fix: use FQCN

roles/keycloak_realm/tasks/main.yml

@@ -1,17 +1,18 @@
 ---
 - name: Generate keycloak auth token
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
     method: POST
     body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
     validate_certs: no
+  no_log: True
   register: keycloak_auth_response
   until: keycloak_auth_response.status == 200
   retries: 5
   delay: 2
 
 - name: "Determine if realm exists"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}"
     method: GET
     status_code:
@@ -23,7 +24,7 @@
   register: keycloak_realm_exists
 
 - name: Create Realm
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms"
     method: POST
     body: "{{ lookup('template','realm.json.j2') }}"
@@ -47,6 +48,7 @@
     provider_type: "{{ item.provider_type | default(org.keycloak.storage.UserStorageProvider) }}" 
     config: "{{ item.config }}"
     mappers: "{{ item.mappers | default(omit) }}"
+  no_log: True
   register: create_user_federation_result
   loop: "{{ keycloak_user_federation | flatten }}"
   when: keycloak_user_federation is defined
@@ -78,19 +80,20 @@
     public_client: "{{ item.public_client | default(False) }}"
     protocol: "{{ item.protocol | default(omit) }}"
     state: present
+  no_log: True
   register: create_client_result
   loop: "{{ keycloak_clients | flatten }}"
   when: (item.name is defined and item.client_id is defined) or (item.name is defined and item.id is defined)
 
 - name: Create client roles
-  include_tasks: manage_client_roles.yml
+  ansible.builtin.include_tasks: manage_client_roles.yml
   loop: "{{ keycloak_clients | flatten }}"
   loop_control:
     loop_var: client
   when: "'roles' in client"
 
 - name: Create client users
-  include_tasks: manage_client_users.yml
+  ansible.builtin.include_tasks: manage_client_users.yml
   loop: "{{ keycloak_clients | flatten }}"
   loop_control:
     loop_var: client

roles/keycloak_realm/tasks/manage_client_roles.yml

@@ -10,3 +10,4 @@
     auth_password: "{{ keycloak_admin_password }}"
     state: present
   loop: "{{ client.roles | flatten }}"
+  no_log: True

roles/keycloak_realm/tasks/manage_client_users.yml

@@ -1,12 +1,12 @@
 ---
 - name: Manage Users
-  include_tasks: manage_user.yml
+  ansible.builtin.include_tasks: manage_user.yml
   loop: "{{ client.users | flatten }}"
   loop_control:
     loop_var: user
 
 - name: Manage User Roles
-  include_tasks: manage_user_roles.yml
+  ansible.builtin.include_tasks: manage_user_roles.yml
   loop: "{{ client.users | flatten }}"
   loop_control:
     loop_var: user

roles/keycloak_realm/tasks/manage_user.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Check if User Already Exists"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
     validate_certs: no
     headers:
@@ -8,7 +8,7 @@
   register: keycloak_user_search_result
 
 - name: "Create User"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users"
     method: POST
     body:
@@ -26,7 +26,7 @@
   when: keycloak_user_search_result.json | length == 0
 
 - name: "Get User"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
     validate_certs: no
     headers:
@@ -34,7 +34,7 @@
   register: keycloak_user
 
 - name: "Update User Password"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users/{{ (keycloak_user.json | first).id }}/reset-password"
     method: PUT
     body:

roles/keycloak_realm/tasks/manage_user_client_roles.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Get Realm for role"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}"
     method: GET
     status_code:
@@ -11,7 +11,7 @@
   register: client_role_realm
 
 - name: Check if Mapping is available
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}/available"
     method: GET
     status_code:
@@ -22,7 +22,7 @@
   register: client_role_user_available
 
 - name: "Create Role Mapping"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ client_role.realm }}/users/{{ (keycloak_user.json | first).id }}/role-mappings/clients/{{ (create_client_result.results | selectattr('end_state.clientId', 'equalto', client_role.client) | list | first).end_state.id }}"
     method: POST
     body:

roles/keycloak_realm/tasks/manage_user_roles.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Get User {{ user.username }}"
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/admin/realms/{{ keycloak_realm }}/users?username={{ user.username }}"
     headers:
       validate_certs: no
@@ -8,18 +8,19 @@
   register: keycloak_user
 
 - name: Refresh keycloak auth token
-  uri:
+  ansible.builtin.uri:
     url: "{{ keycloak_url }}/auth/realms/master/protocol/openid-connect/token"
     method: POST
     body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
     validate_certs: no
   register: keycloak_auth_response
+  no_log: True
   until: keycloak_auth_response.status == 200
   retries: 5
   delay: 2
 
 - name: "Manage Client Role Mapping for {{ user.username }}"
-  include_tasks: manage_user_client_roles.yml
+  ansible.builtin.include_tasks: manage_user_client_roles.yml
   loop: "{{ user.client_roles | flatten }}"
   loop_control:
     loop_var: client_role