Skip to content

Commit

Permalink
Add User RHSSO object
Browse files Browse the repository at this point in the history
  • Loading branch information
pehala committed Oct 18, 2022
1 parent b67996b commit 91721e6
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 17 deletions.
2 changes: 1 addition & 1 deletion testsuite/oidc/rhsso/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

from testsuite.oidc import OIDCProvider, Token
from testsuite.objects import LifecycleObject
from .objects import Realm, Client
from .objects import Realm, Client, User


# pylint: disable=too-many-instance-attributes
Expand Down
40 changes: 30 additions & 10 deletions testsuite/oidc/rhsso/objects.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ def create_user(self, username, password, **kwargs):
user_id = self.admin.get_user_id(username)
self.admin.set_user_password(user_id, password, temporary=False)
self.admin.update_user(user_id, {"emailVerified": True})
return user_id
return User(self, user_id, username, password)

def create_realm_role(self, role_name: str):
"""Creates realm role
Expand All @@ -49,15 +49,6 @@ def create_realm_role(self, role_name: str):
role_id = self.admin.get_realm_role(role_name)["id"]
return {"name": role_name, "id": role_id}

def assign_realm_role(self, role, user_id: str):
"""Assigns realm role to user
:param role: Dictionary with two keys "name" and "id" of role to assign
:param user_id: Id of user to assign role to
:returns: Keycloak server response
"""
return self.admin.assign_realm_roles(user_id=user_id,
roles=role)

def oidc_client(self, client_id, client_secret):
"""Create OIDC client for this realm"""
return KeycloakOpenID(server_url=self.admin.server_url,
Expand Down Expand Up @@ -87,3 +78,32 @@ def oidc_client(self):
client_id = self.admin.get_client(self.client_id)["clientId"]
secret = self.admin.get_client_secrets(self.client_id)["value"]
return self.realm.oidc_client(client_id, secret)


class User:
"""Wrapper object for User object in RHSSO"""

def __init__(self, realm: Realm, user_id, username, password) -> None:
super().__init__()
self.admin = realm.admin
self.realm = realm
self.user_id = user_id
self.username = username
self.password = password

def update_user(self, **properties):
"""Updates user"""
self.admin.update_user(self.user_id, properties)

def assign_realm_role(self, role):
"""Assigns realm role to user
:param role: Dictionary with two keys "name" and "id" of role to assign
:returns: Keycloak server response
"""
return self.admin.assign_realm_roles(user_id=self.user_id,
roles=role)

@property
def properties(self):
"""Returns User information in a dict"""
return self.admin.get_user(self.user_id)
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ def authorization(authorization):
@pytest.fixture(scope="module")
def realm_role(rhsso, realm_role):
"""Add realm role to rhsso user"""
rhsso.realm.assign_realm_role(realm_role, rhsso.user)
rhsso.user.assign_realm_role(realm_role)
return realm_role


Expand All @@ -38,4 +38,4 @@ def tests_rhsso_context(client, auth, rhsso, realm_role):
assert float(identity["iat"]) <= now
assert auth_json["context"] == f"Bearer {auth.token.access_token}"
assert realm_role["name"] in identity["realm_access"]["roles"]
assert identity['email'] == rhsso.client.admin.get_user(rhsso.user)["email"]
assert identity['email'] == rhsso.user.properties["email"]
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ def user_with_role(rhsso, realm_role, blame):
"""Creates new user and adds him into realm_role"""
username = blame("someuser")
password = blame("password")
user_id = rhsso.realm.create_user(username, password)
rhsso.realm.assign_realm_role(realm_role, user_id)
return {"id": user_id, "username": username, "password": password}
user = rhsso.realm.create_user(username, password)
user.assign_realm_role(realm_role)
return user


@pytest.fixture(scope="module")
Expand All @@ -22,7 +22,7 @@ def authorization(authorization, realm_role, blame):

def test_user_with_role(client, user_with_role, rhsso):
"""Test request when user does have required role using new user with assigned role"""
auth = HttpxOidcClientAuth(rhsso.get_token(user_with_role["username"], user_with_role["password"]),
auth = HttpxOidcClientAuth(rhsso.get_token(user_with_role.username, user_with_role.password),
"authorization")
response = client.get("/get", auth=auth)
assert response.status_code == 200
Expand Down

0 comments on commit 91721e6

Please sign in to comment.