keycloak.uma_permissions

keycloak.uma_permissions#

User-managed access permissions module.

Classes#

UMAPermission

A class to conveniently assemble permissions.

Resource

A UMAPermission Resource class to conveniently assemble permissions.

Scope

A UMAPermission Scope class to conveniently assemble permissions.

AuthStatus

A class that represents the authorization/login status of a user associated with a token.

Functions#

build_permission_param(→ set)

Transform permissions to a set, so they are usable for requests.

Module Contents#

class keycloak.uma_permissions.UMAPermission(permission: UMAPermission | None = None, resource: str = '', scope: str = '')[source]#

A class to conveniently assemble permissions.

The class itself is callable, and will return the assembled permission.

Usage example:

>>> r = Resource("Users")
>>> s = Scope("delete")
>>> permission = r(s)
>>> print(permission)
    'Users#delete'
Parameters:

  • permission (UMAPermission) – Permission

  • resource (str) – Resource

  • scope (str) – Scope

resource = ''[source]#
scope = ''[source]#
__str__() str[source]#

Str method.

Returns:

String representation

Return type:

str

__eq__(other: object) bool[source]#

Eq method.

Parameters:

__o (object) – The other object

Returns:

Equality boolean

Return type:

bool

__repr__() str[source]#

Repr method.

Returns:

The object representation

Return type:

str

__hash__() int[source]#

Hash method.

Returns:

Hash of the object

Return type:

int

__call__(permission: UMAPermission | None = None, resource: str = '', scope: str = '') UMAPermission[source]#

Call method.

Parameters:

  • permission (UMAPermission) – Permission

  • resource (str) – Resource

  • scope (str) – Scope

Returns:

The combined UMA permission

Return type:

UMAPermission

Raises:

PermissionDefinitionError – In case bad permission definition

class keycloak.uma_permissions.Resource(resource: Resource)[source]#

Bases: UMAPermission

A UMAPermission Resource class to conveniently assemble permissions.

The class itself is callable, and will return the assembled permission.

Parameters:

resource (str) – Resource

class keycloak.uma_permissions.Scope(scope: Scope)[source]#

Bases: UMAPermission

A UMAPermission Scope class to conveniently assemble permissions.

The class itself is callable, and will return the assembled permission.

Parameters:

scope (str) – Scope

class keycloak.uma_permissions.AuthStatus(is_logged_in: bool, is_authorized: bool, missing_permissions: set)[source]#

A class that represents the authorization/login status of a user associated with a token.

This has to evaluate to True if and only if the user is properly authorized for the requested resource.

Parameters:

  • is_logged_in (bool) – Is logged in indicator

  • is_authorized (bool) – Is authorized indicator

  • missing_permissions (set) – Missing permissions

is_logged_in[source]#
is_authorized[source]#
missing_permissions[source]#
__bool__() bool[source]#

Bool method.

Returns:

Boolean representation

Return type:

bool

__repr__() str[source]#

Repr method.

Returns:

The object representation

Return type:

str

keycloak.uma_permissions.build_permission_param(permissions: str | list | dict) set[source]#

Transform permissions to a set, so they are usable for requests.

Parameters:

permissions (str | Iterable[str] | dict[str, str] | dict[str, Iterabble[str]]) – Permissions

Returns:

Permission parameters

Return type:

set

Raises:

KeycloakPermissionFormatError – In case of bad permission format