ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-10-22 20:13:59 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add support for client auth in Keycloak cllient secrets module (#10933)
Some checks failed
EOL CI / EOL Sanity (Ⓐ2.17) (push) Has been cancelled
Details
EOL CI / EOL Units (Ⓐ2.17+py3.10) (push) Has been cancelled
Details
EOL CI / EOL Units (Ⓐ2.17+py3.12) (push) Has been cancelled
Details
EOL CI / EOL Units (Ⓐ2.17+py3.7) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+alpine319+py:azp/posix/1/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+alpine319+py:azp/posix/2/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+alpine319+py:azp/posix/3/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+fedora39+py:azp/posix/1/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+fedora39+py:azp/posix/2/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+fedora39+py:azp/posix/3/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+ubuntu2004+py:azp/posix/1/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+ubuntu2004+py:azp/posix/2/) (push) Has been cancelled
Details
EOL CI / EOL I (Ⓐ2.17+ubuntu2004+py:azp/posix/3/) (push) Has been cancelled
Details
nox / Run extra sanity tests (push) Has been cancelled
Details

Browse source 
* keycloak: add client authentication support for client_secret

Signed-off-by: Marius Bertram <marius@brtrm.de>

* readd ['token', 'auth_realm']

Signed-off-by: Marius Bertram <marius@brtrm.de>

---------

Signed-off-by: Marius Bertram <marius@brtrm.de>
This commit is contained in:
Marius Bertram 2025-10-19 21:12:41 +02:00 committed by GitHub
commit c850e209ab
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 24 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/10933-keycloak-add-client-auth-for-clientsecret-modules.yml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- keycloak_clientsecret, keycloak_clientsecret_info - make ``client_auth`` work (https://github.com/ansible-collections/community.general/issues/10932, https://github.com/ansible-collections/community.general/pull/10933).

4
plugins/module_utils/identity/keycloak/keycloak_clientsecret.py
View file

@ -33,8 +33,8 @@ def keycloak_clientsecret_module():
argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=([['id', 'client_id'],
['token', 'auth_realm', 'auth_username', 'auth_password']]),
required_together=([['auth_realm', 'auth_username', 'auth_password']]),
['token', 'auth_realm', 'auth_username', 'auth_password', 'auth_client_id', 'auth_client_secret']]),
required_together=([['auth_username', 'auth_password']]),
mutually_exclusive=[
['token', 'auth_realm'],
['token', 'auth_username'],

10
plugins/modules/keycloak_clientsecret_info.py
View file

@ -92,6 +92,16 @@ EXAMPLES = r"""
token: TOKEN
delegate_to: localhost
no_log: true
- name: Get a new Keycloak client secret, authentication with auth_client_id and auth_client_secret
community.general.keycloak_clientsecret_info:
id: '9d59aa76-2755-48c6-b1af-beb70a82c3cd'
realm: MyCustomRealm
auth_client_id: admin-cli
auth_client_secret: SECRET
auth_keycloak_url: https://auth.example.com/auth
delegate_to: localhost
no_log: true
"""
RETURN = r"""

10
plugins/modules/keycloak_clientsecret_regenerate.py
View file

@ -95,6 +95,16 @@ EXAMPLES = r"""
token: TOKEN
delegate_to: localhost
no_log: true
- name: Regenerate a new Keycloak client secret, authentication with auth_client_id and auth_client_secret
community.general.keycloak_clientsecret_regenerate:
id: '9d59aa76-2755-48c6-b1af-beb70a82c3cd'
realm: MyCustomRealm
auth_client_id: admin-cli
auth_client_secret: SECRET
auth_keycloak_url: https://auth.example.com/auth
delegate_to: localhost
no_log: true
"""
RETURN = r"""