Class: Ansible::Ruby::Modules::Keycloak_client

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Keycloak_client

Defined in:

lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb

Overview

This module allows the administration of Keycloak clients via the Keycloak REST API. It requires access to the REST API via OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin-cli and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles. The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at U(www.keycloak.org/docs-api/3.3/rest-api/). Aliases are provided so camelCased versions can be used as well. The Keycloak API does not always enforce for only sensible settings to be used – you can set SAML-specific settings on an OpenID Connect client for instance and vice versa. Be careful. If you do not specify a setting, usually a sensible default is chosen.

Instance Method Summary

• #admin_url ⇒ String^?

  URL to the admin interface of the client This is ‘adminUrl’ in the Keycloak REST API.

• #attributes ⇒ Hash^?

  A dict of further attributes for this client.

• #authorization_services_enabled ⇒ Boolean^?

  Are authorization services enabled for this client or not (OpenID connect).

• #authorization_settings ⇒ Object^?

  A data structure defining the authorization settings for this client.

• #base_url ⇒ String^?

  Default URL to use when the auth server needs to redirect or link back to the client This is ‘baseUrl’ in the Keycloak REST API.

• #bearer_only ⇒ Boolean^?

  The access type of this client is bearer-only.

• #client_authenticator_type ⇒ :"client-secret", ...

  How do clients authenticate with the auth server? Either C(client-secret) or C(client-jwt) can be chosen.

• #client_id ⇒ String^?

  Client id of client to be worked on.

• #client_template ⇒ String^?

  Client template to use for this client.

• #consent_required ⇒ Boolean^?

  If enabled, users have to consent to client access.

• #default_roles ⇒ Array<String>, ...

  List of default roles for this client.

• #description ⇒ String^?

  Description of the client in Keycloak.

• #direct_access_grants_enabled ⇒ Boolean^?

  Are direct access grants enabled for this client or not (OpenID connect).

• #enabled ⇒ Boolean^?

  Is this client enabled or not?.

• #frontchannel_logout ⇒ Boolean^?

  Is frontchannel logout enabled for this client or not.

• #full_scope_allowed ⇒ Boolean^?

  Is the “Full Scope Allowed” feature set for this client or not.

• #id ⇒ String^?

  Id of client to be worked on.

• #implicit_flow_enabled ⇒ Boolean^?

  Enable implicit flow for this client or not (OpenID connect).

• #name ⇒ String^?

  Name of the client (this is not the same as I(client_id)).

• #node_re_registration_timeout ⇒ Integer^?

  Cluster node re-registration timeout for this client.

• #not_before ⇒ Integer^?

  Revoke any tokens issued before this date for this client (this is a UNIX timestamp).

• #protocol ⇒ :"openid-connect", ...

  Type of client (either C(openid-connect) or C(saml)..

• #protocol_mappers ⇒ Array<Hash>, ...

  A list of dicts defining protocol mappers for this client.

• #public_client ⇒ Boolean^?

  Is the access type for this client public or not.

• #realm ⇒ String^?

  The realm to create the client in.

• #redirect_uris ⇒ Array<String>, ...

  Acceptable redirect URIs for this client.

• #registered_nodes ⇒ Hash^?

  Dict of registered cluster nodes (with C(nodename) as the key and last registration time as the value).

• #registration_access_token ⇒ String^?

  The registration access token provides access for clients to the client registration service.

• #root_url ⇒ String^?

  Root URL appended to relative URLs for this client This is ‘rootUrl’ in the Keycloak REST API.

• #secret ⇒ String^?

  When using I(client_authenticator_type) C(client-secret) (the default), you can specify a secret here (otherwise one will be generated if it does not exit).

• #service_accounts_enabled ⇒ Boolean^?

  Are service accounts enabled for this client or not (OpenID connect).

• #standard_flow_enabled ⇒ Boolean^?

  Enable standard flow for this client or not (OpenID connect).

• #state ⇒ :present, ...

  State of the client,On C(present), the client will be created (or updated if it exists already).,On C(absent), the client will be removed if it exists.

• #surrogate_auth_required ⇒ Boolean^?

  Whether or not surrogate auth is required.

• #use_template_config ⇒ Boolean^?

  Whether or not to use configuration from the I(client_template).

• #use_template_mappers ⇒ Boolean^?

  Whether or not to use mapper configuration from the I(client_template).

• #use_template_scope ⇒ Boolean^?

  Whether or not to use scope configuration from the I(client_template).

• #web_origins ⇒ Array<String>, ...

  List of allowed CORS origins.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#admin_url ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 42

attribute :admin_url

#attributes ⇒ Hash^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 161

attribute :attributes

#authorization_services_enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 106

attribute :authorization_services_enabled

#authorization_settings ⇒ Object^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 154

attribute :authorization_settings

#base_url ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 46

attribute :base_url

#bearer_only ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 82

attribute :bearer_only

#client_authenticator_type ⇒ :"client-secret", ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 54

attribute :client_authenticator_type

#client_id ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 22

attribute :client_id

#client_template ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 134

attribute :client_template

#consent_required ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 86

attribute :consent_required

#default_roles ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 66

attribute :default_roles

#description ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 34

attribute :description

#direct_access_grants_enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 98

attribute :direct_access_grants_enabled

#enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 50

attribute :enabled

#frontchannel_logout ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 114

attribute :frontchannel_logout

#full_scope_allowed ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 122

attribute :full_scope_allowed

#id ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 26

attribute :id

#implicit_flow_enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 94

attribute :implicit_flow_enabled

#name ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 30

attribute :name

#node_re_registration_timeout ⇒ Integer^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 126

attribute :node_re_registration_timeout

#not_before ⇒ Integer^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 78

attribute :not_before

#protocol ⇒ :"openid-connect", ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 118

attribute :protocol

#protocol_mappers ⇒ Array<Hash>, ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 157

attribute :protocol_mappers

#public_client ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 110

attribute :public_client

#realm ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 18

attribute :realm

#redirect_uris ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 70

attribute :redirect_uris

#registered_nodes ⇒ Hash^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 130

attribute :registered_nodes

#registration_access_token ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 62

attribute :registration_access_token

#root_url ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 38

attribute :root_url

#secret ⇒ String^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 58

attribute :secret

#service_accounts_enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 102

attribute :service_accounts_enabled

#standard_flow_enabled ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 90

attribute :standard_flow_enabled

#state ⇒ :present, ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 14

attribute :state

#surrogate_auth_required ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 150

attribute :surrogate_auth_required

#use_template_config ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 138

attribute :use_template_config

#use_template_mappers ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 146

attribute :use_template_mappers

#use_template_scope ⇒ Boolean^?

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 142

attribute :use_template_scope

#web_origins ⇒ Array<String>, ...

# File 'lib/ansible/ruby/modules/generated/identity/keycloak/keycloak_client.rb', line 74

attribute :web_origins