{
	"ownerApp" : "Orchestrator",
	"name" : "user-group_deleted",
	"createBy" : "Marco Lettere",
	"description": "Handle workflow related to Portal event user-group_deleted",
	"version" : 1,
	"ownerEmail" : "marco.lettere@nubisware.com",
	"inputParameters" : ["role", "user", "group"],
	"tasks" : [
				{
		"name": "LAMBDA_TASK",
		"taskReferenceName": "init",
		"type": "LAMBDA",
		"inputParameters": {
			"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
			"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
			"scriptExpression": "1"
			}
		},
		{
			"name" : "pyrest",
			"taskReferenceName" : "authorize",
			"type" : "SIMPLE",
			"inputParameters" : {
				"url" : "${init.input.keycloak}/protocol/openid-connect/token",
				"method" : "POST",
				"headers" : {
					"Accept" : "application/json"
				},
				"body" : {
					"client_id" : "orchestrator", 
					"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
					"grant_type" : "client_credentials"
				}
			}
		},
		{
			"name" : "pyrest",
			"taskReferenceName" : "lookup_user",
			"type" : "SIMPLE",
			"inputParameters" : {
				"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
				"method" : "GET",
				"headers" : {
					"Authorization" : "Bearer ${authorize.output.body.access_token}",
					"Accept" : "application/json"
				}
			}
		},
		{
			"name" : "pyrest",
			"taskReferenceName" : "lookup_client",
			"type" : "SIMPLE",
			"inputParameters" : {
				"url" : "${init.input.keycloak_admin}/clients",
				"params" : { "clientId" : "${workflow.input.group}"},
				"method" : "GET",
				"headers" : {
					"Authorization" : "Bearer ${authorize.output.body.access_token}",
					"Accept" : "application/json"
				}
			}
		},
		{
			"name" : "pyrest",
			"taskReferenceName" : "get_client_roles",
			"type" : "SIMPLE",
			"inputParameters" : {
				"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
				"method" : "GET",
				"headers" : {
					"Authorization" : "Bearer ${authorize.output.body.access_token}",
					"Accept" : "application/json"
				}
			}
		},
		{
			"name" : "pyrest",
			"taskReferenceName" : "remove_all_roles_from_user",
			"type" : "SIMPLE",
			"inputParameters" : {
				"url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}",
				"expect" : 204,
				"method" : "DELETE",
				"body" : "${get_client_roles.body}",
				"headers" : {
					"Authorization" : "Bearer ${authorize.output.body.access_token}",
					"Content-Type" : "application/json"
				}
			}
		}
	]
}