You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by dm...@apache.org on 2020/03/24 14:29:04 UTC

[incubator-dlab] branch odahu-integration updated: [odahu-integration] Added configuration of redirectUris for keycloak

This is an automated email from the ASF dual-hosted git repository.

dmysakovets pushed a commit to branch odahu-integration
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git


The following commit(s) were added to refs/heads/odahu-integration by this push:
     new 329e178  [odahu-integration] Added configuration of redirectUris for keycloak
329e178 is described below

commit 329e1783665904a7caef6f444584e86d513c9e3a
Author: Demyan Mysakovets <de...@gmail.com>
AuthorDate: Tue Mar 24 16:28:49 2020 +0200

    [odahu-integration] Added configuration of redirectUris for keycloak
---
 .../src/general/scripts/gcp/odahu_deploy.py        |  4 ++
 .../src/general/scripts/gcp/odahu_prepare.py       | 62 +++++++++++++++++++++-
 2 files changed, 65 insertions(+), 1 deletion(-)

diff --git a/infrastructure-provisioning/src/general/scripts/gcp/odahu_deploy.py b/infrastructure-provisioning/src/general/scripts/gcp/odahu_deploy.py
index 396fd38..787a3f9 100644
--- a/infrastructure-provisioning/src/general/scripts/gcp/odahu_deploy.py
+++ b/infrastructure-provisioning/src/general/scripts/gcp/odahu_deploy.py
@@ -232,6 +232,8 @@ if __name__ == "__main__":
     except Exception as err:
         traceback.print_exc()
         append_result("Failed to configure parameter file.", str(err))
+        GCPActions().remove_bucket(odahu_conf['bucket_name'])
+        GCPActions().remove_static_address(odahu_conf['static_address_name'], odahu_conf['region'])
         sys.exit(1)
 
     try:
@@ -240,6 +242,8 @@ if __name__ == "__main__":
     except Exception as err:
         traceback.print_exc()
         append_result("Failed to deploy Odahu cluster.", str(err))
+        GCPActions().remove_bucket(odahu_conf['bucket_name'])
+        GCPActions().remove_static_address(odahu_conf['static_address_name'], odahu_conf['region'])
         sys.exit(1)
 
     # generating output information
diff --git a/infrastructure-provisioning/src/general/scripts/gcp/odahu_prepare.py b/infrastructure-provisioning/src/general/scripts/gcp/odahu_prepare.py
index 98c215d..4712ee2 100644
--- a/infrastructure-provisioning/src/general/scripts/gcp/odahu_prepare.py
+++ b/infrastructure-provisioning/src/general/scripts/gcp/odahu_prepare.py
@@ -24,6 +24,7 @@
 import logging
 import json
 import sys
+import requests
 from dlab.fab import *
 from dlab.meta_lib import *
 from dlab.actions_lib import *
@@ -40,13 +41,21 @@ if __name__ == "__main__":
     print('Generating infrastructure names and tags')
     odahu_conf = dict()
     odahu_conf['service_base_name'] = (os.environ['conf_service_base_name']).lower().replace('_', '-')
-    odahu_conf['odahu_cluster_name'] = (os.environ['odahu_cluster_name']).lower().replace('_', '-')
+    odahu_conf['project_name'] = (os.environ['project_name']).lower().replace('_', '-')
+    odahu_conf['endpoint_name'] = (os.environ['endpoint_name']).lower().replace('_', '-')
+    odahu_conf['cluster_name'] = (os.environ['odahu_cluster_name']).lower().replace('_', '-')
     odahu_conf['tag_name'] = '{}-tag'.format(odahu_conf['service_base_name'])
     odahu_conf['endpoint_tag'] = (os.environ['endpoint_name']).lower().replace('_', '-')
     odahu_conf['project_tag'] = (os.environ['project_name']).lower().replace('_', '-')
     odahu_conf['region'] = os.environ['gcp_region']
     odahu_conf['bucket_name'] = "{}-tfstate".format((os.environ['odahu_cluster_name']).lower().replace('_', '-'))
     odahu_conf['static_address_name'] = "{}-nat-gw".format((os.environ['odahu_cluster_name']).lower().replace('_', '-'))
+    odahu_conf['keycloak_auth_server_url'] = os.environ['keycloak_auth_server_url']
+    odahu_conf['keycloak_realm_name'] = os.environ['keycloak_realm_name']
+    odahu_conf['keycloak_client_name'] = os.environ['keycloak_client_name']
+    odahu_conf['keycloak_user'] = os.environ['keycloak_user']
+    odahu_conf['keycloak_user_password'] = os.environ['keycloak_user_password']
+    odahu_conf['root_domain'] = os.environ['odahu_root_domain']
 
 
     try:
@@ -80,4 +89,55 @@ if __name__ == "__main__":
         print('Error: {0}'.format(err))
         append_result("Unable to reserve static ip.", str(err))
         GCPActions().remove_bucket(odahu_conf['bucket_name'])
+        sys.exit(1)
+
+    try:
+        print('[CONFIGURE REDIRECT URI]')
+        logging.info('[CONFIGURE REDIRECT URI]')
+        keycloak_auth_server_url = '{}/realms/master/protocol/openid-connect/token'.format(
+            odahu_conf['keycloak_auth_server_url'])
+        keycloak_auth_data = {
+            "username": odahu_conf['keycloak_user'],
+            "password": odahu_conf['keycloak_user_password'],
+            "grant_type": "password",
+            "client_id": "admin-cli",
+        }
+        keycloak_client_create_url = '{0}/admin/realms/{1}/clients'.format(odahu_conf['keycloak_auth_server_url'],
+                                                                           odahu_conf['keycloak_realm_name'])
+        odahu_redirectUris = 'https://odahu.{0}.{1}/*,http://odahu.{0}.{1}/*'.format(odahu_conf['cluster_name'],
+                                                                                        odahu_conf['root_domain']).split(',')
+
+
+        try:
+            keycloak_token = requests.post(keycloak_auth_server_url, data=keycloak_auth_data, verify=False).json()
+            keycloak_get_Uris = requests.get(keycloak_client_create_url,
+                                            headers={"Authorization": "Bearer " + keycloak_token.get("access_token"),
+                                                     "Content-Type": "application/json"}, verify=False).json()
+            for dict in keycloak_get_Uris:
+                if dict["clientId"] == odahu_conf['keycloak_client_name']:
+                    ui_redirectUris = dict["redirectUris"]
+                    keycloak_client_id = dict["id"]
+            keycloak_redirectUris = odahu_redirectUris + ui_redirectUris
+            updated_client_data = {
+                "clientId": odahu_conf['keycloak_client_name'],
+                "id": keycloak_client_id,
+                "enabled": "true",
+                "redirectUris": keycloak_redirectUris,
+                "publicClient": "false",
+                "protocol": "openid-connect",
+            }
+            client_url = "{}/{}".format(keycloak_client_create_url, keycloak_client_id)
+            keycloak_update_Uris = requests.put(client_url, json=updated_client_data,
+                                            headers={"Authorization": "Bearer " + keycloak_token.get("access_token"),
+                                                     "Content-Type": "application/json"}, verify=False)
+
+        except Exception as err:
+            append_result("Failed to configure keycloak.")
+            raise Exception
+            sys.exit(1)
+    except Exception as err:
+        print('Error: {0}'.format(err))
+        append_result("Failed to configure keycloak.", str(err))
+        GCPActions().remove_bucket(odahu_conf['bucket_name'])
+        GCPActions().remove_static_address(odahu_conf['static_address_name'], odahu_conf['region'])
         sys.exit(1)
\ No newline at end of file


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org