Skip to content

Commit d240dfd

Browse files
raffisraffis
authored
feat: support roles in KeycloakClient, #403 (#427)
1 parent 583185f commit d240dfd

7 files changed

Lines changed: 218 additions & 0 deletions

api/v1beta1/keycloakclient_types.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -182,6 +182,8 @@ type KeycloakAPIClient struct {
182182
// +optional
183183
AuthenticationFlowBindingOverrides map[string]string `json:"authenticationFlowBindingOverrides,omitempty"`
184184
AlwaysDisplayInConsole *bool `json:"alwaysDisplayInConsole,omitempty"`
185+
186+
Roles RoleRepresentationArray `json:"roles,omitempty"`
185187
}
186188

187189
type KeycloakProtocolMapper struct {

api/v1beta1/zz_generated.deepcopy.go

Lines changed: 7 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

chart/keycloak-controller/crds/keycloak.infra.doodle.com_keycloakclients.yaml

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -547,6 +547,55 @@ spec:
547547
items:
548548
type: string
549549
type: array
550+
roles:
551+
items:
552+
description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation
553+
properties:
554+
attributes:
555+
additionalProperties:
556+
items:
557+
type: string
558+
type: array
559+
description: Role Attributes
560+
type: object
561+
clientRole:
562+
description: Client Role
563+
type: boolean
564+
composite:
565+
description: Composite
566+
type: boolean
567+
composites:
568+
description: Composites
569+
properties:
570+
client:
571+
additionalProperties:
572+
items:
573+
type: string
574+
type: array
575+
description: Map client => []role
576+
type: object
577+
realm:
578+
description: Realm roles
579+
items:
580+
type: string
581+
type: array
582+
type: object
583+
containerId:
584+
description: Container Id
585+
type: string
586+
description:
587+
description: Description
588+
type: string
589+
id:
590+
description: Id
591+
type: string
592+
name:
593+
description: Name
594+
type: string
595+
required:
596+
- name
597+
type: object
598+
type: array
550599
rootUrl:
551600
description: Application root URL.
552601
type: string

chart/keycloak-controller/crds/keycloak.infra.doodle.com_keycloakrealms.yaml

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -806,6 +806,55 @@ spec:
806806
items:
807807
type: string
808808
type: array
809+
roles:
810+
items:
811+
description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation
812+
properties:
813+
attributes:
814+
additionalProperties:
815+
items:
816+
type: string
817+
type: array
818+
description: Role Attributes
819+
type: object
820+
clientRole:
821+
description: Client Role
822+
type: boolean
823+
composite:
824+
description: Composite
825+
type: boolean
826+
composites:
827+
description: Composites
828+
properties:
829+
client:
830+
additionalProperties:
831+
items:
832+
type: string
833+
type: array
834+
description: Map client => []role
835+
type: object
836+
realm:
837+
description: Realm roles
838+
items:
839+
type: string
840+
type: array
841+
type: object
842+
containerId:
843+
description: Container Id
844+
type: string
845+
description:
846+
description: Description
847+
type: string
848+
id:
849+
description: Id
850+
type: string
851+
name:
852+
description: Name
853+
type: string
854+
required:
855+
- name
856+
type: object
857+
type: array
809858
rootUrl:
810859
description: Application root URL.
811860
type: string

config/base/crd/bases/keycloak.infra.doodle.com_keycloakclients.yaml

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -547,6 +547,55 @@ spec:
547547
items:
548548
type: string
549549
type: array
550+
roles:
551+
items:
552+
description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation
553+
properties:
554+
attributes:
555+
additionalProperties:
556+
items:
557+
type: string
558+
type: array
559+
description: Role Attributes
560+
type: object
561+
clientRole:
562+
description: Client Role
563+
type: boolean
564+
composite:
565+
description: Composite
566+
type: boolean
567+
composites:
568+
description: Composites
569+
properties:
570+
client:
571+
additionalProperties:
572+
items:
573+
type: string
574+
type: array
575+
description: Map client => []role
576+
type: object
577+
realm:
578+
description: Realm roles
579+
items:
580+
type: string
581+
type: array
582+
type: object
583+
containerId:
584+
description: Container Id
585+
type: string
586+
description:
587+
description: Description
588+
type: string
589+
id:
590+
description: Id
591+
type: string
592+
name:
593+
description: Name
594+
type: string
595+
required:
596+
- name
597+
type: object
598+
type: array
550599
rootUrl:
551600
description: Application root URL.
552601
type: string

config/base/crd/bases/keycloak.infra.doodle.com_keycloakrealms.yaml

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -806,6 +806,55 @@ spec:
806806
items:
807807
type: string
808808
type: array
809+
roles:
810+
items:
811+
description: https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_rolerepresentation
812+
properties:
813+
attributes:
814+
additionalProperties:
815+
items:
816+
type: string
817+
type: array
818+
description: Role Attributes
819+
type: object
820+
clientRole:
821+
description: Client Role
822+
type: boolean
823+
composite:
824+
description: Composite
825+
type: boolean
826+
composites:
827+
description: Composites
828+
properties:
829+
client:
830+
additionalProperties:
831+
items:
832+
type: string
833+
type: array
834+
description: Map client => []role
835+
type: object
836+
realm:
837+
description: Realm roles
838+
items:
839+
type: string
840+
type: array
841+
type: object
842+
containerId:
843+
description: Container Id
844+
type: string
845+
description:
846+
description: Description
847+
type: string
848+
id:
849+
description: Id
850+
type: string
851+
name:
852+
description: Name
853+
type: string
854+
required:
855+
- name
856+
type: object
857+
type: array
809858
rootUrl:
810859
description: Application root URL.
811860
type: string

internal/controllers/keycloakrealm_controller.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -710,6 +710,19 @@ func (r *KeycloakRealmReconciler) extendRealmWithClients(ctx context.Context, re
710710
client.Spec.Client.ClientID = client.Name
711711
}
712712

713+
if len(client.Spec.Client.Roles) > 0 {
714+
if realm.Spec.Realm.Roles == nil {
715+
realm.Spec.Realm.Roles = &infrav1beta1.RolesRepresentation{}
716+
}
717+
718+
if realm.Spec.Realm.Roles.Client == nil {
719+
realm.Spec.Realm.Roles.Client = make(map[string]infrav1beta1.RoleRepresentationArray)
720+
}
721+
722+
realm.Spec.Realm.Roles.Client[client.Spec.Client.ClientID] = append(realm.Spec.Realm.Roles.Client[client.Spec.Client.ClientID], client.Spec.Client.Roles...)
723+
client.Spec.Client.Roles = nil
724+
}
725+
713726
realm.Spec.Realm.Clients = append(realm.Spec.Realm.Clients, client.Spec.Client)
714727
}
715728

0 commit comments

Comments
 (0)