mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-04-10 04:30:32 -07:00
da040cb412
Keycloak modules retry request on authentication error, support refresh token parameter (#9494)
* feat: begin refactor to support refresh token in keycloak modules
* chore: add start of tests for shared token usage
* feat: progress towards supporting refresh token; token introspection not yet working [8857]
* chore: reset to main branch previous state; a different approach is needed [8857]
* feat: add request methods to keycloak class, which will be expanded with retry logic [8857]
* feat: all requests to keycloak use request methods instead of open_url [8857]
* fix: data argument is optional in keycloak request methods [8857]
* feat: add integration test for keycloak module authentication methods [8857]
* chore: refactor get token logic to separate logic using username/pass credentials [8857]
* chore: refactor token request logic further to isolate request logic [8857]
* chore: fix minor lint issues [8857]
* test: add (currently failing) test for request with invalid auth token, valid refresh token [8857]
* chore: allow realm to be provided to role module with refresh_token, without username/pass [8857]
* feat: add retry logic to requests in keycloak module utils [8857]
* chore: rename keycloak module fail_open_url method to fail_request [8857]
* chore: update all keycloak modules to support refresh token param [8857]
* chore: add refresh_token param to keycloak doc_fragments [8857]
* chore: restore dependency between auth_realm and auth_username,auth_password params [8857]
* chore: rearrange module param checks to reduce future pr size [8857]
* chore: remove extra comma [8857]
* chore: update version added for refresh token param [8857]
* chore: add changelog fragment [8857]
* chore: re-add fail_open_url to keycloak module utils for backward compatability [8857]
* fix: do not make a new request to keycloak without reauth when refresh token not provided (#8857)
* fix: only make final auth attempt if username/pass provided, and return exception on failure (#8857)
* fix: make re-auth and retry code more consistent, ensure final exceptions are thrown (#8857)
* test: fix arguments for invalid token, valid refresh token test (#8857)
* feat: catch invalid refresh token errors during re-auth attempt (#8857)
Add test to verify this behaviour works.
* test: improve test coverage, including some unhappy path tests for authentication failures (#8857)
* chore: store auth errors from token request in backwards compatible way (#8857)
* fix: ensure method is still specified for all requests (#8857)
* chore: simplify token request logic (#8857)
* chore: rename functions to request tokens using refresh token or username/password (#8857)
To emphasize their difference from the `get_token` function,
which either gets the token from the module params
*or* makes a request for it.
* doc: add docstrings for new or significantly modified functions (#8857)
* test: repair unit test following change to exception message upon key error during auth request (#8857)
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| .keep | ||
| 10.3.0.yml | ||
| 9403-redfish-add-get-accountservice.yml | ||
| 9494-keycloak-modules-retry-request-on-authentication-error.yaml | ||
| 9539-iocage-inventory-dhcp.yml | ||
| 9546-fix-handling-of-tap-homebrew-packages.yml | ||
| 9547-one_template-filter.yml | ||
| 9554-add-cpanm-option_with-recommends-and-suggests.yml | ||
| 9570-feat-nmcli-add-fail-over-mac-parameter.yml | ||
| 9573-iocage-inventory-sudo.yml | ||
| 9577-mh-delegate-debug.yml | ||
| 9578-redhat_subscription-no-remove-on-unregister.yml | ||
| 9579-with-open.yml | ||
| 9582-add-support-for-vrrp.yml | ||
| 9583-py3-imports-actionbecomecachecallback.yml | ||
| 9584-py3-imports-connectioninventory.yml | ||
| 9585-py3-imports-filter.yml | ||
| 9586-allow-transition-id-jira.yml | ||
| 9598-snap-version.yml | ||
| 9599-apache2-mod-proxy-revamp1.yml | ||
| 9600-apache2-mod-proxy-revamp2.yml | ||
| 9601-proxmox-template-support-for-checksums.yml | ||
| 9608-apache2-mod-proxy-revamp3.yml | ||
| 9609-apache2-mod-proxy-revamp4.yml | ||
| 9612-apache2-mod-proxy-revamp5.yml | ||
| 9614-apache2-mod-proxy-revamp7.yml | ||
| 9621-keycloak_client-sanitize-saml-encryption-key.yml | ||