From a2b20b861c7b6ab75fd64299d3198598bfe03159 Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Sat, 17 Aug 2024 21:52:11 +0200 Subject: [PATCH 1/2] Fix flake8 formating issues --- keycloak_httpd_client/keycloak_rest.py | 40 +++++++++++--------------- keycloak_httpd_client/utils.py | 27 +++++++++++++---- setup.py | 24 ++++++++-------- 3 files changed, 50 insertions(+), 41 deletions(-) diff --git a/keycloak_httpd_client/keycloak_rest.py b/keycloak_httpd_client/keycloak_rest.py index 7f1aaf8..46af959 100644 --- a/keycloak_httpd_client/keycloak_rest.py +++ b/keycloak_httpd_client/keycloak_rest.py @@ -96,6 +96,7 @@ def __str__(self): # ------------------------------------------------------------------------------ + class KeycloakREST(object): def __init__(self, server, auth_role=None, session=None): @@ -111,7 +112,6 @@ def _log_rest_response(self, cmd_name, response): response.headers.get('Content-Length'), response.headers.get('Content-Type')) - def _log_rest_request(self, cmd_name, url, data=None): fname = inspect.stack()[1][3] logger.debug('%s() [%s] url=%s%s', @@ -145,7 +145,7 @@ def get_initial_access_token(self, realm_name): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -165,7 +165,7 @@ def get_server_info(self): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -185,7 +185,7 @@ def get_realms(self): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -209,7 +209,7 @@ def create_realm(self, realm_name): except ValueError: response_json = None - if response.status_code != requests.codes.created: # pylint: disable=no-member + if response.status_code != requests.codes.created: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -229,7 +229,7 @@ def delete_realm(self, realm_name): except ValueError: response_json = None - if response.status_code != requests.codes.no_content: # pylint: disable=no-member + if response.status_code != requests.codes.no_content: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -244,7 +244,7 @@ def get_realm_saml_metadata(self, realm_name): response = self.session.get(url) self._log_rest_response(cmd_name, response) - if response.status_code != requests.codes.ok: # pylint: disable=no-member + if response.status_code != requests.codes.ok: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response.text, False) @@ -265,13 +265,12 @@ def get_clients(self, realm_name): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) return response_json - def get_client_by_clientid(self, realm_name, clientid): cmd_name = 'get clientid "{clientid}" in realm "{realm}"'.format( clientid=clientid, realm=realm_name) @@ -290,7 +289,7 @@ def get_client_by_clientid(self, realm_name, clientid): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) if not isinstance(response_json, list): @@ -310,7 +309,6 @@ def get_client_by_clientid(self, realm_name, clientid): self._log_return_value(response_json[0]) return response_json[0] - def get_client_id_by_clientid(self, realm_name, clientid): client = self.get_client_by_clientid(realm_name, clientid) return client.get('id') @@ -333,7 +331,7 @@ def convert_saml_metadata_to_client_representation(self, realm_name, metadata): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -357,7 +355,7 @@ def get_client_secret_by_id(self, realm_name, obj_id): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -381,7 +379,7 @@ def regenerate_client_secret_by_id(self, realm_name, obj_id): response_json = None if (not response_json or - response.status_code != requests.codes.ok): # pylint: disable=no-member + response.status_code != requests.codes.ok): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -405,7 +403,7 @@ def create_client_from_client_representation(self, realm_name, client_representa except ValueError: response_json = None - if response.status_code != requests.codes.created: # pylint: disable=no-member + if response.status_code != requests.codes.created: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -460,7 +458,7 @@ def register_client(self, initial_access_token, realm_name, response_json = None if (not response_json or - response.status_code != requests.codes.created): # pylint: disable=no-member + response.status_code != requests.codes.created): # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -470,7 +468,6 @@ def delete_client_by_clientid(self, realm_name, clientid): obj_id = self.get_client_id_by_clientid(realm_name, clientid) self.delete_client_by_id(realm_name, obj_id) - def delete_client_by_id(self, realm_name, obj_id): cmd_name = 'delete client id "{id}"in realm "{realm}"'.format( id=obj_id, realm=realm_name) @@ -488,7 +485,7 @@ def delete_client_by_id(self, realm_name, obj_id): except ValueError: response_json = None - if response.status_code != requests.codes.no_content: # pylint: disable=no-member + if response.status_code != requests.codes.no_content: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -511,7 +508,7 @@ def update_client(self, realm_name, client): except ValueError: response_json = None - if response.status_code != requests.codes.no_content: # pylint: disable=no-member + if response.status_code != requests.codes.no_content: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -527,7 +524,6 @@ def update_client_attributes(self, realm_name, client, update_attrs): 'new attrs=%s', client_id, client['attributes']) self.update_client(realm_name, client) - def update_client_attributes_by_clientid(self, realm_name, clientid, update_attrs): client = self.get_client_by_clientid(realm_name, clientid) @@ -574,7 +570,7 @@ def create_client_protocol_mapper(self, realm_name, client, mapper): except ValueError: response_json = None - if response.status_code != requests.codes.created: # pylint: disable=no-member + if response.status_code != requests.codes.created: # pylint: disable=no-member raise RESTError(cmd_name, response) self._log_return_value(response_json) @@ -585,7 +581,6 @@ def create_client_protocol_mapper_by_clientid(self, realm_name, clientid, client = self.get_client_by_clientid(realm_name, clientid) self.create_client_protocol_mapper(realm_name, client, mapper) - def add_client_redirect_uris_by_clientid(self, realm_name, clientid, uris): client = self.get_client_by_clientid(realm_name, clientid) @@ -649,7 +644,6 @@ def __init__(self, server, tls_verify): super(KeycloakAnonymousConnection, self).__init__(server, 'anonymous') self.session = self._create_session(tls_verify) - def _create_session(self, tls_verify): session = requests.Session() session.verify = tls_verify diff --git a/keycloak_httpd_client/utils.py b/keycloak_httpd_client/utils.py index 1b3bb1a..d600d9f 100644 --- a/keycloak_httpd_client/utils.py +++ b/keycloak_httpd_client/utils.py @@ -23,7 +23,6 @@ from lxml import etree # -------------------------------- Constants ---------------------------------- - DEV_NULL = '/dev/null' BIN_TIMEOUT = '/usr/bin/timeout' @@ -33,11 +32,10 @@ STEP = logging.INFO + 1 # -------------------------------- Variables ---------------------------------- - logger = logging.getLogger(__name__) -# ---------------------------- Logging Utilities ------------------------------ +# ---------------------------- Logging Utilities ------------------------------ def _add_step_logger(): class StepLogger(logging.Logger): @@ -54,6 +52,7 @@ def step(self, msg, *args, **kwargs): logging.addLevelName(STEP, 'STEP') logging.setLoggerClass(StepLogger) + def configure_logging(options, add_step_logger=False): if add_step_logger: _add_step_logger() @@ -134,6 +133,7 @@ def configure_logging(options, add_step_logger=False): # ------------------------------ JSON Utilities ------------------------------- + def json_pretty(text): return json.dumps(json.loads(text), indent=4, sort_keys=True) @@ -145,6 +145,7 @@ def py_json_pretty(py_json): # ------------------------------ Path Utilities ------------------------------- + def join_path(*args): '''Join each argument into a final path assuring there is exactly one slash separating all components in the final path @@ -185,6 +186,7 @@ def join_path(*args): return path + def generate_random_string(n_bits=48): ''' Return a random string to be used as a secret. @@ -204,6 +206,7 @@ def generate_random_string(n_bits=48): random_string = '%0*x' % (n_bits >> 2, random.getrandbits(n_bits)) return random_string + try: from os.path import commonpath except ImportError: @@ -242,6 +245,7 @@ def commonpath(paths): prefix = sep if isabs else sep[:0] return prefix + sep.join(common) + def is_path_antecedent(ancestor, antecedent): 'True if antecedent path is below the ancestor path' ancestor = os.path.normpath(ancestor) @@ -376,7 +380,7 @@ def preexec(): logger.debug('Process interrupted') p.wait() raise - except: + except Exception: logger.debug('Process execution failed') raise finally: @@ -444,6 +448,7 @@ def load_data_from_file(filename): data = f.read() return data + def mkdir(pathname, mode=0o775): logger.debug('mkdir pathname="%s" mode=%#o', pathname, mode) if os.path.exists(pathname): @@ -460,9 +465,11 @@ def httpd_restart(): # ----------------------------- HTTP Utilities -------------------------------- + def server_name_from_url(url): return urlparse(url).netloc + def normalize_url(url, default_scheme='https'): '''Assure scheme and port are canonical. @@ -517,6 +524,7 @@ def normalize_url(url, default_scheme='https'): return urlunsplit((scheme, netloc, path, query, fragment)) + def normalize_keycloak_server_url(url): value = url.rstrip('/') if value.count('/') > 3 or value.endswith('/auth'): @@ -536,6 +544,7 @@ def normalize_keycloak_server_url(url): class InvalidBase64Error(ValueError): pass + pem_headers = { 'csr': 'NEW CERTIFICATE REQUEST', 'cert': 'CERTIFICATE', @@ -698,6 +707,7 @@ def parse_pem(text, pem_type=None, max_items=None): # ------------------------- SAML Metadata Utilities --------------------------- + def get_sp_assertion_consumer_url(metadata_file, entity_id=None, binding=None): '''Retrieve AssertionConsumerURL(s) from SP metadata @@ -796,7 +806,6 @@ def get_entity_id_from_metadata(metadata_file, role): 'attr_authority': 'AttributeAuthorityDescriptor', 'pdp': 'PDPDescriptor'} - role_descriptor = roles.get(role) if role_descriptor is None: raise ValueError('invalid role "%s", must be one of: %s' % @@ -902,7 +911,8 @@ def install_mellon_cert(options): install_file_from_data(key, options.mellon_dst_key_file) install_file_from_data(cert, options.mellon_dst_cert_file) -#---------------------------- Argparse Utilities ------------------------------- +# ---------------------------- Argparse Utilities ------------------------------- + class DeprecatedStoreAction(argparse.Action): def __init__(self, option_strings, dest, nargs=None, **kwargs): @@ -913,6 +923,7 @@ def __call__(self, parser, namespace, values, option_string=None): file=sys.stderr) setattr(namespace, self.dest, values) + def _argparse_copy_items(items): if items is None: return [] @@ -923,6 +934,7 @@ def _argparse_copy_items(items): return items[:] return copy.copy(items) + class DeprecatedAppendAction(argparse.Action): def __init__(self, option_strings, dest, nargs=None, **kwargs): super(DeprecatedAppendAction, self).__init__(option_strings, dest, **kwargs) @@ -935,6 +947,7 @@ def __call__(self, parser, namespace, values, option_string=None): items.append(values) setattr(namespace, self.dest, items) + class UniqueNamesAction(argparse.Action): '''Store into dest a set of names. The option may be specified multiple times to build up the set. @@ -955,6 +968,7 @@ class UniqueNamesAction(argparse.Action): names are split and we can't use nargs because you end up with a set of lists. ''' name_choices = set() + def __init__(self, option_strings, dest, nargs=None, **kwargs): if nargs is not None: raise ValueError('nargs not allowed') @@ -976,6 +990,7 @@ def __call__(self, parser, namespace, values, option_string=None): getattr(namespace, self.dest).add(value) + class TlsVerifyAction(argparse.Action): def __init__(self, option_strings, dest, nargs=None, **kwargs): if nargs is not None: diff --git a/setup.py b/setup.py index aab81ca..6553e7f 100644 --- a/setup.py +++ b/setup.py @@ -11,21 +11,21 @@ author_email='jdennis@redhat.com', url='https://github.com/latchset/keycloak-httpd-client-install', license='GPLv3', - packages = ['keycloak_httpd_client'], - scripts = ['bin/keycloak-httpd-client-install', - 'bin/keycloak-rest'], - data_files = [('/usr/share/{name}/templates'.format(name=name), - ['templates/mellon_httpd.conf', - 'templates/sp_metadata.tpl', - 'templates/oidc-client-registration.tpl', - 'templates/oidc-client-representation.tpl', - 'templates/oidc_httpd.conf'])], - requires = ['requests', 'requests_oauthlib', 'jinja2'], - classifiers = [ # see https://pypi.python.org/pypi?%3Aaction=list_classifiers + packages=['keycloak_httpd_client'], + scripts=['bin/keycloak-httpd-client-install', + 'bin/keycloak-rest'], + data_files=[('/usr/share/{name}/templates'.format(name=name), + ['templates/mellon_httpd.conf', + 'templates/sp_metadata.tpl', + 'templates/oidc-client-registration.tpl', + 'templates/oidc-client-representation.tpl', + 'templates/oidc_httpd.conf'])], + requires=['requests', 'requests_oauthlib', 'jinja2'], + classifiers=[ # see https://pypi.python.org/pypi?%3Aaction=list_classifiers "Programming Language :: Python", "Programming Language :: Python :: 3", "Development Status :: 5 - Production/Stable", "License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)", "Operating System :: POSIX", ], - ) + ) From 51b20a3eef96fdc3e44affa02e2af5cc39fcff42 Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Sat, 17 Aug 2024 23:01:35 +0200 Subject: [PATCH 2/2] Remove unused variable Token variable is assigned but never used --- keycloak_httpd_client/keycloak_rest.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/keycloak_httpd_client/keycloak_rest.py b/keycloak_httpd_client/keycloak_rest.py index 46af959..a5f0964 100644 --- a/keycloak_httpd_client/keycloak_rest.py +++ b/keycloak_httpd_client/keycloak_rest.py @@ -629,11 +629,11 @@ def _create_session(self, tls_verify): 'client_id': self.client_id}) session.verify = tls_verify - token = session.fetch_token(token_url=token_url, - username=self.username, - password=self.password, - client_id=self.client_id, - verify=session.verify) + session.fetch_token(token_url=token_url, + username=self.username, + password=self.password, + client_id=self.client_id, + verify=session.verify) return session