Changeset View
Changeset View
Standalone View
Standalone View
lib/puppet/type/keycloak_identity_provider.rb
| require_relative '../../puppet_x/keycloak/type' | require_relative '../../puppet_x/keycloak/type' | ||||
| require_relative '../../puppet_x/keycloak/array_property' | require_relative '../../puppet_x/keycloak/array_property' | ||||
| require_relative '../../puppet_x/keycloak/integer_property' | |||||
| Puppet::Type.newtype(:keycloak_identity_provider) do | Puppet::Type.newtype(:keycloak_identity_provider) do | ||||
| desc <<-DESC | desc <<-DESC | ||||
| Manage Keycloak identity providers | Manage Keycloak identity providers | ||||
| @example Add CILogon identity provider to test realm | @example Add CILogon identity provider to test realm | ||||
| keycloak_identity_provider { 'cilogon on test': | keycloak_identity_provider { 'cilogon on test': | ||||
| ensure => 'present', | ensure => 'present', | ||||
| display_name => 'CILogon', | display_name => 'CILogon', | ||||
| Show All 35 Lines | @example Add CILogon identity provider to test realm | ||||
| end | end | ||||
| newproperty(:display_name) do | newproperty(:display_name) do | ||||
| desc 'displayName' | desc 'displayName' | ||||
| end | end | ||||
| newparam(:provider_id) do | newparam(:provider_id) do | ||||
| desc 'providerId' | desc 'providerId' | ||||
| newvalues('oidc') | newvalues('oidc', 'keycloak-oidc') | ||||
| defaultto 'oidc' | defaultto 'oidc' | ||||
| munge { |v| v } | munge { |v| v } | ||||
| end | end | ||||
| newproperty(:enabled, boolean: true) do | newproperty(:enabled, boolean: true) do | ||||
| desc 'enabled' | desc 'enabled' | ||||
| newvalues(:true, :false) | newvalues(:true, :false) | ||||
| defaultto :true | defaultto :true | ||||
| Show All 31 Lines | @example Add CILogon identity provider to test realm | ||||
| end | end | ||||
| newproperty(:link_only, boolean: true) do | newproperty(:link_only, boolean: true) do | ||||
| desc 'linkOnly' | desc 'linkOnly' | ||||
| newvalues(:true, :false) | newvalues(:true, :false) | ||||
| defaultto :false | defaultto :false | ||||
| end | end | ||||
| newproperty(:gui_order, parent: PuppetX::Keycloak::IntegerProperty) do | |||||
| desc 'guiOrder' | |||||
| munge { |v| v.to_s } | |||||
| end | |||||
| newproperty(:first_broker_login_flow_alias) do | newproperty(:first_broker_login_flow_alias) do | ||||
| desc 'firstBrokerLoginFlowAlias' | desc 'firstBrokerLoginFlowAlias' | ||||
| defaultto 'first broker login' | defaultto 'first broker login' | ||||
| munge { |v| v } | munge { |v| v } | ||||
| end | end | ||||
| newproperty(:post_broker_login_flow_alias) do | newproperty(:post_broker_login_flow_alias) do | ||||
| desc 'postBrokerLoginFlowAlias' | desc 'postBrokerLoginFlowAlias' | ||||
| munge { |v| v } | munge { |v| v } | ||||
| end | end | ||||
| newproperty(:sync_mode) do | |||||
| desc 'syncMode' | |||||
| defaultto 'IMPORT' | |||||
| newvalues('IMPORT', 'LEGACY', 'FORCE') | |||||
| munge { |v| v } | |||||
| end | |||||
| # BEGIN: oidc | # BEGIN: oidc | ||||
| newproperty(:hide_on_login_page, boolean: true) do | newproperty(:hide_on_login_page, boolean: true) do | ||||
| desc 'hideOnLoginPage' | desc 'hideOnLoginPage' | ||||
| newvalues(:true, :false) | newvalues(:true, :false) | ||||
| defaultto :false | defaultto :false | ||||
| end | end | ||||
| ▲ Show 20 Lines • Show All 65 Lines • ▼ Show 20 Lines | @example Add CILogon identity provider to test realm | ||||
| end | end | ||||
| newproperty(:use_jwks_url, boolean: true) do | newproperty(:use_jwks_url, boolean: true) do | ||||
| desc 'useJwksUrl' | desc 'useJwksUrl' | ||||
| newvalues(:true, :false) | newvalues(:true, :false) | ||||
| defaultto :true | defaultto :true | ||||
| end | end | ||||
| newproperty(:jwks_url) do | |||||
| desc 'jwksUrl' | |||||
| munge { |v| v } | |||||
| end | |||||
| newproperty(:login_hint, boolean: true) do | newproperty(:login_hint, boolean: true) do | ||||
| desc 'loginHint' | desc 'loginHint' | ||||
| newvalues(:true, :false) | newvalues(:true, :false) | ||||
| defaultto :false | defaultto :false | ||||
| end | end | ||||
| newproperty(:authorization_url) do | newproperty(:authorization_url) do | ||||
| desc 'authorizationUrl' | desc 'authorizationUrl' | ||||
| ▲ Show 20 Lines • Show All 51 Lines • ▼ Show 20 Lines | [ | ||||
| ], | ], | ||||
| ] | ] | ||||
| end | end | ||||
| validate do | validate do | ||||
| if self[:realm].nil? | if self[:realm].nil? | ||||
| raise Puppet::Error, 'realm is required' | raise Puppet::Error, 'realm is required' | ||||
| end | end | ||||
| if self[:ensure].to_s == 'present' && self[:provider_id] == 'oidc' | if self[:ensure].to_s == 'present' && ['oidc', 'keycloak-oidc'].include?(self[:provider_id]) | ||||
| if self[:authorization_url].nil? | if self[:authorization_url].nil? | ||||
| raise Puppet::Error, 'authorization_url is required' | raise Puppet::Error, 'authorization_url is required' | ||||
| end | end | ||||
| if self[:token_url].nil? | if self[:token_url].nil? | ||||
| raise Puppet::Error, 'token_url is required' | raise Puppet::Error, 'token_url is required' | ||||
| end | end | ||||
| if self[:client_id].nil? | if self[:client_id].nil? | ||||
| raise Puppet::Error, 'client_id is required' | raise Puppet::Error, 'client_id is required' | ||||
| end | end | ||||
| if self[:client_secret].nil? | if self[:client_secret].nil? | ||||
| raise Puppet::Error, 'client_secret is required' | raise Puppet::Error, 'client_secret is required' | ||||
| end | end | ||||
| end | end | ||||
| end | end | ||||
| autorequire(:keycloak_flow) do | |||||
| requires = [] | |||||
| catalog.resources.each do |resource| | |||||
| next unless resource.class.to_s == 'Puppet::Type::Keycloak_flow' | |||||
| next if self[:realm] != resource[:realm] | |||||
| if self[:first_broker_login_flow_alias] == resource[:alias] | |||||
| requires << resource.name | |||||
| end | |||||
| if self[:post_broker_login_flow_alias] == resource[:alias] | |||||
| requires << resource.name | |||||
| end | |||||
| end | |||||
| requires | |||||
| end | |||||
| end | end | ||||