mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-04-09 04:00:31 -07:00
da040cb412
Keycloak modules retry request on authentication error, support refresh token parameter (#9494)
* feat: begin refactor to support refresh token in keycloak modules
* chore: add start of tests for shared token usage
* feat: progress towards supporting refresh token; token introspection not yet working [8857]
* chore: reset to main branch previous state; a different approach is needed [8857]
* feat: add request methods to keycloak class, which will be expanded with retry logic [8857]
* feat: all requests to keycloak use request methods instead of open_url [8857]
* fix: data argument is optional in keycloak request methods [8857]
* feat: add integration test for keycloak module authentication methods [8857]
* chore: refactor get token logic to separate logic using username/pass credentials [8857]
* chore: refactor token request logic further to isolate request logic [8857]
* chore: fix minor lint issues [8857]
* test: add (currently failing) test for request with invalid auth token, valid refresh token [8857]
* chore: allow realm to be provided to role module with refresh_token, without username/pass [8857]
* feat: add retry logic to requests in keycloak module utils [8857]
* chore: rename keycloak module fail_open_url method to fail_request [8857]
* chore: update all keycloak modules to support refresh token param [8857]
* chore: add refresh_token param to keycloak doc_fragments [8857]
* chore: restore dependency between auth_realm and auth_username,auth_password params [8857]
* chore: rearrange module param checks to reduce future pr size [8857]
* chore: remove extra comma [8857]
* chore: update version added for refresh token param [8857]
* chore: add changelog fragment [8857]
* chore: re-add fail_open_url to keycloak module utils for backward compatability [8857]
* fix: do not make a new request to keycloak without reauth when refresh token not provided (#8857)
* fix: only make final auth attempt if username/pass provided, and return exception on failure (#8857)
* fix: make re-auth and retry code more consistent, ensure final exceptions are thrown (#8857)
* test: fix arguments for invalid token, valid refresh token test (#8857)
* feat: catch invalid refresh token errors during re-auth attempt (#8857)
Add test to verify this behaviour works.
* test: improve test coverage, including some unhappy path tests for authentication failures (#8857)
* chore: store auth errors from token request in backwards compatible way (#8857)
* fix: ensure method is still specified for all requests (#8857)
* chore: simplify token request logic (#8857)
* chore: rename functions to request tokens using refresh token or username/password (#8857)
To emphasize their difference from the `get_token` function,
which either gets the token from the module params
*or* makes a request for it.
* doc: add docstrings for new or significantly modified functions (#8857)
* test: repair unit test following change to exception message upon key error during auth request (#8857)
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| identity/keycloak | ||
| mh | ||
| net_tools/pritunl | ||
| oracle | ||
| remote_management/lxca | ||
| source_control | ||
| storage | ||
| _filelock.py | ||
| _mount.py | ||
| _stormssh.py | ||
| alicloud_ecs.py | ||
| android_sdkmanager.py | ||
| btrfs.py | ||
| cloud.py | ||
| cmd_runner.py | ||
| cmd_runner_fmt.py | ||
| consul.py | ||
| csv.py | ||
| database.py | ||
| datetime.py | ||
| deps.py | ||
| dimensiondata.py | ||
| django.py | ||
| gandi_livedns_api.py | ||
| gconftool2.py | ||
| gio_mime.py | ||
| gitlab.py | ||
| heroku.py | ||
| homebrew.py | ||
| hwc_utils.py | ||
| ibm_sa_utils.py | ||
| ilo_redfish_utils.py | ||
| influxdb.py | ||
| ipa.py | ||
| jenkins.py | ||
| known_hosts.py | ||
| ldap.py | ||
| linode.py | ||
| locale_gen.py | ||
| lxd.py | ||
| manageiq.py | ||
| memset.py | ||
| module_helper.py | ||
| ocapi_utils.py | ||
| oneandone.py | ||
| onepassword.py | ||
| oneview.py | ||
| online.py | ||
| opennebula.py | ||
| pipx.py | ||
| proxmox.py | ||
| puppet.py | ||
| pure.py | ||
| python_runner.py | ||
| redfish_utils.py | ||
| redis.py | ||
| rundeck.py | ||
| saslprep.py | ||
| scaleway.py | ||
| snap.py | ||
| ssh.py | ||
| univention_umc.py | ||
| utm_utils.py | ||
| vardict.py | ||
| version.py | ||
| vexata.py | ||
| wdc_redfish_utils.py | ||
| xenserver.py | ||
| xfconf.py | ||