mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 21:14:00 -07:00 
			
		
		
		
	keycloak_user_federation: set krbPrincipalAttribute to '' if unset in kc responses (#8785)
		
	* set `krbPrincipalAttribute` to `''` if unset in kc before and after responses * add changelog fragment * Update changelogs/fragments/8785-keycloak_user_federation-set-krbPrincipalAttribute-to-empty-string-if-missing.yaml Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
		
					parent
					
						
							
								27cb0c9090
							
						
					
				
			
			
				commit
				
					
						ac302eb77d
					
				
			
		
					 2 changed files with 14 additions and 3 deletions
				
			
		|  | @ -0,0 +1,2 @@ | ||||||
|  | bugfixes: | ||||||
|  |   - keycloak_user_federation - minimize change detection by setting ``krbPrincipalAttribute`` to ``''`` in Keycloak responses if missing (https://github.com/ansible-collections/community.general/pull/8785). | ||||||
|  | @ -721,15 +721,20 @@ from ansible.module_utils.six.moves.urllib.parse import urlencode | ||||||
| from copy import deepcopy | from copy import deepcopy | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
|  | def normalize_kc_comp(comp): | ||||||
|  |     # kc completely removes the parameter `krbPrincipalAttribute` if it is set to `''`; the unset kc parameter is equivalent to `''`; | ||||||
|  |     # to make change detection and diff more accurate we set it again in the kc responses | ||||||
|  |     if 'config' in comp: | ||||||
|  |         if 'krbPrincipalAttribute' not in comp['config']: | ||||||
|  |             comp['config']['krbPrincipalAttribute'] = [''] | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
| def sanitize(comp): | def sanitize(comp): | ||||||
|     compcopy = deepcopy(comp) |     compcopy = deepcopy(comp) | ||||||
|     if 'config' in compcopy: |     if 'config' in compcopy: | ||||||
|         compcopy['config'] = {k: v[0] for k, v in compcopy['config'].items()} |         compcopy['config'] = {k: v[0] for k, v in compcopy['config'].items()} | ||||||
|         if 'bindCredential' in compcopy['config']: |         if 'bindCredential' in compcopy['config']: | ||||||
|             compcopy['config']['bindCredential'] = '**********' |             compcopy['config']['bindCredential'] = '**********' | ||||||
|         # an empty string is valid for krbPrincipalAttribute but is filtered out in diff |  | ||||||
|         if 'krbPrincipalAttribute' not in compcopy['config']: |  | ||||||
|             compcopy['config']['krbPrincipalAttribute'] = '' |  | ||||||
|     if 'mappers' in compcopy: |     if 'mappers' in compcopy: | ||||||
|         for mapper in compcopy['mappers']: |         for mapper in compcopy['mappers']: | ||||||
|             if 'config' in mapper: |             if 'config' in mapper: | ||||||
|  | @ -885,6 +890,8 @@ def main(): | ||||||
|     if cid is not None and before_comp: |     if cid is not None and before_comp: | ||||||
|         before_comp['mappers'] = sorted(kc.get_components(urlencode(dict(parent=cid)), realm), key=lambda x: x.get('name') or '') |         before_comp['mappers'] = sorted(kc.get_components(urlencode(dict(parent=cid)), realm), key=lambda x: x.get('name') or '') | ||||||
| 
 | 
 | ||||||
|  |     normalize_kc_comp(before_comp) | ||||||
|  | 
 | ||||||
|     # Build a proposed changeset from parameters given to this module |     # Build a proposed changeset from parameters given to this module | ||||||
|     changeset = {} |     changeset = {} | ||||||
| 
 | 
 | ||||||
|  | @ -994,6 +1001,7 @@ def main(): | ||||||
|                     kc.delete_component(default_mapper['id'], realm) |                     kc.delete_component(default_mapper['id'], realm) | ||||||
| 
 | 
 | ||||||
|         after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm) |         after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm) | ||||||
|  |         normalize_kc_comp(after_comp) | ||||||
|         if module._diff: |         if module._diff: | ||||||
|             result['diff'] = dict(before='', after=sanitize(after_comp)) |             result['diff'] = dict(before='', after=sanitize(after_comp)) | ||||||
|         result['end_state'] = sanitize(after_comp) |         result['end_state'] = sanitize(after_comp) | ||||||
|  | @ -1041,6 +1049,7 @@ def main(): | ||||||
| 
 | 
 | ||||||
|             after_comp = kc.get_component(cid, realm) |             after_comp = kc.get_component(cid, realm) | ||||||
|             after_comp['mappers'] = sorted(kc.get_components(urlencode(dict(parent=cid)), realm), key=lambda x: x.get('name') or '') |             after_comp['mappers'] = sorted(kc.get_components(urlencode(dict(parent=cid)), realm), key=lambda x: x.get('name') or '') | ||||||
|  |             normalize_kc_comp(after_comp) | ||||||
|             after_comp_sanitized = sanitize(after_comp) |             after_comp_sanitized = sanitize(after_comp) | ||||||
|             before_comp_sanitized = sanitize(before_comp) |             before_comp_sanitized = sanitize(before_comp) | ||||||
|             result['end_state'] = after_comp_sanitized |             result['end_state'] = after_comp_sanitized | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue