mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
[PR #7698/702dd9bb backport][stable-8] improvements to the keycloak_realm_key module (#7768)
improvements to the keycloak_realm_key module (#7698)
* add support for rsa enc key usage, more algorithms, and make certficate optional
* fix formatting
* adding changelog fragment
* made suggested code changes based on review
* fix typo and be more clear
* revert certificate to previous defined settings
(cherry picked from commit 702dd9bbda
)
Co-authored-by: George Bolo <george.bolo@gmail.com>
This commit is contained in:
parent
21a7159472
commit
c596558846
2 changed files with 27 additions and 5 deletions
|
@ -0,0 +1,4 @@
|
||||||
|
minor_changes:
|
||||||
|
- keycloak_realm_key - the ``provider_id`` option now supports RSA encryption key usage (value ``rsa-enc``) (https://github.com/ansible-collections/community.general/pull/7698).
|
||||||
|
- keycloak_realm_key - the ``config.algorithm`` option now supports 8 additional key algorithms (https://github.com/ansible-collections/community.general/pull/7698).
|
||||||
|
- keycloak_realm_key - the ``config.certificate`` option value is no longer defined with ``no_log=True`` (https://github.com/ansible-collections/community.general/pull/7698).
|
|
@ -74,7 +74,8 @@ options:
|
||||||
provider_id:
|
provider_id:
|
||||||
description:
|
description:
|
||||||
- The name of the "provider ID" for the key.
|
- The name of the "provider ID" for the key.
|
||||||
choices: ['rsa']
|
- The value V(rsa-enc) has been added in community.general 8.2.0.
|
||||||
|
choices: ['rsa', 'rsa-enc']
|
||||||
default: 'rsa'
|
default: 'rsa'
|
||||||
type: str
|
type: str
|
||||||
config:
|
config:
|
||||||
|
@ -102,8 +103,10 @@ options:
|
||||||
algorithm:
|
algorithm:
|
||||||
description:
|
description:
|
||||||
- Key algorithm.
|
- Key algorithm.
|
||||||
|
- The values V(RS384), V(RS512), V(PS256), V(PS384), V(PS512), V(RSA1_5),
|
||||||
|
V(RSA-OAEP), V(RSA-OAEP-256) have been added in community.general 8.2.0.
|
||||||
default: RS256
|
default: RS256
|
||||||
choices: ['RS256']
|
choices: ['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512', 'RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256']
|
||||||
type: str
|
type: str
|
||||||
private_key:
|
private_key:
|
||||||
description:
|
description:
|
||||||
|
@ -154,6 +157,7 @@ EXAMPLES = '''
|
||||||
auth_realm: master
|
auth_realm: master
|
||||||
config:
|
config:
|
||||||
private_key: "{{ private_key }}"
|
private_key: "{{ private_key }}"
|
||||||
|
certificate: ""
|
||||||
enabled: true
|
enabled: true
|
||||||
active: true
|
active: true
|
||||||
priority: 120
|
priority: 120
|
||||||
|
@ -244,16 +248,30 @@ def main():
|
||||||
name=dict(type='str', required=True),
|
name=dict(type='str', required=True),
|
||||||
force=dict(type='bool', default=False),
|
force=dict(type='bool', default=False),
|
||||||
parent_id=dict(type='str', required=True),
|
parent_id=dict(type='str', required=True),
|
||||||
provider_id=dict(type='str', default='rsa', choices=['rsa']),
|
provider_id=dict(type='str', default='rsa', choices=['rsa', 'rsa-enc']),
|
||||||
config=dict(
|
config=dict(
|
||||||
type='dict',
|
type='dict',
|
||||||
options=dict(
|
options=dict(
|
||||||
active=dict(type='bool', default=True),
|
active=dict(type='bool', default=True),
|
||||||
enabled=dict(type='bool', default=True),
|
enabled=dict(type='bool', default=True),
|
||||||
priority=dict(type='int', required=True),
|
priority=dict(type='int', required=True),
|
||||||
algorithm=dict(type='str', default='RS256', choices=['RS256']),
|
algorithm=dict(
|
||||||
|
type="str",
|
||||||
|
default="RS256",
|
||||||
|
choices=[
|
||||||
|
"RS256",
|
||||||
|
"RS384",
|
||||||
|
"RS512",
|
||||||
|
"PS256",
|
||||||
|
"PS384",
|
||||||
|
"PS512",
|
||||||
|
"RSA1_5",
|
||||||
|
"RSA-OAEP",
|
||||||
|
"RSA-OAEP-256",
|
||||||
|
],
|
||||||
|
),
|
||||||
private_key=dict(type='str', required=True, no_log=True),
|
private_key=dict(type='str', required=True, no_log=True),
|
||||||
certificate=dict(type='str', required=True, no_log=True)
|
certificate=dict(type='str', required=True)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue