diff --git a/pkg/cmd/config.go b/pkg/cmd/config.go index bc80ebf..b61874a 100644 --- a/pkg/cmd/config.go +++ b/pkg/cmd/config.go @@ -25,7 +25,6 @@ type Client struct { type Provider struct { supplier.ServiceProviderConfig `validate:"required"` - Name string `validate:"required"` Type ProviderType `validate:"required"` } @@ -40,9 +39,9 @@ func GetConfig() (Config, error) { }, }, Provider: Provider{ - Name: viper.GetString("provider.name"), Type: ProviderType(viper.GetString("provider.type")), ServiceProviderConfig: supplier.ServiceProviderConfig{ + Name: viper.GetString("provider.name"), Host: viper.GetString("provider.host"), Username: viper.GetString("provider.username"), Password: viper.GetString("provider.password"), diff --git a/pkg/supplier/keycloak.go b/pkg/supplier/keycloak.go index 4663e52..9fe8fc9 100644 --- a/pkg/supplier/keycloak.go +++ b/pkg/supplier/keycloak.go @@ -44,54 +44,58 @@ func (r *KeycloakSupplier) Reconcile(ctx context.Context, scim ScimClient) error if err != nil { return err } - var providerId string + var component gocloak.Component + var exists bool components, err := client.GetComponents(ctx, token.AccessToken, r.realm) if err != nil { return err } for _, v := range components { if *v.ProviderType == "org.keycloak.storage.UserStorageProvider" && *v.ProviderID == "scim" && *v.Name == scim.Name { - providerId = *v.ID + component = *v + exists = true break } } - realm, err := client.GetRealm(ctx, token.AccessToken, r.realm) - if err != nil { - return err + componentConfig := map[string][]string{ + "endpoint": {scim.Endpoint}, + "auth-mode": {"BASIC_AUTH"}, + "auth-user": {scim.Username}, + "auth-pass": {scim.Password}, } - - pId := "scim" - pType := "org.keycloak.storage.UserStorageProvider" - component := gocloak.Component{ - ID: &providerId, - ParentID: realm.ID, - Name: &scim.Name, - ProviderID: &pId, - ProviderType: &pType, - ComponentConfig: &map[string][]string{ - "priority": {"0"}, - "endpoint": {scim.Endpoint}, - "content-type": {"application/json"}, - "auth-mode": {"BASIC_AUTH"}, - "auth-user": {scim.Username}, - "auth-pass": {scim.Password}, - "sync-import": {"false"}, - "sync-import-action": {"CREATE_LOCAL"}, - "propagation-user": {"true"}, - "propagation-group": {"true"}, - }, - } - if providerId == "" { - providerId = uuid.NewString() - _, err = client.CreateComponent(ctx, token.AccessToken, r.realm, component) + if !exists { + realm, err := client.GetRealm(ctx, token.AccessToken, r.realm) if err != nil { return err } + + pId := "scim" + pType := "org.keycloak.storage.UserStorageProvider" + providerId := uuid.NewString() + component = gocloak.Component{ + ID: &providerId, + ParentID: realm.ID, + Name: &scim.Name, + ProviderID: &pId, + ProviderType: &pType, + } + componentConfig["priority"] = []string{"0"} + componentConfig["content-type"] = []string{"application/json"} + componentConfig["sync-import"] = []string{"false"} + componentConfig["sync-import-action"] = []string{"CREATE_LOCAL"} + componentConfig["propagation-user"] = []string{"true"} + componentConfig["propagation-group"] = []string{"true"} + } + component.ComponentConfig = &componentConfig + // (*component.ComponentConfig)["endpoint"] = []string{scim.Endpoint} + // (*component.ComponentConfig)["auth-mode"] = []string{"BASIC_AUTH"} + // (*component.ComponentConfig)["auth-username"] = []string{scim.Username} + // (*component.ComponentConfig)["auth-pass"] = []string{scim.Password} + + if !exists { + _, err = client.CreateComponent(ctx, token.AccessToken, r.realm, component) } else { _, err = client.UpdateComponent(ctx, token.AccessToken, r.realm, component) - if err != nil { - return err - } } - return nil + return err }