-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.py
122 lines (97 loc) · 3.95 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import requests
import os
import sys
import json
# SETTINGS
VERIFY_TLS = False # If requests will verify an SSL/TLS certificate
BASE_URL = os.environ.get('RHSSO_BASE_URL')
# Returns the access token of the admin user of the RHSSO instance given a username and password
# Returns None if unable to log in
def admin_login(username, password):
# Ready the HTTP request
url = f"{BASE_URL}/auth/realms/master/protocol/openid-connect/token"
payload = f"username={username}&password={password}&grant_type=password&client_id=admin-cli"
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
# Make request to API
response = requests.request(
"POST", url, data=payload, headers=headers, verify=VERIFY_TLS)
if response.status_code == 200: # Check if login successful
return response.json()["access_token"]
print(response.status_code, response.text)
return None # Unable to log in
# Given an admin token and a string of JSON (not a dict), upload and apply
# the JSON string containing realm information to the RHSSO instance
# Returns True if successful, False otherwise
def upload_json(json_string, admin_token):
# Ready the HTTP request
url = f"{BASE_URL}/auth/admin/realms"
payload = json.loads(json_string)
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {admin_token}",
}
# Make upload request to API
response = requests.request(
"POST", url, json=payload, headers=headers, verify=VERIFY_TLS)
if response.status_code == 201: # Check if new realm created
return True
print(response.status_code, response.text)
return False # Was unable to create realm
# Open a given file and return the information inside
def read_json(filename):
with open(filename, "r") as file:
return file.read()
# Create a single user with a given username and password in the provided realm, given an admin token
def create_user(new_username, new_password, realm, admin_token):
url = f"{BASE_URL}/auth/admin/realms/{realm}/users"
payload = {
"enabled": "true",
"username": new_username,
"credentials": [
{
"type": "password",
"value": new_password
}
]
}
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {admin_token}",
}
response = requests.request("POST", url, json=payload, headers=headers, verify=VERIFY_TLS)
if response.status_code == 201: # Check if new realm created
return True
print(response.status_code, response.text)
return False # Was unable to create realm
def main():
json_path = "realm-export.json"
# Read in environment variables
admin_username = os.environ.get('RHSSO_ADMIN_USER')
admin_password = os.environ.get('RHSSO_ADMIN_PASSWORD')
new_username = os.environ.get('RHSSO_TEST_USER')
new_password = os.environ.get('RHSSO_TEST_PASSWORD')
# Log in as admin
print(f"Connecting to {BASE_URL}...")
token = admin_login(admin_username, admin_password)
# Check if login was successful
if not token:
print("Unable to login as admin user. Aborting...", file=sys.stderr)
return 1
print("Logged in as admin user...")
# Upload and apply realm export JSON
json_text = read_json(json_path)
if not upload_json(json_text, token): # Check errors in upload request
print("Unable to create realm. Aborting...", file=sys.stderr)
return 2
print("Successfully uploaded realm!")
# Create the test user if requested
if new_username and new_password:
realm = json.loads(json_text)["realm"]
if not create_user(new_username, new_password, realm, token):
print(f"Unable to create the test user \"{new_username}\" in realm {realm}.", file=sys.stderr)
return 3
print(f"Created user \"{new_username}\" in realm {realm}.")
return 0
main()