2023-10-11 20:19:16 +02:00
|
|
|
module "seafileclient" {
|
|
|
|
source = "./modules/kc-client"
|
|
|
|
|
|
|
|
realm = var.realm
|
|
|
|
client_id = "seafile"
|
|
|
|
client_name = "Seafile"
|
|
|
|
description = "files.unruhig.eu"
|
|
|
|
root_url = "https://files.unruhig.eu"
|
|
|
|
admin_url = "https://files.unruhig.eu"
|
|
|
|
base_url = ""
|
|
|
|
valid_redirect_uris = ["https://files.unruhig.eu/oauth/callback/"]
|
|
|
|
web_origins = ["https://files.unruhig.eu"]
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "keycloak_openid_user_property_protocol_mapper" "seafile-username-mapper" {
|
|
|
|
realm_id = module.seafileclient.realm.id
|
|
|
|
client_id = module.seafileclient.client.id
|
|
|
|
|
|
|
|
name = "username"
|
|
|
|
user_property = "username"
|
|
|
|
claim_name = "preferred_username"
|
|
|
|
add_to_userinfo = true
|
|
|
|
add_to_access_token = true
|
|
|
|
add_to_id_token = false
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "keycloak_openid_user_client_role_protocol_mapper" "seafile-role-mapper" {
|
|
|
|
realm_id = module.seafileclient.realm.id
|
|
|
|
client_id = module.seafileclient.client.id
|
|
|
|
# client_id_for_role_mappings = module.seafileclient.client.id
|
|
|
|
multivalued = true
|
|
|
|
name = "user-client-role-mapper"
|
|
|
|
claim_name = "roles"
|
2023-12-22 16:54:24 +01:00
|
|
|
client_id_for_role_mappings = module.seafileclient.client_id
|
2023-10-11 20:19:16 +02:00
|
|
|
add_to_userinfo = true
|
|
|
|
add_to_access_token = true
|
|
|
|
add_to_id_token = false
|
|
|
|
}
|