From fb5047b605480c0903eeae919ea2671083434122 Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Wed, 9 Aug 2023 16:15:15 +0200 Subject: [PATCH] [PR #6931/91152cb1 backport][stable-7] Keycloak client secret (#7077) Keycloak client secret (#6931) * fixe missing secret at creation * Update doc * changelogs * Default protocol only when creation * Fix sanity test * Add documentation * Update plugins/modules/keycloak_client.py Co-authored-by: Felix Fontein --------- Co-authored-by: Andre Desrosiers Co-authored-by: Felix Fontein (cherry picked from commit 91152cb123661f12bd8a24270e03b076a242ab7c) Co-authored-by: desand01 --- .../6931-keycloak_client-inventory-bugfix.yml | 2 ++ plugins/modules/keycloak_client.py | 11 +++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/6931-keycloak_client-inventory-bugfix.yml diff --git a/changelogs/fragments/6931-keycloak_client-inventory-bugfix.yml b/changelogs/fragments/6931-keycloak_client-inventory-bugfix.yml new file mode 100644 index 0000000000..ebc520d7a4 --- /dev/null +++ b/changelogs/fragments/6931-keycloak_client-inventory-bugfix.yml @@ -0,0 +1,2 @@ +bugfixes: + - keycloak_client inventory plugin - fix missing client secret (https://github.com/ansible-collections/community.general/pull/6931). \ No newline at end of file diff --git a/plugins/modules/keycloak_client.py b/plugins/modules/keycloak_client.py index 6cb0a4ec98..870578138b 100644 --- a/plugins/modules/keycloak_client.py +++ b/plugins/modules/keycloak_client.py @@ -247,6 +247,7 @@ options: protocol: description: - Type of client. + - At creation only, default value will be V(openid-connect) if O(protocol) is omitted. type: str choices: ['openid-connect', 'saml'] @@ -721,6 +722,10 @@ from ansible.module_utils.basic import AnsibleModule import copy +PROTOCOL_OPENID_CONNECT = 'openid-connect' +PROTOCOL_SAML = 'saml' + + def normalise_cr(clientrep, remove_ids=False): """ Re-sorts any properties where the order so that diff's is minimised, and adds default values where appropriate so that the the change detection is more effective. @@ -779,7 +784,7 @@ def main(): consentText=dict(type='str'), id=dict(type='str'), name=dict(type='str'), - protocol=dict(type='str', choices=['openid-connect', 'saml']), + protocol=dict(type='str', choices=[PROTOCOL_OPENID_CONNECT, PROTOCOL_SAML]), protocolMapper=dict(type='str'), config=dict(type='dict'), ) @@ -813,7 +818,7 @@ def main(): authorization_services_enabled=dict(type='bool', aliases=['authorizationServicesEnabled']), public_client=dict(type='bool', aliases=['publicClient']), frontchannel_logout=dict(type='bool', aliases=['frontchannelLogout']), - protocol=dict(type='str', choices=['openid-connect', 'saml']), + protocol=dict(type='str', choices=[PROTOCOL_OPENID_CONNECT, PROTOCOL_SAML]), attributes=dict(type='dict'), full_scope_allowed=dict(type='bool', aliases=['fullScopeAllowed']), node_re_registration_timeout=dict(type='int', aliases=['nodeReRegistrationTimeout']), @@ -911,6 +916,8 @@ def main(): if 'clientId' not in desired_client: module.fail_json(msg='client_id needs to be specified when creating a new client') + if 'protocol' not in desired_client: + desired_client['protocol'] = PROTOCOL_OPENID_CONNECT if module._diff: result['diff'] = dict(before='', after=sanitize_cr(desired_client))