Uploaded image for project: 'Managed Service - API'
  1. Managed Service - API
  2. MGDAPI-6382

Extend the keycloak-client to create functions to handle create update and delete for realm,client and users

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • RHOAM Sprint 60, RHOAM Sprint 61

      WHY
      <Why is this change being made?>
      Currently the keycloak-client https://github.com/integr8ly/keycloak-client is heavley dependant on the RHSSO crd for realm, client and users, e.g.

      func (c *Client) CreateRealm(realm *v1alpha1.KeycloakRealm) (string, error) {
	return c.create(realm.Spec.Realm, "realms", "realm")
}

func (c *Client) CreateClient(client *v1alpha1.KeycloakAPIClient, realmName string) (string, error) {
	return c.create(client, fmt.Sprintf("realms/%s/clients", realmName), "client")
}

func (c *Client) CreateUser(user *v1alpha1.KeycloakAPIUser, realmName string) (string, error) {
	return c.create(user, fmt.Sprintf("realms/%s/users", realmName), "user")
}

      This will be gone when we move to RHBK

      WHAT
      <What is being asked for?>
      extend the keycloak-client and create new functions for

      • create
      • update
      • delete
        for realms, clients, and users

      you may have to rewrite the whole client.

      HOW
      Reproduct the existing functions. These functions will need to be able to accept strings and json body to match the admin rest api https://access.redhat.com/webassets/avalon/d/red_hat_build_of_keycloak-22/rest-api/

      e.g. the Create interface takes in an v1alpha1 keycloak object and converts to jsonvalue then creates the request
      https://github.com/integr8ly/keycloak-client/blob/master/pkg/common/client.go#L42-L53

      func (c *Client) create(obj T, resourcePath, resourceName string) (string, error) {
	jsonValue, err := json.Marshal(obj)
	if err != nil {
		logrus.Errorf("error %+v marshalling object", err)
		return "", nil
	}

	req, err := http.NewRequest(
		"POST",
		fmt.Sprintf("%s/auth/admin/%s", c.URL, resourcePath),
		bytes.NewBuffer(jsonValue),
	)

      Looks like we will need extensive refactoring in integreatly-operator as well that may be out of scope for this jira.

      TESTS
      <List of related tests>

      DONE
      <bullet point items for what should be completed>

              vmogilev_rhmi Valery Mogilevsky
              aucunnin@redhat.com Austin Cunningham
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: