Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-14465

cannot enable saml config fields while creating custom resource in keycloak operator

    Details

    • Steps to Reproduce:
      Hide

      openshift okd 3.11

      keycloak operator https://github.com/keycloak/keycloak-operator

      yaml file to create the identity providers

       

      apiVersion: keycloak.org/v1alpha1
      kind: KeycloakRealm
      metadata: 
        name: testrealm
        labels:
          app: testrealm
      spec: 
        realm:
          id: "realm" 
          realm: "realm"
          enabled: True 
          displayName: "test realm" 
          identityProviders:
            - alias: "testingidp"
              enabled: True 
              providerId: "saml"
              config: 
                singleLogoutServiceUrl: https://logoutstuff 
                singleSignOnServiceUrl: https://randomurl 
                nameIDPolicyFormat: "Persistent" 
                postBindingResponse: True
                validateSignature: True
      

       

      Show
      openshift okd 3.11 keycloak operator  https://github.com/keycloak/keycloak-operator yaml file to create the identity providers   apiVersion: keycloak.org/v1alpha1 kind: KeycloakRealm metadata: name: testrealm labels: app: testrealm spec: realm: id: "realm" realm: "realm" enabled: True displayName: "test realm" identityProviders: - alias: "testingidp" enabled: True providerId: "saml" config: singleLogoutServiceUrl: https: //logoutstuff singleSignOnServiceUrl: https: //randomurl nameIDPolicyFormat: "Persistent" postBindingResponse: True validateSignature: True  
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      Background
      Using keycloak operator v10.0.0 created the following CRD's

      Keycloak operator is running, console is up and connected to postgresdb

      Issue

      In keycloak I created saml identity provider using custom resource "KeycloakRealm" these are the fields provided in the keycloakRealm CRD (https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakrealms_crd.yaml#L246-L290) But to do the saml config there aren't any supporting fields/flags in the CRD
      e.g:

      apiVersion: keycloak.org/v1alpha1
      kind: KeycloakRealm
      metadata:
       name: realm
       labels:
       app: testrealm
      spec:
       realm:
       id: "testrealm"
       realm: "testrealm"
       enabled: True
       displayName: "test realm"
       identityProviders:
         - alias: "testingidp"
           enabled: True (This works because https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakrealms_crd.yaml#L265-L267)
           providerId: "saml"
           config:
             singleLogoutServiceUrl: https://logoutstuff
             singleSignOnServiceUrl: https://randomurl
             nameIDPolicyFormat: "Persistent" (This doesn't work)
             postBindingResponse: True (This doesn't work https://github.com/keycloak/keycloak-operator/blob/master/deploy/crds/keycloak.org_keycloakrealms_crd.yaml#L257-L261)
             validateSignature: True (This doesn't work same reason above because the config only accepts "string but not boolean")
      

      In the below diagram I can configure settings(testingIdp) as code but note saml config

       

      • How can I pass the boolean value "true" such that I can enable http post binding response button, and should be able to select the value "persistent" for nameid policy format (like in the pic above). This should be configurable in the yaml file above.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  manoj6 manoj reddy yalamareddy
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated: