diff options
| author |  Joe Banks <[email protected]> | 2024-07-26 14:54:54 +0100 |
|---|---|---|
| committer | Joe Banks <[email protected]> | 2024-07-26 14:54:54 +0100 |
| commit | c1553cf24a9d902fcc1a205845f5b04bc3b92bcc (patch) | |
| tree | 0d47f536046ba20b4b20576fe6e894935bc75dc7 | |
| parent | Add FreeIPA module (diff) | |
Add Keycloak module
| -rw-r--r-- | arthur/apis/directory/keycloak.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/arthur/apis/directory/keycloak.py b/arthur/apis/directory/keycloak.py new file mode 100644 index 0000000..60a76b3 --- /dev/null +++ b/arthur/apis/directory/keycloak.py @@ -0,0 +1,29 @@ +"""Utilities for interacting with the Keycloak REST API.""" + +from keycloak import KeycloakAdmin + +from arthur.config import CONFIG + + +def create_client() -> KeycloakAdmin: + """Create a new client for the Keycloak API.""" + return KeycloakAdmin( + server_url=str(CONFIG.keycloak_address), + username=CONFIG.keycloak_username, + password=CONFIG.keycloak_password.get_secret_value(), + realm_name=CONFIG.keycloak_user_realm, + user_realm_name="master", + ) + + +def force_password_reset(username: str, password: str) -> None: + """Force a password reset for a user.""" + client = create_client() + + user_id = client.get_user_id(username) + + if not user_id: + msg = f"User {username} not found in Keycloak." + raise ValueError(msg) + + client.set_user_password(user_id, password, temporary=True) |