+# Get client role id
+# args: <realm-name> <service-account-name> <client-name> <role-name>
+__get_client_available_role_id() {
+ res=$(__execute_curl_to_keycloak2 GET "$KEYCLOAK_SERVICE_PATH$KEYCLOAK_REALM_URL_PREFIX/$1/users/$2/role-mappings/clients/$3/available" "$__KEYCLOAK_ADMIN_TOKEN")
+ if [ $? -ne 0 ]; then
+ __log_conf_fail_general " Fatal error when getting availiable client role id, response: "$?
+ return 1
+ fi
+ __client_role_id=$(echo $res | jq -r '.[] | select(.name=="'$4'") | .id ')
+ echo $__client_role_id
+ return 0
+}
+
+# Map roles to a client
+# args: <realm-name> <client-name> <role>+
+keycloak_api_map_client_roles() {
+ __log_conf_start $@
+ __c_id=$(__keycloak_api_get_client_id $1 $2)
+ if [ $? -ne 0 ]; then
+ __log_conf_fail_general " Fatal error when getting client id, response: "$?
+ return 1
+ fi
+ __sa_id=$(__keycloak_api_get_service_account_id $1 $__c_id)
+ if [ $? -ne 0 ]; then
+ __log_conf_fail_general " Fatal error when getting service account id, response: "$?
+ return 1
+ fi
+ __realm=$1
+ shift; shift;
+ __json="["
+ __cntr=0
+ while [ $# -gt 0 ]; do
+ __client_role_id=$(__get_client_available_role_id $__realm $__sa_id $__c_id $1)
+ if [ $? -ne 0 ]; then
+ __log_conf_fail_general " Fatal error when getting client role id, response: "$?
+ return 1
+ fi
+ __role='{"name":"'$1'","id":"'$__client_role_id'","composite": false,"clientRole": true}'
+ if [ $__cntr -gt 0 ]; then
+ __json=$__json","
+ fi
+ __json=$__json$__role
+ let __cntr=__cntr+1
+ shift
+ done
+ __json=$__json"]"
+
+ res=$(__execute_curl_to_keycloak2 POST "$KEYCLOAK_SERVICE_PATH$KEYCLOAK_REALM_URL_PREFIX/$__realm/users/$__sa_id/role-mappings/clients/$__c_id" "$__KEYCLOAK_ADMIN_TOKEN" "$__json")
+ if [ $? -ne 0 ]; then
+ __log_conf_fail_general " Fatal error when mapping client roles, response: "$?
+ return 1
+ fi
+
+
+
+
+ # while [ $# -gt 0 ]; do
+ # __json='{"name":"'$1'"}'
+ # res=$(__execute_curl_to_keycloak2 POST "$KEYCLOAK_SERVICE_PATH$KEYCLOAK_REALM_URL_PREFIX/$__realm/clients/$__c_id/roles" "$__KEYCLOAK_ADMIN_TOKEN" "$__json")
+ # if [ $? -ne 0 ]; then
+ # __log_conf_fail_general " Fatal error when adding client role, response: "$?
+ # return 1
+ # fi
+ # shift
+ # done
+ __log_conf_ok
+ return 0
+}
+