From 627093d5a784780b3ed5eff6eb4fc5cc9a89adf5 Mon Sep 17 00:00:00 2001 From: Killian Levacher Date: Fri, 4 Jul 2025 14:27:02 +0100 Subject: [PATCH] fix for issue #10342 --- .../identity/keycloak/keycloak.py | 2 +- plugins/modules/keycloak_client_rolescope.py | 20 +++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/plugins/module_utils/identity/keycloak/keycloak.py b/plugins/module_utils/identity/keycloak/keycloak.py index e053eca305..9a7e3e8a02 100644 --- a/plugins/module_utils/identity/keycloak/keycloak.py +++ b/plugins/module_utils/identity/keycloak/keycloak.py @@ -29,7 +29,7 @@ URL_CLIENT_ROLES = "{url}/admin/realms/{realm}/clients/{id}/roles" URL_CLIENT_ROLE = "{url}/admin/realms/{realm}/clients/{id}/roles/{name}" URL_CLIENT_ROLE_COMPOSITES = "{url}/admin/realms/{realm}/clients/{id}/roles/{name}/composites" -URL_CLIENT_ROLE_SCOPE_CLIENTS = "{url}/admin/realms/{realm}/clients/{id}/scope-mappings/clients/{scopeid}" +URL_CLIENT_ROLE_SCOPE_CLIENTS = "{url}/admin/realms/{realm}/client-scopes/{scopeid}/scope-mappings/clients/{id}" URL_CLIENT_ROLE_SCOPE_REALM = "{url}/admin/realms/{realm}/clients/{id}/scope-mappings/realm" URL_REALM_ROLES = "{url}/admin/realms/{realm}/roles" diff --git a/plugins/modules/keycloak_client_rolescope.py b/plugins/modules/keycloak_client_rolescope.py index db11f37098..0b243910f0 100644 --- a/plugins/modules/keycloak_client_rolescope.py +++ b/plugins/modules/keycloak_client_rolescope.py @@ -193,27 +193,27 @@ def main(): objRealm = kc.get_realm_by_id(realm) if not objRealm: - module.fail_json(msg="Failed to retrive realm '{realm}'".format(realm=realm)) + module.fail_json(msg="Failed to retrieve realm '{realm}'".format(realm=realm)) objClient = kc.get_client_by_clientid(clientid, realm) if not objClient: - module.fail_json(msg="Failed to retrive client '{realm}.{clientid}'".format(realm=realm, clientid=clientid)) + module.fail_json(msg="Failed to retrieve client '{realm}.{clientid}'".format(realm=realm, clientid=clientid)) if objClient["fullScopeAllowed"] and state == "present": module.fail_json(msg="FullScopeAllowed is active for Client '{realm}.{clientid}'".format(realm=realm, clientid=clientid)) if client_scope_id: - objClientScope = kc.get_client_by_clientid(client_scope_id, realm) + objClientScope = kc.get_clientscope_by_clientscopeid(client_scope_id, realm) if not objClientScope: - module.fail_json(msg="Failed to retrive client '{realm}.{client_scope_id}'".format(realm=realm, client_scope_id=client_scope_id)) + module.fail_json(msg="Failed to retrieve client '{realm}.{client_scope_id}'".format(realm=realm, client_scope_id=client_scope_id)) before_role_mapping = kc.get_client_role_scope_from_client(objClient["id"], objClientScope["id"], realm) else: before_role_mapping = kc.get_client_role_scope_from_realm(objClient["id"], realm) - if client_scope_id: - # retrive all role from client_scope - client_scope_roles_by_name = kc.get_client_roles_by_id(objClientScope["id"], realm) + if objClient: + # retrieve all role from client + client_scope_roles_by_name = kc.get_client_roles_by_id(objClient["id"], realm) else: - # retrive all role from realm + # retrieve all role from realm client_scope_roles_by_name = kc.get_realm_roles(realm) # convert to indexed Dict by name @@ -226,10 +226,10 @@ def main(): for role_name in role_names: if role_name not in client_scope_roles_by_name: if client_scope_id: - module.fail_json(msg="Failed to retrive role '{realm}.{client_scope_id}.{role_name}'" + module.fail_json(msg="Failed to retrieve role '{realm}.{client_scope_id}.{role_name}'" .format(realm=realm, client_scope_id=client_scope_id, role_name=role_name)) else: - module.fail_json(msg="Failed to retrive role '{realm}.{role_name}'".format(realm=realm, role_name=role_name)) + module.fail_json(msg="Failed to retrieve role '{realm}.{role_name}'".format(realm=realm, role_name=role_name)) if role_name not in role_mapping_by_name: role_mapping_to_manipulate.append(client_scope_roles_by_name[role_name]) role_mapping_by_name[role_name] = client_scope_roles_by_name[role_name]