|
|
|
@ -5,7 +5,7 @@
|
|
|
|
|
"description": "Create a confidential client for software procedures that need to be members of each VO and VRE",
|
|
|
|
|
"version" : 1,
|
|
|
|
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
|
|
|
|
"inputParameters" : ["client_id"],
|
|
|
|
|
"inputParameters" : ["client_id", "client_secret", "description"],
|
|
|
|
|
"tasks" : [
|
|
|
|
|
{
|
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
@ -14,7 +14,10 @@
|
|
|
|
|
"inputParameters": {
|
|
|
|
|
"keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
|
|
|
|
|
"keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
|
|
|
|
|
"scriptExpression": "1 == 1"
|
|
|
|
|
"id" : "${workflow.input.client_id}",
|
|
|
|
|
"secret" : "${workflow.input.client_secret}",
|
|
|
|
|
"description" : "${workflow.input.description}",
|
|
|
|
|
"scriptExpression": "return { 'client' : { clientId : $.id, description : $.description ? $.description : $.id, 'secret' : $.secret ? $.secret : Java.type('java.util.UUID.randomUUID().toString()'), rootUrl : '', enabled : true, serviceAccountEnabled : true, standardFlowEnabled : true, authorizationServicesEnabled : false, publicClient : false, fullScopeAllowed : true, protocol : 'openid-connect'} }"
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
@ -40,19 +43,7 @@
|
|
|
|
|
"type" : "SIMPLE",
|
|
|
|
|
"inputParameters" : {
|
|
|
|
|
"url" : "${init.input.keycloak_admin}/clients",
|
|
|
|
|
"body" : {
|
|
|
|
|
"clientId": "${workflow.input.client_id}",
|
|
|
|
|
"name": "${workflow.input.client_id}",
|
|
|
|
|
"description": "${workflow.input.client_id}",
|
|
|
|
|
"rootUrl": "",
|
|
|
|
|
"enabled": true,
|
|
|
|
|
"serviceAccountsEnabled": true,
|
|
|
|
|
"standardFlowEnabled": true,
|
|
|
|
|
"authorizationServicesEnabled": false,
|
|
|
|
|
"publicClient": false,
|
|
|
|
|
"fullScopeAllowed" : true,
|
|
|
|
|
"protocol": "openid-connect"
|
|
|
|
|
},
|
|
|
|
|
"body" : "${init.output.result.client}",
|
|
|
|
|
"method" : "POST",
|
|
|
|
|
"headers" : {
|
|
|
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
|
|
|