From 3254c2d69959cbdbfb263d744f1bac384799f107 Mon Sep 17 00:00:00 2001
From: Federico Negri <federico.negri@ansys.com>
Date: Mon, 22 Aug 2022 08:28:07 +0200
Subject: [PATCH 1/2] Re-enable Auth API

---
 ansys/rep/client/auth/api/auth_api.py  |  2 +-
 ansys/rep/client/auth/resource/user.py | 19 +++++++++++++++----
 tests/auth/test_api.py                 |  7 ++++---
 3 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/ansys/rep/client/auth/api/auth_api.py b/ansys/rep/client/auth/api/auth_api.py
index f5b743ba2..c9f427a74 100644
--- a/ansys/rep/client/auth/api/auth_api.py
+++ b/ansys/rep/client/auth/api/auth_api.py
@@ -107,7 +107,7 @@ def update_user(self, user, as_objects=True):
             user (:class:`ansys.rep.client.auth.User`): A User object. Defaults to None.
             as_objects (bool, optional): Defaults to True.
         """
-        return update_user(self, user, as_objects=as_objects)
+        return update_user(self.client, user, as_objects=as_objects)
 
     def delete_user(self, user):
         """Delete an existing user.
diff --git a/ansys/rep/client/auth/resource/user.py b/ansys/rep/client/auth/resource/user.py
index 2be397758..7fc40c829 100644
--- a/ansys/rep/client/auth/resource/user.py
+++ b/ansys/rep/client/auth/resource/user.py
@@ -7,7 +7,7 @@
 # ----------------------------------------------------------
 import logging
 
-from keycloak import KeycloakAdmin
+from keycloak import ConnectionManager, KeycloakAdmin
 
 from ansys.rep.client.jms.resource.base import Object
 
@@ -45,17 +45,28 @@ def __init__(self, **kwargs):
 
 
 def _admin_client(client):
-    raise NotImplementedError("KeycloakAdmin currently doesn't support a token auth workflow. TODO")
     keycloak_admin = KeycloakAdmin(
         server_url=client.auth_api_url,
         username=None,
         password=None,
         realm_name=client.realm,
-        # refresh_token=client.refresh_token,
-        # access_token=client.access_token,
         client_id=client.client_id,
         verify=False,
     )
+    keycloak_admin.token = {
+        "refresh_token": client.refresh_token,
+        "access_token": client.access_token,
+    }
+    headers = {
+        "Authorization": "Bearer " + client.access_token,
+        "Content-Type": "application/json",
+    }
+    keycloak_admin.connection = ConnectionManager(
+        base_url=keycloak_admin.server_url,
+        headers=headers,
+        timeout=60,
+        verify=keycloak_admin.verify,
+    )
     return keycloak_admin
 
 
diff --git a/tests/auth/test_api.py b/tests/auth/test_api.py
index b104feb80..d8ab838a3 100644
--- a/tests/auth/test_api.py
+++ b/tests/auth/test_api.py
@@ -6,6 +6,7 @@
 # Author(s): O.Koenig
 # ----------------------------------------------------------
 import logging
+import uuid
 
 from ansys.rep.client import Client
 from ansys.rep.client.auth import AuthApi, User
@@ -25,11 +26,11 @@ def test_auth_client(self):
             if user.username == self.username and not user.is_admin:
                 return
 
-        username = f"test_user_{self.run_id}"
+        username = f"test_user_{uuid.uuid4()}"
         new_user = User(
             username=username,
             password="test_auth_client",
-            email="test_auth_client@test.com",
+            email=f"{username}@test.com",
             first_name="Test",
             last_name="User",
         )
@@ -38,7 +39,7 @@ def test_auth_client(self):
         self.assertEqual(new_user.username, username)
         self.assertEqual(new_user.first_name, "Test")
         self.assertEqual(new_user.last_name, "User")
-        self.assertEqual(new_user.email, "test_auth_client@test.com")
+        self.assertEqual(new_user.email, f"{username}@test.com")
 
         new_user.email = "update_email@test.com"
         new_user.last_name = "Smith"

From 83c423590e63021d9133b06252818868beb13c9d Mon Sep 17 00:00:00 2001
From: Federico Negri <federico.negri@ansys.com>
Date: Mon, 22 Aug 2022 08:44:58 +0200
Subject: [PATCH 2/2] Simplify further

---
 ansys/rep/client/auth/api/auth_api.py  | 47 --------------------------
 ansys/rep/client/auth/resource/user.py | 22 ++++--------
 2 files changed, 7 insertions(+), 62 deletions(-)

diff --git a/ansys/rep/client/auth/api/auth_api.py b/ansys/rep/client/auth/api/auth_api.py
index c9f427a74..c83b2dd60 100644
--- a/ansys/rep/client/auth/api/auth_api.py
+++ b/ansys/rep/client/auth/api/auth_api.py
@@ -40,53 +40,6 @@ def __init__(self, client):
     def url(self):
         return f"{self.client.rep_url}/auth/"
 
-    # def __init__(
-    #     self,
-    #     rep_url,
-    #     *,
-    #     realm: str = "rep",
-    #     username: str = "repadmin",
-    #     password: str = "repadmin",
-    #     grant_type: str = "password",
-    #     scope="openid",
-    #     client_id: str = "rep-cli",
-    #     client_secret: str = None,
-    # ):
-
-    #     self.rep_url = rep_url
-    #     self.auth_api_url = self.rep_url + f"/auth/"
-
-    #     self.username = username
-    #     self.password = password
-    #     self.realm = realm
-    #     self.grant_type = grant_type
-    #     self.scope = scope
-    #     self.client_id = client_id
-    #     self.client_secret = client_secret
-
-    #     tokens = authenticate(
-    #         url=self.rep_url,
-    #         realm=realm,
-    #         grant_type=grant_type,
-    #         scope=scope,
-    #         client_id=client_id,
-    #         client_secret=client_secret,
-    #         username=username,
-    #         password=password,
-    #     )
-    #     self.access_token = tokens["access_token"]
-
-    #     self.session = create_session(self.access_token)
-    #     self.session.headers["content-type"] = "application/json"
-
-    #     # register hook to handle expiring of the refresh token
-    #     self.session.hooks["response"] = [raise_for_status]
-
-    # def get_api_info(self):
-    #     """Return info like version, build date etc of the Auth API the client is connected to."""
-    #     r = self.session.get(self.auth_api_url)
-    #     return r.json()
-
     def get_users(self, as_objects=True):
         """Return a list of users."""
         return get_users(self.client, as_objects=as_objects)
diff --git a/ansys/rep/client/auth/resource/user.py b/ansys/rep/client/auth/resource/user.py
index 7fc40c829..2cc0d0d58 100644
--- a/ansys/rep/client/auth/resource/user.py
+++ b/ansys/rep/client/auth/resource/user.py
@@ -7,7 +7,7 @@
 # ----------------------------------------------------------
 import logging
 
-from keycloak import ConnectionManager, KeycloakAdmin
+from keycloak import KeycloakAdmin
 
 from ansys.rep.client.jms.resource.base import Object
 
@@ -45,6 +45,11 @@ def __init__(self, **kwargs):
 
 
 def _admin_client(client):
+
+    custom_headers = {
+        "Authorization": "Bearer " + client.access_token,
+        "Content-Type": "application/json",
+    }
     keycloak_admin = KeycloakAdmin(
         server_url=client.auth_api_url,
         username=None,
@@ -52,20 +57,7 @@ def _admin_client(client):
         realm_name=client.realm,
         client_id=client.client_id,
         verify=False,
-    )
-    keycloak_admin.token = {
-        "refresh_token": client.refresh_token,
-        "access_token": client.access_token,
-    }
-    headers = {
-        "Authorization": "Bearer " + client.access_token,
-        "Content-Type": "application/json",
-    }
-    keycloak_admin.connection = ConnectionManager(
-        base_url=keycloak_admin.server_url,
-        headers=headers,
-        timeout=60,
-        verify=keycloak_admin.verify,
+        custom_headers=custom_headers,
     )
     return keycloak_admin