* feat: begin refactor to support refresh token in keycloak modules
* chore: add start of tests for shared token usage
* feat: progress towards supporting refresh token; token introspection not yet working [8857]
* chore: reset to main branch previous state; a different approach is needed [8857]
* feat: add request methods to keycloak class, which will be expanded with retry logic [8857]
* feat: all requests to keycloak use request methods instead of open_url [8857]
* fix: data argument is optional in keycloak request methods [8857]
* feat: add integration test for keycloak module authentication methods [8857]
* chore: refactor get token logic to separate logic using username/pass credentials [8857]
* chore: refactor token request logic further to isolate request logic [8857]
* chore: fix minor lint issues [8857]
* test: add (currently failing) test for request with invalid auth token, valid refresh token [8857]
* chore: allow realm to be provided to role module with refresh_token, without username/pass [8857]
* feat: add retry logic to requests in keycloak module utils [8857]
* chore: rename keycloak module fail_open_url method to fail_request [8857]
* chore: update all keycloak modules to support refresh token param [8857]
* chore: add refresh_token param to keycloak doc_fragments [8857]
* chore: restore dependency between auth_realm and auth_username,auth_password params [8857]
* chore: rearrange module param checks to reduce future pr size [8857]
* chore: remove extra comma [8857]
* chore: update version added for refresh token param [8857]
* chore: add changelog fragment [8857]
* chore: re-add fail_open_url to keycloak module utils for backward compatability [8857]
* fix: do not make a new request to keycloak without reauth when refresh token not provided (#8857)
* fix: only make final auth attempt if username/pass provided, and return exception on failure (#8857)
* fix: make re-auth and retry code more consistent, ensure final exceptions are thrown (#8857)
* test: fix arguments for invalid token, valid refresh token test (#8857)
* feat: catch invalid refresh token errors during re-auth attempt (#8857)
Add test to verify this behaviour works.
* test: improve test coverage, including some unhappy path tests for authentication failures (#8857)
* chore: store auth errors from token request in backwards compatible way (#8857)
* fix: ensure method is still specified for all requests (#8857)
* chore: simplify token request logic (#8857)
* chore: rename functions to request tokens using refresh token or username/password (#8857)
To emphasize their difference from the `get_token` function,
which either gets the token from the module params
*or* makes a request for it.
* doc: add docstrings for new or significantly modified functions (#8857)
* test: repair unit test following change to exception message upon key error during auth request (#8857)
* Create group for keycloak
This will allows keycloak authentication details to be set as a module_defaults rather than repeated on each task
* add documentation to keycloak modules to note creation of action_group
* add changelog for keycloak action_group creation
* exclude keycloak_realm_info from action group, as it does not share same set of base parameters
* fix formatting on changelog entry for adding Keycloak action group
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.
* Replace 'Copyright:' with 'Copyright'
sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')
Co-authored-by: Maxwell G <gotmax@e.email>
* Fix: Add user agent header to allow request through CDN/WAF with bot protection
* upate doc-fragment
* move http_agent variable assignment
* set http_agent param for all Keycloak API Requests
* Update plugins/doc_fragments/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/5023-http-agent-param-keycloak.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix formatting
* Update plugins/doc_fragments/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Updated keycloak.py to allow defining connection timeout value (#4168) (#2)
* Added parameter to doc_fragments and edited the changelog message (#4168)
* Added parameter to doc_fragments and edited the changelog message (#4168)
* Allow keycloak_group.py to take token as parameter for the authentification
* Fix some pep8 issues
* Add changelog fragment
* Refactor get_token to pass module.params + Documentation
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix unit test and add new one for token as param
* Fix identation
* Check base_url format also if token is given
* Update plugins/doc_fragments/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Allow keycloak_group.py to take token as parameter for the authentification
* Refactor get_token to pass module.params + Documentation
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/keycloak/keycloak_group.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Check if base_url is None before to check format
* Fix unit test: rename base_url parameter to auth_keycloak_url
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/2250-allow-keycloak-modules-to-take-token-as-param.yml
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update changelogs/fragments/2250-allow-keycloak-modules-to-take-token-as-param.yml
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_group.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_group.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Switch to modern syntax for the documentation (e.g. community.general.keycloak_client)
* Add check either creds or token as argument of all keyloak_* modules
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Amin Vakil <info@aminvakil.com>