Comments (9)
Hey :) Is there any progress on adding flows? Would be a great feature!
from terraform-provider-keycloak.
This is something on my todo list, I should be tackling this in the coming weeks
from terraform-provider-keycloak.
I actually started this on the authentication-flows
branch.
Unfortunately, I wasn't able to come up with a good way to manage nested flows and executions, which is a use case I have for this particular feature. Keycloak allows you to create top-level flows and subflows, and you can technically have an infinite number of subflows. I couldn't figure out a way to elegantly do this within the provider. I was hoping that v0.12 would have better support for features like this, but I haven't gotten back to this since that update was made.
from terraform-provider-keycloak.
I would need this functionality as well. We have a lot of custom authenticators with config and thus also custom flows and executions.
How do you see the way forward?
Could we work with an in-between solution?
How production ready are the changes in your authentication-flows branch?
How can I help?
from terraform-provider-keycloak.
@mrparkers, FYI: I will be working on this issue
from terraform-provider-keycloak.
The more I look at this, the more I think there should be a separation between topLevelFlows, subFlows and executions.
All 3 behave different in Create/Update/Read/Import and Delete.
from terraform-provider-keycloak.
Thanks @tomrutsaert, I'm glad you have the time to take a look at this.
My branch, as you have probably noticed already, is not quite production ready yet, although the foundation for what you need should be mostly there.
The part I really struggled with was understanding how we can represent subflows in HCL and relate them to the top level flows, or other subflows that are a parent to them. The problem I encountered was that subflows needed to know what flow they are a child of, and the parent flow needed to know about the subflow in order to enforce ordering (to ensure subflow A comes before subflow B for example). This created a bidirectional data flow that I didn't know how to represent in HCL.
The only idea I had that I didn't have a chance to implement was a data source like keycloak_authentication_subflow
which has the same attributes as the keycloak_authentication_flow
resource, but all the data source does is serialize that model into JSON that can be used in the top level flow. This way, only the keycloak_authentication_flow
resource would be controlling its subflows and their order.
I don't know if this will actually work, but feel free to give that a try or pitch some other ideas you might have.
from terraform-provider-keycloak.
Can't this be closed now with #138 in?
from terraform-provider-keycloak.
Can't this be closed now with #138 in?
Yes, you are right.
from terraform-provider-keycloak.
Related Issues (20)
- `keycloak_openid_audience_protocol_mapper`: Unpaginated request to `/admin/realms/${realm}/clients`
- The private_key schema element of the keycloak_realm_keystore_rsa resource must be sensitive HOT 1
- The health of this repo, an open discussion. HOT 20
- keycloak_openid_client.authorization decision_strategy field doesn't work HOT 2
- no admin_events_expiration
- support `display_on_consent_screen` in `keycloak_openid_client_scope` HOT 1
- Unstable state for keycloak_user attributes (null field)
- OpenTofu registry is missing GPG keys for this provider
- Unable to set federationLink on keycloak_user
- Authentication Flow / Subflow / Executions priorities HOT 1
- Support for configuring external token exchange HOT 1
- Support for Keycloak Organization (amazing) feature
- [Feature] Add an upsert flag on the client
- Client Fine Grained permissions 'extra_config' only sometimes works. KC 24.0.5
- import support for subgroups HOT 1
- CVE-2024-6104 - GHSA-v6v8-xj6m-xwqh
- Getting errors when running tests
- Ability to create protocol mapper other than hardcoded HOT 1
- Ability to set bruteForceProtected on realm explicitly
- keycloak_openid_client_js_policy does not support policies uploaded via JAR files.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-keycloak.