added adminer

2021-05-29 14:23:20 +00:00 · 2021-05-29 14:23:20 +00:00 · 1ae7652fbb
parent be28c1ae30
commit 1ae7652fbb
5 changed files with 23 additions and 141 deletions
--- a/admin/src/tests/keycloak_client.py
+++ b/admin/src/tests/keycloak_client.py
@ -1,102 +0,0 @@
-import os,time,requests,json,getpass,pprint
-import traceback
-
-from keycloak_client_exc import *
-
-class ApiClient():
-    def __init__(self,realm='master'):
-        ##server=os.environ['KEYCLOAK_HOST']
-        server='isard-sso-keycloak'
-        self.base_url="http://"+server+":8080/auth/realms/"+realm
-        self.headers={"Content-Type": "application/x-www-form-urlencoded"}
-        self.payload={'username':'admin',
-                        'password':'keycloakkeycloak',
-                        'grant_type':'password',
-                        'client_id':'admin-cli'}
-        self.token=self.get_token()
-        self.admin_url="http://"+server+":8080/auth/admin/realms/"+realm
-                                                #  /admin/realms/${KEYCLOAK_REALM}/users/${$USER_ID}" 
-        self.admin_headers={"Accept": "application/json",
-                            "Authorization": "Bearer "+self.token}
-
-    def get_token(self):
-        path="/protocol/openid-connect/token"
-        resp = requests.post(self.base_url+path, data=self.payload, headers=self.headers)
-        if resp.status_code == 200: return json.loads(resp.text)['access_token']
-        print("       URL: "+self.base_url+path)    
-        print("STATUS CODE: "+str(resp.status_code))
-        print("   RESPONSE: "+resp.text)
-        exit(1)
-
-    def get(self,path,status_code=200,data={},params={}):
-        resp = requests.get(self.admin_url+path, data=data, params=params, headers=self.admin_headers)
-        if resp.status_code == status_code: return json.loads(resp.text)
-        print("       URL: "+self.admin_url+path)
-        print("STATUS CODE: "+str(resp.status_code))
-        print("   RESPONSE: "+resp.text)
-        raise
-
-    def post(self,path,status_code=200,data={},params={},json={}):
-        resp = requests.post(self.admin_url+path, data=data, params=params, json=json, headers=self.admin_headers)
-        #if resp.status_code == status_code: return True
-        print("       URL: "+self.admin_url+path)
-        print("STATUS CODE: "+str(resp.status_code))
-        print("   RESPONSE: "+resp.text)
-        if resp.status_code == 409: raise keycloakUsernameEmailExists
-        raise keycloakError
-
-class KeycloakClient():
-    def __init__(self,realm='master'):
-        ## REFERENCE: https://www.keycloak.org/docs-api/13.0/rest-api/index.html
-        self.api=ApiClient()
-
-    def get_users(self,username=False,exact=True):
-        path='/users'
-        if not username: return self.api.get(path)
-        return self.api.get(path,params={"username":username,'exact':exact})
-
-    def add_user(self,username,first,last,email,password):
-        user={"firstName":first,
-                "lastName":last, 
-                "email":last, 
-                "enabled":"true", 
-                "username":username,
-                "credentials":[{"type":"password",
-                                "value":password,
-                                "temporary":False}]}
-        try:
-            self.api.post('/users',status_code=201,json=user)
-            return True
-        except keycloakExists:
-            print('Username or email already exists')
-        except:
-            traceback.format_exc()
-        return False
-
-    def get_groups(self,name=False):
-        path='/groups'
-        if not name: return self.api.get(path)
-        return self.api.get(path,params={"name":name})
-
-    def add_group(self,name,subgroups=False):
-        group={"name":name}
-        try:
-            self.api.post('/groups',status_code=201,json=group)
-            return True
-        except keycloakExists:
-            print('Group name already exists')
-        except:
-            traceback.format_exc()
-        return False
-
-kapi=KeycloakClient()
-# print('GET USERS')
-# pprint.pprint(kapi.get_users())
-# print('GET ADMIN USER')
-# pprint.pprint(kapi.get_users(username='admin'))
-# print('ADD USER')
-# print(kapi.add_user('pepito','Pepito','Grillo','info@info.com','añlsdkjf'))
-# print('GET GROUPS')
-# pprint.pprint(kapi.get_groups())
-print('ADD GROUP')
-pprint.pprint(kapi.add_group('pepito'))
--- a/admin/src/tests/keycloak_client_exc.py
+++ b/admin/src/tests/keycloak_client_exc.py
@ -1,5 +0,0 @@
-class keycloakError(Exception):
-    pass
-
-class keycloakExists(Exception):
-    pass
--- a/admin/src/tests/test_lib.py
+++ b/admin/src/tests/test_lib.py
@ -1,34 +0,0 @@
-from keycloak import KeycloakOpenID
-
-# Configure client
-keycloak_openid = KeycloakOpenID(server_url="http://isard-sso-keycloak:8080/auth/",
-                    client_id="admin-cli",
-                    realm_name="master",
-                    client_secret_key="secret")
-
-# Get WellKnow
-config_well_know = keycloak_openid.well_know()
-
-# Get Token
-token = keycloak_openid.token("admin", "keycloakkeycloak")
-#token = keycloak_openid.token("user", "password", totp="012345")
-print(token)
-
-from keycloak import KeycloakAdmin
-
-keycloak_admin = KeycloakAdmin(server_url="http://isard-sso-keycloak:8080/auth/",
-                               username='admin',
-                               password='keycloakkeycloak',
-                               realm_name="master",
-                               verify=True)
-        
-# Add user                       
-new_user = keycloak_admin.create_user({"email": "example@example.com",
-                    "username": "example@example.com",
-                    "enabled": True,
-                    "firstName": "Example",
-                    "lastName": "Example"})
-print(new_user)
-
-user_id_keycloak = keycloak_admin.get_user_id("admin")
-print(user_id_keycloak)
--- a/docker-compose-parts/adminer.yml
+++ b/docker-compose-parts/adminer.yml
@ -0,0 +1,9 @@
+---
+version: '3.7'
+services:
+  isard-sso-adminer:
+    image: adminer
+    container_name: isard-sso-adminer
+    restart: always
+    networks:
+      isard_net: {}
--- a/docker/haproxy/haproxy.conf
+++ b/docker/haproxy/haproxy.conf
@ -51,6 +51,7 @@ frontend website
    use_backend be_oof if is_oof
    use_backend be_wp if is_wp
    use_backend be_etherpad if is_pad
+    use_backend be_adminer if is_sso { path_beg /isard-sso-adminer }
    use_backend be_admin if is_sso { path_beg /isard-sso-admin }
    use_backend be_sso if is_sso
    use_backend be_ipa if is_ipa
@ -95,6 +96,19 @@ backend be_admin
  http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
 	server isard-sso-admin isard-sso-admin:9000 check port 9000 inter 5s rise 2 fall 10 resolvers mydns init-addr none

+backend be_adminer
+	mode http
+  acl authorized http_auth(AuthUsers)
+  http-request auth realm AuthUsers unless authorized
+  http-request redirect scheme http drop-query append-slash if { path -m str /isard-sso-adminer }
+  http-request replace-path /isard-sso-adminer/(.*) /\1 
+  http-request del-header Authorization 
+  acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
+  acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
+  http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
+  http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
+	server isard-sso-adminer isard-sso-adminer:8080 check port 8080 inter 5s rise 2 fall 10 resolvers mydns init-addr none
+
 ## APPS
 backend be_moodle
 	mode http