Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ImportIdentityProviderConfig method #267

Merged
merged 1 commit into from
Mar 27, 2021
Merged

Add ImportIdentityProviderConfig method #267

merged 1 commit into from
Mar 27, 2021

Conversation

tyrannosaurus-becks
Copy link
Contributor

@tyrannosaurus-becks tyrannosaurus-becks commented Mar 25, 2021
edited
Loading

Hi!

First of all, thank you for offering and maintaining this great Keycloak client, it's highly appreciated. ❤️

Secondly, this PR adds support for the following API call:

Raw call 
POST http://localhost:8080/auth/admin/realms/master/identity-provider/import-config

POST BODY
{
	"fromUrl": "https://accounts.google.com/.well-known/openid-configuration",
	"providerId": "oidc"
}

RESPONSE BODY
{
	"userInfoUrl": "https://openidconnect.googleapis.com/v1/userinfo",
	"validateSignature": "true",
	"tokenUrl": "https://oauth2.googleapis.com/token",
	"authorizationUrl": "https://accounts.google.com/o/oauth2/v2/auth",
	"jwksUrl": "https://www.googleapis.com/oauth2/v3/certs",
	"issuer": "https://accounts.google.com",
	"useJwksUrl": "true"
}

Tests pass locally for me, shown as follows.

Local test output 
=== RUN   TestGocloak_ImportIdentityProviderConfig
=== PAUSE TestGocloak_ImportIdentityProviderConfig
=== CONT  TestGocloak_ImportIdentityProviderConfig
    client_test.go:489: [DEBUG] 
        ==============================================================================
        ~~~ REQUEST ~~~
        POST  /auth/realms/master/protocol/openid-connect/token  HTTP/1.1
        HOST   : localhost:8080
        HEADERS:
        	Content-Type: application/x-www-form-urlencoded
        	User-Agent: go-resty/2.3.0 (https://github.com/go-resty/resty)
        BODY   :
        client_id=admin-cli&grant_type=password&password=cyral&response_type=token&username=cyral
        ------------------------------------------------------------------------------
        ~~~ RESPONSE ~~~
        STATUS       : 200 OK
        PROTO        : HTTP/1.1
        RECEIVED AT  : 2021-03-25T09:31:12.575115-07:00
        TIME DURATION: 107.820451ms
        HEADERS      :
        	Cache-Control: no-store
        	Connection: keep-alive
        	Content-Length: 1717
        	Content-Type: application/json
        	Date: Thu, 25 Mar 2021 16:31:12 GMT
        	Pragma: no-cache
        	Referrer-Policy: no-referrer
        	Set-Cookie: KEYCLOAK_LOCALE=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/master/; HttpOnly, KC_RESTART=; Version=1; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/master/; HttpOnly
        	Strict-Transport-Security: max-age=31536000; includeSubDomains
        	X-Content-Type-Options: nosniff
        	X-Frame-Options: SAMEORIGIN
        	X-Xss-Protection: 1; mode=block
        BODY         :
        {
           "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBNkRNWVJ6QWlZSHMteXpDWGdzMVdjU3BIZFptQk9DMlVEVTJ1bWY3QjlnIn0.eyJleHAiOjE2MTY2ODk5MzIsImlhdCI6MTYxNjY4OTg3MiwianRpIjoiMmQyNzA5ZjgtMDZlYy00NjBlLThiYjctMjRlMjU1Njc3ZDZlIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21hc3RlciIsInN1YiI6ImYxNGUxMmQyLTUzMGUtNGM1NC04YzRkLTg4MGY2MzlkZWVkMCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImFkbWluLWNsaSIsInNlc3Npb25fc3RhdGUiOiI3NTA1ZjkyNi1lMGJiLTQ2ZWMtOTg1My0zN2NmMzNmZDA2MWMiLCJhY3IiOiIxIiwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJjeXJhbCJ9.XdLiRhXazMfVtpvlouND7mLL68FVYRCRVy3tLGgy93xnHSkEmhPHjG6dFcawUJEG9lxF9-HDgygSjS0sogzfeodyW0d9Nt1IzUX8t8B5M1RxW5uoTUWtaxSI-7B8xyudOy5iW7mxVneL6_7GPAlPrXgmpE_sVAwfkxc__2lrK_47LfwtNcbZY4FQnMlR73-uukVkpvXk7xE_bX2Bpc51tgkqmh2A7Dgo3CF6iHadoUoW4p1y4I-j0AIFHETuQ-uL4bT4kBKrtvJn6wWUzIW5befXLed7rY5ObApRkwybo9vzs3kHRf3POLpQDrOlcq4SudmJ8qsXMagkM30F-avgQQ",
           "expires_in": 60,
           "refresh_expires_in": 1800,
           "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0Y2YzYjIyYy1mYTk3LTQyZmYtOTYwMC1hMWUxZjQzNDY3YzMifQ.eyJleHAiOjE2MTY2OTE2NzIsImlhdCI6MTYxNjY4OTg3MiwianRpIjoiOWIxYmZiOWItZmE4ZS00MDc1LTk3OGYtYmU1ODEzZjY5NzA5IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21hc3RlciIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJzdWIiOiJmMTRlMTJkMi01MzBlLTRjNTQtOGM0ZC04ODBmNjM5ZGVlZDAiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoiYWRtaW4tY2xpIiwic2Vzc2lvbl9zdGF0ZSI6Ijc1MDVmOTI2LWUwYmItNDZlYy05ODUzLTM3Y2YzM2ZkMDYxYyIsInNjb3BlIjoicHJvZmlsZSBlbWFpbCJ9.j7u-MT5DpW02OYhSg9NnsHVukPK6-x8rs8j5I9Qlj34",
           "token_type": "bearer",
           "not-before-policy": 0,
           "session_state": "7505f926-e0bb-46ec-9853-37cf33fd061c",
           "scope": "profile email"
        }
        ==============================================================================

Debugger finished with exit code 0

You may notice that the test I added causes the test Keycloak instance to call a real URL of https://accounts.google.com/.well-known/openid-configuration, and if the contents of that URL were to change, the test would fail, causing the test to potentially be flaky in the future.

I added the test way because the rest of the file takes a similar approach, but I'm flexible. I alternatively could fire the test at an httptest mock server that returns a fixture. I'm open to other approaches as well, whatever you'd prefer, just let me know.

Thanks again!

@codecov
Copy link

codecov bot commented Mar 25, 2021

Codecov Report

Merging #267 (c526c82) into master (0bd22a7) will increase coverage by 0.02%.
The diff coverage is 83.33%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #267      +/-   ##
==========================================
+ Coverage   79.25%   79.28%   +0.02%     
==========================================
  Files           4        4              
  Lines        1663     1675      +12     
==========================================
+ Hits         1318     1328      +10     
- Misses        217      218       +1     
- Partials      128      129       +1
Impacted Files Coverage Δ
client.go 77.63% <83.33%> (+0.04%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0bd22a7...c526c82. Read the comment docs.

hbaackmann
hbaackmann approved these changes Mar 26, 2021
View reviewed changes
Copy link
Contributor

@hbaackmann hbaackmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great! Very useful.

@Nerzal
Copy link
Owner

Nerzal commented Mar 27, 2021

Oh that looks beautiful :)
LGTM! :)

@Nerzal Nerzal merged commit 485eeac into Nerzal:master Mar 27, 2021
@Nerzal
Copy link
Owner

Nerzal commented Mar 27, 2021

https://github.com/Nerzal/gocloak/releases/tag/v8.2.0

@tyrannosaurus-becks tyrannosaurus-becks deleted the feature/add-idp-import-config branch March 29, 2021 16:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hbaackmann hbaackmann hbaackmann approved these changes

@Nerzal Nerzal Nerzal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tyrannosaurus-becks @Nerzal @hbaackmann