|
||||||
|
if status == 403:
|
||||||
|
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
|
||||||
|
irc.error(usererr)
|
||||||
|
if status == 404:
|
||||||
|
print("ERROR: Keycloak indicated that the requested resource does not exist.")
|
||||||
|
irc.error(usererr)
|
||||||
|
if status == 409:
|
||||||
|
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
|
||||||
|
irc.reply("Your username seems to already be registerd.")
|
||||||
|
if status == 415:
|
||||||
|
print("ERROR: Keycloak indicated that the requested media type is not supported.")
|
||||||
|
irc.error(usererr)
|
||||||
|
if status == 500:
|
||||||
|
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
|
||||||
|
irc.error(usererr)
|
||||||
|
else:
|
||||||
|
irc.error("Is that a valid email address?")
|
||||||
|
|
||||||
register = wrap(register, ['anything'])
|
register = wrap(register, ['anything'])
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user