{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE ViewPatterns #-}

-- |
-- This module helps you manage users in Keycloak.
-- You can create, read and update users.
-- To activate this, you need to give the role "manage users" to your user in Keycloak.
-- For this, go in your user, select the "Role mappings" tab.
-- Then in "client Roles", select "realm management" and assign the role "manage-users".
-- 
-- Example usage:
-- 
-- @
-- -- Get a JWT from Keycloak. A JWT can then be used to authenticate yourself.
-- jwt <- getJWT "demo" "demo" 
-- 
-- users <- getUsers Nothing Nothing Nothing jwt
-- liftIO $ putStrLn $ "All Users: " ++ (show users)
-- @

module Keycloak.Users where

import           Control.Monad.IO.Class
import           Data.Aeson as JSON
import           Data.Text as T hiding (head, tail, map)
import           Data.String.Conversions
import           Keycloak.Types
import           Keycloak.Utils as U
import           Network.HTTP.Types (renderQuery)

-- * Users

-- | Get users. Default number of users is 100. Parameters max and first allow to paginate and retrieve more than 100 users.
getUsers :: MonadIO m => Maybe Max -> Maybe First -> Maybe Username -> JWT ->  KeycloakT m [User]
getUsers :: forall (m :: * -> *).
MonadIO m =>
Maybe Max
-> Maybe Max -> Maybe Username -> JWT -> KeycloakT m [User]
getUsers Maybe Max
mmax Maybe Max
first Maybe Username
username JWT
tok = do
  let query :: [(ByteString, Maybe ByteString)]
query = forall b a. b -> (a -> b) -> Maybe a -> b
maybe [] (\Max
m -> [(ByteString
"max", forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$ forall a b. ConvertibleStrings a b => a -> b
convertString forall a b. (a -> b) -> a -> b
$ forall a. Show a => a -> String
show Max
m)]) Maybe Max
mmax
           forall a. [a] -> [a] -> [a]
++ forall b a. b -> (a -> b) -> Maybe a -> b
maybe [] (\Max
f -> [(ByteString
"first", forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$ forall a b. ConvertibleStrings a b => a -> b
convertString forall a b. (a -> b) -> a -> b
$ forall a. Show a => a -> String
show Max
f)]) Maybe Max
first
           forall a. [a] -> [a] -> [a]
++ forall b a. b -> (a -> b) -> Maybe a -> b
maybe [] (\Username
u -> [(ByteString
"username", forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$ forall a b. ConvertibleStrings a b => a -> b
convertString Username
u)]) Maybe Username
username
  ByteString
body <- forall (m :: * -> *).
MonadIO m =>
Username -> JWT -> KeycloakT m ByteString
keycloakAdminGet (Username
"users" forall a. Semigroup a => a -> a -> a
<> (forall a b. ConvertibleStrings a b => a -> b
convertString forall a b. (a -> b) -> a -> b
$ Bool -> [(ByteString, Maybe ByteString)] -> ByteString
renderQuery Bool
True [(ByteString, Maybe ByteString)]
query)) JWT
tok 
  forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak success" 
  case forall a. FromJSON a => ByteString -> Either String a
eitherDecode ByteString
body of
    Right [User]
ret -> do
      forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak success: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show [User]
ret) 
      forall (m :: * -> *) a. Monad m => a -> m a
return [User]
ret
    Left (String
err2 :: String) -> do
      forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak parse error: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show String
err2) 
      forall (m :: * -> *) a. Monad m => KCError -> KeycloakT m a
kcError forall a b. (a -> b) -> a -> b
$ Username -> KCError
ParseError forall a b. (a -> b) -> a -> b
$ String -> Username
pack (forall a. Show a => a -> String
show String
err2)

-- | Get a single user, based on his Id
getUser :: MonadIO m => UserId -> JWT ->  KeycloakT m User
getUser :: forall (m :: * -> *).
MonadIO m =>
UserId -> JWT -> KeycloakT m User
getUser (UserId Username
uid) JWT
tok = do
  ByteString
body <- forall (m :: * -> *).
MonadIO m =>
Username -> JWT -> KeycloakT m ByteString
keycloakAdminGet (Username
"users/" forall a. Semigroup a => a -> a -> a
<> (forall a b. ConvertibleStrings a b => a -> b
convertString Username
uid)) JWT
tok 
  forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak success: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show ByteString
body) 
  case forall a. FromJSON a => ByteString -> Either String a
eitherDecode ByteString
body of
    Right User
ret -> do
      forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak success: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show User
ret) 
      forall (m :: * -> *) a. Monad m => a -> m a
return User
ret
    Left (String
err2 :: String) -> do
      forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak parse error: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show String
err2) 
      forall (m :: * -> *) a. Monad m => KCError -> KeycloakT m a
kcError forall a b. (a -> b) -> a -> b
$ Username -> KCError
ParseError forall a b. (a -> b) -> a -> b
$ String -> Username
pack (forall a. Show a => a -> String
show String
err2)

-- | Create a user
createUser :: MonadIO m => User -> JWT ->  KeycloakT m UserId
createUser :: forall (m :: * -> *).
MonadIO m =>
User -> JWT -> KeycloakT m UserId
createUser User
user JWT
tok = do
  ByteString
res <- forall dat (m :: * -> *).
(Postable dat, Show dat, MonadIO m) =>
Username -> dat -> JWT -> KeycloakT m ByteString
keycloakAdminPost (Username
"users/") (forall a. ToJSON a => a -> Value
toJSON User
user) JWT
tok 
  forall (m :: * -> *). MonadIO m => String -> m ()
debug forall a b. (a -> b) -> a -> b
$ String
"Keycloak success: " forall a. [a] -> [a] -> [a]
++ (forall a. Show a => a -> String
show ByteString
res) 
  forall (m :: * -> *) a. Monad m => a -> m a
return forall a b. (a -> b) -> a -> b
$ Username -> UserId
UserId forall a b. (a -> b) -> a -> b
$ forall a b. ConvertibleStrings a b => a -> b
convertString ByteString
res

-- | Get a single user, based on his Id
updateUser :: MonadIO m => UserId -> User -> JWT ->  KeycloakT m ()
updateUser :: forall (m :: * -> *).
MonadIO m =>
UserId -> User -> JWT -> KeycloakT m ()
updateUser (UserId Username
uid) User
user JWT
tok = do
  forall dat (m :: * -> *).
(Putable dat, Show dat, MonadIO m) =>
Username -> dat -> JWT -> KeycloakT m ()
keycloakAdminPut (Username
"users/" forall a. Semigroup a => a -> a -> a
<> (forall a b. ConvertibleStrings a b => a -> b
convertString Username
uid)) (forall a. ToJSON a => a -> Value
toJSON User
user) JWT
tok 
  forall (m :: * -> *) a. Monad m => a -> m a
return ()