{
	"ownerApp" : "Orchestrator",
	"name" : "create_system_client",
	"createBy" : "Marco Lettere",
	"description": "Create a confidential client for software procedures that need to be members of each VO and VRE",
	"version" : 1,
	"ownerEmail" : "marco.lettere@nubisware.com",
	"inputParameters" : ["client_id", "first", "max"],
	"tasks" : [
    	{
		"name": "LAMBDA_TASK",
		"taskReferenceName": "init",
		"type": "LAMBDA",
		"inputParameters": {
			  "keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
			  "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
			  "scriptExpression": "1 == 1"
		}
	},
	{
		"name" : "pyrest",
		"taskReferenceName" : "authorize",
		"type" : "SIMPLE",
		"inputParameters" : {
			"url" : "{{ keycloak }}/master/protocol/openid-connect/token",
			"method" : "POST",
			"headers" : {
				"Accept" : "application/json"
			},
			"body" : {
				"client_id" : "orchestrator", 
				"client_secret" : "{{ keycloak_auth_master }}",
				"grant_type" : "client_credentials"
			}
		}
	},
	{
	    "name" : "pyrest",
        "taskReferenceName" : "create_client",
        "type" : "SIMPLE",
        "inputParameters" : {
	        "url" : "${init.input.keycloak_admin}/clients",
	        "body" : { 
		        "clientId": "${workflow.input.client_id}",
		        "name": "${workflow.input.client_id}",
		        "description": "${workflow.input.client_id}",
			        "rootUrl": "",
			        "enabled": true,
			        "serviceAccountsEnabled": true,
			        "standardFlowEnabled": true,
			        "authorizationServicesEnabled": false,
			        "publicClient": false,
			        "fullScopeAllowed" : true,
			        "protocol": "openid-connect"
	        },
	        "method" : "POST",
	        "headers" : {
		        "Authorization" : "Bearer ${authorize.output.body.access_token}",
		        "Content-Type" : "application/json"
	        }
        }
    },
    {
        "name": "LAMBDA_TASK",
        "taskReferenceName": "extract_client_id",
        "type": "LAMBDA",
        "inputParameters": {
                "client_location" : "${create_client.output.headers.location}",
                "scriptExpression": "var client_id = $.client_location.split('/').pop(); return {'client_id' : client_id}"
        }
    },
	{
		"name" : "pyrest",
		"taskReferenceName" : "get_all_contexts",
  		"type" : "SIMPLE",
  		"inputParameters" : {
      		"url" : "${init.input.keycloak_admin}/clients?clientId=%252F&search=true&first=${workflow.input.first}&max=${workflow.input.max}",
      		"method" : "GET",
			"headers" : {
				"Authorization" : "Bearer ${authorize.output.body.access_token}",
				"Accept" : "application/json"
			}
  		}
	},
    {
      "name": "LAMBDA_TASK",
      "taskReferenceName": "build_member_roles_assignment_tasks",
      "type": "LAMBDA",
      "inputParameters": {
        "contexts" : "${get_all_contexts.body}",
        "id" : "${extract_client_id.output.result.client_id}",
        "scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.contexts.length;i++)c=$.contexts[i],tasks.push({name:'sub_workflow_task',type:'SUB_WORKFLOW',taskReferenceName:'call_add_all_member_roles_'+i, subWorkflowParam:{ name:'add_all_member_roles'}}),inputs['add_all_member_roles_'+i]={context:c, client:$.id};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
      }
    },
    {
      "name" : "fork_dynamic",
      "type" : "FORK_JOIN_DYNAMIC",
      "taskReferenceName" : "parallel_build_member_roles_assignment_tasks",
      "inputParameters" : {
          "tasks" : "${build_member_roles_assignment_tasks.output.result.tasks}",
          "inputs" : "${build_member_roles_assignment_tasks.output.result.inputs}"
      },
      "dynamicForkTasksParam": "tasks",
      "dynamicForkTasksInputParamName": "inputs"
    },
    {
        "name" : "join",
        "type" : "JOIN",
        "taskReferenceName" : "parallel_build_member_roles_assignment_tasks"
    }
	]
}