added functionality for scope base permission and group based policies

.github/workflows/daily.yaml

@@ -10,8 +10,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
-        keycloak-version: ["20.0", "21.0", "latest"]
+        python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
+        keycloak-version: ["20.0", "21.0", "22.0", "latest"]
     env:
       KEYCLOAK_DOCKER_IMAGE_TAG: ${{ matrix.keycloak-version }}
     steps:

.github/workflows/lint.yaml

@@ -11,16 +11,16 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - uses: webiny/action-conventional-commits@v1.0.3
+      - uses: webiny/action-conventional-commits@v1.1.0
 
   check-linting:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Set up Python 3.10
+      - name: Set up Python 3.12
         uses: actions/setup-python@v3
         with:
-          python-version: "3.10"
+          python-version: "3.12"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
@@ -37,10 +37,10 @@ jobs:
       - check-linting
     steps:
       - uses: actions/checkout@v3
-      - name: Set up Python 3.10
+      - name: Set up Python 3.12
         uses: actions/setup-python@v3
         with:
-          python-version: "3.10"
+          python-version: "3.12"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
@@ -55,8 +55,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
-        keycloak-version: ["20.0", "21.0", "latest"]
+        python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
+        keycloak-version: ["20.0", "21.0", "22.0", "latest"]
     needs:
       - check-commits
       - check-linting
@@ -88,10 +88,10 @@ jobs:
       - check-docs
     steps:
       - uses: actions/checkout@v3
-      - name: Set up Python 3.10
+      - name: Set up Python 3.12
         uses: actions/setup-python@v3
         with:
-          python-version: "3.10"
+          python-version: "3.12"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip

.github/workflows/publish.yaml

@@ -12,10 +12,10 @@ jobs:
       - uses: actions/checkout@v3
         with:
           fetch-depth: "0"
-      - name: Set up Python 3.10
+      - name: Set up Python 3.12
         uses: actions/setup-python@v3
         with:
-          python-version: "3.10"
+          python-version: "3.12"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip

.readthedocs.yaml

@@ -1,9 +1,9 @@
 version: 2
 
 build:
-  os: "ubuntu-20.04"
+  os: "ubuntu-22.04"
   tools:
-    python: "3.10"
+    python: "3.12"
   jobs:
     post_install:
       - pip install -U poetry

CHANGELOG.md

@@ -1,3 +1,119 @@
+## v3.7.0 (2023-11-13)
+
+### Feat
+
+- realm changing helpers
+
+### Fix
+
+- no prints
+
+## v3.6.1 (2023-11-13)
+
+### Fix
+
+- Ci/fix tests (#506)
+
+## v3.6.0 (2023-11-13)
+
+### Feat
+
+- add KeycloakAdmin.get_idp() (#478)
+
+## v3.5.0 (2023-11-13)
+
+### Feat
+
+- Update dynamic client using registration access token (#491)
+
+## v3.4.0 (2023-11-13)
+
+### Feat
+
+- add an optional search criteria to the get_realm_roles function (#504)
+
+## v3.3.0 (2023-06-27)
+
+### Feat
+
+- added KeycloakAdmin.update_client_authz_resource() (#462)
+
+## v3.2.0 (2023-06-23)
+
+### Feat
+
+- Implement missing admin method create_client_authz_scope_based_permission() and create_client_authz_policy() (#460)
+
+## v3.1.1 (2023-06-23)
+
+### Fix
+
+- remove duplicate slash in URL_ADMIN_IDP (#459)
+
+## v3.1.0 (2023-06-23)
+
+### Feat
+
+- Add query to get users group method and permit pagination (#444)
+
+## v3.0.0 (2023-05-28)
+
+### BREAKING CHANGE
+
+- Changes the exchange token API
+
+### Refactor
+
+- Exchange token method
+
+## v2.16.6 (2023-05-28)
+
+### Fix
+
+- relax the version constraints
+
+## v2.16.5 (2023-05-28)
+
+### Fix
+
+- do not swap realm for user_realm when logging in with a client service account (#447)
+
+## v2.16.4 (2023-05-28)
+
+### Perf
+
+- improve performance of get_user_id (#449)
+
+## v2.16.3 (2023-05-15)
+
+### Fix
+
+- Fixes `Authorization.load_config` breaking if a scope based permission is linked with anything other than a role based policy. Fixes #445 (#446)
+
+## v2.16.2 (2023-05-09)
+
+### Fix
+
+- issue with app engine reported in #440 (#442)
+
+## v2.16.1 (2023-05-01)
+
+### Fix
+
+- Initializing KeycloakAdmin without server_url (#439)
+
+## v2.16.0 (2023-04-28)
+
+### Feat
+
+- Add get and delete methods for client authz resources (#435)
+
+## v2.15.4 (2023-04-28)
+
+### Fix
+
+- **pyproject.toml**: loose requests pgk and remove urllib3 as dependency (#434)
+
 ## v2.15.3 (2023-04-06)
 
 ### Fix
@@ -72,13 +188,16 @@
 
 ## v2.11.0 (2023-02-08)
 
+### Feat
+
+- Add Client Scopes of Client
+
 ## v2.10.0 (2023-02-08)
 
 ### Feat
 
 - update header if token is given
 - init KeycloakAdmin with token
-- Add Client Scopes of Client
 
 ## v2.9.0 (2023-01-11)
 
@@ -127,12 +246,15 @@
 
 ## v2.5.0 (2022-08-19)
 
+### Feat
+
+- added missing functionality to include attributes when returning realm roles according to specifications
+
 ## v2.4.0 (2022-08-19)
 
 ### Feat
 
 - add client scope-mappings client roles operations
-- added missing functionality to include attributes when returning realm roles according to specifications
 
 ## v2.3.0 (2022-08-13)
 
@@ -251,8 +373,8 @@
 
 ### Feat
 
-- Add get_idp_mappers, fix #329
 - Support Token Exchange. Fixes #305
+- Add get_idp_mappers, fix #329
 
 ## v1.1.1 (2022-05-27)
 
@@ -292,16 +414,16 @@
 
 ## v0.29.0 (2022-05-23)
 
+### Feat
+
+- added UMA-permission request functionality
+
 ### Fix
 
 - added fixes based on feedback
 
 ## v0.28.3 (2022-05-23)
 
-### Feat
-
-- added UMA-permission request functionality
-
 ### Fix
 
 - import classes in the base module
@@ -320,8 +442,6 @@
 
 ## v0.28.0 (2022-05-19)
 
-## v (2022-05-19)
-
 ### Feat
 
 - added authenticator providers getters

README.md

@@ -108,7 +108,7 @@ certs = keycloak_openid.certs()
 token = keycloak_openid.token("user", "password")
 rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")
 
-# Instropect RPT
+# Introspect RPT
 token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'],
                                                                        token_type_hint="requesting_party_token"))
 
@@ -249,6 +249,9 @@ client = keycloak_admin.get_client(client_id="client_id")
 # Get all roles for the realm or client
 realm_roles = keycloak_admin.get_realm_roles()
 
+# Get all roles for the realm or client that their names includes the searched text
+realm_roles = keycloak_admin.get_realm_roles(search_text="CompanyA_")
+
 # Get all roles for the client
 client_roles = keycloak_admin.get_client_roles(client_id="client_id")
 
@@ -303,7 +306,7 @@ groups = keycloak_admin.get_groups()
 group = keycloak_admin.get_group(group_id='group_id')
 
 # Get group by name
-group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True)
+group = keycloak_admin.get_group_by_path(path='/group/subgroup')
 
 # Function to trigger user sync from provider
 sync_users(storage_id="storage_di", action="action")
@@ -337,19 +340,35 @@ keycloak_admin.get_client_roles_of_client_scope(client_id=another_client_id, cli
 # Remove client roles assigned to client's scope
 keycloak_admin.delete_client_roles_of_client_scope(client_id=another_client_id, client_roles_owner_id=client_id, roles=client_roles)
 
-# Get all ID Providers
+# Get all IDP Providers
 idps = keycloak_admin.get_idps()
 
+# Get a specific IDP Provider, using its alias
+idp = keycloak_admin.get_idp("idp-alias")
+
 # Create a new Realm
 keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False)
 
 # Changing Realm
 keycloak_admin = KeycloakAdmin(realm_name="main", ...)
 keycloak_admin.get_users() # Get user in main realm
-keycloak_admin.realm_name = "demo" # Change realm to 'demo'
+keycloak_admin.change_current_realm("demo") # Change realm to 'demo'
+keycloak_admin.get_current_realm() # Gives 'demo'
 keycloak_admin.get_users() # Get users in realm 'demo'
 keycloak_admin.create_user(...) # Creates a new user in 'demo'
 
+# Get User events
+keycloak_admin.get_events(query={'type': 'LOGIN',
+                                 'user': user['id'],
+                                 'dateFrom': '2023-08-02'})
+
+# Get Admin events
+keycloak_admin.get_admin_events(query={'resourceTypes': 'USER',
+                                                'operationTypes': 'UPDATE',
+                                                'resourcePath': 'users/' + user['id'],
+                                                'dateFrom': '2023-08-02'
+                                                })
+
 # KEYCLOAK UMA
 
 from keycloak import KeycloakOpenIDConnection