41 lines
1.6 KiB
YAML
41 lines
1.6 KiB
YAML
---
|
|
- name: "Get Realm for role"
|
|
uri:
|
|
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}"
|
|
method: GET
|
|
status_code:
|
|
- 200
|
|
headers:
|
|
Accept: "application/json"
|
|
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
|
register: client_role_realm
|
|
|
|
- name: Check if Mapping is available
|
|
uri:
|
|
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available"
|
|
method: GET
|
|
status_code:
|
|
- 200
|
|
headers:
|
|
Accept: "application/json"
|
|
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
|
register: client_role_user_available
|
|
|
|
- name: "Create Role Mapping"
|
|
uri:
|
|
url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}"
|
|
method: POST
|
|
body:
|
|
- id: "{{ item.id }}"
|
|
clientRole: "{{ item.clientRole }}"
|
|
containerId: "{{ item.containerId }}"
|
|
name: "{{ item.name }}"
|
|
composite: "{{ item.composite }}"
|
|
validate_certs: False
|
|
body_format: json
|
|
headers:
|
|
Authorization: "Bearer {{ keycloak_auth_response.json.access_token }}"
|
|
status_code: 204
|
|
loop: "{{ client_role_user_available.json | flatten }}"
|
|
when: item.name == client_role.role
|