Comments (4)
The solution might be in writing a custom Marshal and Unmarshal method, where additional config will come from an extra_config field in the idp resource
func (f *IdentityProviderConfig) UnmarshalJSON(data []byte) error {
f.ExtraConfig = map[string]interface{}{}
err := json.Unmarshal(data, &f.ExtraConfig)
if err != nil {
return err
}
knownkey, ok := f.ExtraConfig["knownkey"].(string)
if !ok {
return errors.New("knownkey must exist and be a string")
}
f.KnownKey = knownkey
delete(f.ExtraConfig, "knownkey")
return nil
}
func (f *IdentityProviderConfig) MarshalJSON() ([]byte, error) {
out := map[string]interface{}{}
for k, v := range f.ExtraConfig {
out[k] = v
}
out["knownkey"] = f.Knownkey
return json.Marshal(out)
}
something like this
from terraform-provider-keycloak.
I like the idea of the extra_config
field, although I don't actually use identity providers in Keycloak so I am not sure how valuable my opinion is.
@AndrewChubatiuk implemented most (if not all) of this, so I'd defer to his opinion or anyone else who actually uses this. Any thoughts here?
from terraform-provider-keycloak.
@mrparkers @tomrutsaert
I like idea of having one keycloak_identity_provider
resource for all types of providers with validation schemas for config
attribute map for all identity provider types except custom
. And in this case IdentityProviderConfig
struct can be replaced with map[string]interface
from terraform-provider-keycloak.
Keep in mind, that most custom implementations will build upon or extend an existing identity provider type, and thus also want the those existing identity provider attributes with validation.
Therefor I went with the extra_config within config. I have implemented everything in identity_provider built only extended the resource_keyclaok_oidc_identity_provider
It should be minimal effort to do the same for resource_keycloak_saml_identity_provider.
(I did not do the saml part, because making a working test would take time)
@mrparkers and @AndrewChubatiuk Please take a look at PR: #137
from terraform-provider-keycloak.
Related Issues (20)
- `keycloak_openid_audience_protocol_mapper`: Unpaginated request to `/admin/realms/${realm}/clients`
- The private_key schema element of the keycloak_realm_keystore_rsa resource must be sensitive HOT 1
- The health of this repo, an open discussion. HOT 20
- keycloak_openid_client.authorization decision_strategy field doesn't work HOT 2
- no admin_events_expiration
- support `display_on_consent_screen` in `keycloak_openid_client_scope` HOT 1
- Unstable state for keycloak_user attributes (null field)
- OpenTofu registry is missing GPG keys for this provider
- Unable to set federationLink on keycloak_user
- Authentication Flow / Subflow / Executions priorities HOT 1
- Support for configuring external token exchange HOT 1
- Support for Keycloak Organization (amazing) feature
- [Feature] Add an upsert flag on the client
- Client Fine Grained permissions 'extra_config' only sometimes works. KC 24.0.5
- import support for subgroups HOT 1
- CVE-2024-6104 - GHSA-v6v8-xj6m-xwqh
- Getting errors when running tests
- Ability to create protocol mapper other than hardcoded HOT 1
- Ability to set bruteForceProtected on realm explicitly
- keycloak_openid_client_js_policy does not support policies uploaded via JAR files.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-keycloak.