reinforced authorize for reducing expiration risks

2023-01-12 16:20:24 +01:00 · 2023-01-12 16:20:24 +01:00 · 3409b5f392
parent 49f80b4cc6
commit 3409b5f392
1 changed files with 18 additions and 1 deletions
--- a/templates/group_created.json.j2
+++ b/templates/group_created.json.j2
@ -477,6 +477,23 @@
 			"scriptExpression": "return Java.to(Java.from($.otherpolicies).concat($.memberpolicy), 'java.lang.String[]')"
 		  }
 	},
+	{
+		"name" : "pyrest",
+		"taskReferenceName" : "authorize",
+		"type" : "SIMPLE",
+		"inputParameters" : {
+			"url" : "{{ keycloak }}/master/protocol/openid-connect/token",
+			"method" : "POST",
+			"headers" : {
+				"Accept" : "application/json"
+			},
+			"body" : {
+				"client_id" : "orchestrator", 
+				"client_secret" : "{{ keycloak_auth_master }}",
+				"grant_type" : "client_credentials"
+			}
+		}
+	},
 	{
 		"name" : "pyrest",
 		"taskReferenceName" : "finalize_permission",
@ -493,7 +510,7 @@
 			},
 	  		"method" : "PUT",
 			"headers" : {
-			  "Authorization" : "Bearer ${authorize.output.body.access_token}",
+			  "Authorization" : "Bearer ${authorize2.output.body.access_token}",
 			  "Content-Type" : "application/json"
 			}
  		}