X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=capifcore%2Finternal%2Fkeycloak%2Fkeycloak.go;h=a4506e02abc45f3dd9616c1a1bfc88a26993e1f4;hb=refs%2Fchanges%2F02%2F12702%2F1;hp=3646516cd8cdafc38d3509270557261ceed37725;hpb=051a4a32068b4718ef9ddb1868e532a976de843e;p=nonrtric%2Fplt%2Fsme.git

diff --git a/capifcore/internal/keycloak/keycloak.go b/capifcore/internal/keycloak/keycloak.go
index 3646516..a4506e0 100644
--- a/capifcore/internal/keycloak/keycloak.go
+++ b/capifcore/internal/keycloak/keycloak.go
@@ -39,6 +39,8 @@ type AccessManagement interface {
 	GetToken(realm string, data map[string][]string) (Jwttoken, error)
 	// Add new client in keycloak
 	AddClient(clientId string, realm string) error
+	// Returns information about client including secret
+	GetClientRepresentation(clientId string, realm string) (*Client, error)
 }
 
 type AdminUser struct {
@@ -82,8 +84,12 @@ type Jwttoken struct {
 
 func (km *KeycloakManager) GetToken(realm string, data map[string][]string) (Jwttoken, error) {
 	var jwt Jwttoken
-	getTokenUrl := km.keycloakServerUrl + "/realms/" + realm + "/protocol/openid-connect/token"
-
+	realmVal, ok := km.realms[realm]
+	if !ok {
+		log.Errorf("error realm does not exist\n")
+		return jwt, errors.New("realm does not exist")
+	}
+	getTokenUrl := km.keycloakServerUrl + "/realms/" + realmVal + "/protocol/openid-connect/token"
 	resp, err := http.PostForm(getTokenUrl, data)
 
 	if err != nil {
@@ -96,6 +102,7 @@ func (km *KeycloakManager) GetToken(realm string, data map[string][]string) (Jwt
 	if err != nil {
 		return jwt, err
 	}
+
 	if resp.StatusCode != http.StatusOK {
 		return jwt, errors.New(string(body))
 	}
@@ -105,16 +112,20 @@ func (km *KeycloakManager) GetToken(realm string, data map[string][]string) (Jwt
 }
 
 type Client struct {
-	AdminURL               string `json:"adminUrl,omitempty"`
-	BearerOnly             bool   `json:"bearerOnly,omitempty"`
-	ClientID               string `json:"clientId,omitempty"`
-	Enabled                bool   `json:"enabled,omitempty"`
-	PublicClient           bool   `json:"publicClient,omitempty"`
-	RootURL                string `json:"rootUrl,omitempty"`
-	ServiceAccountsEnabled bool   `json:"serviceAccountsEnabled,omitempty"`
+	AdminURL                     string  `json:"adminUrl,omitempty"`
+	AuthorizationServicesEnabled *bool   `json:"authorizationServicesEnabled,omitempty"`
+	BearerOnly                   bool    `json:"bearerOnly,omitempty"`
+	ClientID                     string  `json:"clientId,omitempty"`
+	Enabled                      bool    `json:"enabled,omitempty"`
+	ID                           *string `json:"id,omitempty"`
+	PublicClient                 bool    `json:"publicClient,omitempty"`
+	RootURL                      string  `json:"rootUrl,omitempty"`
+	Secret                       *string `json:"secret,omitempty"`
+	ServiceAccountsEnabled       bool    `json:"serviceAccountsEnabled,omitempty"`
 }
 
 func (km *KeycloakManager) AddClient(clientId string, realm string) error {
+
 	data := url.Values{"grant_type": {"password"}, "username": {km.admin.User}, "password": {km.admin.Password}, "client_id": {"admin-cli"}}
 	token, err := km.GetToken("master", data)
 	if err != nil {
@@ -122,23 +133,69 @@ func (km *KeycloakManager) AddClient(clientId string, realm string) error {
 		return err
 	}
 
-	createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realm + "/clients"
-	newClient := Client{
-		ClientID:               clientId,
-		Enabled:                true,
-		ServiceAccountsEnabled: true,
-		BearerOnly:             false,
-		PublicClient:           false,
+	realmVal, ok := km.realms[realm]
+	if !ok {
+		log.Errorf("error realm does not exist\n")
+		return errors.New("realm does not exist")
+	}
+
+	createClientUrl := km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients"
+	newClient := map[string]interface{}{"clientId": clientId, "serviceAccountsEnabled": true}
+
+	body, err := json.Marshal(newClient)
+	if err != nil {
+		return err
 	}
 
-	body, _ := json.Marshal(newClient)
 	var headers = map[string]string{"Content-Type": "application/json", "Authorization": "Bearer " + token.AccessToken}
-	if error := restclient.Post(createClientUrl, body, headers, km.client); error != nil {
-		log.Errorf("error with http request: %+v\n", err)
+	if err := restclient.Post(createClientUrl, body, headers, km.client); err != nil {
+		log.Errorf("addClient - error with http request: %+v\n", err)
 		return err
 	}
 
-	log.Info("Created new client")
+	log.Debug("Created new client")
 	return nil
 
 }
+
+func (km *KeycloakManager) GetClientRepresentation(clientId string, realm string) (*Client, error) {
+
+	data := url.Values{"grant_type": {"password"}, "username": {km.admin.User}, "password": {km.admin.Password}, "client_id": {"admin-cli"}}
+	token, err := km.GetToken("master", data)
+	if err != nil {
+		log.Errorf("error wrong credentials or url %v\n", err)
+		return nil, err
+	}
+
+	realmVal, ok := km.realms[realm]
+	if !ok {
+		log.Errorf("error realm does not exist\n")
+		return nil, errors.New("realm does not exist")
+	}
+
+	createClientUrl, _ := url.Parse(km.keycloakServerUrl + "/admin/realms/" + realmVal + "/clients")
+	q := createClientUrl.Query()
+	q.Add("clientId", clientId)
+	createClientUrl.RawQuery = q.Encode()
+
+	var headers = map[string]string{"Content-Type": "application/json", "Authorization": "Bearer " + token.AccessToken}
+
+	if resp, err := restclient.Get(createClientUrl.String(), headers, km.client); err == nil {
+		var client []Client
+
+		if err = json.Unmarshal(resp, &client); err != nil {
+			log.Errorf("error unmarshal keycloak client object: %+v\n", err)
+			return nil, err
+		}
+
+		if len(client) > 0 {
+			return &client[0], nil
+		}
+		return nil, nil
+
+	} else {
+		log.Errorf("error with http request: %+v\n", err)
+		return nil, err
+	}
+
+}