{ "ownerApp" : "Orchestrator", "name" : "create-user-add-to-vre", "createBy" : "Marco Lettere", "description": "Batch create a user with a membership in a specific group", "version" : 1, "ownerEmail" : "m.lettere@gmail.com", "inputParameters" : ["user", "first-name", "last-name", "email", "password", "group"], "tasks" : [ { "name": "LAMBDA_TASK", "taskReferenceName": "init", "type": "LAMBDA", "inputParameters": { "keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science", "keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science", "scriptExpression": "1" } }, { "name" : "pyrest", "taskReferenceName" : "authorize", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak}/protocol/openid-connect/token", "method" : "POST", "headers" : { "Accept" : "application/json" }, "body" : { "client_id" : "orchestrator", "client_secret" : "c93501bd-abeb-4228-bc28-afac38877338", "grant_type" : "client_credentials" } } }, { "name" : "pyrest", "taskReferenceName" : "create_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users", "expect" : 201, "method" : "POST", "body" : { "username": "${workflow.input.user}", "firstName": "${workflow.input.first-name}", "lastName": "${workflow.input.last-name}", "email": "${workflow.input.email}", "credentials": [ { "temporary": true, "type": "password", "value": "${workflow.input.password}" } ], "requiredActions": ["UPDATE_PASSWORD"], "emailVerified": true, "enabled": true }, "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Content-Type" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "lookup_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}", "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "lookup_client", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients", "params" : { "clientId" : "${workflow.input.group}"}, "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "get_client_roles", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles", "expect" : [200, 404], "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "check_role_existance", "taskReferenceName" : "check_role_existance", "type" : "DECISION", "inputParameters" :{ "previous_outcome" : "${get_client_roles.output.status}" }, "caseValueParam" : "previous_outcome", "decisionCases" : { "200" : [ { "name": "LAMBDA_TASK", "taskReferenceName": "select_role", "type": "LAMBDA", "inputParameters": { "role": "${workflow.input.role}", "roles" : "${get_client_roles.output.body}", "scriptExpression": "for(var i=0; i < $.roles.length;i++){if($.roles[i]['name'] == 'Member') return Java.to([$.roles[i]], 'java.lang.Object[]')}" } }, { "name" : "pyrest", "taskReferenceName" : "assign_role_to_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}", "expect" : 204, "method" : "POST", "body" : "${select_role.output.result}", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Content-Type" : "application/json" } } } ] } } ] }