MAIA.keycloak_utils module#

MAIA.keycloak_utils.delete_group_in_keycloak(group_id, settings)[source]#

Delete a group in Keycloak

Parameters:

  • group_id (str) – The ID of the group to be deleted.

  • settings (object) – An object containing the Keycloak server settings. It should have the following attributes: - OIDC_SERVER_URL: str, the URL of the Keycloak server. - OIDC_USERNAME: str, the username for Keycloak authentication. - OIDC_REALM_NAME: str, the realm name in Keycloak. - OIDC_RP_CLIENT_ID: str, the client ID for Keycloak. - OIDC_RP_CLIENT_SECRET: str, the client secret for Keycloak.

Returns:

None

MAIA.keycloak_utils.get_groups_for_user(email, settings)[source]#

Retrieve the MAIA groups associated with a user in Keycloak.

Parameters:

  • email (str) – The email address of the user to retrieve groups for.

  • settings (object) – An object containing the Keycloak server settings. It should have the following attributes: - OIDC_SERVER_URL: str, the URL of the Keycloak server. - OIDC_USERNAME: str, the username for Keycloak authentication. - OIDC_REALM_NAME: str, the realm name in Keycloak. - OIDC_RP_CLIENT_ID: str, the client ID for Keycloak. - OIDC_RP_CLIENT_SECRET: str, the client secret for Keycloak.

Returns:

list – A list of MAIA groups that the user is associated with.

MAIA.keycloak_utils.get_groups_in_keycloak(settings)[source]#

Retrieve groups from Keycloak that start with “MAIA:” and return them in a dictionary.

Parameters:

settings (object) –

An object containing the Keycloak connection settings. It should have the following attributes: - OIDC_SERVER_URL : str

The URL of the Keycloak server.

  • OIDC_USERNAMEstr

    The username for Keycloak authentication.

  • OIDC_REALM_NAMEstr

    The name of the Keycloak realm.

  • OIDC_RP_CLIENT_IDstr

    The client ID for Keycloak.

  • OIDC_RP_CLIENT_SECRETstr

    The client secret for Keycloak.

Returns:

dict – A dictionary where the keys are group IDs and the values are group names (with the “MAIA:” prefix removed) for groups that start with “MAIA:”.

MAIA.keycloak_utils.get_list_of_groups_requesting_a_user(email, user_model)[source]#

Retrieves a list of groups (namespaces) that have requested a specific user based on their email.

Parameters:

  • email (str) – The email address of the user to search for.

  • user_model (object) – The user model object to query for user information.

Returns:

list – A list of namespaces that have requested the user. Returns an empty list if no groups are found.

Raises:

  • KeyError – If environment variables ‘DB_HOST’, ‘DB_USERNAME’, or ‘DB_PASS’ are not set in non-debug mode.

  • Exception – If there is an issue connecting to the database or executing the SQL queries.

MAIA.keycloak_utils.get_list_of_users_requesting_a_group(maia_user_model, group_id)[source]#

Retrieves a list of email addresses of users who have requested access to a specific group.

Parameters:

  • group_id (str) – The ID of the group to check for user requests.

  • settings (object) – A settings object that contains configuration parameters, including DEBUG and LOCAL_DB_PATH.

Returns:

list – A list of email addresses of users who have requested access to the specified group.

Raises:

  • KeyError – If environment variables for database connection are not set when DEBUG is False.

  • Exception – If there is an issue with database connection or query execution.

Notes

When settings.DEBUG is True, a local SQLite database is used. When settings.DEBUG is False, a MySQL database is used with connection parameters from environment variables.

MAIA.keycloak_utils.get_maia_users_from_keycloak(settings)[source]#

Retrieves all users from Keycloak who are members of any MAIA group.

Parameters:

settings (object) –

An object containing Keycloak connection settings, including: - OIDC_SERVER_URL : str

The URL of the Keycloak server.

  • OIDC_USERNAMEstr

    The username for Keycloak authentication.

  • OIDC_REALM_NAMEstr

    The realm name in Keycloak.

  • OIDC_RP_CLIENT_IDstr

    The client ID for Keycloak.

  • OIDC_RP_CLIENT_SECRETstr

    The client secret for Keycloak.

Returns:

list – A list of dictionaries containing user information for all users in MAIA groups. Each dictionary contains user details like email, username, and groups.

MAIA.keycloak_utils.get_user_ids(settings)[source]#

Retrieve user IDs and their associated MAIA groups from Keycloak.

Parameters:

settings (object) – An object containing the Keycloak server settings. It should have the following attributes: - OIDC_SERVER_URL: str, the URL of the Keycloak server. - OIDC_USERNAME: str, the username for Keycloak authentication. - OIDC_REALM_NAME: str, the realm name in Keycloak. - OIDC_RP_CLIENT_ID: str, the client ID for Keycloak. - OIDC_RP_CLIENT_SECRET: str, the client secret for Keycloak.

Returns:

dict – A dictionary where the keys are user email addresses and the values are lists of MAIA groups the user belongs to.

MAIA.keycloak_utils.register_group_in_keycloak(group_id, settings)[source]#

Registers a group in Keycloak with the specified group ID and settings.

Parameters:

  • group_id (str) – The ID of the group to be registered.

  • settings (object) –

    An object containing the Keycloak server settings, including: - OIDC_SERVER_URL : str

    The URL of the Keycloak server.

    • OIDC_USERNAMEstr

      The username for Keycloak authentication.

    • OIDC_REALM_NAMEstr

      The name of the Keycloak realm.

    • OIDC_RP_CLIENT_IDstr

      The client ID for Keycloak.

    • OIDC_RP_CLIENT_SECRETstr

      The client secret for Keycloak.

Returns:

None

MAIA.keycloak_utils.register_user_in_keycloak(email, settings)[source]#

Registers a user in Keycloak and sends an approved registration email.

Parameters:

  • email (str) – The email address of the user to be registered.

  • settings (object) – An object containing the necessary settings for Keycloak connection and email sending.

  • Attributes (Settings)

  • -------------------

  • OIDC_SERVER_URL (str) – The URL of the Keycloak server.

  • OIDC_USERNAME (str) – The username for Keycloak authentication.

  • OIDC_REALM_NAME (str) – The name of the Keycloak realm.

  • OIDC_RP_CLIENT_ID (str) – The client ID for Keycloak.

  • OIDC_RP_CLIENT_SECRET (str) – The client secret for Keycloak.

  • HOSTNAME (str) – The hostname for generating the MAIA login URL.

Returns:

None

MAIA.keycloak_utils.register_users_in_group_in_keycloak(emails, group_id, settings)[source]#

Registers users in a specified Keycloak group.

Parameters:

  • emails (list) – A list of email addresses of users to be added to the group.

  • group_id (str) – The ID of the group to which users should be added.

  • settings (object) –

    An object containing Keycloak server settings, including: - OIDC_SERVER_URL : str

    The URL of the Keycloak server.

    • OIDC_USERNAMEstr

      The username for Keycloak authentication.

    • OIDC_REALM_NAMEstr

      The realm name in Keycloak.

    • OIDC_RP_CLIENT_IDstr

      The client ID for Keycloak.

    • OIDC_RP_CLIENT_SECRETstr

      The client secret for Keycloak.

Returns:

None

MAIA.keycloak_utils.remove_user_from_group_in_keycloak(email, group_id, settings)[source]#

Remove a user from a group in Keycloak.

Parameters:

  • email (str) – The email address of the user to be removed from the group.

  • group_id (str) – The ID of the group from which the user should be removed.

  • settings (object) – An object containing the Keycloak server settings. It should have the following attributes: - OIDC_SERVER_URL: str, the URL of the Keycloak server. - OIDC_USERNAME: str, the username for Keycloak authentication. - OIDC_REALM_NAME: str, the realm name in Keycloak. - OIDC_RP_CLIENT_ID: str, the client ID for Keycloak. - OIDC_RP_CLIENT_SECRET: str, the client secret for Keycloak.

Returns:

None