-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
resource to enable the token exchange idp permission #318
resource to enable the token exchange idp permission #318
Conversation
Strange all the tests passed. I did not expect this.... //edit Probably the token exchange itself will not work till you have the feature enabled. |
docs/resources/keycloak_identity_provider_token_exchange_scope_permission.md
Outdated
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Outdated
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Outdated
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Outdated
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Outdated
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Show resolved
Hide resolved
provider/resource_keycloak_identity_provider_token_exchange_scope_permission.go
Show resolved
Hide resolved
Nice work on this @tomrutsaert! I think it's pretty funny that the feature flag only toggles its visibility in the UI. We should probably just leave that toggle enabled for example purposes. |
…ope_permission.go Co-authored-by: Michael Parker <michael@parker.gg>
…on method + improved policy name creator logic
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work, thanks for the contribution!
resource to enable the token exchange idp permission and auto create of client policy
This is part of a preview keycloak feature. You need to enable this feature to be able to use this resource.
More information about enabling the preview feature can be found here: https://www.keycloak.org/docs/latest/securing_apps/index.html#_token-exchange
This implies that I enabled this feature in the docker-compose file.
This also implies that the tests will fail in CIRCLE-CI
@mrparkers What is your opinion on this?
Should I enable this preview feature in CIRCLE_CI or do I add a check in test_utils based on a env variable?
I did not see a way to detect if this feature is enabled via server_info, thus we can not use this server_info approach.