pratyush/limnoria-keycloak
1
0
Fork 0
forked from Georg/limnoria-keycloak
Code Pull Requests Activity

First fully functional user registration.

Browse Source 
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
Georg Pfuetzenreuter 2021-09-01 02:24:51 +02:00
parent b747836374
commit 474d16ba94
Signed by untrusted user: Georg
GPG Key ID: 1DAF57F49F8E8F22
2 changed files with 83 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
config.py
View File

@ -53,7 +53,7 @@ Keycloak = conf.registerPlugin('Keycloak')
# registry.Boolean(False, _("""Help for someConfigVariableName."""))) # registry.Boolean(False, _("""Help for someConfigVariableName.""")))
### ###
# API related settings below: # API backend related settings below:
### ###
conf.registerGroup(Keycloak, 'backend') conf.registerGroup(Keycloak, 'backend')
conf.registerGlobalValue(Keycloak.backend, 'server', conf.registerGlobalValue(Keycloak.backend, 'server',
@ -90,4 +90,27 @@ conf.registerGlobalValue(Keycloak.replies, 'error',
, private=False , private=False
)) ))
###
# API call settings below:
###
conf.registerGroup(Keycloak, 'options')
conf.registerGlobalValue(Keycloak.options, 'emailVerified',
registry.Boolean(False,
"""
Keycloak: Whether to set newly created users email addresses to having been verified \(true, default\) or not \(false\)
"""
))
conf.registerGlobalValue(Keycloak.options, 'firstName',
registry.String('Foo',
"""
Keycloak: What to set as the firstName value for newly created users.
"""
))
conf.registerGlobalValue(Keycloak.options, 'lastName',
registry.String('Bar',
"""
Keycloak: What to set as the lastName value for newly created users.
"""
))
# vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79: # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:

107
plugin.py
View File

@ -32,7 +32,7 @@ import re
import requests import requests
import secrets import secrets
import string import string
from supybot import utils, plugins, ircutils, callbacks from supybot import utils, plugins, ircutils, callbacks, ircmsgs
from supybot.commands import * from supybot.commands import *
from supybot.ircmsgs import nick from supybot.ircmsgs import nick
try: try:
@ -56,62 +56,73 @@ class Keycloak(callbacks.Plugin):
realm = self.registryValue('backend.realm') realm = self.registryValue('backend.realm')
tokenurl = self.registryValue('backend.token') tokenurl = self.registryValue('backend.token')
usererr = self.registryValue('replies.error') usererr = self.registryValue('replies.error')
emailverified = self.registryValue('options.emailVerified')
firstname = self.registryValue('options.firstName')
lastname = self.registryValue('options.lastName')
alphabet = string.ascii_letters + string.digits
random = ''.join(secrets.choice(alphabet) for i in range(64))
try: try:
tokendl = requests.get(tokenurl) tokendl = requests.get(tokenurl)
tokendata = tokendl.json() tokendata = tokendl.json()
token = tokendata['access_token'] token = tokendata['access_token']
url = server + '/auth/admin/realms/' + realm + '/users' url = server + '/auth/admin/realms/' + realm + '/users'
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
payload = {
"firstName": "Foo",
"lastName": "Bar",
"email": email,
"enabled": "true",
"username": msg.nick,
"credentials": [{"type": "password", "value": "test123", "temporary": "true"}]
}
response = requests.post(
url,
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
json = payload
)
print("Keycloak: HTTP Status ", response.status_code)
if response.text:
print("Keycloak: Response Text: ", response.text)
print("Keycloak: Response JSON: ", response.json())
status = response.status_code
#To-Do: figure out why this needs to bere instead of being fed from the usererr config variable defined above
#usererr = irc.error("Something went wrong. Please contact an administrator.")
if status == 201:
print(" SSO User " + msg.nick + " created.")
irc.reply("OK, please log in and change your password NOW.")
if status == 400:
print("ERROR: Keycloak indicated that the request is invalid.")
irc.error(usererr)
if status == 401:
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
irc.error(usererr)
if status == 403:
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
irc.error(usererr)
if status == 404:
print("ERROR: Keycloak indicated that the requested resource does not exist.")
irc.error(usererr)
if status == 409:
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
irc.reply("Your username seems to already be registerd.")
if status == 415:
print("ERROR: Keycloak indicated that the requested media type is not supported.")
irc.error(usererr)
if status == 500:
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
irc.error(usererr)
else:
irc.error("Is that a valid email address?")
except: except:
print("ERROR: Keycloak token could not be installed.") print("ERROR: Keycloak token could not be installed.")
irc.error(usererr) irc.error(usererr)
if re.match(r"[^@]+@[^@]+\.[^@]+", email):
pw = random
payload = {
"firstName": firstname,
"lastName": lastname,
"email": email,
"enabled": "true",
"username": msg.nick,
"credentials": [{"type": "password", "value": pw, "temporary": emailverified,}],
"emailVerified": "false"
}
response = requests.post(
url,
headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token},
json = payload
)
print("Keycloak: HTTP Status ", response.status_code)
try:
print("Keycloak: Response Text: ", response.text)
except:
print("Keycloak: No or invalid response text. This is not an error.")
try:
print("Keycloak: Response JSON: ", response.json())
except:
print("Keycloak: No or invalid response JSON. This it not an error.")
status = response.status_code
if status == 201:
print(" SSO User " + msg.nick + " created.")
irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(msg.nick, f'{pw}')))
irc.reply("OK, I sent you a private message.")
if status == 400:
print("ERROR: Keycloak indicated that the request is invalid.")
irc.error(usererr)
if status == 401:
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
irc.error(usererr)
if status == 403:
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
irc.error(usererr)
if status == 404:
print("ERROR: Keycloak indicated that the requested resource does not exist.")
irc.error(usererr)
if status == 409:
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
irc.reply("Your username seems to already be registerd.")
if status == 415:
print("ERROR: Keycloak indicated that the requested media type is not supported.")
irc.error(usererr)
if status == 500:
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
irc.error(usererr)
else:
irc.error("Is that a valid email address?")
register = wrap(register, ['anything']) register = wrap(register, ['anything'])