1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/tests/integration/targets/keycloak_identity_provider/tasks/main.yml
Laurent Paumier 97e2c3dec9
Keycloak: add identity providers management ()
* init new module

* update

* add mappers

* improve mappers

* tests

* fix tests

* fix tests

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/identity/keycloak/keycloak_identity_provider.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* fix typos

* update botmeta

* improve change detection

* fix tests

* add integration tests

* remove updateProfileFirstLoginMode parameter

Co-authored-by: Laurent PAUMIER <laurent.paumier@externe.maif.fr>
Co-authored-by: Felix Fontein <felix@fontein.de>
2021-08-31 07:07:53 +02:00

171 lines
4.5 KiB
YAML

---
- name: Create realm
community.general.keycloak_realm:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
id: "{{ realm }}"
realm: "{{ realm }}"
state: present
- name: Create new identity provider
community.general.keycloak_identity_provider:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
alias: "{{ idp }}"
display_name: OpenID Connect IdP
enabled: true
provider_id: oidc
config:
issuer: https://idp.example.com
authorizationUrl: https://idp.example.com/auth
tokenUrl: https://idp.example.com/token
userInfoUrl: https://idp.example.com/userinfo
clientAuthMethod: client_secret_post
clientId: clientid
clientSecret: clientsecret
syncMode: FORCE
mappers:
- name: "first_name"
identityProviderAlias: "oidc-idp"
identityProviderMapper: "oidc-user-attribute-idp-mapper"
config:
claim: "first_name"
user.attribute: "first_name"
syncMode: "INHERIT"
- name: "last_name"
identityProviderAlias: "oidc-idp"
identityProviderMapper: "oidc-user-attribute-idp-mapper"
config:
claim: "last_name"
user.attribute: "last_name"
syncMode: "INHERIT"
state: present
register: result
- name: Debug
debug:
var: result
- name: Assert identity provider created
assert:
that:
- result is changed
- result.existing == {}
- result.end_state.alias == "{{ idp }}"
- result.end_state.mappers != []
- name: Update existing identity provider (no change)
community.general.keycloak_identity_provider:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
alias: "{{ idp }}"
enabled: true
provider_id: oidc
config:
issuer: https://idp.example.com
authorizationUrl: https://idp.example.com/auth
tokenUrl: https://idp.example.com/token
userInfoUrl: https://idp.example.com/userinfo
clientAuthMethod: client_secret_post
clientId: clientid
clientSecret: "**********"
syncMode: FORCE
mappers:
- name: "first_name"
identityProviderAlias: "oidc-idp"
identityProviderMapper: "oidc-user-attribute-idp-mapper"
config:
claim: "first_name"
user.attribute: "first_name"
syncMode: "INHERIT"
- name: "last_name"
identityProviderAlias: "oidc-idp"
identityProviderMapper: "oidc-user-attribute-idp-mapper"
config:
claim: "last_name"
user.attribute: "last_name"
syncMode: "INHERIT"
state: present
register: result
- name: Debug
debug:
var: result
- name: Assert identity provider unchanged
assert:
that:
- result is not changed
- name: Update existing identity provider (with change)
community.general.keycloak_identity_provider:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
alias: "{{ idp }}"
enabled: false
state: present
register: result
- name: Debug
debug:
var: result
- name: Assert identity provider updated
assert:
that:
- result is changed
- result.existing.enabled == true
- result.end_state.enabled == false
- name: Delete existing identity provider
community.general.keycloak_identity_provider:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
alias: "{{ idp }}"
state: absent
register: result
- name: Debug
debug:
var: result
- name: Assert identity provider deleted
assert:
that:
- result is changed
- result.end_state == {}
- name: Delete absent identity provider
community.general.keycloak_identity_provider:
auth_keycloak_url: "{{ url }}"
auth_realm: "{{ admin_realm }}"
auth_username: "{{ admin_user }}"
auth_password: "{{ admin_password }}"
realm: "{{ realm }}"
alias: "{{ idp }}"
state: absent
register: result
- name: Debug
debug:
var: result
- name: Assert identity provider unchanged
assert:
that:
- result is not changed
- result.end_state == {}