also create sample clients after sso installation

9 years ago · 82060fb4f5
4 changed files with 79 additions and 44 deletions
--- a/roles/sso/tasks/create-client.yml
+++ b/roles/sso/tasks/create-client.yml
@ -0,0 +1,14 @@
 ---
  - name: Create the Demo Client
    uri:
      url: https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/clients
      validate_certs: no
      headers:
        Authorization: 'Bearer {{ access_token }}'
      method: POST
      body: "{{ sso_demo_client }}"
      body_format: json
      status_code: "201,409"
    register: response
    changed_when: response.status == 201
--- a/roles/sso/tasks/create-user.yml
+++ b/roles/sso/tasks/create-user.yml
@ -0,0 +1,45 @@
 ---
  - name: Create the Demo User
    uri:
      url: https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users
      validate_certs: no
      headers:
        Authorization: 'Bearer {{ access_token }}'
      method: POST
      body: "{{ sso_demo_user }}"
      body_format: json
      status_code: "201,409"
    register: response
    changed_when: response.status == 201
  - set_fact:
      user_has_been_created: true
      user_url: "{{ response.location }}"
    when: response.status == 201
  - name: Retrieve the id of the Demo User
    uri:
      url: 'https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users?username={{ sso_demo_user.username|urlencode }}'
      validate_certs: no
      headers:
        Authorization: 'Bearer {{ access_token }}'
    register: response
    changed_when: false
    failed_when: response.status != 200 or (response.json|length != 1)
    when: user_has_been_created is not defined
  - set_fact:
      user_url: "https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users/{{ response.json[0].id }}"
    when: user_has_been_created is not defined
  - name: Set the password of the Demo User
    uri:
      url: "{{ user_url }}/reset-password"
      validate_certs: no
      headers:
        Authorization: 'Bearer {{ access_token }}'
      method: PUT
      body: "{{ sso_demo_user.credentials[0] }}"
      body_format: json
      status_code: 204
--- a/roles/sso/tasks/post-install.yml
+++ b/roles/sso/tasks/post-install.yml
@ -67,46 +67,12 @@
      body_format: json
      status_code: 204
-  - name: Create the Demo User
+  - include: "create-user.yml"
-    uri:
+    with_items: '{{ sso_users_to_create }}'
-      url: https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users
+    loop_control:
-      validate_certs: no
+      loop_var: sso_demo_user
      headers:
        Authorization: 'Bearer {{ access_token }}'
      method: POST
      body: "{{ sso_demo_user }}"
      body_format: json
      status_code: "201,409"
    register: response
    changed_when: response.status == 201
  - set_fact:
      user_has_been_created: true
      user_url: "{{ response.location }}"
    when: response.status == 201
-  - name: Retrieve the id of the Demo User
+  - include: "create-client.yml"
-    uri:
+    with_items: '{{ sso_clients_to_create }}'
-      url: 'https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users?username={{ sso_demo_user.username|urlencode }}'
+    loop_control:
-      validate_certs: no
+      loop_var: sso_demo_client
      headers:
        Authorization: 'Bearer {{ access_token }}'
    register: response
    changed_when: false
    failed_when: response.status != 200 or (response.json|length != 1)
    when: user_has_been_created is not defined
  - set_fact:
      user_url: "https://{{ sso_route_name }}/auth/admin/realms/{{ sso_realm }}/users/{{ response.json[0].id }}"
    when: user_has_been_created is not defined
  - name: Set the password of the Demo User
    uri:
      url: "{{ user_url }}/reset-password"
      validate_certs: no
      headers:
        Authorization: 'Bearer {{ access_token }}'
      method: PUT
      body: "{{ sso_demo_user.credentials[0] }}"
      body_format: json
      status_code: 204
--- a/roles/sso/vars/main.yml
+++ b/roles/sso/vars/main.yml
@ -32,8 +32,8 @@
    accessCodeLifespanLogin: 86400 # 1 day
    registrationAllowed: true
    rememberMe: true
-  sso_demo_user:
+  sso_users_to_create:
-    username: jdoe
+  - username: jdoe
    firstName: John
    lastName: Doe
    enabled: true
@ -41,3 +41,13 @@
      - type: password
        value: hackthis
        temporary: false
  sso_clients_to_create:
  - name: Hello App with OAuth
    description: "This is my very first application using OAuth"
    clientId: "my-app"
    publicClient: false
    clientAuthenticatorType: "client-secret"
    secret: "{{ 'my-app'|sha1() }}"
    enabled: true
    redirectUris:
      - https://www.getpostman.com/oauth2/callback