keycloak.uma_permissions
User-managed access permissions module.
Classes
A class to conveniently assemble permissions. |
|
A UMAPermission Resource class to conveniently assemble permissions. |
|
A UMAPermission Scope class to conveniently assemble permissions. |
|
A class that represents the authorization/login status of a user associated with a token. |
Functions
|
Transform permissions to a set, so they are usable for requests. |
Module Contents
- class keycloak.uma_permissions.UMAPermission(permission=None, resource='', scope='')[source]
A class to conveniently assemble permissions.
The class itself is callable, and will return the assembled permission.
Usage example:
>>> r = Resource("Users") >>> s = Scope("delete") >>> permission = r(s) >>> print(permission) 'Users#delete'
- Parameters:
permission (UMAPermission) – Permission
resource (str) – Resource
scope (str) – Scope
- __eq__(__o: object) bool [source]
Eq method.
- Parameters:
__o (object) – The other object
- Returns:
Equality boolean
- Return type:
bool
- __call__(permission=None, resource='', scope='') UMAPermission [source]
Call method.
- Parameters:
permission (UMAPermission) – Permission
resource (str) – Resource
scope (str) – Scope
- Returns:
The combined UMA permission
- Return type:
- Raises:
PermissionDefinitionError – In case bad permission definition
- class keycloak.uma_permissions.Resource(resource)[source]
Bases:
UMAPermission
A UMAPermission Resource class to conveniently assemble permissions.
The class itself is callable, and will return the assembled permission.
- Parameters:
resource (str) – Resource
- class keycloak.uma_permissions.Scope(scope)[source]
Bases:
UMAPermission
A UMAPermission Scope class to conveniently assemble permissions.
The class itself is callable, and will return the assembled permission.
- Parameters:
scope (str) – Scope
- class keycloak.uma_permissions.AuthStatus(is_logged_in, is_authorized, missing_permissions)[source]
A class that represents the authorization/login status of a user associated with a token.
This has to evaluate to True if and only if the user is properly authorized for the requested resource.
- Parameters:
is_logged_in (bool) – Is logged in indicator
is_authorized (bool) – Is authorized indicator
missing_permissions (set) – Missing permissions
- keycloak.uma_permissions.build_permission_param(permissions)[source]
Transform permissions to a set, so they are usable for requests.
- Parameters:
permissions (str | Iterable[str] | dict[str, str] | dict[str, Iterabble[str]]) – Permissions
- Returns:
Permission parameters
- Return type:
set
- Raises:
KeycloakPermissionFormatError – In case of bad permission format