mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
* Updated keycloak.py to allow defining connection timeout value (#4168) (#2) * Added parameter to doc_fragments and edited the changelog message (#4168) * Added parameter to doc_fragments and edited the changelog message (#4168)
This commit is contained in:
Nikolas Laskaris
GitHub
parent
54b29208a2
commit
2498591695
3 changed files with 103 additions and 76 deletions
2
changelogs/fragments/4168-add-keycloak-url-timeout.yml
Normal file
2
changelogs/fragments/4168-add-keycloak-url-timeout.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- "keycloak_* modules - added connection timeout parameter when calling server (https://github.com/ansible-collections/community.general/pull/4168)."
|
||||||
|
|
@ -61,4 +61,11 @@ options:
|
||||||
- Verify TLS certificates (do not disable this in production).
|
- Verify TLS certificates (do not disable this in production).
|
||||||
type: bool
|
type: bool
|
||||||
default: yes
|
default: yes
|
||||||
|
|
||||||
|
connection_timeout:
|
||||||
|
description:
|
||||||
|
- Controls the HTTP connections timeout period (in seconds) to Keycloak API.
|
||||||
|
type: int
|
||||||
|
default: 10
|
||||||
|
version_added: 4.5.0
|
||||||
'''
|
'''
|
||||||
|
|
|
||||||
|
|
@ -102,6 +102,7 @@ def keycloak_argument_spec():
|
||||||
auth_username=dict(type='str', aliases=['username']),
|
auth_username=dict(type='str', aliases=['username']),
|
||||||
auth_password=dict(type='str', aliases=['password'], no_log=True),
|
auth_password=dict(type='str', aliases=['password'], no_log=True),
|
||||||
validate_certs=dict(type='bool', default=True),
|
validate_certs=dict(type='bool', default=True),
|
||||||
|
connection_timeout=dict(type='int', default=10),
|
||||||
token=dict(type='str', no_log=True),
|
token=dict(type='str', no_log=True),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -134,6 +135,7 @@ def get_token(module_params):
|
||||||
auth_username = module_params.get('auth_username')
|
auth_username = module_params.get('auth_username')
|
||||||
auth_password = module_params.get('auth_password')
|
auth_password = module_params.get('auth_password')
|
||||||
client_secret = module_params.get('auth_client_secret')
|
client_secret = module_params.get('auth_client_secret')
|
||||||
|
connection_timeout = module_params.get('connection_timeout')
|
||||||
auth_url = URL_TOKEN.format(url=base_url, realm=auth_realm)
|
auth_url = URL_TOKEN.format(url=base_url, realm=auth_realm)
|
||||||
temp_payload = {
|
temp_payload = {
|
||||||
'grant_type': 'password',
|
'grant_type': 'password',
|
||||||
|
|
@ -147,7 +149,7 @@ def get_token(module_params):
|
||||||
(k, v) for k, v in temp_payload.items() if v is not None)
|
(k, v) for k, v in temp_payload.items() if v is not None)
|
||||||
try:
|
try:
|
||||||
r = json.loads(to_native(open_url(auth_url, method='POST',
|
r = json.loads(to_native(open_url(auth_url, method='POST',
|
||||||
validate_certs=validate_certs,
|
validate_certs=validate_certs, timeout=connection_timeout,
|
||||||
data=urlencode(payload)).read()))
|
data=urlencode(payload)).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
raise KeycloakError(
|
raise KeycloakError(
|
||||||
|
|
@ -229,6 +231,7 @@ class KeycloakAPI(object):
|
||||||
self.module = module
|
self.module = module
|
||||||
self.baseurl = self.module.params.get('auth_keycloak_url')
|
self.baseurl = self.module.params.get('auth_keycloak_url')
|
||||||
self.validate_certs = self.module.params.get('validate_certs')
|
self.validate_certs = self.module.params.get('validate_certs')
|
||||||
|
self.connection_timeout = self.module.params.get('connection_timeout')
|
||||||
self.restheaders = connection_header
|
self.restheaders = connection_header
|
||||||
|
|
||||||
def get_realm_info_by_id(self, realm='master'):
|
def get_realm_info_by_id(self, realm='master'):
|
||||||
|
|
@ -240,7 +243,7 @@ class KeycloakAPI(object):
|
||||||
realm_info_url = URL_REALM_INFO.format(url=self.baseurl, realm=realm)
|
realm_info_url = URL_REALM_INFO.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(realm_info_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(realm_info_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -265,7 +268,7 @@ class KeycloakAPI(object):
|
||||||
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(realm_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(realm_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -290,7 +293,7 @@ class KeycloakAPI(object):
|
||||||
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(realm_url, method='PUT', headers=self.restheaders,
|
return open_url(realm_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(realmrep), validate_certs=self.validate_certs)
|
data=json.dumps(realmrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update realm %s: %s' % (realm, str(e)),
|
self.module.fail_json(msg='Could not update realm %s: %s' % (realm, str(e)),
|
||||||
|
|
@ -304,7 +307,7 @@ class KeycloakAPI(object):
|
||||||
realm_url = URL_REALMS.format(url=self.baseurl)
|
realm_url = URL_REALMS.format(url=self.baseurl)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(realm_url, method='POST', headers=self.restheaders,
|
return open_url(realm_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(realmrep), validate_certs=self.validate_certs)
|
data=json.dumps(realmrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create realm %s: %s' % (realmrep['id'], str(e)),
|
self.module.fail_json(msg='Could not create realm %s: %s' % (realmrep['id'], str(e)),
|
||||||
|
|
@ -319,7 +322,7 @@ class KeycloakAPI(object):
|
||||||
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
realm_url = URL_REALM.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(realm_url, method='DELETE', headers=self.restheaders,
|
return open_url(realm_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not delete realm %s: %s' % (realm, str(e)),
|
self.module.fail_json(msg='Could not delete realm %s: %s' % (realm, str(e)),
|
||||||
|
|
@ -337,7 +340,7 @@ class KeycloakAPI(object):
|
||||||
clientlist_url += '?clientId=%s' % filter
|
clientlist_url += '?clientId=%s' % filter
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(clientlist_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(clientlist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of clients for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of clients for realm %s: %s'
|
||||||
|
|
@ -368,7 +371,7 @@ class KeycloakAPI(object):
|
||||||
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(client_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(client_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -407,7 +410,7 @@ class KeycloakAPI(object):
|
||||||
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(client_url, method='PUT', headers=self.restheaders,
|
return open_url(client_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clientrep), validate_certs=self.validate_certs)
|
data=json.dumps(clientrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update client %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update client %s in realm %s: %s'
|
||||||
|
|
@ -422,7 +425,7 @@ class KeycloakAPI(object):
|
||||||
client_url = URL_CLIENTS.format(url=self.baseurl, realm=realm)
|
client_url = URL_CLIENTS.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(client_url, method='POST', headers=self.restheaders,
|
return open_url(client_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clientrep), validate_certs=self.validate_certs)
|
data=json.dumps(clientrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create client %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create client %s in realm %s: %s'
|
||||||
|
|
@ -438,7 +441,7 @@ class KeycloakAPI(object):
|
||||||
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
client_url = URL_CLIENT.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(client_url, method='DELETE', headers=self.restheaders,
|
return open_url(client_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not delete client %s in realm %s: %s'
|
self.module.fail_json(msg='Could not delete client %s in realm %s: %s'
|
||||||
|
|
@ -453,7 +456,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
client_roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
client_roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(client_roles_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(client_roles_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch rolemappings for client %s in realm %s: %s"
|
self.module.fail_json(msg="Could not fetch rolemappings for client %s in realm %s: %s"
|
||||||
|
|
@ -485,7 +488,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
||||||
try:
|
try:
|
||||||
rolemappings = json.loads(to_native(open_url(rolemappings_url, method="GET", headers=self.restheaders,
|
rolemappings = json.loads(to_native(open_url(rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
for role in rolemappings:
|
for role in rolemappings:
|
||||||
if rid == role['id']:
|
if rid == role['id']:
|
||||||
|
|
@ -505,7 +508,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_AVAILABLE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_AVAILABLE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
||||||
|
|
@ -521,7 +524,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_COMPOSITE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS_COMPOSITE.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(available_rolemappings_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
||||||
|
|
@ -538,7 +541,8 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
||||||
try:
|
try:
|
||||||
open_url(available_rolemappings_url, method="POST", headers=self.restheaders, data=json.dumps(role_rep), validate_certs=self.validate_certs)
|
open_url(available_rolemappings_url, method="POST", headers=self.restheaders, data=json.dumps(role_rep),
|
||||||
|
validate_certs=self.validate_certs, timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
self.module.fail_json(msg="Could not fetch available rolemappings for client %s in group %s, realm %s: %s"
|
||||||
% (cid, gid, realm, str(e)))
|
% (cid, gid, realm, str(e)))
|
||||||
|
|
@ -554,7 +558,8 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
available_rolemappings_url = URL_CLIENT_ROLEMAPPINGS.format(url=self.baseurl, realm=realm, id=gid, client=cid)
|
||||||
try:
|
try:
|
||||||
open_url(available_rolemappings_url, method="DELETE", headers=self.restheaders, validate_certs=self.validate_certs)
|
open_url(available_rolemappings_url, method="DELETE", headers=self.restheaders,
|
||||||
|
validate_certs=self.validate_certs, timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not delete available rolemappings for client %s in group %s, realm %s: %s"
|
self.module.fail_json(msg="Could not delete available rolemappings for client %s in group %s, realm %s: %s"
|
||||||
% (cid, gid, realm, str(e)))
|
% (cid, gid, realm, str(e)))
|
||||||
|
|
@ -568,7 +573,7 @@ class KeycloakAPI(object):
|
||||||
url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)
|
url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of client templates for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of client templates for realm %s: %s'
|
||||||
|
|
@ -587,7 +592,7 @@ class KeycloakAPI(object):
|
||||||
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, id=id, realm=realm)
|
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, id=id, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain client templates %s for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain client templates %s for realm %s: %s'
|
||||||
|
|
@ -633,7 +638,7 @@ class KeycloakAPI(object):
|
||||||
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)
|
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(url, method='PUT', headers=self.restheaders,
|
return open_url(url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clienttrep), validate_certs=self.validate_certs)
|
data=json.dumps(clienttrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update client template %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update client template %s in realm %s: %s'
|
||||||
|
|
@ -648,7 +653,7 @@ class KeycloakAPI(object):
|
||||||
url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)
|
url = URL_CLIENTTEMPLATES.format(url=self.baseurl, realm=realm)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(url, method='POST', headers=self.restheaders,
|
return open_url(url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clienttrep), validate_certs=self.validate_certs)
|
data=json.dumps(clienttrep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create client template %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create client template %s in realm %s: %s'
|
||||||
|
|
@ -664,7 +669,7 @@ class KeycloakAPI(object):
|
||||||
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)
|
url = URL_CLIENTTEMPLATE.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(url, method='DELETE', headers=self.restheaders,
|
return open_url(url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not delete client template %s in realm %s: %s'
|
self.module.fail_json(msg='Could not delete client template %s in realm %s: %s'
|
||||||
|
|
@ -681,7 +686,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
|
clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(clientscopes_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(clientscopes_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch list of clientscopes in realm %s: %s"
|
self.module.fail_json(msg="Could not fetch list of clientscopes in realm %s: %s"
|
||||||
|
|
@ -698,7 +703,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=cid)
|
clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(clientscope_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(clientscope_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -743,7 +748,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
|
clientscopes_url = URL_CLIENTSCOPES.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return open_url(clientscopes_url, method='POST', headers=self.restheaders,
|
return open_url(clientscopes_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clientscoperep), validate_certs=self.validate_certs)
|
data=json.dumps(clientscoperep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not create clientscope %s in realm %s: %s"
|
self.module.fail_json(msg="Could not create clientscope %s in realm %s: %s"
|
||||||
|
|
@ -758,7 +763,7 @@ class KeycloakAPI(object):
|
||||||
clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=clientscoperep['id'])
|
clientscope_url = URL_CLIENTSCOPE.format(url=self.baseurl, realm=realm, id=clientscoperep['id'])
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(clientscope_url, method='PUT', headers=self.restheaders,
|
return open_url(clientscope_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(clientscoperep), validate_certs=self.validate_certs)
|
data=json.dumps(clientscoperep), validate_certs=self.validate_certs)
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
@ -796,7 +801,7 @@ class KeycloakAPI(object):
|
||||||
# should have a good cid by here.
|
# should have a good cid by here.
|
||||||
clientscope_url = URL_CLIENTSCOPE.format(realm=realm, id=cid, url=self.baseurl)
|
clientscope_url = URL_CLIENTSCOPE.format(realm=realm, id=cid, url=self.baseurl)
|
||||||
try:
|
try:
|
||||||
return open_url(clientscope_url, method='DELETE', headers=self.restheaders,
|
return open_url(clientscope_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
@ -814,7 +819,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(id=cid, url=self.baseurl, realm=realm)
|
protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(id=cid, url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(protocolmappers_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(protocolmappers_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch list of protocolmappers in realm %s: %s"
|
self.module.fail_json(msg="Could not fetch list of protocolmappers in realm %s: %s"
|
||||||
|
|
@ -833,7 +838,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=pid)
|
protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=pid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(protocolmapper_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(protocolmapper_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -880,7 +885,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(url=self.baseurl, id=cid, realm=realm)
|
protocolmappers_url = URL_CLIENTSCOPE_PROTOCOLMAPPERS.format(url=self.baseurl, id=cid, realm=realm)
|
||||||
try:
|
try:
|
||||||
return open_url(protocolmappers_url, method='POST', headers=self.restheaders,
|
return open_url(protocolmappers_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(mapper_rep), validate_certs=self.validate_certs)
|
data=json.dumps(mapper_rep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not create protocolmapper %s in realm %s: %s"
|
self.module.fail_json(msg="Could not create protocolmapper %s in realm %s: %s"
|
||||||
|
|
@ -896,7 +901,7 @@ class KeycloakAPI(object):
|
||||||
protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=mapper_rep['id'])
|
protocolmapper_url = URL_CLIENTSCOPE_PROTOCOLMAPPER.format(url=self.baseurl, realm=realm, id=cid, mapper_id=mapper_rep['id'])
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(protocolmapper_url, method='PUT', headers=self.restheaders,
|
return open_url(protocolmapper_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(mapper_rep), validate_certs=self.validate_certs)
|
data=json.dumps(mapper_rep), validate_certs=self.validate_certs)
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
@ -913,7 +918,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
|
groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not fetch list of groups in realm %s: %s"
|
self.module.fail_json(msg="Could not fetch list of groups in realm %s: %s"
|
||||||
|
|
@ -930,7 +935,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
groups_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=gid)
|
groups_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=gid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(groups_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
|
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
|
|
@ -976,7 +981,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
|
groups_url = URL_GROUPS.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return open_url(groups_url, method='POST', headers=self.restheaders,
|
return open_url(groups_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(grouprep), validate_certs=self.validate_certs)
|
data=json.dumps(grouprep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Could not create group %s in realm %s: %s"
|
self.module.fail_json(msg="Could not create group %s in realm %s: %s"
|
||||||
|
|
@ -991,7 +996,7 @@ class KeycloakAPI(object):
|
||||||
group_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=grouprep['id'])
|
group_url = URL_GROUP.format(url=self.baseurl, realm=realm, groupid=grouprep['id'])
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(group_url, method='PUT', headers=self.restheaders,
|
return open_url(group_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(grouprep), validate_certs=self.validate_certs)
|
data=json.dumps(grouprep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update group %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update group %s in realm %s: %s'
|
||||||
|
|
@ -1028,7 +1033,7 @@ class KeycloakAPI(object):
|
||||||
# should have a good groupid by here.
|
# should have a good groupid by here.
|
||||||
group_url = URL_GROUP.format(realm=realm, groupid=groupid, url=self.baseurl)
|
group_url = URL_GROUP.format(realm=realm, groupid=groupid, url=self.baseurl)
|
||||||
try:
|
try:
|
||||||
return open_url(group_url, method='DELETE', headers=self.restheaders,
|
return open_url(group_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to delete group %s: %s" % (groupid, str(e)))
|
self.module.fail_json(msg="Unable to delete group %s: %s" % (groupid, str(e)))
|
||||||
|
|
@ -1041,7 +1046,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
rolelist_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
|
rolelist_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for realm %s: %s'
|
||||||
|
|
@ -1059,7 +1064,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
|
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
if e.code == 404:
|
if e.code == 404:
|
||||||
|
|
@ -1079,7 +1084,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
roles_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
|
roles_url = URL_REALM_ROLES.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return open_url(roles_url, method='POST', headers=self.restheaders,
|
return open_url(roles_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create role %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create role %s in realm %s: %s'
|
||||||
|
|
@ -1093,7 +1098,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(rolerep['name']))
|
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(rolerep['name']))
|
||||||
try:
|
try:
|
||||||
return open_url(role_url, method='PUT', headers=self.restheaders,
|
return open_url(role_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update role %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update role %s in realm %s: %s'
|
||||||
|
|
@ -1107,7 +1112,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
|
role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
|
||||||
try:
|
try:
|
||||||
return open_url(role_url, method='DELETE', headers=self.restheaders,
|
return open_url(role_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Unable to delete role %s in realm %s: %s'
|
self.module.fail_json(msg='Unable to delete role %s in realm %s: %s'
|
||||||
|
|
@ -1126,7 +1131,7 @@ class KeycloakAPI(object):
|
||||||
% (clientid, realm))
|
% (clientid, realm))
|
||||||
rolelist_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
rolelist_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(rolelist_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for client %s in realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of roles for client %s in realm %s: %s'
|
||||||
|
|
@ -1150,7 +1155,7 @@ class KeycloakAPI(object):
|
||||||
% (clientid, realm))
|
% (clientid, realm))
|
||||||
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
|
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(role_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
if e.code == 404:
|
if e.code == 404:
|
||||||
|
|
@ -1176,7 +1181,7 @@ class KeycloakAPI(object):
|
||||||
% (clientid, realm))
|
% (clientid, realm))
|
||||||
roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
roles_url = URL_CLIENT_ROLES.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return open_url(roles_url, method='POST', headers=self.restheaders,
|
return open_url(roles_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create role %s for client %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create role %s for client %s in realm %s: %s'
|
||||||
|
|
@ -1196,7 +1201,7 @@ class KeycloakAPI(object):
|
||||||
% (clientid, realm))
|
% (clientid, realm))
|
||||||
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep['name']))
|
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep['name']))
|
||||||
try:
|
try:
|
||||||
return open_url(role_url, method='PUT', headers=self.restheaders,
|
return open_url(role_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
data=json.dumps(rolerep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update role %s for client %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update role %s for client %s in realm %s: %s'
|
||||||
|
|
@ -1215,7 +1220,7 @@ class KeycloakAPI(object):
|
||||||
% (clientid, realm))
|
% (clientid, realm))
|
||||||
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
|
role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
|
||||||
try:
|
try:
|
||||||
return open_url(role_url, method='DELETE', headers=self.restheaders,
|
return open_url(role_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Unable to delete role %s for client %s in realm %s: %s'
|
self.module.fail_json(msg='Unable to delete role %s for client %s in realm %s: %s'
|
||||||
|
|
@ -1231,7 +1236,8 @@ class KeycloakAPI(object):
|
||||||
try:
|
try:
|
||||||
authentication_flow = {}
|
authentication_flow = {}
|
||||||
# Check if the authentication flow exists on the Keycloak serveraders
|
# Check if the authentication flow exists on the Keycloak serveraders
|
||||||
authentications = json.load(open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl, realm=realm), method='GET', headers=self.restheaders))
|
authentications = json.load(open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl, realm=realm), method='GET',
|
||||||
|
headers=self.restheaders, timeout=self.connection_timeout))
|
||||||
for authentication in authentications:
|
for authentication in authentications:
|
||||||
if authentication["alias"] == alias:
|
if authentication["alias"] == alias:
|
||||||
authentication_flow = authentication
|
authentication_flow = authentication
|
||||||
|
|
@ -1250,7 +1256,7 @@ class KeycloakAPI(object):
|
||||||
flow_url = URL_AUTHENTICATION_FLOW.format(url=self.baseurl, realm=realm, id=id)
|
flow_url = URL_AUTHENTICATION_FLOW.format(url=self.baseurl, realm=realm, id=id)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return open_url(flow_url, method='DELETE', headers=self.restheaders,
|
return open_url(flow_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not delete authentication flow %s in realm %s: %s'
|
self.module.fail_json(msg='Could not delete authentication flow %s in realm %s: %s'
|
||||||
|
|
@ -1274,13 +1280,15 @@ class KeycloakAPI(object):
|
||||||
copyfrom=quote(config["copyFrom"])),
|
copyfrom=quote(config["copyFrom"])),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(new_name))
|
data=json.dumps(new_name),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
flow_list = json.load(
|
flow_list = json.load(
|
||||||
open_url(
|
open_url(
|
||||||
URL_AUTHENTICATION_FLOWS.format(url=self.baseurl,
|
URL_AUTHENTICATION_FLOWS.format(url=self.baseurl,
|
||||||
realm=realm),
|
realm=realm),
|
||||||
method='GET',
|
method='GET',
|
||||||
headers=self.restheaders))
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout))
|
||||||
for flow in flow_list:
|
for flow in flow_list:
|
||||||
if flow["alias"] == config["alias"]:
|
if flow["alias"] == config["alias"]:
|
||||||
return flow
|
return flow
|
||||||
|
|
@ -1309,14 +1317,16 @@ class KeycloakAPI(object):
|
||||||
realm=realm),
|
realm=realm),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(new_flow))
|
data=json.dumps(new_flow),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
flow_list = json.load(
|
flow_list = json.load(
|
||||||
open_url(
|
open_url(
|
||||||
URL_AUTHENTICATION_FLOWS.format(
|
URL_AUTHENTICATION_FLOWS.format(
|
||||||
url=self.baseurl,
|
url=self.baseurl,
|
||||||
realm=realm),
|
realm=realm),
|
||||||
method='GET',
|
method='GET',
|
||||||
headers=self.restheaders))
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout))
|
||||||
for flow in flow_list:
|
for flow in flow_list:
|
||||||
if flow["alias"] == config["alias"]:
|
if flow["alias"] == config["alias"]:
|
||||||
return flow
|
return flow
|
||||||
|
|
@ -1340,7 +1350,8 @@ class KeycloakAPI(object):
|
||||||
flowalias=quote(flowAlias)),
|
flowalias=quote(flowAlias)),
|
||||||
method='PUT',
|
method='PUT',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(updatedExec))
|
data=json.dumps(updatedExec),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to update executions %s: %s" % (updatedExec, str(e)))
|
self.module.fail_json(msg="Unable to update executions %s: %s" % (updatedExec, str(e)))
|
||||||
|
|
||||||
|
|
@ -1359,7 +1370,8 @@ class KeycloakAPI(object):
|
||||||
id=executionId),
|
id=executionId),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(authenticationConfig))
|
data=json.dumps(authenticationConfig),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to add authenticationConfig %s: %s" % (executionId, str(e)))
|
self.module.fail_json(msg="Unable to add authenticationConfig %s: %s" % (executionId, str(e)))
|
||||||
|
|
||||||
|
|
@ -1382,7 +1394,8 @@ class KeycloakAPI(object):
|
||||||
flowalias=quote(flowAlias)),
|
flowalias=quote(flowAlias)),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(newSubFlow))
|
data=json.dumps(newSubFlow),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to create new subflow %s: %s" % (subflowName, str(e)))
|
self.module.fail_json(msg="Unable to create new subflow %s: %s" % (subflowName, str(e)))
|
||||||
|
|
||||||
|
|
@ -1404,7 +1417,8 @@ class KeycloakAPI(object):
|
||||||
flowalias=quote(flowAlias)),
|
flowalias=quote(flowAlias)),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders,
|
headers=self.restheaders,
|
||||||
data=json.dumps(newExec))
|
data=json.dumps(newExec),
|
||||||
|
timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to create new execution %s: %s" % (execution["provider"], str(e)))
|
self.module.fail_json(msg="Unable to create new execution %s: %s" % (execution["provider"], str(e)))
|
||||||
|
|
||||||
|
|
@ -1425,7 +1439,8 @@ class KeycloakAPI(object):
|
||||||
realm=realm,
|
realm=realm,
|
||||||
id=executionId),
|
id=executionId),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders)
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout)
|
||||||
elif diff < 0:
|
elif diff < 0:
|
||||||
for i in range(-diff):
|
for i in range(-diff):
|
||||||
open_url(
|
open_url(
|
||||||
|
|
@ -1434,7 +1449,8 @@ class KeycloakAPI(object):
|
||||||
realm=realm,
|
realm=realm,
|
||||||
id=executionId),
|
id=executionId),
|
||||||
method='POST',
|
method='POST',
|
||||||
headers=self.restheaders)
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg="Unable to change execution priority %s: %s" % (executionId, str(e)))
|
self.module.fail_json(msg="Unable to change execution priority %s: %s" % (executionId, str(e)))
|
||||||
|
|
||||||
|
|
@ -1454,7 +1470,8 @@ class KeycloakAPI(object):
|
||||||
realm=realm,
|
realm=realm,
|
||||||
flowalias=quote(config["alias"])),
|
flowalias=quote(config["alias"])),
|
||||||
method='GET',
|
method='GET',
|
||||||
headers=self.restheaders))
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout))
|
||||||
for execution in executions:
|
for execution in executions:
|
||||||
if "authenticationConfig" in execution:
|
if "authenticationConfig" in execution:
|
||||||
execConfigId = execution["authenticationConfig"]
|
execConfigId = execution["authenticationConfig"]
|
||||||
|
|
@ -1465,7 +1482,8 @@ class KeycloakAPI(object):
|
||||||
realm=realm,
|
realm=realm,
|
||||||
id=execConfigId),
|
id=execConfigId),
|
||||||
method='GET',
|
method='GET',
|
||||||
headers=self.restheaders))
|
headers=self.restheaders,
|
||||||
|
timeout=self.connection_timeout))
|
||||||
execution["authenticationConfig"] = execConfig
|
execution["authenticationConfig"] = execConfig
|
||||||
return executions
|
return executions
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
@ -1479,7 +1497,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
|
idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(idps_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(idps_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity providers for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity providers for realm %s: %s'
|
||||||
|
|
@ -1496,7 +1514,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
|
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(idp_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(idp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
if e.code == 404:
|
if e.code == 404:
|
||||||
|
|
@ -1516,7 +1534,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
|
idps_url = URL_IDENTITY_PROVIDERS.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
return open_url(idps_url, method='POST', headers=self.restheaders,
|
return open_url(idps_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(idprep), validate_certs=self.validate_certs)
|
data=json.dumps(idprep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create identity provider %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create identity provider %s in realm %s: %s'
|
||||||
|
|
@ -1530,7 +1548,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=idprep['alias'])
|
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=idprep['alias'])
|
||||||
try:
|
try:
|
||||||
return open_url(idp_url, method='PUT', headers=self.restheaders,
|
return open_url(idp_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(idprep), validate_certs=self.validate_certs)
|
data=json.dumps(idprep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update identity provider %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update identity provider %s in realm %s: %s'
|
||||||
|
|
@ -1543,7 +1561,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
|
idp_url = URL_IDENTITY_PROVIDER.format(url=self.baseurl, realm=realm, alias=alias)
|
||||||
try:
|
try:
|
||||||
return open_url(idp_url, method='DELETE', headers=self.restheaders,
|
return open_url(idp_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Unable to delete identity provider %s in realm %s: %s'
|
self.module.fail_json(msg='Unable to delete identity provider %s in realm %s: %s'
|
||||||
|
|
@ -1557,7 +1575,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
|
mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(mappers_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(mappers_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity provider mappers for idp %s in realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of identity provider mappers for idp %s in realm %s: %s'
|
||||||
|
|
@ -1575,7 +1593,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
|
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(mapper_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(mapper_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
if e.code == 404:
|
if e.code == 404:
|
||||||
|
|
@ -1596,7 +1614,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
|
mappers_url = URL_IDENTITY_PROVIDER_MAPPERS.format(url=self.baseurl, realm=realm, alias=alias)
|
||||||
try:
|
try:
|
||||||
return open_url(mappers_url, method='POST', headers=self.restheaders,
|
return open_url(mappers_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(mapper), validate_certs=self.validate_certs)
|
data=json.dumps(mapper), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create identity provider mapper %s for idp %s in realm %s: %s'
|
self.module.fail_json(msg='Could not create identity provider mapper %s for idp %s in realm %s: %s'
|
||||||
|
|
@ -1611,7 +1629,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mapper['id'])
|
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mapper['id'])
|
||||||
try:
|
try:
|
||||||
return open_url(mapper_url, method='PUT', headers=self.restheaders,
|
return open_url(mapper_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(mapper), validate_certs=self.validate_certs)
|
data=json.dumps(mapper), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update mapper %s for identity provider %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update mapper %s for identity provider %s in realm %s: %s'
|
||||||
|
|
@ -1625,7 +1643,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
|
mapper_url = URL_IDENTITY_PROVIDER_MAPPER.format(url=self.baseurl, realm=realm, alias=alias, id=mid)
|
||||||
try:
|
try:
|
||||||
return open_url(mapper_url, method='DELETE', headers=self.restheaders,
|
return open_url(mapper_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Unable to delete mapper %s for identity provider %s in realm %s: %s'
|
self.module.fail_json(msg='Unable to delete mapper %s for identity provider %s in realm %s: %s'
|
||||||
|
|
@ -1642,7 +1660,7 @@ class KeycloakAPI(object):
|
||||||
comps_url += '?%s' % filter
|
comps_url += '?%s' % filter
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(comps_url, method='GET', headers=self.restheaders,
|
return json.loads(to_native(open_url(comps_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except ValueError as e:
|
except ValueError as e:
|
||||||
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of components for realm %s: %s'
|
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain list of components for realm %s: %s'
|
||||||
|
|
@ -1659,7 +1677,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except HTTPError as e:
|
except HTTPError as e:
|
||||||
if e.code == 404:
|
if e.code == 404:
|
||||||
|
|
@ -1679,13 +1697,13 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
comps_url = URL_COMPONENTS.format(url=self.baseurl, realm=realm)
|
comps_url = URL_COMPONENTS.format(url=self.baseurl, realm=realm)
|
||||||
try:
|
try:
|
||||||
resp = open_url(comps_url, method='POST', headers=self.restheaders,
|
resp = open_url(comps_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(comprep), validate_certs=self.validate_certs)
|
data=json.dumps(comprep), validate_certs=self.validate_certs)
|
||||||
comp_url = resp.getheader('Location')
|
comp_url = resp.getheader('Location')
|
||||||
if comp_url is None:
|
if comp_url is None:
|
||||||
self.module.fail_json(msg='Could not create component in realm %s: %s'
|
self.module.fail_json(msg='Could not create component in realm %s: %s'
|
||||||
% (realm, 'unexpected response'))
|
% (realm, 'unexpected response'))
|
||||||
return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders,
|
return json.loads(to_native(open_url(comp_url, method="GET", headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs).read()))
|
validate_certs=self.validate_certs).read()))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not create component in realm %s: %s'
|
self.module.fail_json(msg='Could not create component in realm %s: %s'
|
||||||
|
|
@ -1702,7 +1720,7 @@ class KeycloakAPI(object):
|
||||||
self.module.fail_json(msg='Cannot update component without id')
|
self.module.fail_json(msg='Cannot update component without id')
|
||||||
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return open_url(comp_url, method='PUT', headers=self.restheaders,
|
return open_url(comp_url, method='PUT', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
data=json.dumps(comprep), validate_certs=self.validate_certs)
|
data=json.dumps(comprep), validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Could not update component %s in realm %s: %s'
|
self.module.fail_json(msg='Could not update component %s in realm %s: %s'
|
||||||
|
|
@ -1715,7 +1733,7 @@ class KeycloakAPI(object):
|
||||||
"""
|
"""
|
||||||
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
comp_url = URL_COMPONENT.format(url=self.baseurl, realm=realm, id=cid)
|
||||||
try:
|
try:
|
||||||
return open_url(comp_url, method='DELETE', headers=self.restheaders,
|
return open_url(comp_url, method='DELETE', headers=self.restheaders, timeout=self.connection_timeout,
|
||||||
validate_certs=self.validate_certs)
|
validate_certs=self.validate_certs)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
self.module.fail_json(msg='Unable to delete component %s in realm %s: %s'
|
self.module.fail_json(msg='Unable to delete component %s in realm %s: %s'
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue