module "minifluxclient" {
  source = "./modules/kc-client"

  realm               = var.realm
  client_id           = "miniflux"
  client_name         = "Miniflux"
  client_secret       = var.miniflux_secret
  description         = "rss.tobiasmanske.de"
  root_url            = "https://rss.tobiasmanske.de"
  admin_url           = ""
  base_url            = ""
  valid_redirect_uris = ["/oauth2/oidc/callback"]
  web_origins         = []
}


resource "keycloak_openid_user_session_note_protocol_mapper" "miniflux-id-mapper" {
  realm_id  = module.minifluxclient.realm.id
  client_id = module.minifluxclient.client.id
  name      = "id"

  claim_name          = "clientId"
  claim_value_type    = "String"
  session_note        = "clientId"
  add_to_access_token = true
  add_to_id_token     = true
}

resource "keycloak_openid_user_session_note_protocol_mapper" "miniflux-host-mapper" {
  realm_id  = module.minifluxclient.realm.id
  client_id = module.minifluxclient.client.id
  name      = "host"

  claim_name          = "clientHost"
  claim_value_type    = "String"
  session_note        = "clientHost"
  add_to_access_token = true
  add_to_id_token     = true
}

resource "keycloak_openid_user_session_note_protocol_mapper" "miniflux-ip-mapper" {
  realm_id  = module.minifluxclient.realm.id
  client_id = module.minifluxclient.client.id
  name      = "ip"

  claim_name          = "clientAddress"
  claim_value_type    = "String"
  session_note        = "clientAddress"
  add_to_access_token = true
  add_to_id_token     = true
}