From 597ba693d91756164f6124f8b2c4b70a64379a32 Mon Sep 17 00:00:00 2001
From: "m.lettere" <marco.lettere@nubisware.com>
Date: Wed, 30 Jun 2021 17:24:51 +0200
Subject: [PATCH] introduce uma based authorization step

---
 .../add_all_system_services_to_vre.json.j2     | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/templates/add_all_system_services_to_vre.json.j2 b/templates/add_all_system_services_to_vre.json.j2
index 956f954..bf918d0 100644
--- a/templates/add_all_system_services_to_vre.json.j2
+++ b/templates/add_all_system_services_to_vre.json.j2
@@ -35,6 +35,22 @@
 				}
 			}
 		},
+		{
+			"name" : "pyrest",
+			"taskReferenceName" : "authorize_with_uma_rpt",
+			"type" : "SIMPLE",
+			"inputParameters" : {
+				"url" : "{{ keycloak }}/{{ keycloak_realm }}/protocol/openid-connect/token",
+				"method" : "POST",
+				"headers" : {
+					"Accept" : "application/json"
+				},
+				"body" : {
+					"audience" : "{{ root_vo }}",
+					"grant_type" : "urn:ietf:params:oauth:grant-type:uma-ticket"
+				}
+			}
+		},
 		{
 			"name" : "pyrest",
 			"taskReferenceName" : "retrieve_system_services",
@@ -44,7 +60,7 @@
 				"method" : "GET",
 				"headers" : {
 					"Accept" : "application/xml",
-					"Authorization" : "Bearer ${authorize_on_realm.output.body.access_token}"
+					"Authorization" : "Bearer ${authorize_with_uma_rpt.output.body.access_token}"
 				}
 			}
 		},