internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-08 06:12:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Reformat everything.

Browse Source
This commit is contained in:
Felix Fontein
2025-11-01 12:08:41 +01:00
parent 3f2213791a
commit 340ff8586d
1008 changed files with 61301 additions and 58309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

644
tests/unit/plugins/modules/test_keycloak_clientscope.py
View File

@@ -1,4 +1,3 @@
# Copyright (c) 2021, Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
@@ -9,7 +8,11 @@ import unittest
from contextlib import contextmanager
from unittest.mock import patch
from ansible_collections.community.internal_test_tools.tests.unit.plugins.modules.utils import AnsibleExitJson, ModuleTestCase, set_module_args
from ansible_collections.community.internal_test_tools.tests.unit.plugins.modules.utils import (
AnsibleExitJson,
ModuleTestCase,
set_module_args,
)
from ansible_collections.community.general.plugins.modules import keycloak_clientscope
@@ -18,10 +21,16 @@ from itertools import count
@contextmanager
def patch_keycloak_api(get_clientscope_by_name=None, get_clientscope_by_clientscopeid=None, create_clientscope=None,
update_clientscope=None, get_clientscope_protocolmapper_by_name=None,
update_clientscope_protocolmappers=None, create_clientscope_protocolmapper=None,
delete_clientscope=None):
def patch_keycloak_api(
get_clientscope_by_name=None,
get_clientscope_by_clientscopeid=None,
create_clientscope=None,
update_clientscope=None,
get_clientscope_protocolmapper_by_name=None,
update_clientscope_protocolmappers=None,
create_clientscope_protocolmapper=None,
delete_clientscope=None,
):
"""Mock context manager for patching the methods in PwPolicyIPAClient that contact the IPA server
Patches the `login` and `_post_json` methods
@@ -42,47 +51,57 @@ def patch_keycloak_api(get_clientscope_by_name=None, get_clientscope_by_clientsc
"""
obj = keycloak_clientscope.KeycloakAPI
with patch.object(obj, 'get_clientscope_by_name', side_effect=get_clientscope_by_name) \
as mock_get_clientscope_by_name:
with patch.object(obj, 'get_clientscope_by_clientscopeid', side_effect=get_clientscope_by_clientscopeid) \
as mock_get_clientscope_by_clientscopeid:
with patch.object(obj, 'create_clientscope', side_effect=create_clientscope) \
as mock_create_clientscope:
with patch.object(obj, 'update_clientscope', return_value=update_clientscope) \
as mock_update_clientscope:
with patch.object(obj, 'get_clientscope_protocolmapper_by_name',
side_effect=get_clientscope_protocolmapper_by_name) \
as mock_get_clientscope_protocolmapper_by_name:
with patch.object(obj, 'update_clientscope_protocolmappers',
side_effect=update_clientscope_protocolmappers) \
as mock_update_clientscope_protocolmappers:
with patch.object(obj, 'create_clientscope_protocolmapper',
side_effect=create_clientscope_protocolmapper) \
as mock_create_clientscope_protocolmapper:
with patch.object(obj, 'delete_clientscope', side_effect=delete_clientscope) \
as mock_delete_clientscope:
yield mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope, \
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name, mock_update_clientscope_protocolmappers, \
mock_create_clientscope_protocolmapper, mock_delete_clientscope
with patch.object(
obj, "get_clientscope_by_name", side_effect=get_clientscope_by_name
) as mock_get_clientscope_by_name:
with patch.object(
obj, "get_clientscope_by_clientscopeid", side_effect=get_clientscope_by_clientscopeid
) as mock_get_clientscope_by_clientscopeid:
with patch.object(obj, "create_clientscope", side_effect=create_clientscope) as mock_create_clientscope:
with patch.object(
obj, "update_clientscope", return_value=update_clientscope
) as mock_update_clientscope:
with patch.object(
obj,
"get_clientscope_protocolmapper_by_name",
side_effect=get_clientscope_protocolmapper_by_name,
) as mock_get_clientscope_protocolmapper_by_name:
with patch.object(
obj, "update_clientscope_protocolmappers", side_effect=update_clientscope_protocolmappers
) as mock_update_clientscope_protocolmappers:
with patch.object(
obj, "create_clientscope_protocolmapper", side_effect=create_clientscope_protocolmapper
) as mock_create_clientscope_protocolmapper:
with patch.object(
obj, "delete_clientscope", side_effect=delete_clientscope
) as mock_delete_clientscope:
yield (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
)
def get_response(object_with_future_response, method, get_id_call_count):
if callable(object_with_future_response):
return object_with_future_response()
if isinstance(object_with_future_response, dict):
return get_response(
object_with_future_response[method], method, get_id_call_count)
return get_response(object_with_future_response[method], method, get_id_call_count)
if isinstance(object_with_future_response, list):
call_number = next(get_id_call_count)
return get_response(
object_with_future_response[call_number], method, get_id_call_count)
return get_response(object_with_future_response[call_number], method, get_id_call_count)
return object_with_future_response
def build_mocked_request(get_id_user_count, response_dict):
def _mocked_requests(*args, **kwargs):
url = args[0]
method = kwargs['method']
method = kwargs["method"]
future_response = response_dict.get(url, None)
return get_response(future_response, method, get_id_user_count)
@@ -102,12 +121,14 @@ def create_wrapper(text_as_string):
def mock_good_connection():
token_response = {
'http://keycloak.url/auth/realms/master/protocol/openid-connect/token': create_wrapper(
'{"access_token": "alongtoken"}'), }
"http://keycloak.url/auth/realms/master/protocol/openid-connect/token": create_wrapper(
'{"access_token": "alongtoken"}'
),
}
return patch(
'ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak.open_url',
"ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak.open_url",
side_effect=build_mocked_request(count(), token_response),
autospec=True
autospec=True,
)
@@ -120,21 +141,18 @@ class TestKeycloakAuthentication(ModuleTestCase):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'present',
'name': 'my-new-kc-clientscope'
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "present",
"name": "my-new-kc-clientscope",
}
return_value_get_clientscope_by_name = [
None,
{
"attributes": {},
"id": "73fec1d2-f032-410c-8177-583104d01305",
"name": "my-new-kc-clientscope"
}]
{"attributes": {}, "id": "73fec1d2-f032-410c-8177-583104d01305", "name": "my-new-kc-clientscope"},
]
changed = True
@@ -142,11 +160,16 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -161,25 +184,23 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 0)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
def test_create_clientscope_idempotency(self):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'present',
'name': 'my-new-kc-clientscope'
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "present",
"name": "my-new-kc-clientscope",
}
return_value_get_clientscope_by_name = [{
"attributes": {},
"id": "73fec1d2-f032-410c-8177-583104d01305",
"name": "my-new-kc-clientscope"
}]
return_value_get_clientscope_by_name = [
{"attributes": {}, "id": "73fec1d2-f032-410c-8177-583104d01305", "name": "my-new-kc-clientscope"}
]
changed = False
@@ -187,11 +208,16 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -206,25 +232,23 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 0)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
def test_delete_clientscope(self):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'absent',
'name': 'my-new-kc-clientscope'
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "absent",
"name": "my-new-kc-clientscope",
}
return_value_get_clientscope_by_name = [{
"attributes": {},
"id": "73fec1d2-f032-410c-8177-583104d01305",
"name": "my-new-kc-clientscope"
}]
return_value_get_clientscope_by_name = [
{"attributes": {}, "id": "73fec1d2-f032-410c-8177-583104d01305", "name": "my-new-kc-clientscope"}
]
changed = True
@@ -232,11 +256,16 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -251,19 +280,19 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 1)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
def test_delete_clientscope_idempotency(self):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'absent',
'name': 'my-new-kc-clientscope'
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "absent",
"name": "my-new-kc-clientscope",
}
return_value_get_clientscope_by_name = [None]
@@ -273,11 +302,16 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -292,57 +326,57 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 0)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
def test_create_clientscope_with_protocolmappers(self):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'present',
'name': 'my-new-kc-clientscope',
'protocolMappers': [
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "present",
"name": "my-new-kc-clientscope",
"protocolMappers": [
{
'protocol': 'openid-connect',
'config': {
'full.path': 'true',
'id.token.claim': 'true',
'access.token.claim': 'true',
'userinfo.token.claim': 'true',
'claim.name': 'protocol1',
"protocol": "openid-connect",
"config": {
"full.path": "true",
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true",
"claim.name": "protocol1",
},
'name': 'protocol1',
'protocolMapper': 'oidc-group-membership-mapper',
"name": "protocol1",
"protocolMapper": "oidc-group-membership-mapper",
},
{
'protocol': 'openid-connect',
'config': {
'full.path': 'false',
'id.token.claim': 'false',
'access.token.claim': 'false',
'userinfo.token.claim': 'false',
'claim.name': 'protocol2',
"protocol": "openid-connect",
"config": {
"full.path": "false",
"id.token.claim": "false",
"access.token.claim": "false",
"userinfo.token.claim": "false",
"claim.name": "protocol2",
},
'name': 'protocol2',
'protocolMapper': 'oidc-group-membership-mapper',
"name": "protocol2",
"protocolMapper": "oidc-group-membership-mapper",
},
{
'protocol': 'openid-connect',
'config': {
'full.path': 'true',
'id.token.claim': 'false',
'access.token.claim': 'true',
'userinfo.token.claim': 'false',
'claim.name': 'protocol3',
"protocol": "openid-connect",
"config": {
"full.path": "true",
"id.token.claim": "false",
"access.token.claim": "true",
"userinfo.token.claim": "false",
"claim.name": "protocol3",
},
'name': 'protocol3',
'protocolMapper': 'oidc-group-membership-mapper',
"name": "protocol3",
"protocolMapper": "oidc-group-membership-mapper",
},
]
],
}
return_value_get_clientscope_by_name = [
None,
@@ -357,13 +391,13 @@ class TestKeycloakAuthentication(ModuleTestCase):
"claim.name": "protocol2",
"full.path": "false",
"id.token.claim": "false",
"userinfo.token.claim": "false"
"userinfo.token.claim": "false",
},
"consentRequired": "false",
"id": "a7f19adb-cc58-41b1-94ce-782dc255139b",
"name": "protocol2",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
@@ -371,13 +405,13 @@ class TestKeycloakAuthentication(ModuleTestCase):
"claim.name": "protocol3",
"full.path": "true",
"id.token.claim": "false",
"userinfo.token.claim": "false"
"userinfo.token.claim": "false",
},
"consentRequired": "false",
"id": "2103a559-185a-40f4-84ae-9ab311d5b812",
"name": "protocol3",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
@@ -385,15 +419,17 @@ class TestKeycloakAuthentication(ModuleTestCase):
"claim.name": "protocol1",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true"
"userinfo.token.claim": "true",
},
"consentRequired": "false",
"id": "bbf6390f-e95f-4c20-882b-9dad328363b9",
"name": "protocol1",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
}]
}]
"protocolMapper": "oidc-group-membership-mapper",
},
],
},
]
changed = True
@@ -401,11 +437,16 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -420,156 +461,160 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 0)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
def test_update_clientscope_with_protocolmappers(self):
"""Add a new authentication flow from copy of an other flow"""
module_args = {
'auth_keycloak_url': 'http://keycloak.url/auth',
'auth_username': 'admin',
'auth_password': 'admin',
'auth_realm': 'master',
'realm': 'realm-name',
'state': 'present',
'name': 'my-new-kc-clientscope',
'protocolMappers': [
{
'protocol': 'openid-connect',
'config': {
'full.path': 'false',
'id.token.claim': 'false',
'access.token.claim': 'false',
'userinfo.token.claim': 'false',
'claim.name': 'protocol1_updated',
},
'name': 'protocol1',
'protocolMapper': 'oidc-group-membership-mapper',
},
{
'protocol': 'openid-connect',
'config': {
'full.path': 'true',
'id.token.claim': 'false',
'access.token.claim': 'false',
'userinfo.token.claim': 'false',
'claim.name': 'protocol2_updated',
},
'name': 'protocol2',
'protocolMapper': 'oidc-group-membership-mapper',
},
{
'protocol': 'openid-connect',
'config': {
'full.path': 'true',
'id.token.claim': 'true',
'access.token.claim': 'true',
'userinfo.token.claim': 'true',
'claim.name': 'protocol3_updated',
},
'name': 'protocol3',
'protocolMapper': 'oidc-group-membership-mapper',
},
]
}
return_value_get_clientscope_by_name = [{
"attributes": {},
"id": "890ec72e-fe1d-4308-9f27-485ef7eaa182",
"auth_keycloak_url": "http://keycloak.url/auth",
"auth_username": "admin",
"auth_password": "admin",
"auth_realm": "master",
"realm": "realm-name",
"state": "present",
"name": "my-new-kc-clientscope",
"protocolMappers": [
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true"
},
"consentRequired": "false",
"id": "e077007a-367a-444f-91ef-70277a1d868d",
"name": "groups",
"protocol": "saml",
"protocolMapper": "oidc-group-membership-mapper"
},
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true"
},
"consentRequired": "false",
"id": "06c518aa-c627-43cc-9a82-d8467b508d34",
"name": "groups",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
},
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true"
},
"consentRequired": "false",
"id": "1d03c557-d97e-40f4-ac35-6cecd74ea70d",
"name": "groups",
"protocol": "wsfed",
"protocolMapper": "oidc-group-membership-mapper"
}
]
}]
return_value_get_clientscope_by_clientscopeid = [{
"attributes": {},
"id": "2286032f-451e-44d5-8be6-e45aac7983a1",
"name": "my-new-kc-clientscope",
"protocolMappers": [
{
"config": {
"access.token.claim": "true",
"claim.name": "protocol1_updated",
"full.path": "true",
"id.token.claim": "false",
"userinfo.token.claim": "false"
},
"consentRequired": "false",
"id": "a7f19adb-cc58-41b1-94ce-782dc255139b",
"name": "protocol2",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
},
{
"config": {
"access.token.claim": "true",
"claim.name": "protocol1_updated",
"full.path": "true",
"id.token.claim": "false",
"userinfo.token.claim": "false"
},
"consentRequired": "false",
"id": "2103a559-185a-40f4-84ae-9ab311d5b812",
"name": "protocol3",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
},
{
"config": {
"access.token.claim": "false",
"claim.name": "protocol1_updated",
"full.path": "false",
"id.token.claim": "false",
"userinfo.token.claim": "false"
"access.token.claim": "false",
"userinfo.token.claim": "false",
"claim.name": "protocol1_updated",
},
"consentRequired": "false",
"id": "bbf6390f-e95f-4c20-882b-9dad328363b9",
"name": "protocol1",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper"
}
]
}]
"config": {
"full.path": "true",
"id.token.claim": "false",
"access.token.claim": "false",
"userinfo.token.claim": "false",
"claim.name": "protocol2_updated",
},
"name": "protocol2",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"protocol": "openid-connect",
"config": {
"full.path": "true",
"id.token.claim": "true",
"access.token.claim": "true",
"userinfo.token.claim": "true",
"claim.name": "protocol3_updated",
},
"name": "protocol3",
"protocolMapper": "oidc-group-membership-mapper",
},
],
}
return_value_get_clientscope_by_name = [
{
"attributes": {},
"id": "890ec72e-fe1d-4308-9f27-485ef7eaa182",
"name": "my-new-kc-clientscope",
"protocolMappers": [
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true",
},
"consentRequired": "false",
"id": "e077007a-367a-444f-91ef-70277a1d868d",
"name": "groups",
"protocol": "saml",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true",
},
"consentRequired": "false",
"id": "06c518aa-c627-43cc-9a82-d8467b508d34",
"name": "groups",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
"access.token.claim": "true",
"claim.name": "groups",
"full.path": "true",
"id.token.claim": "true",
"userinfo.token.claim": "true",
},
"consentRequired": "false",
"id": "1d03c557-d97e-40f4-ac35-6cecd74ea70d",
"name": "groups",
"protocol": "wsfed",
"protocolMapper": "oidc-group-membership-mapper",
},
],
}
]
return_value_get_clientscope_by_clientscopeid = [
{
"attributes": {},
"id": "2286032f-451e-44d5-8be6-e45aac7983a1",
"name": "my-new-kc-clientscope",
"protocolMappers": [
{
"config": {
"access.token.claim": "true",
"claim.name": "protocol1_updated",
"full.path": "true",
"id.token.claim": "false",
"userinfo.token.claim": "false",
},
"consentRequired": "false",
"id": "a7f19adb-cc58-41b1-94ce-782dc255139b",
"name": "protocol2",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
"access.token.claim": "true",
"claim.name": "protocol1_updated",
"full.path": "true",
"id.token.claim": "false",
"userinfo.token.claim": "false",
},
"consentRequired": "false",
"id": "2103a559-185a-40f4-84ae-9ab311d5b812",
"name": "protocol3",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper",
},
{
"config": {
"access.token.claim": "false",
"claim.name": "protocol1_updated",
"full.path": "false",
"id.token.claim": "false",
"userinfo.token.claim": "false",
},
"consentRequired": "false",
"id": "bbf6390f-e95f-4c20-882b-9dad328363b9",
"name": "protocol1",
"protocol": "openid-connect",
"protocolMapper": "oidc-group-membership-mapper",
},
],
}
]
changed = True
@@ -577,12 +622,19 @@ class TestKeycloakAuthentication(ModuleTestCase):
with set_module_args(module_args):
with mock_good_connection():
with patch_keycloak_api(get_clientscope_by_name=return_value_get_clientscope_by_name,
get_clientscope_by_clientscopeid=return_value_get_clientscope_by_clientscopeid) \
as (mock_get_clientscope_by_name, mock_get_clientscope_by_clientscopeid, mock_create_clientscope,
mock_update_clientscope, mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper, mock_delete_clientscope):
with patch_keycloak_api(
get_clientscope_by_name=return_value_get_clientscope_by_name,
get_clientscope_by_clientscopeid=return_value_get_clientscope_by_clientscopeid,
) as (
mock_get_clientscope_by_name,
mock_get_clientscope_by_clientscopeid,
mock_create_clientscope,
mock_update_clientscope,
mock_get_clientscope_protocolmapper_by_name,
mock_update_clientscope_protocolmappers,
mock_create_clientscope_protocolmapper,
mock_delete_clientscope,
):
with self.assertRaises(AnsibleExitJson) as exec_info:
self.module.main()
@@ -597,8 +649,8 @@ class TestKeycloakAuthentication(ModuleTestCase):
self.assertEqual(mock_delete_clientscope.call_count, 0)
# Verify that the module's changed status matches what is expected
self.assertIs(exec_info.exception.args[0]['changed'], changed)
self.assertIs(exec_info.exception.args[0]["changed"], changed)
if __name__ == '__main__':
if __name__ == "__main__":
unittest.main()