Page MenuHomeSoftware Heritage
Files F8395120

keycloak_client_protocol_mapper.rb
No OneTemporary
Actions

keycloak_client_protocol_mapper.rb
View Options

require_relative '../provider/keycloak_api'
require_relative '../../puppet_x/keycloak/type'
require_relative '../../puppet_x/keycloak/array_property'
Puppet::Type.newtype(:keycloak_client_protocol_mapper) do
desc <<-DESC
Manage Keycloak protocol mappers
@example Add email protocol mapper to test.example.com client in realm test
keycloak_client_protocol_mapper { "email for test.example.com on test":
claim_name => 'email',
user_attribute => 'email',
}
DESC
extend PuppetX::Keycloak::Type
add_autorequires
ensurable
newparam(:name, namevar: true) do
desc 'The protocol mapper name'
end
newparam(:id) do
desc 'Id.'
end
newparam(:resource_name, namevar: true) do
desc 'The protocol mapper name. Defaults to `name`.'
defaultto do
@resource[:name]
end
end
newparam(:client, namevar: true) do
desc 'client'
end
newparam(:realm, namevar: true) do
desc 'realm'
end
newproperty(:protocol) do
desc 'protocol'
defaultto('openid-connect')
newvalues('openid-connect', 'saml')
munge { |v| v }
end
newparam(:type) do
desc <<-DESC
protocolMapper.
Default is `oidc-usermodel-property-mapper` for `protocol` `openid-connect` and
`saml-user-property-mapper` for `protocol` `saml`.
DESC
newvalues(
'oidc-usermodel-property-mapper',
'oidc-full-name-mapper',
'saml-user-property-mapper',
'saml-role-list-mapper',
)
defaultto do
if @resource[:protocol] == 'openid-connect'
'oidc-usermodel-property-mapper'
elsif @resource[:protocol] == 'saml'
'saml-user-property-mapper'
else
nil
end
end
munge { |v| v }
end
newproperty(:user_attribute) do
desc 'user.attribute. Default to `resource_name` for `type` `oidc-usermodel-property-mapper` or `saml-user-property-mapper`'
defaultto do
if @resource[:type] == 'oidc-usermodel-property-mapper' || @resource[:type] == 'saml-user-property-mapper'
@resource[:resource_name]
else
nil
end
end
end
newproperty(:json_type_label) do
desc 'json.type.label. Default to `String` for `type` `oidc-usermodel-property-mapper`.'
defaultto do
if @resource[:type] == 'oidc-usermodel-property-mapper'
'String'
else
nil
end
end
end
newproperty(:friendly_name) do
desc 'friendly.name. Default to `resource_name` for `type` `saml-user-property-mapper`.'
defaultto do
if @resource[:type] == 'saml-user-property-mapper'
@resource[:resource_name]
else
nil
end
end
end
newproperty(:attribute_name) do
desc 'attribute.name Default to `resource_name` for `type` `saml-user-property-mapper`.'
defaultto do
if @resource[:type] == 'saml-user-property-mapper'
@resource[:resource_name]
else
nil
end
end
end
newproperty(:claim_name) do
desc 'claim.name'
end
newproperty(:id_token_claim, boolean: true) do
desc 'id.token.claim. Default to `true` for `protocol` `openid-connect`.'
newvalues(:true, :false)
defaultto do
if @resource['protocol'] == 'openid-connect'
:true
else
nil
end
end
end
newproperty(:access_token_claim, boolean: true) do
desc 'access.token.claim. Default to `true` for `protocol` `openid-connect`.'
newvalues(:true, :false)
defaultto do
if @resource['protocol'] == 'openid-connect'
:true
else
nil
end
end
end
newproperty(:userinfo_token_claim, boolean: true) do
desc 'userinfo.token.claim. Default to `true` for `protocol` `openid-connect`.'
newvalues(:true, :false)
defaultto do
if @resource['protocol'] == 'openid-connect'
:true
else
nil
end
end
end
newproperty(:attribute_nameformat) do
desc 'attribute.nameformat'
validate do |v|
unless [:basic, :uri, :unspecified].include?(v.downcase.to_sym)
raise ArgumentError, 'attribute_nameformat must be one of basic, uri, or unspecified'
end
end
munge do |v|
v.downcase.to_sym
end
end
newproperty(:single, boolean: true) do
desc 'single. Default to `false` for `type` `saml-role-list-mapper`.'
newvalues(:true, :false)
defaultto do
if @resource['type'] == 'saml-role-list-mapper'
:false
else
nil
end
end
end
autorequire(:keycloak_client) do
requires = []
catalog.resources.each do |resource|
next unless resource.class.to_s == 'Puppet::Type::Keycloak_client'
if resource[:client_id] == self[:client]
requires << resource.name
end
end
requires
end
def self.title_patterns
[
[
%r{^((.+) for (\S+) on (\S+))$},
[
[:name],
[:resource_name],
[:client],
[:realm],
],
],
[
%r{(.*)},
[
[:name],
],
],
]
end
validate do
if self[:protocol] == 'openid-connect' && !['oidc-usermodel-property-mapper', 'oidc-full-name-mapper'].include?(self[:type])
raise Puppet::Error, "type #{self[:type]} is not valid for protocol openid-connect"
end
if self[:protocol] == 'saml' && !['saml-user-property-mapper', 'saml-role-list-mapper'].include?(self[:type])
raise Puppet::Error, "type #{self[:type]} is not valid for protocol saml"
end
if self[:friendly_name] && self[:type] != 'saml-user-property-mapper'
raise Puppet::Error, "friendly_name is not valid for type #{self[:type]}"
end
if self[:attribute_name] && self[:protocol] != 'saml'
raise Puppet::Error, "attribute_name is not valid for type #{self[:type]}"
end
if self[:attribute_nameformat] && self[:protocol] != 'saml'
raise Puppet::Error, "attribute_nameformat is not valid for protocol #{self[:protocol]}"
end
if self[:single] && self[:type] != 'saml-role-list-mapper'
raise Puppet::Error, "single is not valid for type #{self[:type]}"
end
end
end

File Metadata

Mime Type
text/x-ruby
Expires
Jun 4 2025, 7:34 PM (10 w, 3 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3399240

Event Timeline

About · Developer information · Legal