2021-12-14 10:26:42 +00:00
|
|
|
---
|
|
|
|
|
- name: "Get User {{ user.username }}"
|
2022-02-24 14:00:10 +00:00
|
|
|
ansible.builtin.uri:
|
2021-12-14 10:26:42 +00:00
|
|
|
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
|
|
|
|
headers:
|
|
|
|
|
validate_certs: no
|
|
|
|
|
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
|
|
|
|
register: keycloak_user
|
|
|
|
|
|
|
|
|
|
- name: Refresh keycloak auth token
|
2022-02-24 14:00:10 +00:00
|
|
|
ansible.builtin.uri:
|
2021-12-14 10:26:42 +00:00
|
|
|
url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
|
|
|
|
|
method: POST
|
|
|
|
|
body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
|
|
|
|
|
validate_certs: no
|
|
|
|
|
register: keycloak_auth_response
|
2022-02-24 14:00:10 +00:00
|
|
|
no_log: True
|
2021-12-14 10:26:42 +00:00
|
|
|
until: keycloak_auth_response.status == 200
|
|
|
|
|
retries: 5
|
|
|
|
|
delay: 2
|
|
|
|
|
|
|
|
|
|
- name: "Manage Client Role Mapping for {{ user.username }}"
|
2022-02-24 14:00:10 +00:00
|
|
|
ansible.builtin.include_tasks: manage_user_client_roles.yml
|
2021-12-14 10:26:42 +00:00
|
|
|
loop: "{{ user.client_roles | flatten }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
loop_var: client_role
|
