{ "ownerApp" : "Orchestrator", "name" : "user-group_deleted", "createBy" : "Marco Lettere", "description": "Handle workflow related to Portal event user-group_deleted", "version" : 1, "ownerEmail" : "m.lettere@gmail.com", "inputParameters" : ["role", "user", "group"], "tasks" : [ { "name": "LAMBDA_TASK", "taskReferenceName": "init", "type": "LAMBDA", "inputParameters": { "keycloak": "{{ keycloak }}", "keycloak_admin" : "{{ keycloak_admin }}", "group" : "${workflow.input.group}", "scriptExpression": "var path = $.group.split('%2F').slice(1); return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0]}" } }, { "name" : "pyrest", "taskReferenceName" : "authorize", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak}/protocol/openid-connect/token", "method" : "POST", "headers" : { "Accept" : "application/json" }, "body" : { "client_id" : "orchestrator", "client_secret" : "{{ keycloak_auth }}", "grant_type" : "client_credentials" } } }, { "name" : "pyrest", "taskReferenceName" : "lookup_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}", "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name": "check_user_existance", "taskReferenceName": "check_user_existance", "inputParameters": { "user": "${lookup_user.output.body[0]}" }, "type": "DECISION", "caseExpression": "($.user == null ? 'true' : 'false')", "decisionCases": { "true": [ { "name" : "terminate", "taskReferenceName" : "terminate_when_no_user", "type" : "TERMINATE", "inputParameters" : { "terminationStatus" : "COMPLETED" } } ] } }, { "name" : "pyrest", "taskReferenceName" : "lookup_client", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients", "params" : { "clientId" : "${workflow.input.group}"}, "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "get_client_roles", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles", "method" : "GET", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "remove_all_roles_from_user", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}", "expect" : 204, "method" : "DELETE", "body" : "${get_client_roles.body}", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Content-Type" : "application/json" } } }, { "name" : "pyrest", "taskReferenceName" : "look_up_groups", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/groups?search=${init.output.result.name}", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}", "Accept" : "application/json" } } }, { "name": "LAMBDA_TASK", "taskReferenceName": "extract_group", "type": "LAMBDA", "inputParameters": { "tree" : "${init.output.result.tree}", "groups" : "${look_up_groups.output.body}", "scriptExpression": "function selectByPath(groups, path, level) { for (var i=0; i < groups.length; i++) {if (groups[i].name === path[level]) {if (level === path.length - 1) return groups[i];return selectByPath(groups[i].subGroups, path, level+1)}} return null; } return { 'group' : selectByPath($.groups, $.tree, 0)}" } }, { "name" : "pyrest", "taskReferenceName" : "assign_user_to_group", "type" : "SIMPLE", "inputParameters" : { "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/groups/${extract_group.output.result.group.id}", "method" : "DELETE", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}" } } } ] }