@continuoussecuritytooling/keycloak-reporter 0.1.1 → 0.4.0

package/charts/keycloak-reporter/templates/pvc.yaml

@@ -0,0 +1,15 @@
+{{- $fullName := include "keycloak-reporter.fullname" . -}}
+{{- if (.Values.keycloak.config.volumes).reports }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ $fullName }}-reports
+  annotations: {{ .Values.keycloak.config.volumes.reports.annotations }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: {{ .Values.keycloak.config.volumes.reports.storageClassName }}
+  resources:
+    requests:
+      storage: {{ .Values.keycloak.config.volumes.reports.volumeSize }}
+{{- end }}

package/charts/keycloak-reporter/templates/secret.yaml

@@ -0,0 +1,14 @@
+{{- $fullName := include "keycloak-reporter.fullname" . -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $fullName }}
+stringData:
+  {{- range $k, $v := .Values.keycloak.config }}
+  {{- if $v}}
+  {{ $k }}: {{ $v }}
+  {{- end }}
+  {{- end }}
+  {{- if (.Values.keycloak.config.volumes).reports }}
+  reports: /app/reports
+  {{- end }}

package/charts/keycloak-reporter/templates/serviceaccount.yaml

@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "keycloak-reporter.serviceAccountName" . }}
+  labels:
+    {{- include "keycloak-reporter.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}

package/charts/keycloak-reporter/values.yaml

@@ -0,0 +1,78 @@
+# Default values for keycloak-reporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: continuoussecuritytooling/keycloak-reporting-cli
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: "latest"
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+
+env: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+keycloak:
+  config:
+    url: ""
+    clientId: ""
+    clientSecret: ""
+    output: "webhook"
+    webhookType: ""
+    webhookUrl: ""
+    webhookMessage: ""
+  volumes:
+    reports: ""
+
+cronjobs:
+  - name: clients
+    script: /app/index.js listClients
+    schedule: 0 0 1 */3 *
+  - name: users
+    script: /app/index.js listUsers
+    schedule: 0 0 1 */3 *
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}

package/cli.ts

@@ -1,26 +1,41 @@
 #!/usr/bin/env node
 
+import { writeFileSync } from 'node:fs';
+import path from 'path';
 import yargs from 'yargs/yargs';
 import { hideBin } from 'yargs/helpers';
-import { listUsers, listClients } from './src/cli.js';
-import { Options } from './lib/client.js';
-import { convertJSON2CSV } from './lib/convert.js';
-import { post2Webhook } from './lib/output.js';
+import {
+  listUsers,
+  listClients,
+  Options,
+  convertJSON2CSV,
+  post2Webhook,
+} from './index.js';
+import config from './src/config.js';
+
 
 class WebhookConfig {
   type: string;
   url: string;
   title: string;
-  constructor(type: string, url: string, title: string) {
+  message?: string;
+  constructor(type: string, url: string, title: string, message?: string) {
     this.type = type;
     this.url = url;
     this.title = title;
+    this.message = message;
   }
 }
 
+class ReportConfig {
+  name: string;
+  directory: string;
+}
+
 async function convert(
   format: string,
   output: string,
+  reports: ReportConfig,
   config: WebhookConfig,
   json: object
 ) {
@@ -33,6 +48,10 @@ async function convert(
     default:
       outputContent = JSON.stringify(json);
   }
+  if (reports.directory) {
+    const date = new Date();
+    writeFileSync(path.join(`${reports.directory}`,`${reports.name}_${date.getFullYear()}-${date.getMonth() + 1}-${date.getDate()}.${format.toLowerCase()}`), outputContent);
+  }
   switch (output) {
     case 'webhook':
       try {
@@ -40,10 +59,12 @@ async function convert(
           config.type,
           config.url,
           config.title,
-          outputContent
+          outputContent,
+          config.message,
         );
       } catch (e) {
         console.error('Error during sending webhook: ', e);
+        throw e;
       }
       break;
     // defaulting to standard out
@@ -60,17 +81,22 @@ yargs(hideBin(process.argv))
     () => {},
     async (argv) => {
       const users = await listUsers(<Options>{
-        clientId: argv.clientId as string,
-        clientSecret: argv.clientSecret as string,
-        rootUrl: argv.url as string,
+        clientId: argv.clientId ? argv.clientId as string: config.clientId,
+        clientSecret: argv.clientSecret ? argv.clientSecret as string: config.clientSecret,
+        rootUrl:argv.url ? argv.url as string: config.url,
       });
       await convert(
         argv.format as string,
         argv.output as string,
+        {
+          name: 'user_listing',
+          directory: argv.reports as string,
+        },
         new WebhookConfig(
           argv.webhookType as string,
           argv.webhookUrl as string,
-          'User Listing'
+          'User Listing',
+          argv.webhookMessage ? argv.webhookMessage as string: config.webhookMessage
         ),
         users
       );
@@ -83,17 +109,22 @@ yargs(hideBin(process.argv))
     () => {},
     async (argv) => {
       const clients = await listClients(<Options>{
-        clientId: argv.clientId as string,
-        clientSecret: argv.clientSecret as string,
-        rootUrl: argv.url as string,
+        clientId: argv.clientId ? argv.clientId as string: config.clientId,
+        clientSecret: argv.clientSecret ? argv.clientSecret as string: config.clientSecret,
+        rootUrl:argv.url ? argv.url as string: config.url,
       });
       await convert(
         argv.format as string,
         argv.output as string,
+        {
+          name: 'client_listing',
+          directory: argv.reports as string,
+        },
         new WebhookConfig(
           argv.webhookType as string,
           argv.webhookUrl as string,
-          'Client Listing'
+          'Client Listing',
+          argv.webhookMessage ? argv.webhookMessage as string: config.webhookMessage
         ),
         clients
       );
@@ -117,9 +148,19 @@ yargs(hideBin(process.argv))
     default: 'slack',
     description: 'Webhook Type',
   })
+  .option('webhookMessage', {
+    alias: 'm',
+    type: 'string',
+    description: 'Webhook Message',
+  })
   .option('webhookUrl', {
     alias: 't',
     type: 'string',
     description: 'Webhook URL',
   })
+  .option('reports', {
+    alias: 'r',
+    type: 'string',
+    description: 'Reports directory',
+  })
   .parse();

package/config/schema.json

@@ -0,0 +1,65 @@
+{
+  "$id": "https://github.com/ContinuousSecurityTooling/keycloak-reporter/blob/main/config/schema.json",
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Keycloak Reporter Config",
+  "type": "object",
+  "definitions": {},
+  "required": ["url", "clientId", "clientSecret"],
+  "properties": {
+    "command": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["listClients", "listUsers"]
+      }
+    },
+    "url": {
+      "type": "string",
+      "description": "Keycloak Server URL"
+    },
+    "clientId": {
+      "type": "string",
+      "description": "Keycloak Client used for reporting"
+    },
+    "clientSecret": {
+      "type": "string",
+      "description": "Keycloak Client Secret used for reporting"
+    },
+    "output": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["webhook", "stdout"]
+      },
+      "description": "Output channel to use"
+    },
+    "format": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["json", "csv"]
+      },
+      "description": "Report format"
+    },
+    "webhookType": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["slack", "teams"]
+      },
+      "description": "Type of webhook"
+    },
+    "webhookMessage": {
+      "type": "string",
+      "description": "Message added to the webhook post"
+    },
+    "webhookUrl": {
+      "type": "string",
+      "description": "URL of the webhook"
+    },
+    "reports": {
+      "type": "string",
+      "description": "Reports directory"
+    }
+  }
+}

package/dist/cli.js

@@ -1,17 +1,21 @@
 #!/usr/bin/env node
+import { writeFileSync } from 'node:fs';
+import path from 'path';
 import yargs from 'yargs/yargs';
 import { hideBin } from 'yargs/helpers';
-import { listUsers, listClients } from './src/cli.js';
-import { convertJSON2CSV } from './lib/convert.js';
-import { post2Webhook } from './lib/output.js';
+import { listUsers, listClients, convertJSON2CSV, post2Webhook, } from './index.js';
+import config from './src/config.js';
 class WebhookConfig {
-    constructor(type, url, title) {
+    constructor(type, url, title, message) {
         this.type = type;
         this.url = url;
         this.title = title;
+        this.message = message;
     }
 }
-async function convert(format, output, config, json) {
+class ReportConfig {
+}
+async function convert(format, output, reports, config, json) {
     let outputContent;
     switch (format) {
         case 'csv':
@@ -21,13 +25,18 @@ async function convert(format, output, config, json) {
         default:
             outputContent = JSON.stringify(json);
     }
+    if (reports.directory) {
+        const date = new Date();
+        writeFileSync(path.join(`${reports.directory}`, `${reports.name}_${date.getFullYear()}-${date.getMonth() + 1}-${date.getDate()}.${format.toLowerCase()}`), outputContent);
+    }
     switch (output) {
         case 'webhook':
             try {
-                await post2Webhook(config.type, config.url, config.title, outputContent);
+                await post2Webhook(config.type, config.url, config.title, outputContent, config.message);
             }
             catch (e) {
                 console.error('Error during sending webhook: ', e);
+                throw e;
             }
             break;
         // defaulting to standard out
@@ -40,21 +49,27 @@ yargs(hideBin(process.argv))
 // eslint-disable-next-line @typescript-eslint/no-empty-function
 () => { }, async (argv) => {
     const users = await listUsers({
-        clientId: argv.clientId,
-        clientSecret: argv.clientSecret,
-        rootUrl: argv.url,
+        clientId: argv.clientId ? argv.clientId : config.clientId,
+        clientSecret: argv.clientSecret ? argv.clientSecret : config.clientSecret,
+        rootUrl: argv.url ? argv.url : config.url,
     });
-    await convert(argv.format, argv.output, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'User Listing'), users);
+    await convert(argv.format, argv.output, {
+        name: 'user_listing',
+        directory: argv.reports,
+    }, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'User Listing', argv.webhookMessage ? argv.webhookMessage : config.webhookMessage), users);
 })
     .command('listClients [url] [clientId] [clientSecret]', 'fetches all clients in the realms.', 
 // eslint-disable-next-line @typescript-eslint/no-empty-function
 () => { }, async (argv) => {
     const clients = await listClients({
-        clientId: argv.clientId,
-        clientSecret: argv.clientSecret,
-        rootUrl: argv.url,
+        clientId: argv.clientId ? argv.clientId : config.clientId,
+        clientSecret: argv.clientSecret ? argv.clientSecret : config.clientSecret,
+        rootUrl: argv.url ? argv.url : config.url,
     });
-    await convert(argv.format, argv.output, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'Client Listing'), clients);
+    await convert(argv.format, argv.output, {
+        name: 'client_listing',
+        directory: argv.reports,
+    }, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'Client Listing', argv.webhookMessage ? argv.webhookMessage : config.webhookMessage), clients);
 })
     .option('format', {
     alias: 'f',
@@ -73,11 +88,21 @@ yargs(hideBin(process.argv))
     type: 'string',
     default: 'slack',
     description: 'Webhook Type',
+})
+    .option('webhookMessage', {
+    alias: 'm',
+    type: 'string',
+    description: 'Webhook Message',
 })
     .option('webhookUrl', {
     alias: 't',
     type: 'string',
     description: 'Webhook URL',
+})
+    .option('reports', {
+    alias: 'r',
+    type: 'string',
+    description: 'Reports directory',
 })
     .parse();
 //# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -1 +1 @@
-{"version":3,"file":"cli.js","sourceRoot":"","sources":["../cli.ts"],"names":[],"mappings":";AAEA,OAAO,KAAK,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEtD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,MAAM,aAAa;IAIjB,YAAY,IAAY,EAAE,GAAW,EAAE,KAAa;QAClD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,KAAK,UAAU,OAAO,CACpB,MAAc,EACd,MAAc,EACd,MAAqB,EACrB,IAAY;IAEZ,IAAI,aAAqB,CAAC;IAC1B,QAAQ,MAAM,EAAE;QACd,KAAK,KAAK;YACR,aAAa,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;YACzD,MAAM;QACR,qBAAqB;QACrB;YACE,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;KACxC;IACD,QAAQ,MAAM,EAAE;QACd,KAAK,SAAS;YACZ,IAAI;gBACF,MAAM,YAAY,CAChB,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,GAAG,EACV,MAAM,CAAC,KAAK,EACZ,aAAa,CACd,CAAC;aACH;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,CAAC,CAAC,CAAC;aACpD;YACD,MAAM;QACR,6BAA6B;QAC7B;YACE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KAC9B;AACH,CAAC;AAED,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KACzB,OAAO,CACN,2CAA2C,EAC3C,kCAAkC;AAClC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,KAAK,GAAG,MAAM,SAAS,CAAU;QACrC,QAAQ,EAAE,IAAI,CAAC,QAAkB;QACjC,YAAY,EAAE,IAAI,CAAC,YAAsB;QACzC,OAAO,EAAE,IAAI,CAAC,GAAa;KAC5B,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,cAAc,CACf,EACD,KAAK,CACN,CAAC;AACJ,CAAC,CACF;KACA,OAAO,CACN,6CAA6C,EAC7C,oCAAoC;AACpC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,OAAO,GAAG,MAAM,WAAW,CAAU;QACzC,QAAQ,EAAE,IAAI,CAAC,QAAkB;QACjC,YAAY,EAAE,IAAI,CAAC,YAAsB;QACzC,OAAO,EAAE,IAAI,CAAC,GAAa;KAC5B,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,gBAAgB,CACjB,EACD,OAAO,CACR,CAAC;AACJ,CAAC,CACF;KACA,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,MAAM;IACf,WAAW,EAAE,8BAA8B;CAC5C,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,QAAQ;IACjB,WAAW,EAAE,gBAAgB;CAC9B,CAAC;KACD,MAAM,CAAC,aAAa,EAAE;IACrB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,OAAO;IAChB,WAAW,EAAE,cAAc;CAC5B,CAAC;KACD,MAAM,CAAC,YAAY,EAAE;IACpB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,aAAa;CAC3B,CAAC;KACD,KAAK,EAAE,CAAC"}
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EACL,SAAS,EACT,WAAW,EAEX,eAAe,EACf,YAAY,GACb,MAAM,YAAY,CAAC;AACpB,OAAO,MAAM,MAAM,iBAAiB,CAAC;AAGrC,MAAM,aAAa;IAKjB,YAAY,IAAY,EAAE,GAAW,EAAE,KAAa,EAAE,OAAgB;QACpE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAED,MAAM,YAAY;CAGjB;AAED,KAAK,UAAU,OAAO,CACpB,MAAc,EACd,MAAc,EACd,OAAqB,EACrB,MAAqB,EACrB,IAAY;IAEZ,IAAI,aAAqB,CAAC;IAC1B,QAAQ,MAAM,EAAE;QACd,KAAK,KAAK;YACR,aAAa,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;YACzD,MAAM;QACR,qBAAqB;QACrB;YACE,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;KACxC;IACD,IAAI,OAAO,CAAC,SAAS,EAAE;QACrB,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,SAAS,EAAE,EAAC,GAAG,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,IAAI,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,aAAa,CAAC,CAAC;KAC1K;IACD,QAAQ,MAAM,EAAE;QACd,KAAK,SAAS;YACZ,IAAI;gBACF,MAAM,YAAY,CAChB,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,GAAG,EACV,MAAM,CAAC,KAAK,EACZ,aAAa,EACb,MAAM,CAAC,OAAO,CACf,CAAC;aACH;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,CAAC;aACT;YACD,MAAM;QACR,6BAA6B;QAC7B;YACE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KAC9B;AACH,CAAC;AAED,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KACzB,OAAO,CACN,2CAA2C,EAC3C,kCAAkC;AAClC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,KAAK,GAAG,MAAM,SAAS,CAAU;QACrC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAkB,CAAA,CAAC,CAAC,MAAM,CAAC,QAAQ;QAClE,YAAY,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAsB,CAAA,CAAC,CAAC,MAAM,CAAC,YAAY;QAClF,OAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAa,CAAA,CAAC,CAAC,MAAM,CAAC,GAAG;KAClD,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB;QACE,IAAI,EAAE,cAAc;QACpB,SAAS,EAAE,IAAI,CAAC,OAAiB;KAClC,EACD,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,cAAc,EACd,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAwB,CAAA,CAAC,CAAC,MAAM,CAAC,cAAc,CAC3E,EACD,KAAK,CACN,CAAC;AACJ,CAAC,CACF;KACA,OAAO,CACN,6CAA6C,EAC7C,oCAAoC;AACpC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,OAAO,GAAG,MAAM,WAAW,CAAU;QACzC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAkB,CAAA,CAAC,CAAC,MAAM,CAAC,QAAQ;QAClE,YAAY,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAsB,CAAA,CAAC,CAAC,MAAM,CAAC,YAAY;QAClF,OAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAa,CAAA,CAAC,CAAC,MAAM,CAAC,GAAG;KAClD,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB;QACE,IAAI,EAAE,gBAAgB;QACtB,SAAS,EAAE,IAAI,CAAC,OAAiB;KAClC,EACD,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,gBAAgB,EAChB,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAwB,CAAA,CAAC,CAAC,MAAM,CAAC,cAAc,CAC3E,EACD,OAAO,CACR,CAAC;AACJ,CAAC,CACF;KACA,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,MAAM;IACf,WAAW,EAAE,8BAA8B;CAC5C,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,QAAQ;IACjB,WAAW,EAAE,gBAAgB;CAC9B,CAAC;KACD,MAAM,CAAC,aAAa,EAAE;IACrB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,OAAO;IAChB,WAAW,EAAE,cAAc;CAC5B,CAAC;KACD,MAAM,CAAC,gBAAgB,EAAE;IACxB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,iBAAiB;CAC/B,CAAC;KACD,MAAM,CAAC,YAAY,EAAE;IACpB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,aAAa;CAC3B,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,mBAAmB;CACjC,CAAC;KACD,KAAK,EAAE,CAAC"}

package/dist/config/schema.json

@@ -0,0 +1,65 @@
+{
+  "$id": "https://github.com/ContinuousSecurityTooling/keycloak-reporter/blob/main/config/schema.json",
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Keycloak Reporter Config",
+  "type": "object",
+  "definitions": {},
+  "required": ["url", "clientId", "clientSecret"],
+  "properties": {
+    "command": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["listClients", "listUsers"]
+      }
+    },
+    "url": {
+      "type": "string",
+      "description": "Keycloak Server URL"
+    },
+    "clientId": {
+      "type": "string",
+      "description": "Keycloak Client used for reporting"
+    },
+    "clientSecret": {
+      "type": "string",
+      "description": "Keycloak Client Secret used for reporting"
+    },
+    "output": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["webhook", "stdout"]
+      },
+      "description": "Output channel to use"
+    },
+    "format": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["json", "csv"]
+      },
+      "description": "Report format"
+    },
+    "webhookType": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": ["slack", "teams"]
+      },
+      "description": "Type of webhook"
+    },
+    "webhookMessage": {
+      "type": "string",
+      "description": "Message added to the webhook post"
+    },
+    "webhookUrl": {
+      "type": "string",
+      "description": "URL of the webhook"
+    },
+    "reports": {
+      "type": "string",
+      "description": "Reports directory"
+    }
+  }
+}

package/dist/index.js

@@ -1,83 +1,4 @@
-#!/usr/bin/env node
-import yargs from 'yargs/yargs';
-import { hideBin } from 'yargs/helpers';
-import { listUsers, listClients } from './src/cli.js';
-import { convertJSON2CSV } from './lib/convert.js';
-import { post2Webhook } from './lib/output.js';
-class WebhookConfig {
-    constructor(type, url, title) {
-        this.type = type;
-        this.url = url;
-        this.title = title;
-    }
-}
-async function convert(format, output, config, json) {
-    let outputContent;
-    switch (format) {
-        case 'csv':
-            outputContent = (await convertJSON2CSV(json)).toString();
-            break;
-        // defaulting to JSON
-        default:
-            outputContent = JSON.stringify(json);
-    }
-    switch (output) {
-        case 'webhook':
-            try {
-                await post2Webhook(config.type, config.url, config.title, outputContent);
-            }
-            catch (e) {
-                console.error('Error during sending webhook: ', e);
-            }
-            break;
-        // defaulting to standard out
-        default:
-            console.log(outputContent);
-    }
-}
-yargs(hideBin(process.argv))
-    .command('listUsers [url] [clientId] [clientSecret]', 'fetches all users in the realms.', 
-// eslint-disable-next-line @typescript-eslint/no-empty-function
-() => { }, async (argv) => {
-    const users = await listUsers({
-        clientId: argv.clientId,
-        clientSecret: argv.clientSecret,
-        rootUrl: argv.url,
-    });
-    await convert(argv.format, argv.output, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'User Listing'), users);
-})
-    .command('listClients [url] [clientId] [clientSecret]', 'fetches all clients in the realms.', 
-// eslint-disable-next-line @typescript-eslint/no-empty-function
-() => { }, async (argv) => {
-    const clients = await listClients({
-        clientId: argv.clientId,
-        clientSecret: argv.clientSecret,
-        rootUrl: argv.url,
-    });
-    await convert(argv.format, argv.output, new WebhookConfig(argv.webhookType, argv.webhookUrl, 'Client Listing'), clients);
-})
-    .option('format', {
-    alias: 'f',
-    type: 'string',
-    default: 'json',
-    description: 'output format, e.g. JSON|CSV',
-})
-    .option('output', {
-    alias: 'o',
-    type: 'string',
-    default: 'stdout',
-    description: 'output channel',
-})
-    .option('webhookType', {
-    alias: 'w',
-    type: 'string',
-    default: 'slack',
-    description: 'Webhook Type',
-})
-    .option('webhookUrl', {
-    alias: 't',
-    type: 'string',
-    description: 'Webhook URL',
-})
-    .parse();
+export { listUsers, listClients } from './src/cli.js';
+export { convertJSON2CSV } from './lib/convert.js';
+export { post2Webhook } from './lib/output.js';
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";AAEA,OAAO,KAAK,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEtD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,MAAM,aAAa;IAIjB,YAAY,IAAY,EAAE,GAAW,EAAE,KAAa;QAClD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED,KAAK,UAAU,OAAO,CACpB,MAAc,EACd,MAAc,EACd,MAAqB,EACrB,IAAY;IAEZ,IAAI,aAAqB,CAAC;IAC1B,QAAQ,MAAM,EAAE;QACd,KAAK,KAAK;YACR,aAAa,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;YACzD,MAAM;QACR,qBAAqB;QACrB;YACE,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;KACxC;IACD,QAAQ,MAAM,EAAE;QACd,KAAK,SAAS;YACZ,IAAI;gBACF,MAAM,YAAY,CAChB,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,GAAG,EACV,MAAM,CAAC,KAAK,EACZ,aAAa,CACd,CAAC;aACH;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,CAAC,CAAC,CAAC;aACpD;YACD,MAAM;QACR,6BAA6B;QAC7B;YACE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KAC9B;AACH,CAAC;AAED,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KACzB,OAAO,CACN,2CAA2C,EAC3C,kCAAkC;AAClC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,KAAK,GAAG,MAAM,SAAS,CAAU;QACrC,QAAQ,EAAE,IAAI,CAAC,QAAkB;QACjC,YAAY,EAAE,IAAI,CAAC,YAAsB;QACzC,OAAO,EAAE,IAAI,CAAC,GAAa;KAC5B,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,cAAc,CACf,EACD,KAAK,CACN,CAAC;AACJ,CAAC,CACF;KACA,OAAO,CACN,6CAA6C,EAC7C,oCAAoC;AACpC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,OAAO,GAAG,MAAM,WAAW,CAAU;QACzC,QAAQ,EAAE,IAAI,CAAC,QAAkB;QACjC,YAAY,EAAE,IAAI,CAAC,YAAsB;QACzC,OAAO,EAAE,IAAI,CAAC,GAAa;KAC5B,CAAC,CAAC;IACH,MAAM,OAAO,CACX,IAAI,CAAC,MAAgB,EACrB,IAAI,CAAC,MAAgB,EACrB,IAAI,aAAa,CACf,IAAI,CAAC,WAAqB,EAC1B,IAAI,CAAC,UAAoB,EACzB,gBAAgB,CACjB,EACD,OAAO,CACR,CAAC;AACJ,CAAC,CACF;KACA,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,MAAM;IACf,WAAW,EAAE,8BAA8B;CAC5C,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,QAAQ;IACjB,WAAW,EAAE,gBAAgB;CAC9B,CAAC;KACD,MAAM,CAAC,aAAa,EAAE;IACrB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,OAAO;IAChB,WAAW,EAAE,cAAc;CAC5B,CAAC;KACD,MAAM,CAAC,YAAY,EAAE;IACpB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,aAAa;CAC3B,CAAC;KACD,KAAK,EAAE,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEtD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/lib/client.js

@@ -16,7 +16,7 @@ export async function createClient(options) {
         });
     }
     catch (e) {
-        console.error('Check Client Config:', e.response.data.error_description);
+        console.error('Check Client Config:', e.response ? e.response.data.error_description : e);
         return Promise.reject();
     }
     const keycloakIssuer = await Issuer.discover(`${options.rootUrl}/realms/master`);

package/dist/lib/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../lib/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,aAAa,MAAM,iCAAiC,CAAC;AAE5D,oCAAoC;AACpC,MAAM,aAAa,GAAG,EAAE,CAAC;AAQzB,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAgB;IACjD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;QACtC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,SAAS,EAAE,QAAQ;KACpB,CAAC,CAAC;IAEH,IAAI;QACF,eAAe;QACf,MAAM,aAAa,CAAC,IAAI,CAAC;YACvB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,SAAS,EAAE,oBAAoB;SAChC,CAAC,CAAC;KACJ;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACxE,OAAO,OAAO,CAAC,MAAM,EAAE,CAAC;KACzB;IAED,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,QAAQ,CAC1C,GAAG,OAAO,CAAC,OAAO,gBAAgB,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC;QACvC,SAAS,EAAE,OAAO,CAAC,QAAQ;QAC3B,0BAA0B,EAAE,MAAM,EAAE,uCAAuC;KAC5E,CAAC,CAAC;IAEH,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC;QAClC,SAAS,EAAE,OAAO,CAAC,QAAQ;QAC3B,aAAa,EAAE,OAAO,CAAC,YAAY;QACnC,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IAEH;;;;;gCAK4B;IAE5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;AAC1D,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../lib/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,aAAa,MAAM,iCAAiC,CAAC;AAE5D,oCAAoC;AACpC,MAAM,aAAa,GAAG,EAAE,CAAC;AAQzB,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAgB;IACjD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;QACtC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,SAAS,EAAE,QAAQ;KACpB,CAAC,CAAC;IAEH,IAAI;QACF,eAAe;QACf,MAAM,aAAa,CAAC,IAAI,CAAC;YACvB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,SAAS,EAAE,oBAAoB;SAChC,CAAC,CAAC;KACJ;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,KAAK,CACX,sBAAsB,EACtB,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CACnD,CAAC;QACF,OAAO,OAAO,CAAC,MAAM,EAAE,CAAC;KACzB;IAED,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,QAAQ,CAC1C,GAAG,OAAO,CAAC,OAAO,gBAAgB,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC;QACvC,SAAS,EAAE,OAAO,CAAC,QAAQ;QAC3B,0BAA0B,EAAE,MAAM,EAAE,uCAAuC;KAC5E,CAAC,CAAC;IAEH,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC;QAClC,SAAS,EAAE,OAAO,CAAC,QAAQ;QAC3B,aAAa,EAAE,OAAO,CAAC,YAAY;QACnC,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IAEH;;;;;gCAK4B;IAE5B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;AAC1D,CAAC"}

package/dist/lib/output.js

@@ -5,7 +5,7 @@ var WebhookType;
     WebhookType["SLACK"] = "slack";
     WebhookType["TEAMS"] = "teams";
 })(WebhookType || (WebhookType = {}));
-export async function post2Webhook(type, url, title, reportContent) {
+export async function post2Webhook(type, url, title, reportContent, text) {
     //const title= 'Keycloak Reporting';
     const date = new Date();
     switch (type) {
@@ -33,6 +33,11 @@ export async function post2Webhook(type, url, title, reportContent) {
                                         },
                                     ],
                                 },
+                                {
+                                    type: 'TextBlock',
+                                    text: text != null ? text : '',
+                                    wrap: true,
+                                },
                             ],
                             actions: [
                                 {
@@ -72,6 +77,13 @@ export async function post2Webhook(type, url, title, reportContent) {
                     {
                         type: 'divider',
                     },
+                    {
+                        type: 'context',
+                        elements: [{ type: 'plain_text', text: text != null ? text : '' }],
+                    },
+                    {
+                        type: 'divider',
+                    },
                     {
                         type: 'context',
                         elements: [