Skip to content

Keycloak in 2.8 stable get token #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ndclt wants to merge 79 commits into
base: stable-2.8
Choose a base branch
from
Open

Keycloak in 2.8 stable get token #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
79 commits
Select commit Hold shift + click to select a range
9b9987a
Add new module managing keycloak user
ndclt Feb 6, 2019
336385a
Add new module managing keycloak role
ndclt Feb 19, 2019
7d9e325
Add new module managing keycloak user
ndclt Feb 6, 2019
65af8dc
Create module mapping role and group in keycloak
ndclt Apr 18, 2019
b62f625
style: pep8 role
ndclt May 15, 2019
357e3cc
keycloak_scopes for Keycloak scope mapping configuration via ansible
eikef Dec 13, 2017
07883b3
keycloak_realm
eikef Feb 2, 2018
4c21e5d
dev: add credentials for user
ndclt Jun 3, 2019
ec1d103
test: add role already in client
ndclt Jun 6, 2019
89a0ef6
dev: manage role in client edge case
ndclt Jun 6, 2019
b818182
doc: add a value to user_secret in example
ndclt Jun 7, 2019
ab82d3c
extract the keycloak authentification into a dedicated class
ndclt Jun 7, 2019
e6d4045
pep8
ndclt Jun 10, 2019
62de0c1
test: change waited error
ndclt Jun 10, 2019
3840491
Update .github/BOTMETA.yml
ndclt Jun 12, 2019
5439e36
dev: add federation crud
ndclt Jun 10, 2019
5112932
refactor: delete duplicates function
ndclt Jun 13, 2019
28575d4
refactor: apply auth header to scope module
ndclt Jun 13, 2019
9088a06
refactor: apply auth header to group-role mapping
ndclt Jun 13, 2019
43e7a9a
refactor: apply auth header to realm module
ndclt Jun 13, 2019
600fb2b
refactor: apply auth header to role module
ndclt Jun 13, 2019
516e02e
refactor: apply auth header to user module
ndclt Jun 13, 2019
b878b36
refactor: change import for client scope module
ndclt Jun 13, 2019
83f9f93
refactor: change import for group module
ndclt Jun 13, 2019
6166127
refactor: change import for realm module
ndclt Jun 13, 2019
6b32969
doc: add playbook example
ndclt Jun 13, 2019
5ede643
test: change patched function for group-role mapping
ndclt Jun 14, 2019
ec064bd
test: change patched function for role module
ndclt Jun 14, 2019
452f025
test: change patched function for user module
ndclt Jun 14, 2019
2c15fc7
doc: LdapFederation class
ndclt Jun 14, 2019
2fe6af2
doc: add ansible documentation variables
ndclt Jun 14, 2019
1d673cb
dev: change type of user_object_classes from str to list
ndclt Jun 14, 2019
36fa5df
test: check that a connection check during update use existing parame…
ndclt Jun 14, 2019
e208b40
test: put value in list for federation given in mock
ndclt Jun 14, 2019
4ab3463
dev: get the existing value if the ansible parameter value is not given
ndclt Jun 14, 2019
c48cd37
test: check that credentials value is no_log
ndclt Jun 18, 2019
f2207cc
dev: add 'value' in credential key to set at no_log
ndclt Jun 18, 2019
ad3c763
add keycloak_module for linking user and group
ndclt Jun 14, 2019
938f5f5
Delete double declared mock
ndclt Jun 18, 2019
c7cfcc3
doc: change key user_secret to value
ndclt Jun 24, 2019
b0022b5
doc: delete last role staying
ndclt Jun 24, 2019
d037b0e
dev: delete print
ndclt Jun 24, 2019
ffaef52
dev: use to_text for creating messages
ndclt Jun 24, 2019
4cc22dc
update documentation
ndclt Jun 24, 2019
c01fe0a
dev: correct error message
ndclt Jun 24, 2019
9d64b55
wip: trying to fix the not updating federation
ndclt Jun 24, 2019
03284ca
test: add test for checking mandatory keys for synchronization
ndclt Jun 25, 2019
1404e5e
dev: first straight solution
ndclt Jun 25, 2019
d1fa055
test: check the value of syncRegistrations
ndclt Jun 25, 2019
53b6f4d
test: update waited values
ndclt Jun 25, 2019
ce477dc
dev: update values to push from existing values in the federation
ndclt Jun 25, 2019
96c178f
dev: add new parameter
ndclt Jun 25, 2019
ca09c0c
style: reformat with black
ndclt Jun 25, 2019
0901d97
test: update waited values
ndclt Jun 25, 2019
b468763
dev: add synchronization parameters
ndclt Jun 25, 2019
b19c00c
dev: add parameters validate_password_policy, read_timeout, connectio…
ndclt Jun 26, 2019
a5d1c33
test: change reference result
ndclt Jun 26, 2019
267a4a3
create federation synchronization module
ndclt Jun 26, 2019
f84b8b5
test: change the mocked url in order to be closer from the real situa…
ndclt Jun 27, 2019
1fd15bd
dev: manage json decode error
ndclt Jun 27, 2019
ba86d38
dev: don't add in the configuration the test_authentication
ndclt Jul 2, 2019
dfb3d78
dev: delete enable parameter
ndclt Sep 5, 2019
d02747e
refactor: get the function from devel
ndclt Sep 9, 2019
635fd76
refactor: restheader is directly the dict not an object
ndclt Sep 9, 2019
0b5d49b
refactor: use the get_token function
ndclt Sep 9, 2019
f1d3f43
dev: delete duplicated lines
ndclt Sep 9, 2019
24ea1de
refactor: again delete duplicated functions
ndclt Sep 9, 2019
73023d9
refactor: use the generic function created for synchronization ldap
ndclt Sep 10, 2019
eadb550
delete unwanted file
ndclt Sep 10, 2019
704b65e
test: better json response
ndclt Sep 12, 2019
29a5f90
feature: add a synchronization between keycloak and an existing feder…
ndclt Jun 26, 2019
dfb12ae
feature: CRUD group ldap mapper
ndclt Jun 26, 2019
d1545a0
refactor: use a function managing wanted state for any Keycloak repre…
ndclt Sep 17, 2019
86b3c82
feature: CRUD for keycloak ldap role mapper
ndclt Sep 18, 2019
85acfdc
refactor: factorize FederationGroupMapper and FederationRoleMapper cl…
ndclt Sep 23, 2019
716aa66
feature: create CRUD user attribute mapper module
ndclt Sep 23, 2019
881ddb1
feature: create CRUD full name ldap mapper
ndclt Sep 24, 2019
8d25c29
fix: forgot during cherry-pick
ndclt Sep 25, 2019
288a36e
dev: ldap_federation: delete the import_enable parameter
ndclt Sep 26, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions .github/BOTMETA.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -694,8 +694,9 @@ files:
labels:
- clustering
- k8s
$module_utils/keycloak.py:
maintainers: eikef
$module_utils/identity/keycloak/:
maintainers: eikef
support: community
$module_utils/kubevirt.py: *kubevirt
$module_utils/manageiq.py:
maintainers: $team_manageiq
Expand Down
2 changes: 2 additions & 0 deletions changelogs/fragments/keycloak-add-ldap-synchronisation-module.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
minor_changes:
- keycloak_ldap_synchronisation - add a new module synchronizing the content of the LDAP server with keycloak
Empty file added lib/ansible/module_utils/identity/__init__.py
View file
Open in desktop
Empty file.
Empty file added lib/ansible/module_utils/identity/keycloak/__init__.py
View file
Open in desktop
Empty file.
92 changes: 92 additions & 0 deletions lib/ansible/module_utils/identity/keycloak/crud.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
# Copyright: (c) 2018, Nicolas Duclert <nicolas.duclert@metronlab.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function

from ansible.module_utils._text import to_text

__metaclass__ = type


def crud_with_instance(instance_to_crud, result_key):
"""Function managing actions from the wanted state given by the user.

:param instance_to_crud: a class with the following functions:
* delete: a function deleting the object on Keycloak,
* update: a function updating the object on Keycolak,
* create: a function creating the object on Keycloak,
and the following properties:
* module: the ansible module,
* initial_representation: the initial state of the instance on the Keycloak,
* representation: the state of the instance at the line of the program (this property do a new
call to Keycloak),
* description: the nature of the instance and its given id (mainly name or uuid).
:param result_key: the key name where the final representation will be written
:return: a dictionary with three keys:
* changed: if the Keycloak object has been modified,
* msg: a text message resuming the action done,
* result_key: the final representation of the object.
"""
module = instance_to_crud.module
waited_state = module.params.get('state')

if waited_state == 'absent':
if instance_to_crud.initial_representation:
if not module.check_mode:
instance_to_crud.delete()
result = {
'changed': True,
'msg': '{description} deleted.'.format(
description=instance_to_crud.description.capitalize(),
),
result_key: {},
}
else:
result = {
'changed': False,
'msg': '{description} does not exist, doing nothing.'.format(
description=instance_to_crud.description.capitalize()
),
result_key: {},
}
else:
if instance_to_crud.initial_representation:
if module.check_mode:
payload = instance_to_crud.update(check=True)
else:
payload = instance_to_crud.update()
if payload:
result = {
'msg': to_text(
'{description} updated.'.format(
description=instance_to_crud.description.capitalize()
)
),
'changed': True,
result_key: instance_to_crud.representation,
}
else:
result = {
'changed': False,
'msg': '{description} up to date, doing nothing.'.format(
description=instance_to_crud.description.capitalize()
),
result_key: instance_to_crud.initial_representation,
}
else:
if module.check_mode:
payload = instance_to_crud.create(check=True)
else:
instance_to_crud.create()
payload = instance_to_crud.representation

result = {
'msg': to_text(
'{description} created.'.format(
description=instance_to_crud.description.capitalize()
)
),
'changed': True,
result_key: payload,
}

return result
Loading