@pulumi/keycloak 6.9.0-alpha.1766555854 → 6.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/authentication/getSubflow.d.ts +179 -0
- package/authentication/getSubflow.js +126 -0
- package/authentication/getSubflow.js.map +1 -0
- package/authentication/index.d.ts +3 -0
- package/authentication/index.js +4 -1
- package/authentication/index.js.map +1 -1
- package/getGroup.d.ts +3 -0
- package/getGroup.js +2 -0
- package/getGroup.js.map +1 -1
- package/getRealm.d.ts +1 -0
- package/getRealm.js.map +1 -1
- package/group.d.ts +3 -0
- package/group.js +2 -0
- package/group.js.map +1 -1
- package/ldap/userFederation.d.ts +36 -0
- package/ldap/userFederation.js +6 -0
- package/ldap/userFederation.js.map +1 -1
- package/oidc/facebookIdentityProvider.d.ts +363 -0
- package/oidc/facebookIdentityProvider.js +150 -0
- package/oidc/facebookIdentityProvider.js.map +1 -0
- package/oidc/index.d.ts +3 -0
- package/oidc/index.js +6 -1
- package/oidc/index.js.map +1 -1
- package/openid/client.d.ts +13 -1
- package/openid/client.js +2 -0
- package/openid/client.js.map +1 -1
- package/openid/clientAuthorizationResource.d.ts +88 -0
- package/openid/clientAuthorizationResource.js +88 -0
- package/openid/clientAuthorizationResource.js.map +1 -1
- package/openid/clientAuthorizationScope.d.ts +73 -0
- package/openid/clientAuthorizationScope.js +73 -0
- package/openid/clientAuthorizationScope.js.map +1 -1
- package/openid/clientScope.d.ts +3 -3
- package/openid/getClient.d.ts +1 -0
- package/openid/getClient.js.map +1 -1
- package/organization.d.ts +5 -5
- package/organization.js +0 -3
- package/organization.js.map +1 -1
- package/package.json +2 -2
- package/realm.d.ts +15 -0
- package/realm.js +4 -0
- package/realm.js.map +1 -1
- package/realmKeystoreRsa.d.ts +21 -0
- package/realmKeystoreRsa.js +5 -0
- package/realmKeystoreRsa.js.map +1 -1
- package/saml/client.d.ts +12 -0
- package/saml/client.js +2 -0
- package/saml/client.js.map +1 -1
- package/saml/getClient.d.ts +1 -0
- package/saml/getClient.js.map +1 -1
- package/saml/getClientInstallationProvider.d.ts +4 -4
- package/saml/getClientInstallationProvider.js +4 -4
- package/types/input.d.ts +7 -0
- package/types/output.d.ts +6 -0
package/openid/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../openid/client.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6EG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../openid/client.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6EG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IA4OD,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,0CAA0C,CAAC,GAAG,KAAK,EAAE,wCAAwC,CAAC;YAC7G,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,oCAAoC,CAAC,GAAG,KAAK,EAAE,kCAAkC,CAAC;YACjG,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,EAAE,aAAa,CAAC;YACvD,cAAc,CAAC,wCAAwC,CAAC,GAAG,KAAK,EAAE,sCAAsC,CAAC;YACzG,cAAc,CAAC,kCAAkC,CAAC,GAAG,KAAK,EAAE,gCAAgC,CAAC;YAC7F,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,EAAE,QAAQ,CAAC;YAC7C,cAAc,CAAC,iCAAiC,CAAC,GAAG,KAAK,EAAE,+BAA+B,CAAC;YAC3F,cAAc,CAAC,iCAAiC,CAAC,GAAG,KAAK,EAAE,+BAA+B,CAAC;YAC3F,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,EAAE,YAAY,CAAC;YACrD,cAAc,CAAC,mCAAmC,CAAC,GAAG,KAAK,EAAE,iCAAiC,CAAC;YAC/F,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,EAAE,cAAc,CAAC;YACzD,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,EAAE,eAAe,CAAC;YAC3D,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,+BAA+B,CAAC,GAAG,KAAK,EAAE,6BAA6B,CAAC;YACvF,cAAc,CAAC,qCAAqC,CAAC,GAAG,KAAK,EAAE,mCAAmC,CAAC;YACnG,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,EAAE,yBAAyB,CAAC;YAC/E,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,EAAE,qBAAqB,CAAC;YACvE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,uCAAuC,CAAC,GAAG,KAAK,EAAE,qCAAqC,CAAC;YACvG,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,EAAE,wBAAwB,CAAC;YAC7E,cAAc,CAAC,6BAA6B,CAAC,GAAG,KAAK,EAAE,2BAA2B,CAAC;YACnF,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,EAAE,uBAAuB,CAAC;YAC3E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,EAAE,oBAAoB,CAAC;YACrE,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,EAAE,sBAAsB,CAAC;YACzE,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,EAAE,mBAAmB,CAAC;YACnE,cAAc,CAAC,8BAA8B,CAAC,GAAG,KAAK,EAAE,4BAA4B,CAAC;YACrF,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,mCAAmC,CAAC,GAAG,KAAK,EAAE,iCAAiC,CAAC;YAC/F,cAAc,CAAC,6BAA6B,CAAC,GAAG,KAAK,EAAE,2BAA2B,CAAC;YACnF,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,EAAE,iBAAiB,CAAC;YAC/D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;SACpD;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,IAAI,IAAI,EAAE,UAAU,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,0CAA0C,CAAC,GAAG,IAAI,EAAE,wCAAwC,CAAC;YAC5G,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,oCAAoC,CAAC,GAAG,IAAI,EAAE,kCAAkC,CAAC;YAChG,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,EAAE,aAAa,CAAC;YACtD,cAAc,CAAC,wCAAwC,CAAC,GAAG,IAAI,EAAE,sCAAsC,CAAC;YACxG,cAAc,CAAC,kCAAkC,CAAC,GAAG,IAAI,EAAE,gCAAgC,CAAC;YAC5F,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,EAAE,oBAAoB,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC5C,cAAc,CAAC,iCAAiC,CAAC,GAAG,IAAI,EAAE,+BAA+B,CAAC;YAC1F,cAAc,CAAC,iCAAiC,CAAC,GAAG,IAAI,EAAE,+BAA+B,CAAC;YAC1F,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACnG,cAAc,CAAC,mCAAmC,CAAC,GAAG,IAAI,EAAE,iCAAiC,CAAC;YAC9F,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACzG,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC;YAC1D,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,+BAA+B,CAAC,GAAG,IAAI,EAAE,6BAA6B,CAAC;YACtF,cAAc,CAAC,qCAAqC,CAAC,GAAG,IAAI,EAAE,mCAAmC,CAAC;YAClG,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,EAAE,yBAAyB,CAAC;YAC9E,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,EAAE,qBAAqB,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,uCAAuC,CAAC,GAAG,IAAI,EAAE,qCAAqC,CAAC;YACtG,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,EAAE,wBAAwB,CAAC;YAC5E,cAAc,CAAC,6BAA6B,CAAC,GAAG,IAAI,EAAE,2BAA2B,CAAC;YAClF,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,EAAE,uBAAuB,CAAC;YAC1E,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,EAAE,sBAAsB,CAAC;YACxE,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,EAAE,mBAAmB,CAAC;YAClE,cAAc,CAAC,8BAA8B,CAAC,GAAG,IAAI,EAAE,4BAA4B,CAAC;YACpF,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,mCAAmC,CAAC,GAAG,IAAI,EAAE,iCAAiC,CAAC;YAC9F,cAAc,CAAC,6BAA6B,CAAC,GAAG,IAAI,EAAE,2BAA2B,CAAC;YAClF,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,EAAE,iBAAiB,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,kBAAkB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACvD,cAAc,CAAC,sBAAsB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,EAAE,uBAAuB,EAAE,CAAC,cAAc,EAAE,gBAAgB,CAAC,EAAE,CAAC;QACnF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AApYL,wBAqYC;AAvXG,gBAAgB;AACO,mBAAY,GAAG,+BAA+B,CAAC"}
|
|
@@ -1,4 +1,92 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
/**
|
|
3
|
+
* Allows you to manage openid Client Authorization Resources.
|
|
4
|
+
*
|
|
5
|
+
* Authorization resources represent the protected resources in your application. Each resource can have associated scopes, URIs, and attributes.
|
|
6
|
+
*
|
|
7
|
+
* ## Example Usage
|
|
8
|
+
*
|
|
9
|
+
* ```typescript
|
|
10
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
11
|
+
* import * as keycloak from "@pulumi/keycloak";
|
|
12
|
+
*
|
|
13
|
+
* const realm = new keycloak.Realm("realm", {
|
|
14
|
+
* realm: "my-realm",
|
|
15
|
+
* enabled: true,
|
|
16
|
+
* });
|
|
17
|
+
* const test = new keycloak.openid.Client("test", {
|
|
18
|
+
* clientId: "client_id",
|
|
19
|
+
* realmId: realm.id,
|
|
20
|
+
* accessType: "CONFIDENTIAL",
|
|
21
|
+
* serviceAccountsEnabled: true,
|
|
22
|
+
* authorization: {
|
|
23
|
+
* policyEnforcementMode: "ENFORCING",
|
|
24
|
+
* },
|
|
25
|
+
* });
|
|
26
|
+
* const readScope = new keycloak.openid.ClientAuthorizationScope("read_scope", {
|
|
27
|
+
* resourceServerId: test.resourceServerId,
|
|
28
|
+
* realmId: realm.id,
|
|
29
|
+
* name: "read",
|
|
30
|
+
* });
|
|
31
|
+
* const writeScope = new keycloak.openid.ClientAuthorizationScope("write_scope", {
|
|
32
|
+
* resourceServerId: test.resourceServerId,
|
|
33
|
+
* realmId: realm.id,
|
|
34
|
+
* name: "write",
|
|
35
|
+
* });
|
|
36
|
+
* const testClientAuthorizationResource = new keycloak.openid.ClientAuthorizationResource("test", {
|
|
37
|
+
* resourceServerId: test.resourceServerId,
|
|
38
|
+
* realmId: realm.id,
|
|
39
|
+
* name: "my_resource",
|
|
40
|
+
* displayName: "My Resource",
|
|
41
|
+
* uris: [
|
|
42
|
+
* "/api/resource/*",
|
|
43
|
+
* "/api/resource/**",
|
|
44
|
+
* ],
|
|
45
|
+
* scopes: [
|
|
46
|
+
* readScope.name,
|
|
47
|
+
* writeScope.name,
|
|
48
|
+
* ],
|
|
49
|
+
* type: "http://example.com/resource-type",
|
|
50
|
+
* attributes: {
|
|
51
|
+
* key1: "value1,value2",
|
|
52
|
+
* key2: "value3",
|
|
53
|
+
* },
|
|
54
|
+
* });
|
|
55
|
+
* ```
|
|
56
|
+
*
|
|
57
|
+
* ### Argument Reference
|
|
58
|
+
*
|
|
59
|
+
* The following arguments are supported:
|
|
60
|
+
*
|
|
61
|
+
* - `realmId` - (Required) The realm this resource exists in.
|
|
62
|
+
* - `resourceServerId` - (Required) The ID of the resource server.
|
|
63
|
+
* - `name` - (Required) The name of the resource.
|
|
64
|
+
* - `displayName` - (Optional) The display name of the resource.
|
|
65
|
+
* - `uris` - (Optional) A set of URIs that this resource represents.
|
|
66
|
+
* - `iconUri` - (Optional) An icon URI for the resource.
|
|
67
|
+
* - `ownerManagedAccess` - (Optional) When `true`, this resource supports user-managed access. Defaults to `false`.
|
|
68
|
+
* - `scopes` - (Optional) A set of scope names that this resource uses.
|
|
69
|
+
* - `type` - (Optional) The type of this resource (e.g., `urn:myapp:resources:default`).
|
|
70
|
+
* - `attributes` - (Optional) A map of attributes for the resource. Values can be comma-separated lists.
|
|
71
|
+
*
|
|
72
|
+
* ### Attributes Reference
|
|
73
|
+
*
|
|
74
|
+
* In addition to the arguments listed above, the following computed attributes are exported:
|
|
75
|
+
*
|
|
76
|
+
* - `id` - Resource ID representing the authorization resource.
|
|
77
|
+
*
|
|
78
|
+
* ## Import
|
|
79
|
+
*
|
|
80
|
+
* Client authorization resources can be imported using the format: `{{realmId}}/{{resourceServerId}}/{{authorizationResourceId}}`.
|
|
81
|
+
*
|
|
82
|
+
* Example:
|
|
83
|
+
*
|
|
84
|
+
* bash
|
|
85
|
+
*
|
|
86
|
+
* ```sh
|
|
87
|
+
* $ pulumi import keycloak:openid/clientAuthorizationResource:ClientAuthorizationResource test my-realm/3bd4a686-1062-4b59-97b8-e4e3f10b99da/63b3cde8-987d-4cd9-9306-1955579281d9
|
|
88
|
+
* ```
|
|
89
|
+
*/
|
|
2
90
|
export declare class ClientAuthorizationResource extends pulumi.CustomResource {
|
|
3
91
|
/**
|
|
4
92
|
* Get an existing ClientAuthorizationResource resource's state with the given name, ID, and optional extra
|
|
@@ -5,6 +5,94 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
5
5
|
exports.ClientAuthorizationResource = void 0;
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* Allows you to manage openid Client Authorization Resources.
|
|
10
|
+
*
|
|
11
|
+
* Authorization resources represent the protected resources in your application. Each resource can have associated scopes, URIs, and attributes.
|
|
12
|
+
*
|
|
13
|
+
* ## Example Usage
|
|
14
|
+
*
|
|
15
|
+
* ```typescript
|
|
16
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
17
|
+
* import * as keycloak from "@pulumi/keycloak";
|
|
18
|
+
*
|
|
19
|
+
* const realm = new keycloak.Realm("realm", {
|
|
20
|
+
* realm: "my-realm",
|
|
21
|
+
* enabled: true,
|
|
22
|
+
* });
|
|
23
|
+
* const test = new keycloak.openid.Client("test", {
|
|
24
|
+
* clientId: "client_id",
|
|
25
|
+
* realmId: realm.id,
|
|
26
|
+
* accessType: "CONFIDENTIAL",
|
|
27
|
+
* serviceAccountsEnabled: true,
|
|
28
|
+
* authorization: {
|
|
29
|
+
* policyEnforcementMode: "ENFORCING",
|
|
30
|
+
* },
|
|
31
|
+
* });
|
|
32
|
+
* const readScope = new keycloak.openid.ClientAuthorizationScope("read_scope", {
|
|
33
|
+
* resourceServerId: test.resourceServerId,
|
|
34
|
+
* realmId: realm.id,
|
|
35
|
+
* name: "read",
|
|
36
|
+
* });
|
|
37
|
+
* const writeScope = new keycloak.openid.ClientAuthorizationScope("write_scope", {
|
|
38
|
+
* resourceServerId: test.resourceServerId,
|
|
39
|
+
* realmId: realm.id,
|
|
40
|
+
* name: "write",
|
|
41
|
+
* });
|
|
42
|
+
* const testClientAuthorizationResource = new keycloak.openid.ClientAuthorizationResource("test", {
|
|
43
|
+
* resourceServerId: test.resourceServerId,
|
|
44
|
+
* realmId: realm.id,
|
|
45
|
+
* name: "my_resource",
|
|
46
|
+
* displayName: "My Resource",
|
|
47
|
+
* uris: [
|
|
48
|
+
* "/api/resource/*",
|
|
49
|
+
* "/api/resource/**",
|
|
50
|
+
* ],
|
|
51
|
+
* scopes: [
|
|
52
|
+
* readScope.name,
|
|
53
|
+
* writeScope.name,
|
|
54
|
+
* ],
|
|
55
|
+
* type: "http://example.com/resource-type",
|
|
56
|
+
* attributes: {
|
|
57
|
+
* key1: "value1,value2",
|
|
58
|
+
* key2: "value3",
|
|
59
|
+
* },
|
|
60
|
+
* });
|
|
61
|
+
* ```
|
|
62
|
+
*
|
|
63
|
+
* ### Argument Reference
|
|
64
|
+
*
|
|
65
|
+
* The following arguments are supported:
|
|
66
|
+
*
|
|
67
|
+
* - `realmId` - (Required) The realm this resource exists in.
|
|
68
|
+
* - `resourceServerId` - (Required) The ID of the resource server.
|
|
69
|
+
* - `name` - (Required) The name of the resource.
|
|
70
|
+
* - `displayName` - (Optional) The display name of the resource.
|
|
71
|
+
* - `uris` - (Optional) A set of URIs that this resource represents.
|
|
72
|
+
* - `iconUri` - (Optional) An icon URI for the resource.
|
|
73
|
+
* - `ownerManagedAccess` - (Optional) When `true`, this resource supports user-managed access. Defaults to `false`.
|
|
74
|
+
* - `scopes` - (Optional) A set of scope names that this resource uses.
|
|
75
|
+
* - `type` - (Optional) The type of this resource (e.g., `urn:myapp:resources:default`).
|
|
76
|
+
* - `attributes` - (Optional) A map of attributes for the resource. Values can be comma-separated lists.
|
|
77
|
+
*
|
|
78
|
+
* ### Attributes Reference
|
|
79
|
+
*
|
|
80
|
+
* In addition to the arguments listed above, the following computed attributes are exported:
|
|
81
|
+
*
|
|
82
|
+
* - `id` - Resource ID representing the authorization resource.
|
|
83
|
+
*
|
|
84
|
+
* ## Import
|
|
85
|
+
*
|
|
86
|
+
* Client authorization resources can be imported using the format: `{{realmId}}/{{resourceServerId}}/{{authorizationResourceId}}`.
|
|
87
|
+
*
|
|
88
|
+
* Example:
|
|
89
|
+
*
|
|
90
|
+
* bash
|
|
91
|
+
*
|
|
92
|
+
* ```sh
|
|
93
|
+
* $ pulumi import keycloak:openid/clientAuthorizationResource:ClientAuthorizationResource test my-realm/3bd4a686-1062-4b59-97b8-e4e3f10b99da/63b3cde8-987d-4cd9-9306-1955579281d9
|
|
94
|
+
* ```
|
|
95
|
+
*/
|
|
8
96
|
class ClientAuthorizationResource extends pulumi.CustomResource {
|
|
9
97
|
/**
|
|
10
98
|
* Get an existing ClientAuthorizationResource resource's state with the given name, ID, and optional extra
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"clientAuthorizationResource.js","sourceRoot":"","sources":["../../openid/clientAuthorizationResource.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,MAAa,2BAA4B,SAAQ,MAAM,CAAC,cAAc;IAClE;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwC,EAAE,IAAmC;QACtI,OAAO,IAAI,2BAA2B,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,2BAA2B,CAAC,YAAY,CAAC;IAC5E,CAAC;IAqBD,YAAY,IAAY,EAAE,WAAgF,EAAE,IAAmC;QAC3I,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2D,CAAC;YAC1E,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAA0D,CAAC;YACxE,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,gBAAgB,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;SACvC;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,2BAA2B,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChF,CAAC;;AAnFL,kEAoFC;AAtEG,gBAAgB;AACO,wCAAY,GAAG,yEAAyE,CAAC"}
|
|
1
|
+
{"version":3,"file":"clientAuthorizationResource.js","sourceRoot":"","sources":["../../openid/clientAuthorizationResource.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuFG;AACH,MAAa,2BAA4B,SAAQ,MAAM,CAAC,cAAc;IAClE;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAwC,EAAE,IAAmC;QACtI,OAAO,IAAI,2BAA2B,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,2BAA2B,CAAC,YAAY,CAAC;IAC5E,CAAC;IAqBD,YAAY,IAAY,EAAE,WAAgF,EAAE,IAAmC;QAC3I,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA2D,CAAC;YAC1E,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,EAAE,kBAAkB,CAAC;YACjE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;YAC7D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,EAAE,MAAM,CAAC;YACzC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;SACxC;aAAM;YACH,MAAM,IAAI,GAAG,WAA0D,CAAC;YACxE,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,gBAAgB,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,EAAE,kBAAkB,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC;YACxC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;SACvC;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,2BAA2B,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAChF,CAAC;;AAnFL,kEAoFC;AAtEG,gBAAgB;AACO,wCAAY,GAAG,yEAAyE,CAAC"}
|
|
@@ -1,4 +1,77 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
/**
|
|
3
|
+
* Allows you to manage openid Client Authorization Scopes.
|
|
4
|
+
*
|
|
5
|
+
* Authorization scopes represent the actions that can be performed on resources. They are used in permissions to define what operations are allowed.
|
|
6
|
+
*
|
|
7
|
+
* ## Example Usage
|
|
8
|
+
*
|
|
9
|
+
* ```typescript
|
|
10
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
11
|
+
* import * as keycloak from "@pulumi/keycloak";
|
|
12
|
+
*
|
|
13
|
+
* const realm = new keycloak.Realm("realm", {
|
|
14
|
+
* realm: "my-realm",
|
|
15
|
+
* enabled: true,
|
|
16
|
+
* });
|
|
17
|
+
* const test = new keycloak.openid.Client("test", {
|
|
18
|
+
* clientId: "client_id",
|
|
19
|
+
* realmId: realm.id,
|
|
20
|
+
* accessType: "CONFIDENTIAL",
|
|
21
|
+
* serviceAccountsEnabled: true,
|
|
22
|
+
* authorization: {
|
|
23
|
+
* policyEnforcementMode: "ENFORCING",
|
|
24
|
+
* },
|
|
25
|
+
* });
|
|
26
|
+
* const read = new keycloak.openid.ClientAuthorizationScope("read", {
|
|
27
|
+
* resourceServerId: test.resourceServerId,
|
|
28
|
+
* realmId: realm.id,
|
|
29
|
+
* name: "read",
|
|
30
|
+
* displayName: "Read Access",
|
|
31
|
+
* iconUri: "https://example.com/icons/read.png",
|
|
32
|
+
* });
|
|
33
|
+
* const write = new keycloak.openid.ClientAuthorizationScope("write", {
|
|
34
|
+
* resourceServerId: test.resourceServerId,
|
|
35
|
+
* realmId: realm.id,
|
|
36
|
+
* name: "write",
|
|
37
|
+
* displayName: "Write Access",
|
|
38
|
+
* });
|
|
39
|
+
* const _delete = new keycloak.openid.ClientAuthorizationScope("delete", {
|
|
40
|
+
* resourceServerId: test.resourceServerId,
|
|
41
|
+
* realmId: realm.id,
|
|
42
|
+
* name: "delete",
|
|
43
|
+
* displayName: "Delete Access",
|
|
44
|
+
* });
|
|
45
|
+
* ```
|
|
46
|
+
*
|
|
47
|
+
* ### Argument Reference
|
|
48
|
+
*
|
|
49
|
+
* The following arguments are supported:
|
|
50
|
+
*
|
|
51
|
+
* - `realmId` - (Required) The realm this scope exists in.
|
|
52
|
+
* - `resourceServerId` - (Required) The ID of the resource server.
|
|
53
|
+
* - `name` - (Required) The name of the scope.
|
|
54
|
+
* - `displayName` - (Optional) The display name of the scope.
|
|
55
|
+
* - `iconUri` - (Optional) An icon URI for the scope.
|
|
56
|
+
*
|
|
57
|
+
* ### Attributes Reference
|
|
58
|
+
*
|
|
59
|
+
* In addition to the arguments listed above, the following computed attributes are exported:
|
|
60
|
+
*
|
|
61
|
+
* - `id` - Scope ID representing the authorization scope.
|
|
62
|
+
*
|
|
63
|
+
* ## Import
|
|
64
|
+
*
|
|
65
|
+
* Client authorization scopes can be imported using the format: `{{realmId}}/{{resourceServerId}}/{{authorizationScopeId}}`.
|
|
66
|
+
*
|
|
67
|
+
* Example:
|
|
68
|
+
*
|
|
69
|
+
* bash
|
|
70
|
+
*
|
|
71
|
+
* ```sh
|
|
72
|
+
* $ pulumi import keycloak:openid/clientAuthorizationScope:ClientAuthorizationScope test my-realm/3bd4a686-1062-4b59-97b8-e4e3f10b99da/63b3cde8-987d-4cd9-9306-1955579281d9
|
|
73
|
+
* ```
|
|
74
|
+
*/
|
|
2
75
|
export declare class ClientAuthorizationScope extends pulumi.CustomResource {
|
|
3
76
|
/**
|
|
4
77
|
* Get an existing ClientAuthorizationScope resource's state with the given name, ID, and optional extra
|
|
@@ -5,6 +5,79 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
5
5
|
exports.ClientAuthorizationScope = void 0;
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* Allows you to manage openid Client Authorization Scopes.
|
|
10
|
+
*
|
|
11
|
+
* Authorization scopes represent the actions that can be performed on resources. They are used in permissions to define what operations are allowed.
|
|
12
|
+
*
|
|
13
|
+
* ## Example Usage
|
|
14
|
+
*
|
|
15
|
+
* ```typescript
|
|
16
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
17
|
+
* import * as keycloak from "@pulumi/keycloak";
|
|
18
|
+
*
|
|
19
|
+
* const realm = new keycloak.Realm("realm", {
|
|
20
|
+
* realm: "my-realm",
|
|
21
|
+
* enabled: true,
|
|
22
|
+
* });
|
|
23
|
+
* const test = new keycloak.openid.Client("test", {
|
|
24
|
+
* clientId: "client_id",
|
|
25
|
+
* realmId: realm.id,
|
|
26
|
+
* accessType: "CONFIDENTIAL",
|
|
27
|
+
* serviceAccountsEnabled: true,
|
|
28
|
+
* authorization: {
|
|
29
|
+
* policyEnforcementMode: "ENFORCING",
|
|
30
|
+
* },
|
|
31
|
+
* });
|
|
32
|
+
* const read = new keycloak.openid.ClientAuthorizationScope("read", {
|
|
33
|
+
* resourceServerId: test.resourceServerId,
|
|
34
|
+
* realmId: realm.id,
|
|
35
|
+
* name: "read",
|
|
36
|
+
* displayName: "Read Access",
|
|
37
|
+
* iconUri: "https://example.com/icons/read.png",
|
|
38
|
+
* });
|
|
39
|
+
* const write = new keycloak.openid.ClientAuthorizationScope("write", {
|
|
40
|
+
* resourceServerId: test.resourceServerId,
|
|
41
|
+
* realmId: realm.id,
|
|
42
|
+
* name: "write",
|
|
43
|
+
* displayName: "Write Access",
|
|
44
|
+
* });
|
|
45
|
+
* const _delete = new keycloak.openid.ClientAuthorizationScope("delete", {
|
|
46
|
+
* resourceServerId: test.resourceServerId,
|
|
47
|
+
* realmId: realm.id,
|
|
48
|
+
* name: "delete",
|
|
49
|
+
* displayName: "Delete Access",
|
|
50
|
+
* });
|
|
51
|
+
* ```
|
|
52
|
+
*
|
|
53
|
+
* ### Argument Reference
|
|
54
|
+
*
|
|
55
|
+
* The following arguments are supported:
|
|
56
|
+
*
|
|
57
|
+
* - `realmId` - (Required) The realm this scope exists in.
|
|
58
|
+
* - `resourceServerId` - (Required) The ID of the resource server.
|
|
59
|
+
* - `name` - (Required) The name of the scope.
|
|
60
|
+
* - `displayName` - (Optional) The display name of the scope.
|
|
61
|
+
* - `iconUri` - (Optional) An icon URI for the scope.
|
|
62
|
+
*
|
|
63
|
+
* ### Attributes Reference
|
|
64
|
+
*
|
|
65
|
+
* In addition to the arguments listed above, the following computed attributes are exported:
|
|
66
|
+
*
|
|
67
|
+
* - `id` - Scope ID representing the authorization scope.
|
|
68
|
+
*
|
|
69
|
+
* ## Import
|
|
70
|
+
*
|
|
71
|
+
* Client authorization scopes can be imported using the format: `{{realmId}}/{{resourceServerId}}/{{authorizationScopeId}}`.
|
|
72
|
+
*
|
|
73
|
+
* Example:
|
|
74
|
+
*
|
|
75
|
+
* bash
|
|
76
|
+
*
|
|
77
|
+
* ```sh
|
|
78
|
+
* $ pulumi import keycloak:openid/clientAuthorizationScope:ClientAuthorizationScope test my-realm/3bd4a686-1062-4b59-97b8-e4e3f10b99da/63b3cde8-987d-4cd9-9306-1955579281d9
|
|
79
|
+
* ```
|
|
80
|
+
*/
|
|
8
81
|
class ClientAuthorizationScope extends pulumi.CustomResource {
|
|
9
82
|
/**
|
|
10
83
|
* Get an existing ClientAuthorizationScope resource's state with the given name, ID, and optional extra
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"clientAuthorizationScope.js","sourceRoot":"","sources":["../../openid/clientAuthorizationScope.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,MAAa,wBAAyB,SAAQ,MAAM,CAAC,cAAc;IAC/D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAqC,EAAE,IAAmC;QACnI,OAAO,IAAI,wBAAwB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,wBAAwB,CAAC,YAAY,CAAC;IACzE,CAAC;IAgBD,YAAY,IAAY,EAAE,WAA0E,EAAE,IAAmC;QACrI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAwD,CAAC;YACvE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;SAChE;aAAM;YACH,MAAM,IAAI,GAAG,WAAuD,CAAC;YACrE,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,gBAAgB,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;SAC/D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,wBAAwB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC7E,CAAC;;AApEL,4DAqEC;AAvDG,gBAAgB;AACO,qCAAY,GAAG,mEAAmE,CAAC"}
|
|
1
|
+
{"version":3,"file":"clientAuthorizationScope.js","sourceRoot":"","sources":["../../openid/clientAuthorizationScope.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwEG;AACH,MAAa,wBAAyB,SAAQ,MAAM,CAAC,cAAc;IAC/D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAqC,EAAE,IAAmC;QACnI,OAAO,IAAI,wBAAwB,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,wBAAwB,CAAC,YAAY,CAAC;IACzE,CAAC;IAgBD,YAAY,IAAY,EAAE,WAA0E,EAAE,IAAmC;QACrI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAwD,CAAC;YACvE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,EAAE,gBAAgB,CAAC;SAChE;aAAM;YACH,MAAM,IAAI,GAAG,WAAuD,CAAC;YACrE,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,IAAI,EAAE,gBAAgB,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,EAAE,gBAAgB,CAAC;SAC/D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,wBAAwB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC7E,CAAC;;AApEL,4DAqEC;AAvDG,gBAAgB;AACO,qCAAY,GAAG,mEAAmE,CAAC"}
|
package/openid/clientScope.d.ts
CHANGED
|
@@ -67,7 +67,7 @@ export declare class ClientScope extends pulumi.CustomResource {
|
|
|
67
67
|
*/
|
|
68
68
|
readonly guiOrder: pulumi.Output<number | undefined>;
|
|
69
69
|
/**
|
|
70
|
-
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
|
|
70
|
+
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. When `false`, this scope will be omitted from the token and from the Token Introspection Endpoint response. Defaults to `true`.
|
|
71
71
|
*/
|
|
72
72
|
readonly includeInTokenScope: pulumi.Output<boolean | undefined>;
|
|
73
73
|
/**
|
|
@@ -104,7 +104,7 @@ export interface ClientScopeState {
|
|
|
104
104
|
*/
|
|
105
105
|
guiOrder?: pulumi.Input<number>;
|
|
106
106
|
/**
|
|
107
|
-
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
|
|
107
|
+
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. When `false`, this scope will be omitted from the token and from the Token Introspection Endpoint response. Defaults to `true`.
|
|
108
108
|
*/
|
|
109
109
|
includeInTokenScope?: pulumi.Input<boolean>;
|
|
110
110
|
/**
|
|
@@ -133,7 +133,7 @@ export interface ClientScopeArgs {
|
|
|
133
133
|
*/
|
|
134
134
|
guiOrder?: pulumi.Input<number>;
|
|
135
135
|
/**
|
|
136
|
-
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
|
|
136
|
+
* When `true`, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response. When `false`, this scope will be omitted from the token and from the Token Introspection Endpoint response. Defaults to `true`.
|
|
137
137
|
*/
|
|
138
138
|
includeInTokenScope?: pulumi.Input<boolean>;
|
|
139
139
|
/**
|
package/openid/getClient.d.ts
CHANGED
|
@@ -92,6 +92,7 @@ export interface GetClientResult {
|
|
|
92
92
|
readonly oauth2DevicePollingInterval?: string;
|
|
93
93
|
readonly pkceCodeChallengeMethod: string;
|
|
94
94
|
readonly realmId: string;
|
|
95
|
+
readonly requireDpopBoundTokens: boolean;
|
|
95
96
|
readonly resourceServerId: string;
|
|
96
97
|
readonly rootUrl: string;
|
|
97
98
|
readonly serviceAccountUserId: string;
|
package/openid/getClient.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getClient.js","sourceRoot":"","sources":["../../openid/getClient.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,SAAS,CAAC,IAAmB,EAAE,IAA2B;IACtE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,qCAAqC,EAAE;QAChE,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,mBAAmB,EAAE,IAAI,CAAC,iBAAiB;QAC3C,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,aAAa,EAAE,IAAI,CAAC,WAAW;QAC/B,uCAAuC,EAAE,IAAI,CAAC,qCAAqC;QACnF,0BAA0B,EAAE,IAAI,CAAC,wBAAwB;QACzD,6BAA6B,EAAE,IAAI,CAAC,2BAA2B;QAC/D,SAAS,EAAE,IAAI,CAAC,OAAO;KAC1B,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAbD,8BAaC;
|
|
1
|
+
{"version":3,"file":"getClient.js","sourceRoot":"","sources":["../../openid/getClient.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,SAAS,CAAC,IAAmB,EAAE,IAA2B;IACtE,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,qCAAqC,EAAE;QAChE,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,mBAAmB,EAAE,IAAI,CAAC,iBAAiB;QAC3C,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,aAAa,EAAE,IAAI,CAAC,WAAW;QAC/B,uCAAuC,EAAE,IAAI,CAAC,qCAAqC;QACnF,0BAA0B,EAAE,IAAI,CAAC,wBAAwB;QACzD,6BAA6B,EAAE,IAAI,CAAC,2BAA2B;QAC/D,SAAS,EAAE,IAAI,CAAC,OAAO;KAC1B,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAbD,8BAaC;AAkFD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,eAAe,CAAC,IAAyB,EAAE,IAAiC;IACxF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,qCAAqC,EAAE;QACtE,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,UAAU,EAAE,IAAI,CAAC,QAAQ;QACzB,mBAAmB,EAAE,IAAI,CAAC,iBAAiB;QAC3C,wBAAwB,EAAE,IAAI,CAAC,sBAAsB;QACrD,aAAa,EAAE,IAAI,CAAC,WAAW;QAC/B,uCAAuC,EAAE,IAAI,CAAC,qCAAqC;QACnF,0BAA0B,EAAE,IAAI,CAAC,wBAAwB;QACzD,6BAA6B,EAAE,IAAI,CAAC,2BAA2B;QAC/D,SAAS,EAAE,IAAI,CAAC,OAAO;KAC1B,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AAbD,0CAaC"}
|
package/organization.d.ts
CHANGED
|
@@ -85,9 +85,9 @@ export declare class Organization extends pulumi.CustomResource {
|
|
|
85
85
|
*/
|
|
86
86
|
readonly description: pulumi.Output<string | undefined>;
|
|
87
87
|
/**
|
|
88
|
-
* A list of domains.
|
|
88
|
+
* A list of domains.
|
|
89
89
|
*/
|
|
90
|
-
readonly domains: pulumi.Output<outputs.OrganizationDomain[]>;
|
|
90
|
+
readonly domains: pulumi.Output<outputs.OrganizationDomain[] | undefined>;
|
|
91
91
|
/**
|
|
92
92
|
* Enable/disable this organization.
|
|
93
93
|
*/
|
|
@@ -132,7 +132,7 @@ export interface OrganizationState {
|
|
|
132
132
|
*/
|
|
133
133
|
description?: pulumi.Input<string>;
|
|
134
134
|
/**
|
|
135
|
-
* A list of domains.
|
|
135
|
+
* A list of domains.
|
|
136
136
|
*/
|
|
137
137
|
domains?: pulumi.Input<pulumi.Input<inputs.OrganizationDomain>[]>;
|
|
138
138
|
/**
|
|
@@ -171,9 +171,9 @@ export interface OrganizationArgs {
|
|
|
171
171
|
*/
|
|
172
172
|
description?: pulumi.Input<string>;
|
|
173
173
|
/**
|
|
174
|
-
* A list of domains.
|
|
174
|
+
* A list of domains.
|
|
175
175
|
*/
|
|
176
|
-
domains
|
|
176
|
+
domains?: pulumi.Input<pulumi.Input<inputs.OrganizationDomain>[]>;
|
|
177
177
|
/**
|
|
178
178
|
* Enable/disable this organization.
|
|
179
179
|
*/
|
package/organization.js
CHANGED
|
@@ -97,9 +97,6 @@ class Organization extends pulumi.CustomResource {
|
|
|
97
97
|
}
|
|
98
98
|
else {
|
|
99
99
|
const args = argsOrState;
|
|
100
|
-
if (args?.domains === undefined && !opts.urn) {
|
|
101
|
-
throw new Error("Missing required property 'domains'");
|
|
102
|
-
}
|
|
103
100
|
if (args?.realm === undefined && !opts.urn) {
|
|
104
101
|
throw new Error("Missing required property 'realm'");
|
|
105
102
|
}
|
package/organization.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"organization.js","sourceRoot":"","sources":["../organization.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoDG;AACH,MAAa,YAAa,SAAQ,MAAM,CAAC,cAAc;IACnD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyB,EAAE,IAAmC;QACvH,OAAO,IAAI,YAAY,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,YAAY,CAAC,YAAY,CAAC;IAC7D,CAAC;IA2CD,YAAY,IAAY,EAAE,WAAkD,EAAE,IAAmC;QAC7G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4C,CAAC;YAC3D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;SACtD;aAAM;YACH,MAAM,IAAI,GAAG,WAA2C,CAAC;YACzD,IAAI,IAAI,EAAE,
|
|
1
|
+
{"version":3,"file":"organization.js","sourceRoot":"","sources":["../organization.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoDG;AACH,MAAa,YAAa,SAAQ,MAAM,CAAC,cAAc;IACnD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyB,EAAE,IAAmC;QACvH,OAAO,IAAI,YAAY,CAAC,IAAI,EAAO,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACnE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,YAAY,CAAC,YAAY,CAAC;IAC7D,CAAC;IA2CD,YAAY,IAAY,EAAE,WAAkD,EAAE,IAAmC;QAC7G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4C,CAAC;YAC3D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,EAAE,UAAU,CAAC;YACjD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;YACnD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,EAAE,OAAO,CAAC;YAC3C,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC;YACrC,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC;YACvC,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,EAAE,WAAW,CAAC;SACtD;aAAM;YACH,MAAM,IAAI,GAAG,WAA2C,CAAC;YACzD,IAAI,IAAI,EAAE,KAAK,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACxC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC;YAChD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;YAClD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC;YAC1C,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,CAAC;YACpC,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,EAAE,KAAK,CAAC;YACtC,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,EAAE,WAAW,CAAC;SACrD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACjE,CAAC;;AAlGL,oCAmGC;AArFG,gBAAgB;AACO,yBAAY,GAAG,0CAA0C,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pulumi/keycloak",
|
|
3
|
-
"version": "6.9.0
|
|
3
|
+
"version": "6.9.0",
|
|
4
4
|
"description": "A Pulumi package for creating and managing keycloak cloud resources.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"pulumi",
|
|
@@ -23,6 +23,6 @@
|
|
|
23
23
|
"pulumi": {
|
|
24
24
|
"resource": true,
|
|
25
25
|
"name": "keycloak",
|
|
26
|
-
"version": "6.9.0
|
|
26
|
+
"version": "6.9.0"
|
|
27
27
|
}
|
|
28
28
|
}
|
package/realm.d.ts
CHANGED
|
@@ -113,6 +113,7 @@ export declare class Realm extends pulumi.CustomResource {
|
|
|
113
113
|
readonly accountTheme: pulumi.Output<string | undefined>;
|
|
114
114
|
readonly actionTokenGeneratedByAdminLifespan: pulumi.Output<string>;
|
|
115
115
|
readonly actionTokenGeneratedByUserLifespan: pulumi.Output<string>;
|
|
116
|
+
readonly adminPermissionsEnabled: pulumi.Output<boolean | undefined>;
|
|
116
117
|
readonly adminTheme: pulumi.Output<string | undefined>;
|
|
117
118
|
/**
|
|
118
119
|
* A map of custom attributes to add to the realm.
|
|
@@ -209,6 +210,10 @@ export declare class Realm extends pulumi.CustomResource {
|
|
|
209
210
|
readonly ssoSessionIdleTimeoutRememberMe: pulumi.Output<string>;
|
|
210
211
|
readonly ssoSessionMaxLifespan: pulumi.Output<string>;
|
|
211
212
|
readonly ssoSessionMaxLifespanRememberMe: pulumi.Output<string>;
|
|
213
|
+
/**
|
|
214
|
+
* When set to true, the realm cannot be deleted. Defaults to false.
|
|
215
|
+
*/
|
|
216
|
+
readonly terraformDeletionProtection: pulumi.Output<boolean | undefined>;
|
|
212
217
|
/**
|
|
213
218
|
* When `true`, users are allowed to manage their own resources. Defaults to `false`.
|
|
214
219
|
*/
|
|
@@ -237,6 +242,7 @@ export interface RealmState {
|
|
|
237
242
|
accountTheme?: pulumi.Input<string>;
|
|
238
243
|
actionTokenGeneratedByAdminLifespan?: pulumi.Input<string>;
|
|
239
244
|
actionTokenGeneratedByUserLifespan?: pulumi.Input<string>;
|
|
245
|
+
adminPermissionsEnabled?: pulumi.Input<boolean>;
|
|
240
246
|
adminTheme?: pulumi.Input<string>;
|
|
241
247
|
/**
|
|
242
248
|
* A map of custom attributes to add to the realm.
|
|
@@ -333,6 +339,10 @@ export interface RealmState {
|
|
|
333
339
|
ssoSessionIdleTimeoutRememberMe?: pulumi.Input<string>;
|
|
334
340
|
ssoSessionMaxLifespan?: pulumi.Input<string>;
|
|
335
341
|
ssoSessionMaxLifespanRememberMe?: pulumi.Input<string>;
|
|
342
|
+
/**
|
|
343
|
+
* When set to true, the realm cannot be deleted. Defaults to false.
|
|
344
|
+
*/
|
|
345
|
+
terraformDeletionProtection?: pulumi.Input<boolean>;
|
|
336
346
|
/**
|
|
337
347
|
* When `true`, users are allowed to manage their own resources. Defaults to `false`.
|
|
338
348
|
*/
|
|
@@ -353,6 +363,7 @@ export interface RealmArgs {
|
|
|
353
363
|
accountTheme?: pulumi.Input<string>;
|
|
354
364
|
actionTokenGeneratedByAdminLifespan?: pulumi.Input<string>;
|
|
355
365
|
actionTokenGeneratedByUserLifespan?: pulumi.Input<string>;
|
|
366
|
+
adminPermissionsEnabled?: pulumi.Input<boolean>;
|
|
356
367
|
adminTheme?: pulumi.Input<string>;
|
|
357
368
|
/**
|
|
358
369
|
* A map of custom attributes to add to the realm.
|
|
@@ -449,6 +460,10 @@ export interface RealmArgs {
|
|
|
449
460
|
ssoSessionIdleTimeoutRememberMe?: pulumi.Input<string>;
|
|
450
461
|
ssoSessionMaxLifespan?: pulumi.Input<string>;
|
|
451
462
|
ssoSessionMaxLifespanRememberMe?: pulumi.Input<string>;
|
|
463
|
+
/**
|
|
464
|
+
* When set to true, the realm cannot be deleted. Defaults to false.
|
|
465
|
+
*/
|
|
466
|
+
terraformDeletionProtection?: pulumi.Input<boolean>;
|
|
452
467
|
/**
|
|
453
468
|
* When `true`, users are allowed to manage their own resources. Defaults to `false`.
|
|
454
469
|
*/
|
package/realm.js
CHANGED
|
@@ -129,6 +129,7 @@ class Realm extends pulumi.CustomResource {
|
|
|
129
129
|
resourceInputs["accountTheme"] = state?.accountTheme;
|
|
130
130
|
resourceInputs["actionTokenGeneratedByAdminLifespan"] = state?.actionTokenGeneratedByAdminLifespan;
|
|
131
131
|
resourceInputs["actionTokenGeneratedByUserLifespan"] = state?.actionTokenGeneratedByUserLifespan;
|
|
132
|
+
resourceInputs["adminPermissionsEnabled"] = state?.adminPermissionsEnabled;
|
|
132
133
|
resourceInputs["adminTheme"] = state?.adminTheme;
|
|
133
134
|
resourceInputs["attributes"] = state?.attributes;
|
|
134
135
|
resourceInputs["browserFlow"] = state?.browserFlow;
|
|
@@ -175,6 +176,7 @@ class Realm extends pulumi.CustomResource {
|
|
|
175
176
|
resourceInputs["ssoSessionIdleTimeoutRememberMe"] = state?.ssoSessionIdleTimeoutRememberMe;
|
|
176
177
|
resourceInputs["ssoSessionMaxLifespan"] = state?.ssoSessionMaxLifespan;
|
|
177
178
|
resourceInputs["ssoSessionMaxLifespanRememberMe"] = state?.ssoSessionMaxLifespanRememberMe;
|
|
179
|
+
resourceInputs["terraformDeletionProtection"] = state?.terraformDeletionProtection;
|
|
178
180
|
resourceInputs["userManagedAccess"] = state?.userManagedAccess;
|
|
179
181
|
resourceInputs["verifyEmail"] = state?.verifyEmail;
|
|
180
182
|
resourceInputs["webAuthnPasswordlessPolicy"] = state?.webAuthnPasswordlessPolicy;
|
|
@@ -190,6 +192,7 @@ class Realm extends pulumi.CustomResource {
|
|
|
190
192
|
resourceInputs["accountTheme"] = args?.accountTheme;
|
|
191
193
|
resourceInputs["actionTokenGeneratedByAdminLifespan"] = args?.actionTokenGeneratedByAdminLifespan;
|
|
192
194
|
resourceInputs["actionTokenGeneratedByUserLifespan"] = args?.actionTokenGeneratedByUserLifespan;
|
|
195
|
+
resourceInputs["adminPermissionsEnabled"] = args?.adminPermissionsEnabled;
|
|
193
196
|
resourceInputs["adminTheme"] = args?.adminTheme;
|
|
194
197
|
resourceInputs["attributes"] = args?.attributes;
|
|
195
198
|
resourceInputs["browserFlow"] = args?.browserFlow;
|
|
@@ -236,6 +239,7 @@ class Realm extends pulumi.CustomResource {
|
|
|
236
239
|
resourceInputs["ssoSessionIdleTimeoutRememberMe"] = args?.ssoSessionIdleTimeoutRememberMe;
|
|
237
240
|
resourceInputs["ssoSessionMaxLifespan"] = args?.ssoSessionMaxLifespan;
|
|
238
241
|
resourceInputs["ssoSessionMaxLifespanRememberMe"] = args?.ssoSessionMaxLifespanRememberMe;
|
|
242
|
+
resourceInputs["terraformDeletionProtection"] = args?.terraformDeletionProtection;
|
|
239
243
|
resourceInputs["userManagedAccess"] = args?.userManagedAccess;
|
|
240
244
|
resourceInputs["verifyEmail"] = args?.verifyEmail;
|
|
241
245
|
resourceInputs["webAuthnPasswordlessPolicy"] = args?.webAuthnPasswordlessPolicy;
|