update keycloak_realm to test nicely with keycloak_quarkus
parent
419c862341
commit
cf92da9e94
|
@ -10,6 +10,7 @@ keycloak_rhsso_enable: False
|
|||
keycloak_admin_user: admin
|
||||
keycloak_auth_realm: master
|
||||
keycloak_auth_client: admin-cli
|
||||
keycloak_context: /auth
|
||||
|
||||
# administrator console password, this is a required variable
|
||||
keycloak_admin_password: ''
|
||||
|
|
|
@ -4,7 +4,12 @@ argument_specs:
|
|||
keycloak_host:
|
||||
# line 3 of keycloak_realm/defaults/main.yml
|
||||
default: "localhost"
|
||||
description: "hostname for rest calls"
|
||||
description: "Hostname for rest calls"
|
||||
type: "str"
|
||||
keycloak_context:
|
||||
# line 5 of keycloak_realm/defaults/main.yml
|
||||
default: "/auth"
|
||||
description: "Context path for rest calls"
|
||||
type: "str"
|
||||
keycloak_http_port:
|
||||
# line 4 of keycloak_realm/defaults/main.yml
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Generate keycloak auth token
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/realms/master/protocol/openid-connect/token"
|
||||
method: POST
|
||||
body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
|
||||
validate_certs: no
|
||||
|
@ -13,7 +13,7 @@
|
|||
|
||||
- name: "Determine if realm exists"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}"
|
||||
method: GET
|
||||
status_code:
|
||||
- 200
|
||||
|
@ -25,7 +25,7 @@
|
|||
|
||||
- name: Create Realm
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms"
|
||||
method: POST
|
||||
body: "{{ lookup('template','realm.json.j2') }}"
|
||||
validate_certs: no
|
||||
|
@ -37,7 +37,7 @@
|
|||
|
||||
- name: Create user federation
|
||||
community.general.keycloak_user_federation:
|
||||
auth_keycloak_url: "{{ keycloak_url }}/auth"
|
||||
auth_keycloak_url: "{{ keycloak_url }}{{ keycloak_context }}"
|
||||
auth_realm: "{{ keycloak_auth_realm }}"
|
||||
auth_username: "{{ keycloak_admin_user }}"
|
||||
auth_password: "{{ keycloak_admin_password }}"
|
||||
|
@ -56,7 +56,7 @@
|
|||
- name: Create or update a Keycloak client
|
||||
community.general.keycloak_client:
|
||||
auth_client_id: "{{ keycloak_auth_client }}"
|
||||
auth_keycloak_url: "{{ keycloak_url }}/auth"
|
||||
auth_keycloak_url: "{{ keycloak_url }}{{ keycloak_context }}"
|
||||
auth_realm: "{{ keycloak_auth_realm }}"
|
||||
auth_username: "{{ keycloak_admin_user }}"
|
||||
auth_password: "{{ keycloak_admin_password }}"
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
realm: "{{ client.realm }}"
|
||||
client_id: "{{ client.name }}"
|
||||
auth_client_id: "{{ keycloak_auth_client }}"
|
||||
auth_keycloak_url: "{{ keycloak_url }}/auth"
|
||||
auth_keycloak_url: "{{ keycloak_url }}{{ keycloak_context }}"
|
||||
auth_realm: "{{ keycloak_auth_realm }}"
|
||||
auth_username: "{{ keycloak_admin_user }}"
|
||||
auth_password: "{{ keycloak_admin_password }}"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: "Check if User Already Exists"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
validate_certs: no
|
||||
headers:
|
||||
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
||||
|
@ -9,7 +9,7 @@
|
|||
|
||||
- name: "Create User"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}/users"
|
||||
method: POST
|
||||
body:
|
||||
enabled: true
|
||||
|
@ -27,7 +27,7 @@
|
|||
|
||||
- name: "Get User"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
validate_certs: no
|
||||
headers:
|
||||
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
||||
|
@ -35,7 +35,7 @@
|
|||
|
||||
- name: "Update User Password"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users/{{ (keycloak_user.json | first).id }}/reset-password"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}/users/{{ (keycloak_user.json | first).id }}/reset-password"
|
||||
method: PUT
|
||||
body:
|
||||
type: password
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: "Get Realm for role"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ client_role.realm }}"
|
||||
method: GET
|
||||
status_code:
|
||||
- 200
|
||||
|
@ -12,7 +12,7 @@
|
|||
|
||||
- name: Check if Mapping is available
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available"
|
||||
method: GET
|
||||
status_code:
|
||||
- 200
|
||||
|
@ -23,7 +23,7 @@
|
|||
|
||||
- name: "Create Role Mapping"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}"
|
||||
method: POST
|
||||
body:
|
||||
- id: "{{ item.id }}"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: "Get User {{ user.username }}"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
|
||||
headers:
|
||||
validate_certs: no
|
||||
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
||||
|
@ -9,7 +9,7 @@
|
|||
|
||||
- name: Refresh keycloak auth token
|
||||
ansible.builtin.uri:
|
||||
url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
|
||||
url: "{{ keycloak_url }}{{ keycloak_context }}/realms/master/protocol/openid-connect/token"
|
||||
method: POST
|
||||
body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
|
||||
validate_certs: no
|
||||
|
|
Loading…
Reference in New Issue