(kc) fix name + overwrite only necessary
This commit is contained in:
parent
6ec1272af2
commit
f8cfbd2a41
2 changed files with 39 additions and 36 deletions
|
@ -25,7 +25,6 @@ type Client struct {
|
||||||
|
|
||||||
type Provider struct {
|
type Provider struct {
|
||||||
supplier.ServiceProviderConfig `validate:"required"`
|
supplier.ServiceProviderConfig `validate:"required"`
|
||||||
Name string `validate:"required"`
|
|
||||||
Type ProviderType `validate:"required"`
|
Type ProviderType `validate:"required"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -40,9 +39,9 @@ func GetConfig() (Config, error) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Provider: Provider{
|
Provider: Provider{
|
||||||
Name: viper.GetString("provider.name"),
|
|
||||||
Type: ProviderType(viper.GetString("provider.type")),
|
Type: ProviderType(viper.GetString("provider.type")),
|
||||||
ServiceProviderConfig: supplier.ServiceProviderConfig{
|
ServiceProviderConfig: supplier.ServiceProviderConfig{
|
||||||
|
Name: viper.GetString("provider.name"),
|
||||||
Host: viper.GetString("provider.host"),
|
Host: viper.GetString("provider.host"),
|
||||||
Username: viper.GetString("provider.username"),
|
Username: viper.GetString("provider.username"),
|
||||||
Password: viper.GetString("provider.password"),
|
Password: viper.GetString("provider.password"),
|
||||||
|
|
|
@ -44,17 +44,26 @@ func (r *KeycloakSupplier) Reconcile(ctx context.Context, scim ScimClient) error
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
var providerId string
|
var component gocloak.Component
|
||||||
|
var exists bool
|
||||||
components, err := client.GetComponents(ctx, token.AccessToken, r.realm)
|
components, err := client.GetComponents(ctx, token.AccessToken, r.realm)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
for _, v := range components {
|
for _, v := range components {
|
||||||
if *v.ProviderType == "org.keycloak.storage.UserStorageProvider" && *v.ProviderID == "scim" && *v.Name == scim.Name {
|
if *v.ProviderType == "org.keycloak.storage.UserStorageProvider" && *v.ProviderID == "scim" && *v.Name == scim.Name {
|
||||||
providerId = *v.ID
|
component = *v
|
||||||
|
exists = true
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
componentConfig := map[string][]string{
|
||||||
|
"endpoint": {scim.Endpoint},
|
||||||
|
"auth-mode": {"BASIC_AUTH"},
|
||||||
|
"auth-user": {scim.Username},
|
||||||
|
"auth-pass": {scim.Password},
|
||||||
|
}
|
||||||
|
if !exists {
|
||||||
realm, err := client.GetRealm(ctx, token.AccessToken, r.realm)
|
realm, err := client.GetRealm(ctx, token.AccessToken, r.realm)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -62,36 +71,31 @@ func (r *KeycloakSupplier) Reconcile(ctx context.Context, scim ScimClient) error
|
||||||
|
|
||||||
pId := "scim"
|
pId := "scim"
|
||||||
pType := "org.keycloak.storage.UserStorageProvider"
|
pType := "org.keycloak.storage.UserStorageProvider"
|
||||||
component := gocloak.Component{
|
providerId := uuid.NewString()
|
||||||
|
component = gocloak.Component{
|
||||||
ID: &providerId,
|
ID: &providerId,
|
||||||
ParentID: realm.ID,
|
ParentID: realm.ID,
|
||||||
Name: &scim.Name,
|
Name: &scim.Name,
|
||||||
ProviderID: &pId,
|
ProviderID: &pId,
|
||||||
ProviderType: &pType,
|
ProviderType: &pType,
|
||||||
ComponentConfig: &map[string][]string{
|
|
||||||
"priority": {"0"},
|
|
||||||
"endpoint": {scim.Endpoint},
|
|
||||||
"content-type": {"application/json"},
|
|
||||||
"auth-mode": {"BASIC_AUTH"},
|
|
||||||
"auth-user": {scim.Username},
|
|
||||||
"auth-pass": {scim.Password},
|
|
||||||
"sync-import": {"false"},
|
|
||||||
"sync-import-action": {"CREATE_LOCAL"},
|
|
||||||
"propagation-user": {"true"},
|
|
||||||
"propagation-group": {"true"},
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
if providerId == "" {
|
componentConfig["priority"] = []string{"0"}
|
||||||
providerId = uuid.NewString()
|
componentConfig["content-type"] = []string{"application/json"}
|
||||||
|
componentConfig["sync-import"] = []string{"false"}
|
||||||
|
componentConfig["sync-import-action"] = []string{"CREATE_LOCAL"}
|
||||||
|
componentConfig["propagation-user"] = []string{"true"}
|
||||||
|
componentConfig["propagation-group"] = []string{"true"}
|
||||||
|
}
|
||||||
|
component.ComponentConfig = &componentConfig
|
||||||
|
// (*component.ComponentConfig)["endpoint"] = []string{scim.Endpoint}
|
||||||
|
// (*component.ComponentConfig)["auth-mode"] = []string{"BASIC_AUTH"}
|
||||||
|
// (*component.ComponentConfig)["auth-username"] = []string{scim.Username}
|
||||||
|
// (*component.ComponentConfig)["auth-pass"] = []string{scim.Password}
|
||||||
|
|
||||||
|
if !exists {
|
||||||
_, err = client.CreateComponent(ctx, token.AccessToken, r.realm, component)
|
_, err = client.CreateComponent(ctx, token.AccessToken, r.realm, component)
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
_, err = client.UpdateComponent(ctx, token.AccessToken, r.realm, component)
|
_, err = client.UpdateComponent(ctx, token.AccessToken, r.realm, component)
|
||||||
if err != nil {
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue