Skeleton IRC group query function

Signed-off-by: Georg <georg@lysergic.dev>

config.py

@@ -99,18 +99,28 @@ conf.registerGlobalValue(Keycloak.options, 'emailVerified',
     """
     Keycloak: Whether to set newly created users email addresses to having been verified \(true, default\) or not \(false\)
     """
+    , private=True
 ))
 conf.registerGlobalValue(Keycloak.options, 'firstName',
     registry.String('Foo',
     """
     Keycloak: What to set as the firstName value for newly created users.
     """
+    , private=True
 ))
 conf.registerGlobalValue(Keycloak.options, 'lastName',
     registry.String('Bar',
     """
     Keycloak: What to set as the lastName value for newly created users.
     """
+    , private=True
+))
+conf.registerGlobalValue(Keycloak.options, 'ircgroup',
+    registry.String('',
+    """
+    Keycloak: Group ID for `ircprom`
+    """
+    , private=True
 ))
 
 # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:

plugin.py

@@ -32,6 +32,7 @@ import re
 import requests
 import secrets
 import string
+import json
 from supybot import utils, plugins, ircutils, callbacks, ircmsgs
 from supybot.commands import *
 from supybot.ircmsgs import nick
@@ -126,7 +127,96 @@ class Keycloak(callbacks.Plugin):
 
     register = wrap(register, ['anything'])
 
+    def ircprom(self, irc, msg, args, option):
+        """<status>
+        true/on = enable authentication to your IRC account with an SSO account going by the same username --
+        false/off = allow authentication to your IRC account ONLY with internal IRC credentials (NickServ) --
+        Warning: Enabling this without having an SSO account with the same username as your IRC nickname is a security risk."""
 
+        user = msg.nick
+        server = self.registryValue('backend.server')
+        realm = self.registryValue('backend.realm')
+        tokenurl = self.registryValue('backend.token')
+        usererr = self.registryValue('replies.error')
+        gid = self.registryValue('options.ircgroup')
+        try:
+            tokendl = requests.get(tokenurl)
+            tokendata = tokendl.json()
+            token = tokendata['access_token']
+            url = server + '/auth/admin/realms/' + realm + '/users'
+            userdata = requests.get(url, params = {'username': user}, headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+            userresp = userdata.json()
+            uid = userresp[0]['id']
+            print(user, uid)
+        except:
+            print("ERROR: Keycloak token could not be installed.")
+            irc.error(usererr)
+        url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
+        if option == 'true' or option == 'on' or option == '1':
+            choice = 'enable'
+        elif option == 'false' or option == 'off' or option == '0':
+            choice = 'disable'
+        elif option == 'query' or option == 'status':
+            choice = 'query'
+        else:
+            choice = 'faulty'
+        if choice == 'enable':
+            response = requests.put(
+            url,
+            headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+        if choice == 'disable':
+            response = requests.delete(
+            url,
+            headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+        if choice == 'enable' or choice == 'disable':
+            try:
+                print("Keycloak: HTTP Status ", response.status_code)
+                try:
+                    print("Keycloak: Response Text: ", response.text)
+                except:
+                    print("Keycloak: No or invalid response text. This is not an error.")
+                try:
+                    print("Keycloak: Response JSON: ", response.json())
+                except:
+                    print("Keycloak: No or invalid response JSON. This it not an error.")
+                status = response.status_code
+                if status == 204:
+                    print(" SSO user " + user + " has been added to group, if it wasn't already.")
+                    #irc.reply("SSO user " + user + " is now authorized to authenticate IRC user " + user) - we currently cannot actually tell
+                    irc.reply("Success.")
+                if status != 204:
+                    print("ERROR: HTTP request did not succeed. I tried these values:")
+                    print("URL: " + url)
+                    print("Group: " + gid)
+                    print("User: " + uid)
+                    irc.error(usererr)
+            except:
+                print('Operation failed.')
+        # if choice == 'query':
+        #     try:
+        #         url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups'
+        #         response = requests.get(
+        #         url,
+        #         headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+        #         test = "{}"
+        #         print(url)
+        #         userdata = response.json()
+        #         print(userdata)
+        #         print(response)
+        #         userjson = json.loads(userdata)
+        #         print(userjson)
+        #         if userdetails != '[]' or '{}':
+        #             if gid in userjson:
+        #                 irc.reply("Your IRC user is enabled for SSO authentication.")
+        #                 print(userdetails)
+        #         else:
+        #             irc.reply("Your IRC user is not enabled for SSO authentication.")
+        #     except:
+        #         print('Operation failed.')
+        else:
+            irc.error('Invalid argument.')
+
+    ircprom = wrap(ircprom, ['anything'])
 
 Class = Keycloak