{ "ownerApp" : "Orchestrator", "name" : "user-group-role_created", "createBy" : "Marco Lettere", "description": "Handle workflow related to Portal event user-group-role_created", "version" : 1, "ownerEmail" : "m.lettere@gmail.com", "inputParameters" : ["role", "user", "group"], "tasks" : [ { "name": "LAMBDA_TASK", "taskReferenceName": "init", "type": "LAMBDA", "inputParameters": { "keycloak": "{{ keycloak }}", "keycloak_admin" : "{{ keycloak_admin }}", "scriptExpression": "1" } }, { "name" : "pyrest", "taskReferenceName" : "authorize", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak}/protocol/openid-connect/token", "method" : "POST", "headers" : { "Accept" : "application/json" }, "body" : { "client_id" : "orchestrator", "client_secret" : "{{ keycloak_auth }}", "grant_type" : "client_credentials" } } }, { "name" : "pyrest", "taskReferenceName" : "lookup_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}", "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name": "check_user_existance", "taskReferenceName": "check_user_existance", "inputParameters": { "user": "${lookup_user.output.body[0]}" }, "type": "DECISION", "caseExpression": "($.user == null ? 'true' : 'false')", "decisionCases": { "true": [ { "name" : "terminate", "taskReferenceName" : "terminate_when_no_user", "type" : "TERMINATE", "inputParameters" : { "terminationStatus" : "COMPLETED" } } ] } }, { "name" : "pyrest", "taskReferenceName" : "lookup_client", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients", "params" : { "clientId" : "${workflow.input.group}"}, "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "get_client_roles", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles", "method" : "GET", "expect" : [200,404], "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name": "check_task", "taskReferenceName": "check", "inputParameters": { "prev_status": "${get_client_roles.output.status}" }, "type": "DECISION", "caseValueParam": "prev_status", "decisionCases": { "200": [ { "name": "LAMBDA_TASK", "taskReferenceName": "select_role", "type": "LAMBDA", "inputParameters": { "role": "${workflow.input.role}", "roles" : "${get_client_roles.output.body}", "scriptExpression": "for(var i=0; i < $.roles.length;i++){if($.roles[i]['name'] == $.role) return Java.to([$.roles[i]], 'java.lang.Object[]')}" } }, { "name" : "pyrest", "taskReferenceName" : "assign_role_to_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}", "expect" : [204, 404], "method" : "POST", "body" : "${select_role.output.result}", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Content-Type" : "application/json" } } } ] } } ] }