mantelo.client ============== .. py:module:: mantelo.client Classes ------- .. autoapisummary:: mantelo.client.BearerAuth mantelo.client.KeycloakAdmin Module Contents --------------- .. py:class:: BearerAuth Bases: :py:obj:`requests.auth.AuthBase` An authentication class that uses a Bearer token. This requests authentication class adds a Bearer token to the request headers. The token is provided by a callable (called for every request). :param token_getter: A callable that returns the token to use for authentication. .. py:attribute:: token_getter :type: collections.abc.Callable[[], str] The callable that returns the token to use for authentication. .. py:method:: __call__(r) .. py:class:: KeycloakAdmin(server_url: str, realm_name: str, auth: requests.auth.AuthBase, session: requests.Session | None = None) Bases: :py:obj:`slumber.API`, :py:obj:`HyphenatedResource` A client to interact with the Keycloak Admin API. KeycloakAdmin is a thin wrapper around the `slumber `_ library, providing a more Pythonic interface to the Keycloak Admin API. The authentication is handled by the a subclass of :class:`requests.auth.AuthBase`. Use the class methods such as :func:`from_client_credentials` or :func:`from_username_password` to instantiate a KeycloakAdmin instance with authentication already configured. :param server_url: The URL of the Keycloak server (e.g. "https://my-keycloak.com"). :type server_url: str :param realm_name: The name of the realm to interact with for all Admin API calls. :type realm_name: str :param auth: The authentication instance to use for all requests. See :class:`~.BearerAuth`. :type auth: requests.auth.AuthBase :param session: The session to use for all request (API and authentication). Useful if you need to attach e.g. custom headers to every call. Note that `auth` will be overridden, as well as some headers (e.g. `Accept` and `Content-Type`). :type session: requests.Session, optional .. py:attribute:: resource_class .. py:property:: session :type: requests.Session The session used for all requests. :getter: Get the session. :type: requests.Session .. py:property:: base_url :type: str The base URL of the Keycloak Admin REST API (including the realm). :getter: Get the base_url. :type: string .. py:property:: realm_name :type: str :getter: Get the current realm name. :setter: Set the realm name. This updates the :attr:`base_url` and impact all future requests. :seealso: :attr:`realms` .. py:property:: realms :type: HyphenatedResource Special resource to interact with the ``/admin/realms/`` endpoint. By default, the client base URL contains a realm name, making it impossible to query the ``/admin/realms/`` endpoint. This special property allows you to start the URL at ``/realms/`` instead of ``/realms/{realm_name}``. Some example usages: .. code-block:: python # List all realms client.realms.get() # Get users in another realm client.realms("test").users.get() # Get users in the current realm client.get() == client.realms(client.realm_name).get() .. py:method:: create(connection: mantelo.connection.OpenidConnection, realm_name: str | None = None) -> KeycloakAdmin :classmethod: Create a KeycloakAdmin from an :class:`~.OpenidConnection`. The session from the connection will also be used for all Admin requests. You may set a different realm than the one used for authentication by setting the `realm_name` parameter. :param connection: The connection to use for authentication. :type connection: OpenidConnection :param realm_name: The name of the realm to interact with for all Admin API calls. If not set, the realm name from the `connection` will be used. :type realm_name: str, optional .. py:method:: from_client_credentials(server_url: str, realm_name: str, client_id: str, client_secret: str, authentication_realm_name: str | None = None, session: requests.Session | None = None) -> KeycloakAdmin :classmethod: Create a KeycloakAdmin instance using username and password authentication. :param server_url: The URL of the Keycloak server (e.g. "https://my-keycloak.com"). :type server_url: str :param realm_name: The name of the realm to interact with for all Admin API calls. If you need to authenticate against a different realm, set `authentication_realm_name`. :type realm_name: str :param client_id: The client ID to authenticate with (e.g. "admin-cli"). :type client_id: str :param username: The username to authenticate with. :type username: str :param password: The password to authenticate with. :type password: str :param authentication_realm_name: The realm to authenticate against. If omitted, `realm_name` will be used. :type authentication_realm_name: str, optional :param session: The session to use for all request (API and authentication). :type session: requests.Session, optional .. py:method:: from_username_password(server_url: str, realm_name: str, client_id: str, username: str, password: str, authentication_realm_name: str | None = None, session: requests.Session | None = None) -> KeycloakAdmin :classmethod: Create a KeycloakAdmin instance using username and password authentication. :param server_url: The URL of the Keycloak server (e.g. "https://my-keycloak.com"). :type server_url: str :param realm_name: The name of the realm to interact with for all Admin API calls. If you need to authenticate against a different realm, set `authentication_realm_name`. :type realm_name: str :param client_id: The client ID to authenticate with (e.g. "admin-cli"). :type client_id: str :param username: The username to authenticate with. :type username: str :param password: The password to authenticate with. :type password: str :param authentication_realm_name: The realm to authenticate against. If omitted, `realm_name` will be used. :type authentication_realm_name: str, optional :param session: The session to use for all request (API and authentication). :type session: requests.Session, optional