module "hedgedocclient" {
  source = "./modules/kc-client"

  realm               = var.realm
  client_id           = "hedgedoc"
  client_name         = "hedgedoc"
  client_secret       = var.hedgedoc_secret
  description         = "doc.tobiasmanske.de"
  root_url            = "https://doc.tobiasmanske.de"
  admin_url           = ""
  base_url            = ""
  valid_redirect_uris = ["https://doc.tobiasmanske.de/*"]
  web_origins         = ["https://doc.tobiasmanske.de"]
}


resource "keycloak_openid_user_session_note_protocol_mapper" "hedgedoc-id-mapper" {
  realm_id  = module.hedgedocclient.realm.id
  client_id = module.hedgedocclient.client.id
  name      = "id"

  claim_name          = "clientId"
  claim_value_type    = "String"
  session_note        = "clientId"
  add_to_access_token = true
  add_to_id_token     = true
}

resource "keycloak_openid_user_session_note_protocol_mapper" "hedgedoc-host-mapper" {
  realm_id  = module.hedgedocclient.realm.id
  client_id = module.hedgedocclient.client.id
  name      = "host"

  claim_name          = "clientHost"
  claim_value_type    = "String"
  session_note        = "clientHost"
  add_to_access_token = true
  add_to_id_token     = true
}

resource "keycloak_openid_user_session_note_protocol_mapper" "hedgedoc-ip-mapper" {
  realm_id  = module.hedgedocclient.realm.id
  client_id = module.hedgedocclient.client.id
  name      = "ip"

  claim_name          = "clientAddress"
  claim_value_type    = "String"
  session_note        = "clientAddress"
  add_to_access_token = true
  add_to_id_token     = true
}