@pulumi/keycloak 5.3.0 → 5.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/attributeImporterIdentityProviderMapper.d.ts +45 -63
- package/attributeImporterIdentityProviderMapper.js +24 -33
- package/attributeImporterIdentityProviderMapper.js.map +1 -1
- package/attributeToRoleIdentityMapper.d.ts +14 -6
- package/attributeToRoleIdentityMapper.js +14 -6
- package/attributeToRoleIdentityMapper.js.map +1 -1
- package/authentication/bindings.d.ts +3 -3
- package/authentication/bindings.js +3 -3
- package/authentication/execution.d.ts +8 -4
- package/authentication/execution.js +8 -4
- package/authentication/execution.js.map +1 -1
- package/authentication/executionConfig.d.ts +10 -2
- package/authentication/executionConfig.js +10 -2
- package/authentication/executionConfig.js.map +1 -1
- package/authentication/flow.d.ts +14 -2
- package/authentication/flow.js +14 -2
- package/authentication/flow.js.map +1 -1
- package/authentication/subflow.d.ts +16 -2
- package/authentication/subflow.js +16 -2
- package/authentication/subflow.js.map +1 -1
- package/customIdentityProviderMapping.d.ts +12 -5
- package/customIdentityProviderMapping.js +12 -5
- package/customIdentityProviderMapping.js.map +1 -1
- package/customUserFederation.d.ts +48 -48
- package/customUserFederation.js +24 -12
- package/customUserFederation.js.map +1 -1
- package/defaultGroups.d.ts +19 -26
- package/defaultGroups.js +19 -8
- package/defaultGroups.js.map +1 -1
- package/defaultRoles.d.ts +12 -3
- package/defaultRoles.js +12 -3
- package/defaultRoles.js.map +1 -1
- package/genericClientProtocolMapper.d.ts +36 -34
- package/genericClientProtocolMapper.js +21 -10
- package/genericClientProtocolMapper.js.map +1 -1
- package/genericClientRoleMapper.d.ts +42 -15
- package/genericClientRoleMapper.js +42 -15
- package/genericClientRoleMapper.js.map +1 -1
- package/genericProtocolMapper.d.ts +9 -4
- package/genericProtocolMapper.js +9 -4
- package/genericProtocolMapper.js.map +1 -1
- package/genericRoleMapper.d.ts +42 -15
- package/genericRoleMapper.js +42 -15
- package/genericRoleMapper.js.map +1 -1
- package/getClientDescriptionConverter.d.ts +50 -50
- package/getClientDescriptionConverter.js +50 -50
- package/getGroup.d.ts +4 -62
- package/getGroup.js +4 -50
- package/getGroup.js.map +1 -1
- package/getRealm.d.ts +36 -10
- package/getRealm.js +36 -4
- package/getRealm.js.map +1 -1
- package/getRealmKeys.d.ts +8 -28
- package/getRealmKeys.js +8 -4
- package/getRealmKeys.js.map +1 -1
- package/getRole.d.ts +4 -65
- package/getRole.js +4 -44
- package/getRole.js.map +1 -1
- package/getUser.d.ts +2 -0
- package/getUser.js +2 -0
- package/getUser.js.map +1 -1
- package/getUserRealmRoles.d.ts +4 -0
- package/getUserRealmRoles.js +4 -0
- package/getUserRealmRoles.js.map +1 -1
- package/group.d.ts +37 -57
- package/group.js +37 -15
- package/group.js.map +1 -1
- package/groupMemberships.d.ts +28 -43
- package/groupMemberships.js +28 -16
- package/groupMemberships.js.map +1 -1
- package/groupPermissions.d.ts +13 -0
- package/groupPermissions.js +13 -0
- package/groupPermissions.js.map +1 -1
- package/groupRoles.d.ts +35 -90
- package/groupRoles.js +35 -54
- package/groupRoles.js.map +1 -1
- package/hardcodedAttributeIdentityProviderMapper.d.ts +4 -3
- package/hardcodedAttributeIdentityProviderMapper.js +4 -3
- package/hardcodedAttributeIdentityProviderMapper.js.map +1 -1
- package/hardcodedRoleIdentityMapper.d.ts +6 -4
- package/hardcodedRoleIdentityMapper.js +6 -4
- package/hardcodedRoleIdentityMapper.js.map +1 -1
- package/identityProviderTokenExchangeScopePermission.d.ts +13 -6
- package/identityProviderTokenExchangeScopePermission.js +13 -6
- package/identityProviderTokenExchangeScopePermission.js.map +1 -1
- package/ldap/customMapper.d.ts +14 -6
- package/ldap/customMapper.js +14 -6
- package/ldap/customMapper.js.map +1 -1
- package/ldap/fullNameMapper.d.ts +35 -48
- package/ldap/fullNameMapper.js +26 -12
- package/ldap/fullNameMapper.js.map +1 -1
- package/ldap/groupMapper.d.ts +47 -156
- package/ldap/groupMapper.js +38 -12
- package/ldap/groupMapper.js.map +1 -1
- package/ldap/hardcodedAttributeMapper.d.ts +12 -4
- package/ldap/hardcodedAttributeMapper.js +12 -4
- package/ldap/hardcodedAttributeMapper.js.map +1 -1
- package/ldap/hardcodedGroupMapper.d.ts +16 -5
- package/ldap/hardcodedGroupMapper.js +16 -5
- package/ldap/hardcodedGroupMapper.js.map +1 -1
- package/ldap/hardcodedRoleMapper.d.ts +31 -66
- package/ldap/hardcodedRoleMapper.js +19 -54
- package/ldap/hardcodedRoleMapper.js.map +1 -1
- package/ldap/msadLdsUserAccountControlMapper.d.ts +12 -4
- package/ldap/msadLdsUserAccountControlMapper.js +12 -4
- package/ldap/msadLdsUserAccountControlMapper.js.map +1 -1
- package/ldap/msadUserAccountControlMapper.d.ts +29 -27
- package/ldap/msadUserAccountControlMapper.js +20 -9
- package/ldap/msadUserAccountControlMapper.js.map +1 -1
- package/ldap/roleMapper.d.ts +12 -4
- package/ldap/roleMapper.js +12 -4
- package/ldap/roleMapper.js.map +1 -1
- package/ldap/userAttributeMapper.d.ts +54 -39
- package/ldap/userAttributeMapper.js +24 -9
- package/ldap/userAttributeMapper.js.map +1 -1
- package/ldap/userFederation.d.ts +117 -88
- package/ldap/userFederation.js +45 -13
- package/ldap/userFederation.js.map +1 -1
- package/oidc/googleIdentityProvider.d.ts +8 -4
- package/oidc/googleIdentityProvider.js +8 -4
- package/oidc/googleIdentityProvider.js.map +1 -1
- package/oidc/identityProvider.d.ts +7 -3
- package/oidc/identityProvider.js +7 -3
- package/oidc/identityProvider.js.map +1 -1
- package/openid/audienceProtocolMapper.d.ts +62 -43
- package/openid/audienceProtocolMapper.js +38 -19
- package/openid/audienceProtocolMapper.js.map +1 -1
- package/openid/audienceResolveProtocolMapper.d.ts +22 -7
- package/openid/audienceResolveProtocolMapper.js +22 -7
- package/openid/audienceResolveProtocolMapper.js.map +1 -1
- package/openid/audienceResolveProtocolMappter.d.ts +22 -7
- package/openid/audienceResolveProtocolMappter.js +22 -7
- package/openid/audienceResolveProtocolMappter.js.map +1 -1
- package/openid/client.d.ts +45 -429
- package/openid/client.js +45 -12
- package/openid/client.js.map +1 -1
- package/openid/clientAuthorizationPermission.d.ts +6 -2
- package/openid/clientAuthorizationPermission.js +6 -2
- package/openid/clientAuthorizationPermission.js.map +1 -1
- package/openid/clientDefaultScopes.d.ts +16 -31
- package/openid/clientDefaultScopes.js +16 -4
- package/openid/clientDefaultScopes.js.map +1 -1
- package/openid/clientOptionalScopes.d.ts +16 -32
- package/openid/clientOptionalScopes.js +16 -5
- package/openid/clientOptionalScopes.js.map +1 -1
- package/openid/clientPolicy.d.ts +5 -3
- package/openid/clientPolicy.js +5 -3
- package/openid/clientPolicy.js.map +1 -1
- package/openid/clientScope.d.ts +25 -66
- package/openid/clientScope.js +25 -12
- package/openid/clientScope.js.map +1 -1
- package/openid/clientServiceAccountRealmRole.d.ts +12 -4
- package/openid/clientServiceAccountRealmRole.js +12 -4
- package/openid/clientServiceAccountRealmRole.js.map +1 -1
- package/openid/clientServiceAccountRole.d.ts +14 -5
- package/openid/clientServiceAccountRole.js +14 -5
- package/openid/clientServiceAccountRole.js.map +1 -1
- package/openid/fullNameProtocolMapper.d.ts +49 -59
- package/openid/fullNameProtocolMapper.js +37 -20
- package/openid/fullNameProtocolMapper.js.map +1 -1
- package/openid/getClient.d.ts +30 -14
- package/openid/getClient.js +30 -2
- package/openid/getClient.js.map +1 -1
- package/openid/getClientAuthorizationPolicy.d.ts +8 -2
- package/openid/getClientAuthorizationPolicy.js +8 -2
- package/openid/getClientAuthorizationPolicy.js.map +1 -1
- package/openid/getClientScope.d.ts +4 -2
- package/openid/getClientScope.js +4 -2
- package/openid/getClientScope.js.map +1 -1
- package/openid/getClientServiceAccountUser.d.ts +4 -2
- package/openid/getClientServiceAccountUser.js +4 -2
- package/openid/getClientServiceAccountUser.js.map +1 -1
- package/openid/groupMembershipProtocolMapper.d.ts +51 -77
- package/openid/groupMembershipProtocolMapper.js +39 -20
- package/openid/groupMembershipProtocolMapper.js.map +1 -1
- package/openid/hardcodedClaimProtocolMapper.d.ts +64 -62
- package/openid/hardcodedClaimProtocolMapper.js +40 -20
- package/openid/hardcodedClaimProtocolMapper.js.map +1 -1
- package/openid/hardcodedRoleProtocolMapper.d.ts +56 -43
- package/openid/hardcodedRoleProtocolMapper.js +44 -22
- package/openid/hardcodedRoleProtocolMapper.js.map +1 -1
- package/openid/scriptProtocolMapper.d.ts +23 -7
- package/openid/scriptProtocolMapper.js +23 -7
- package/openid/scriptProtocolMapper.js.map +1 -1
- package/openid/userAttributeProtocolMapper.d.ts +71 -68
- package/openid/userAttributeProtocolMapper.js +41 -20
- package/openid/userAttributeProtocolMapper.js.map +1 -1
- package/openid/userClientRoleProtocolMapper.d.ts +23 -7
- package/openid/userClientRoleProtocolMapper.js +23 -7
- package/openid/userClientRoleProtocolMapper.js.map +1 -1
- package/openid/userPropertyProtocolMapper.d.ts +64 -63
- package/openid/userPropertyProtocolMapper.js +40 -21
- package/openid/userPropertyProtocolMapper.js.map +1 -1
- package/openid/userRealmRoleProtocolMapper.d.ts +71 -59
- package/openid/userRealmRoleProtocolMapper.js +41 -20
- package/openid/userRealmRoleProtocolMapper.js.map +1 -1
- package/openid/userSessionNoteProtocolMapper.d.ts +23 -7
- package/openid/userSessionNoteProtocolMapper.js +23 -7
- package/openid/userSessionNoteProtocolMapper.js.map +1 -1
- package/package.json +1 -1
- package/realm.d.ts +30 -509
- package/realm.js +0 -83
- package/realm.js.map +1 -1
- package/realmEvents.d.ts +15 -71
- package/realmEvents.js +15 -8
- package/realmEvents.js.map +1 -1
- package/realmKeystoreAesGenerated.d.ts +8 -3
- package/realmKeystoreAesGenerated.js +8 -3
- package/realmKeystoreAesGenerated.js.map +1 -1
- package/realmKeystoreEcdsaGenerated.d.ts +8 -3
- package/realmKeystoreEcdsaGenerated.js +8 -3
- package/realmKeystoreEcdsaGenerated.js.map +1 -1
- package/realmKeystoreHmacGenerated.d.ts +8 -3
- package/realmKeystoreHmacGenerated.js +8 -3
- package/realmKeystoreHmacGenerated.js.map +1 -1
- package/realmKeystoreJavaGenerated.d.ts +8 -3
- package/realmKeystoreJavaGenerated.js +8 -3
- package/realmKeystoreJavaGenerated.js.map +1 -1
- package/realmKeystoreRsa.d.ts +6 -2
- package/realmKeystoreRsa.js +6 -2
- package/realmKeystoreRsa.js.map +1 -1
- package/realmKeystoreRsaGenerated.d.ts +8 -3
- package/realmKeystoreRsaGenerated.js +8 -3
- package/realmKeystoreRsaGenerated.js.map +1 -1
- package/realmUserProfile.d.ts +1 -1
- package/realmUserProfile.js +1 -1
- package/requiredAction.d.ts +8 -3
- package/requiredAction.js +8 -3
- package/requiredAction.js.map +1 -1
- package/role.d.ts +57 -110
- package/role.js +57 -56
- package/role.js.map +1 -1
- package/saml/client.d.ts +9 -344
- package/saml/client.js +9 -29
- package/saml/client.js.map +1 -1
- package/saml/clientDefaultScope.d.ts +0 -33
- package/saml/clientDefaultScope.js +0 -33
- package/saml/clientDefaultScope.js.map +1 -1
- package/saml/clientScope.d.ts +10 -3
- package/saml/clientScope.js +10 -3
- package/saml/clientScope.js.map +1 -1
- package/saml/getClient.d.ts +2 -0
- package/saml/getClient.js +2 -0
- package/saml/getClient.js.map +1 -1
- package/saml/getClientInstallationProvider.d.ts +0 -62
- package/saml/getClientInstallationProvider.js +0 -62
- package/saml/getClientInstallationProvider.js.map +1 -1
- package/saml/identityProvider.d.ts +155 -111
- package/saml/identityProvider.js +44 -15
- package/saml/identityProvider.js.map +1 -1
- package/saml/scriptProtocolMapper.d.ts +15 -5
- package/saml/scriptProtocolMapper.js +15 -5
- package/saml/scriptProtocolMapper.js.map +1 -1
- package/saml/userAttributeProtocolMapper.d.ts +32 -91
- package/saml/userAttributeProtocolMapper.js +32 -19
- package/saml/userAttributeProtocolMapper.js.map +1 -1
- package/saml/userPropertyProtocolMapper.d.ts +32 -91
- package/saml/userPropertyProtocolMapper.js +32 -19
- package/saml/userPropertyProtocolMapper.js.map +1 -1
- package/types/input.d.ts +74 -231
- package/types/output.d.ts +44 -255
- package/user.d.ts +26 -104
- package/user.js +26 -14
- package/user.js.map +1 -1
- package/userGroups.d.ts +5 -33
- package/userGroups.js +5 -33
- package/userGroups.js.map +1 -1
- package/userRoles.d.ts +16 -6
- package/userRoles.js +16 -6
- package/userRoles.js.map +1 -1
- package/userTemplateImporterIdentityProviderMapper.d.ts +10 -3
- package/userTemplateImporterIdentityProviderMapper.js +10 -3
- package/userTemplateImporterIdentityProviderMapper.js.map +1 -1
- package/usersPermissions.d.ts +10 -25
- package/usersPermissions.js +10 -25
- package/usersPermissions.js.map +1 -1
|
@@ -7,39 +7,6 @@ const pulumi = require("@pulumi/pulumi");
|
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
9
|
* ## Example Usage
|
|
10
|
-
*
|
|
11
|
-
* ```typescript
|
|
12
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
13
|
-
* import * as fs from "fs";
|
|
14
|
-
* import * as keycloak from "@pulumi/keycloak";
|
|
15
|
-
*
|
|
16
|
-
* const realm = new keycloak.Realm("realm", {
|
|
17
|
-
* realm: "my-realm",
|
|
18
|
-
* enabled: true,
|
|
19
|
-
* });
|
|
20
|
-
* const samlClient = new keycloak.saml.Client("samlClient", {
|
|
21
|
-
* realmId: realm.id,
|
|
22
|
-
* clientId: "saml-client",
|
|
23
|
-
* signDocuments: false,
|
|
24
|
-
* signAssertions: true,
|
|
25
|
-
* includeAuthnStatement: true,
|
|
26
|
-
* signingCertificate: fs.readFileSync("saml-cert.pem", "utf8"),
|
|
27
|
-
* signingPrivateKey: fs.readFileSync("saml-key.pem", "utf8"),
|
|
28
|
-
* });
|
|
29
|
-
* const clientScope = new keycloak.saml.ClientScope("clientScope", {realmId: realm.id});
|
|
30
|
-
* const clientDefaultScopes = new keycloak.saml.ClientDefaultScope("clientDefaultScopes", {
|
|
31
|
-
* realmId: realm.id,
|
|
32
|
-
* clientId: keycloak_saml_client.client.id,
|
|
33
|
-
* defaultScopes: [
|
|
34
|
-
* "role_list",
|
|
35
|
-
* clientScope.name,
|
|
36
|
-
* ],
|
|
37
|
-
* });
|
|
38
|
-
* ```
|
|
39
|
-
*
|
|
40
|
-
* ## Import
|
|
41
|
-
*
|
|
42
|
-
* This resource does not support import. Instead of importing, feel free to create this resource as if it did not already exist on the server.
|
|
43
10
|
*/
|
|
44
11
|
class ClientDefaultScope extends pulumi.CustomResource {
|
|
45
12
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"clientDefaultScope.js","sourceRoot":"","sources":["../../saml/clientDefaultScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"clientDefaultScope.js","sourceRoot":"","sources":["../../saml/clientDefaultScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;GAEG;AACH,MAAa,kBAAmB,SAAQ,MAAM,CAAC,cAAc;IACzD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA+B,EAAE,IAAmC;QAC7H,OAAO,IAAI,kBAAkB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACzE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,YAAY,CAAC;IACnE,CAAC;IAuBD,YAAY,IAAY,EAAE,WAA8D,EAAE,IAAmC;QACzH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAkD,CAAC;YACjE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAAiD,CAAC;YAC/D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,kBAAkB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACvE,CAAC;;AA1EL,gDA2EC;AA7DG,gBAAgB;AACO,+BAAY,GAAG,qDAAqD,CAAC"}
|
package/saml/clientScope.d.ts
CHANGED
|
@@ -14,8 +14,9 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
14
14
|
* realm: "my-realm",
|
|
15
15
|
* enabled: true,
|
|
16
16
|
* });
|
|
17
|
-
* const samlClientScope = new keycloak.saml.ClientScope("
|
|
17
|
+
* const samlClientScope = new keycloak.saml.ClientScope("saml_client_scope", {
|
|
18
18
|
* realmId: realm.id,
|
|
19
|
+
* name: "groups",
|
|
19
20
|
* description: "This scope will map a user's group memberships to SAML assertion",
|
|
20
21
|
* guiOrder: 1,
|
|
21
22
|
* });
|
|
@@ -23,10 +24,16 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
23
24
|
*
|
|
24
25
|
* ## Import
|
|
25
26
|
*
|
|
26
|
-
* Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak
|
|
27
|
+
* Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak
|
|
28
|
+
*
|
|
29
|
+
* assigns to the client scope upon creation. This value can be found in the URI when editing this client scope in the GUI, and is typically a GUID.
|
|
30
|
+
*
|
|
31
|
+
* Example:
|
|
32
|
+
*
|
|
33
|
+
* bash
|
|
27
34
|
*
|
|
28
35
|
* ```sh
|
|
29
|
-
*
|
|
36
|
+
* $ pulumi import keycloak:saml/clientScope:ClientScope saml_client_scope my-realm/e8a5d115-6985-4de3-a0f5-732e1be4525e
|
|
30
37
|
* ```
|
|
31
38
|
*/
|
|
32
39
|
export declare class ClientScope extends pulumi.CustomResource {
|
package/saml/clientScope.js
CHANGED
|
@@ -20,8 +20,9 @@ const utilities = require("../utilities");
|
|
|
20
20
|
* realm: "my-realm",
|
|
21
21
|
* enabled: true,
|
|
22
22
|
* });
|
|
23
|
-
* const samlClientScope = new keycloak.saml.ClientScope("
|
|
23
|
+
* const samlClientScope = new keycloak.saml.ClientScope("saml_client_scope", {
|
|
24
24
|
* realmId: realm.id,
|
|
25
|
+
* name: "groups",
|
|
25
26
|
* description: "This scope will map a user's group memberships to SAML assertion",
|
|
26
27
|
* guiOrder: 1,
|
|
27
28
|
* });
|
|
@@ -29,10 +30,16 @@ const utilities = require("../utilities");
|
|
|
29
30
|
*
|
|
30
31
|
* ## Import
|
|
31
32
|
*
|
|
32
|
-
* Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak
|
|
33
|
+
* Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak
|
|
34
|
+
*
|
|
35
|
+
* assigns to the client scope upon creation. This value can be found in the URI when editing this client scope in the GUI, and is typically a GUID.
|
|
36
|
+
*
|
|
37
|
+
* Example:
|
|
38
|
+
*
|
|
39
|
+
* bash
|
|
33
40
|
*
|
|
34
41
|
* ```sh
|
|
35
|
-
*
|
|
42
|
+
* $ pulumi import keycloak:saml/clientScope:ClientScope saml_client_scope my-realm/e8a5d115-6985-4de3-a0f5-732e1be4525e
|
|
36
43
|
* ```
|
|
37
44
|
*/
|
|
38
45
|
class ClientScope extends pulumi.CustomResource {
|
package/saml/clientScope.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"clientScope.js","sourceRoot":"","sources":["../../saml/clientScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"clientScope.js","sourceRoot":"","sources":["../../saml/clientScope.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,WAAY,SAAQ,MAAM,CAAC,cAAc;IAClD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwB,EAAE,IAAmC;QACtH,OAAO,IAAI,WAAW,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAClE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,CAAC,YAAY,CAAC;IAC5D,CAAC;IA+BD,YAAY,IAAY,EAAE,WAAgD,EAAE,IAAmC;QAC3G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2C,CAAC;YAC1D,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAA0C,CAAC;YACxD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,WAAW,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChE,CAAC;;AAhFL,kCAiFC;AAnEG,gBAAgB;AACO,wBAAY,GAAG,uCAAuC,CAAC"}
|
package/saml/getClient.d.ts
CHANGED
|
@@ -13,6 +13,7 @@ import * as outputs from "../types/output";
|
|
|
13
13
|
* realmId: "my-realm",
|
|
14
14
|
* clientId: "realm-management",
|
|
15
15
|
* });
|
|
16
|
+
* // use the data source
|
|
16
17
|
* const admin = realmManagement.then(realmManagement => keycloak.getRole({
|
|
17
18
|
* realmId: "my-realm",
|
|
18
19
|
* clientId: realmManagement.id,
|
|
@@ -96,6 +97,7 @@ export interface GetClientResult {
|
|
|
96
97
|
* realmId: "my-realm",
|
|
97
98
|
* clientId: "realm-management",
|
|
98
99
|
* });
|
|
100
|
+
* // use the data source
|
|
99
101
|
* const admin = realmManagement.then(realmManagement => keycloak.getRole({
|
|
100
102
|
* realmId: "my-realm",
|
|
101
103
|
* clientId: realmManagement.id,
|
package/saml/getClient.js
CHANGED
|
@@ -18,6 +18,7 @@ const utilities = require("../utilities");
|
|
|
18
18
|
* realmId: "my-realm",
|
|
19
19
|
* clientId: "realm-management",
|
|
20
20
|
* });
|
|
21
|
+
* // use the data source
|
|
21
22
|
* const admin = realmManagement.then(realmManagement => keycloak.getRole({
|
|
22
23
|
* realmId: "my-realm",
|
|
23
24
|
* clientId: realmManagement.id,
|
|
@@ -46,6 +47,7 @@ exports.getClient = getClient;
|
|
|
46
47
|
* realmId: "my-realm",
|
|
47
48
|
* clientId: "realm-management",
|
|
48
49
|
* });
|
|
50
|
+
* // use the data source
|
|
49
51
|
* const admin = realmManagement.then(realmManagement => keycloak.getRole({
|
|
50
52
|
* realmId: "my-realm",
|
|
51
53
|
* clientId: realmManagement.id,
|
package/saml/getClient.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getClient.js","sourceRoot":"","sources":["../../saml/getClient.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"getClient.js","sourceRoot":"","sources":["../../saml/getClient.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,SAAS,CAAC,IAAmB,EAAE,IAA2B;IAEtE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,mCAAmC,EAAE;QAC9D,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,SAAS,EAAE,IAAI,CAAC,OAAO;KAC1B,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAPD,8BAOC;AA+DD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,eAAe,CAAC,IAAyB,EAAE,IAA2B;IAClF,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AACpE,CAAC;AAFD,0CAEC"}
|
|
@@ -1,37 +1,6 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
/**
|
|
3
3
|
* This data source can be used to retrieve Installation Provider of a SAML Client.
|
|
4
|
-
*
|
|
5
|
-
* ## Example Usage
|
|
6
|
-
*
|
|
7
|
-
* In the example below, we extract the SAML metadata IDPSSODescriptor to pass it to the AWS IAM SAML Provider.
|
|
8
|
-
*
|
|
9
|
-
* ```typescript
|
|
10
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
11
|
-
* import * as aws from "@pulumi/aws";
|
|
12
|
-
* import * as fs from "fs";
|
|
13
|
-
* import * as keycloak from "@pulumi/keycloak";
|
|
14
|
-
*
|
|
15
|
-
* const realm = new keycloak.Realm("realm", {
|
|
16
|
-
* realm: "my-realm",
|
|
17
|
-
* enabled: true,
|
|
18
|
-
* });
|
|
19
|
-
* const samlClient = new keycloak.saml.Client("samlClient", {
|
|
20
|
-
* realmId: realm.id,
|
|
21
|
-
* clientId: "test-saml-client",
|
|
22
|
-
* signDocuments: false,
|
|
23
|
-
* signAssertions: true,
|
|
24
|
-
* includeAuthnStatement: true,
|
|
25
|
-
* signingCertificate: fs.readFileSync("saml-cert.pem", "utf8"),
|
|
26
|
-
* signingPrivateKey: fs.readFileSync("saml-key.pem", "utf8"),
|
|
27
|
-
* });
|
|
28
|
-
* const samlIdpDescriptor = keycloak.saml.getClientInstallationProviderOutput({
|
|
29
|
-
* realmId: realm.id,
|
|
30
|
-
* clientId: samlClient.id,
|
|
31
|
-
* providerId: "saml-idp-descriptor",
|
|
32
|
-
* });
|
|
33
|
-
* const _default = new aws.iam.SamlProvider("default", {samlMetadataDocument: samlIdpDescriptor.apply(samlIdpDescriptor => samlIdpDescriptor.value)});
|
|
34
|
-
* ```
|
|
35
4
|
*/
|
|
36
5
|
export declare function getClientInstallationProvider(args: GetClientInstallationProviderArgs, opts?: pulumi.InvokeOptions): Promise<GetClientInstallationProviderResult>;
|
|
37
6
|
/**
|
|
@@ -69,37 +38,6 @@ export interface GetClientInstallationProviderResult {
|
|
|
69
38
|
}
|
|
70
39
|
/**
|
|
71
40
|
* This data source can be used to retrieve Installation Provider of a SAML Client.
|
|
72
|
-
*
|
|
73
|
-
* ## Example Usage
|
|
74
|
-
*
|
|
75
|
-
* In the example below, we extract the SAML metadata IDPSSODescriptor to pass it to the AWS IAM SAML Provider.
|
|
76
|
-
*
|
|
77
|
-
* ```typescript
|
|
78
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
79
|
-
* import * as aws from "@pulumi/aws";
|
|
80
|
-
* import * as fs from "fs";
|
|
81
|
-
* import * as keycloak from "@pulumi/keycloak";
|
|
82
|
-
*
|
|
83
|
-
* const realm = new keycloak.Realm("realm", {
|
|
84
|
-
* realm: "my-realm",
|
|
85
|
-
* enabled: true,
|
|
86
|
-
* });
|
|
87
|
-
* const samlClient = new keycloak.saml.Client("samlClient", {
|
|
88
|
-
* realmId: realm.id,
|
|
89
|
-
* clientId: "test-saml-client",
|
|
90
|
-
* signDocuments: false,
|
|
91
|
-
* signAssertions: true,
|
|
92
|
-
* includeAuthnStatement: true,
|
|
93
|
-
* signingCertificate: fs.readFileSync("saml-cert.pem", "utf8"),
|
|
94
|
-
* signingPrivateKey: fs.readFileSync("saml-key.pem", "utf8"),
|
|
95
|
-
* });
|
|
96
|
-
* const samlIdpDescriptor = keycloak.saml.getClientInstallationProviderOutput({
|
|
97
|
-
* realmId: realm.id,
|
|
98
|
-
* clientId: samlClient.id,
|
|
99
|
-
* providerId: "saml-idp-descriptor",
|
|
100
|
-
* });
|
|
101
|
-
* const _default = new aws.iam.SamlProvider("default", {samlMetadataDocument: samlIdpDescriptor.apply(samlIdpDescriptor => samlIdpDescriptor.value)});
|
|
102
|
-
* ```
|
|
103
41
|
*/
|
|
104
42
|
export declare function getClientInstallationProviderOutput(args: GetClientInstallationProviderOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetClientInstallationProviderResult>;
|
|
105
43
|
/**
|
|
@@ -7,37 +7,6 @@ const pulumi = require("@pulumi/pulumi");
|
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
9
|
* This data source can be used to retrieve Installation Provider of a SAML Client.
|
|
10
|
-
*
|
|
11
|
-
* ## Example Usage
|
|
12
|
-
*
|
|
13
|
-
* In the example below, we extract the SAML metadata IDPSSODescriptor to pass it to the AWS IAM SAML Provider.
|
|
14
|
-
*
|
|
15
|
-
* ```typescript
|
|
16
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
17
|
-
* import * as aws from "@pulumi/aws";
|
|
18
|
-
* import * as fs from "fs";
|
|
19
|
-
* import * as keycloak from "@pulumi/keycloak";
|
|
20
|
-
*
|
|
21
|
-
* const realm = new keycloak.Realm("realm", {
|
|
22
|
-
* realm: "my-realm",
|
|
23
|
-
* enabled: true,
|
|
24
|
-
* });
|
|
25
|
-
* const samlClient = new keycloak.saml.Client("samlClient", {
|
|
26
|
-
* realmId: realm.id,
|
|
27
|
-
* clientId: "test-saml-client",
|
|
28
|
-
* signDocuments: false,
|
|
29
|
-
* signAssertions: true,
|
|
30
|
-
* includeAuthnStatement: true,
|
|
31
|
-
* signingCertificate: fs.readFileSync("saml-cert.pem", "utf8"),
|
|
32
|
-
* signingPrivateKey: fs.readFileSync("saml-key.pem", "utf8"),
|
|
33
|
-
* });
|
|
34
|
-
* const samlIdpDescriptor = keycloak.saml.getClientInstallationProviderOutput({
|
|
35
|
-
* realmId: realm.id,
|
|
36
|
-
* clientId: samlClient.id,
|
|
37
|
-
* providerId: "saml-idp-descriptor",
|
|
38
|
-
* });
|
|
39
|
-
* const _default = new aws.iam.SamlProvider("default", {samlMetadataDocument: samlIdpDescriptor.apply(samlIdpDescriptor => samlIdpDescriptor.value)});
|
|
40
|
-
* ```
|
|
41
10
|
*/
|
|
42
11
|
function getClientInstallationProvider(args, opts) {
|
|
43
12
|
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {});
|
|
@@ -50,37 +19,6 @@ function getClientInstallationProvider(args, opts) {
|
|
|
50
19
|
exports.getClientInstallationProvider = getClientInstallationProvider;
|
|
51
20
|
/**
|
|
52
21
|
* This data source can be used to retrieve Installation Provider of a SAML Client.
|
|
53
|
-
*
|
|
54
|
-
* ## Example Usage
|
|
55
|
-
*
|
|
56
|
-
* In the example below, we extract the SAML metadata IDPSSODescriptor to pass it to the AWS IAM SAML Provider.
|
|
57
|
-
*
|
|
58
|
-
* ```typescript
|
|
59
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
60
|
-
* import * as aws from "@pulumi/aws";
|
|
61
|
-
* import * as fs from "fs";
|
|
62
|
-
* import * as keycloak from "@pulumi/keycloak";
|
|
63
|
-
*
|
|
64
|
-
* const realm = new keycloak.Realm("realm", {
|
|
65
|
-
* realm: "my-realm",
|
|
66
|
-
* enabled: true,
|
|
67
|
-
* });
|
|
68
|
-
* const samlClient = new keycloak.saml.Client("samlClient", {
|
|
69
|
-
* realmId: realm.id,
|
|
70
|
-
* clientId: "test-saml-client",
|
|
71
|
-
* signDocuments: false,
|
|
72
|
-
* signAssertions: true,
|
|
73
|
-
* includeAuthnStatement: true,
|
|
74
|
-
* signingCertificate: fs.readFileSync("saml-cert.pem", "utf8"),
|
|
75
|
-
* signingPrivateKey: fs.readFileSync("saml-key.pem", "utf8"),
|
|
76
|
-
* });
|
|
77
|
-
* const samlIdpDescriptor = keycloak.saml.getClientInstallationProviderOutput({
|
|
78
|
-
* realmId: realm.id,
|
|
79
|
-
* clientId: samlClient.id,
|
|
80
|
-
* providerId: "saml-idp-descriptor",
|
|
81
|
-
* });
|
|
82
|
-
* const _default = new aws.iam.SamlProvider("default", {samlMetadataDocument: samlIdpDescriptor.apply(samlIdpDescriptor => samlIdpDescriptor.value)});
|
|
83
|
-
* ```
|
|
84
22
|
*/
|
|
85
23
|
function getClientInstallationProviderOutput(args, opts) {
|
|
86
24
|
return pulumi.output(args).apply((a) => getClientInstallationProvider(a, opts));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getClientInstallationProvider.js","sourceRoot":"","sources":["../../saml/getClientInstallationProvider.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"getClientInstallationProvider.js","sourceRoot":"","sources":["../../saml/getClientInstallationProvider.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;GAEG;AACH,SAAgB,6BAA6B,CAAC,IAAuC,EAAE,IAA2B;IAE9G,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,2EAA2E,EAAE;QACtG,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,YAAY,EAAE,IAAI,CAAC,UAAU;QAC7B,SAAS,EAAE,IAAI,CAAC,OAAO;KAC1B,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AARD,sEAQC;AAoCD;;GAEG;AACH,SAAgB,mCAAmC,CAAC,IAA6C,EAAE,IAA2B;IAC1H,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,6BAA6B,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;AACxF,CAAC;AAFD,kFAEC"}
|