From 27fe14bfc12aa5ce312eaaa72383b62a3b781e90 Mon Sep 17 00:00:00 2001
From: Philippe Gauthier <philippe.gauthier@inspq.qc.ca>
Date: Mon, 29 May 2023 09:32:15 -0400
Subject: [PATCH] Fix get_user_by_username in keycloak library (#6568)

* Fix get_user_by_username in keycloak library for keycloak_user_rolemapping module

* Add changelog fragment for keycloak.py bug fix
---
 ...-get-user-by-username-in-keycloak-module-utils.yml |  2 ++
 plugins/module_utils/identity/keycloak/keycloak.py    | 11 +++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/fragments/6568-fix-get-user-by-username-in-keycloak-module-utils.yml

diff --git a/changelogs/fragments/6568-fix-get-user-by-username-in-keycloak-module-utils.yml b/changelogs/fragments/6568-fix-get-user-by-username-in-keycloak-module-utils.yml
new file mode 100644
index 0000000000..4983c507c5
--- /dev/null
+++ b/changelogs/fragments/6568-fix-get-user-by-username-in-keycloak-module-utils.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - keycloak module utils - the function ``get_user_by_username`` now return the user representation or ``None`` as stated in the documentation (https://github.com/ansible-collections/community.general/pull/6758).
diff --git a/plugins/module_utils/identity/keycloak/keycloak.py b/plugins/module_utils/identity/keycloak/keycloak.py
index 5443811d0b..c35ca43c2c 100644
--- a/plugins/module_utils/identity/keycloak/keycloak.py
+++ b/plugins/module_utils/identity/keycloak/keycloak.py
@@ -747,8 +747,15 @@ class KeycloakAPI(object):
         users_url = URL_USERS.format(url=self.baseurl, realm=realm)
         users_url += '?username=%s&exact=true' % username
         try:
-            return json.loads(to_native(open_url(users_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
-                                                 validate_certs=self.validate_certs).read()))
+            userrep = None
+            users = json.loads(to_native(open_url(users_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
+                                                  validate_certs=self.validate_certs).read()))
+            for user in users:
+                if user['username'] == username:
+                    userrep = user
+                    break
+            return userrep
+
         except ValueError as e:
             self.module.fail_json(msg='API returned incorrect JSON when trying to obtain the user for realm %s and username %s: %s'
                                       % (realm, username, str(e)))