blob: 80e7501051b3593ce692d435656e09bb79a42aef [file] [log] [blame]
#!/usr/bin/python
# *****************************************************************************
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
# ******************************************************************************
import logging
import json
import sys
import requests
import argparse
from dlab.fab import *
from dlab.meta_lib import *
from dlab.actions_lib import *
import os
parser = argparse.ArgumentParser()
parser.add_argument('--service_base_name', type=str, default='')
parser.add_argument('--keycloak_auth_server_url', type=str, default='')
parser.add_argument('--keycloak_realm_name', type=str, default='')
parser.add_argument('--keycloak_user', type=str, default='')
parser.add_argument('--keycloak_user_password', type=str, default='')
parser.add_argument('--keycloak_client_secret', type=str, default='')
parser.add_argument('--edge_public_ip', type=str, default='')
parser.add_argument('--hostname', type=str, default='')
parser.add_argument('--project_name', type=str, default='')
parser.add_argument('--endpoint_name', type=str, default='')
args = parser.parse_args()
##############
# Run script #
##############
if __name__ == "__main__":
try:
print('[CONFIGURE KEYCLOAK]')
logging.info('[CONFIGURE KEYCLOAK]')
keycloak_auth_server_url = '{}/realms/master/protocol/openid-connect/token'.format(
args.keycloak_auth_server_url)
keycloak_auth_data = {
"username": args.keycloak_user,
"password": args.keycloak_user_password,
"grant_type": "password",
"client_id": "admin-cli",
}
keycloak_client_create_url = '{0}/admin/realms/{1}/clients'.format(args.keycloak_auth_server_url,
args.keycloak_realm_name)
keycloak_client_name = "{0}-{1}-{2}".format(args.service_base_name, args.project_name, args.endpoint_name)
keycloak_client_id = str(uuid.uuid4())
if args.hostname == '':
keycloak_redirectUris = 'https://{0}/*,http://{0}/*'.format(args.edge_public_ip).lower().split(',')
print(keycloak_redirectUris)
else:
keycloak_redirectUris = 'https://{0}/*,http://{0}/*,https://{1}/*,http://{1}/*'.format(
args.edge_public_ip, args.hostname).lower().split(',')
keycloak_client_data = {
"clientId": keycloak_client_name,
"id": keycloak_client_id,
"enabled": "true",
"redirectUris": keycloak_redirectUris,
"publicClient": "false",
"secret": args.keycloak_client_secret,
"protocol": "openid-connect",
}
try:
keycloak_token = requests.post(keycloak_auth_server_url, data=keycloak_auth_data, verify=False).json()
keycloak_client = requests.post(keycloak_client_create_url, json=keycloak_client_data,
headers={"Authorization": "Bearer " + keycloak_token.get("access_token"),
"Content-Type": "application/json"}, verify=False)
except Exception as err:
append_result("Failed to configure keycloak.")
raise Exception
except Exception as err:
print('Error: {0}'.format(err))
append_result("Failed to configure keycloak.", str(err))