ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Fix KeycloakAPI's missing http_agent, timeout, and validate_certs open_url() parameters (#7067)

Browse source 
* Fix KeycloakAPI's missing http_agent, timeout, and validate_certs open_url() parameters

* Add changelog fragment

* Update changelogs/fragments/7067-keycloak-api-paramerter-fix.yml

Following suggestion

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Loric Vandentempel 2023-08-11 13:21:41 +02:00 committed by GitHub
parent a8809401ee
commit e7a6412ec4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/7067-keycloak-api-paramerter-fix.yml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- keycloak module util - fix missing ``http_agent``, ``timeout``, and ``validate_certs`` ``open_url()`` parameters (https://github.com/ansible-collections/community.general/pull/7067).

44
plugins/module_utils/identity/keycloak/keycloak.py
View file

@ -777,7 +777,8 @@ class KeycloakAPI(object):
users_url += '?username=%s&exact=true' % username users_url += '?username=%s&exact=true' % username
try: try:
userrep = None userrep = None
users = json.loads(to_native(open_url(users_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout, users = json.loads(to_native(open_url(users_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs).read())) validate_certs=self.validate_certs).read()))
for user in users: for user in users:
if user['username'] == username: if user['username'] == username:
@ -803,7 +804,8 @@ class KeycloakAPI(object):
service_account_user_url = URL_CLIENT_SERVICE_ACCOUNT_USER.format(url=self.baseurl, realm=realm, id=cid) service_account_user_url = URL_CLIENT_SERVICE_ACCOUNT_USER.format(url=self.baseurl, realm=realm, id=cid)
try: try:
return json.loads(to_native(open_url(service_account_user_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout, return json.loads(to_native(open_url(service_account_user_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs).read())) validate_certs=self.validate_certs).read()))
except ValueError as e: except ValueError as e:
self.module.fail_json(msg='API returned incorrect JSON when trying to obtain the service-account-user for realm %s and client_id %s: %s' self.module.fail_json(msg='API returned incorrect JSON when trying to obtain the service-account-user for realm %s and client_id %s: %s'
@ -1347,7 +1349,8 @@ class KeycloakAPI(object):
clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id) clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id)
try: try:
return json.loads(to_native(open_url(clientsecret_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout, return json.loads(to_native(open_url(clientsecret_url, method='POST', http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs).read())) validate_certs=self.validate_certs).read()))
except HTTPError as e: except HTTPError as e:
@ -1370,7 +1373,8 @@ class KeycloakAPI(object):
clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id) clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id)
try: try:
return json.loads(to_native(open_url(clientsecret_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout, return json.loads(to_native(open_url(clientsecret_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs).read())) validate_certs=self.validate_certs).read()))
except HTTPError as e: except HTTPError as e:
@ -2678,7 +2682,9 @@ class KeycloakAPI(object):
open_url( open_url(
user_url, user_url,
method='GET', method='GET',
headers=self.restheaders)) http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs))
return userrep return userrep
except Exception as e: except Exception as e:
self.module.fail_json(msg='Could not get user %s in realm %s: %s' self.module.fail_json(msg='Could not get user %s in realm %s: %s'
@ -2700,8 +2706,10 @@ class KeycloakAPI(object):
realm=realm) realm=realm)
open_url(users_url, open_url(users_url,
method='POST', method='POST',
headers=self.restheaders, http_agent=self.http_agent, headers=self.restheaders,
data=json.dumps(userrep)) data=json.dumps(userrep),
timeout=self.connection_timeout,
validate_certs=self.validate_certs)
created_user = self.get_user_by_username( created_user = self.get_user_by_username(
username=userrep['username'], username=userrep['username'],
realm=realm) realm=realm)
@ -2744,8 +2752,10 @@ class KeycloakAPI(object):
open_url( open_url(
user_url, user_url,
method='PUT', method='PUT',
headers=self.restheaders, http_agent=self.http_agent, headers=self.restheaders,
data=json.dumps(userrep)) data=json.dumps(userrep),
timeout=self.connection_timeout,
validate_certs=self.validate_certs)
updated_user = self.get_user_by_id( updated_user = self.get_user_by_id(
user_id=userrep['id'], user_id=userrep['id'],
realm=realm) realm=realm)
@ -2769,7 +2779,9 @@ class KeycloakAPI(object):
return open_url( return open_url(
user_url, user_url,
method='DELETE', method='DELETE',
headers=self.restheaders) http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs)
except Exception as e: except Exception as e:
self.module.fail_json(msg='Could not delete user %s in realm %s: %s' self.module.fail_json(msg='Could not delete user %s in realm %s: %s'
% (user_id, realm, str(e))) % (user_id, realm, str(e)))
@ -2791,7 +2803,9 @@ class KeycloakAPI(object):
open_url( open_url(
user_groups_url, user_groups_url,
method='GET', method='GET',
headers=self.restheaders)) http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs))
for user_group in user_groups: for user_group in user_groups:
groups.append(user_group["name"]) groups.append(user_group["name"])
return groups return groups
@ -2816,7 +2830,9 @@ class KeycloakAPI(object):
return open_url( return open_url(
user_group_url, user_group_url,
method='PUT', method='PUT',
headers=self.restheaders) http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs)
except Exception as e: except Exception as e:
self.module.fail_json(msg='Could not add user %s in group %s in realm %s: %s' self.module.fail_json(msg='Could not add user %s in group %s in realm %s: %s'
% (user_id, group_id, realm, str(e))) % (user_id, group_id, realm, str(e)))
@ -2838,7 +2854,9 @@ class KeycloakAPI(object):
return open_url( return open_url(
user_group_url, user_group_url,
method='DELETE', method='DELETE',
headers=self.restheaders) http_agent=self.http_agent, headers=self.restheaders,
timeout=self.connection_timeout,
validate_certs=self.validate_certs)
except Exception as e: except Exception as e:
self.module.fail_json(msg='Could not remove user %s from group %s in realm %s: %s' self.module.fail_json(msg='Could not remove user %s from group %s in realm %s: %s'
% (user_id, group_id, realm, str(e))) % (user_id, group_id, realm, str(e)))