Solved bug existed due to difference between mailu domain and hostname difference. also refactored during this to find the bug

2025-08-29 15:06:26 +02:00 · 2025-08-16 14:29:07 +02:00
parent 1bed83078e
commit 0de26fa6c7
76 changed files with 543 additions and 487 deletions
--- a/roles/web-app-keycloak/templates/import/realm.json.j2
+++ b/roles/web-app-keycloak/templates/import/realm.json.j2
@@ -832,7 +832,7 @@
      "enabled": true,
      "alwaysDisplayInConsole": false,
      "clientAuthenticatorType": "desktop-secret",
-      "secret": "{{ oidc.client.secret }}",
+      "secret": "{{ OIDC.CLIENT.SECRET }}",
      {# The following line should be covered by 02_update_client_redirects.yml #}
      "redirectUris": {{ domains | redirect_uris(applications, WEB_PROTOCOL) | tojson }},
      "webOrigins": [
@@ -1261,7 +1261,7 @@
            "id.token.claim": "true",
            "lightweight.claim": "false",
            "access.token.claim": "true",
-            "claim.name": "{{ oidc.claims.groups }}"
+            "claim.name": "{{ OIDC.CLAIMS.GROUPS }}"
          }
        }
      ]
@@ -1520,7 +1520,7 @@
            "user.attribute": "username",
            "id.token.claim": "true",
            "access.token.claim": "true",
-            "claim.name": "{{oidc.attributes.username}}",
+            "claim.name": "{{OIDC.ATTRIBUTES.USERNAME}}",
            "jsonType.label": "String"
          }
        },
--- a/roles/web-app-keycloak/vars/main.yml
+++ b/roles/web-app-keycloak/vars/main.yml
@@ -5,7 +5,7 @@ database_type:                    "postgres"
 # Keycloak
 keycloak_container:                 "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.name') }}"      # Name of the keycloak docker container
 keycloak_docker_import_directory:   "/opt/keycloak/data/import/"                                                              # Directory in which keycloak import files are placed in the running docker container
-keycloak_realm:                     "{{ oidc.client.realm }}"                                                                     # This is the name of the default realm which is used by the applications
+keycloak_realm:                     "{{ OIDC.CLIENT.ISSUER_URL }}"                                                                     # This is the name of the default realm which is used by the applications
 keycloak_master_api_user:           "{{ applications | get_app_conf(application_id, 'users.administrator') }}"                # Master Administrator
 keycloak_master_api_user_name:      "{{ keycloak_master_api_user.username }}"                                                 # Master Administrator Username
 keycloak_master_api_user_password:  "{{ keycloak_master_api_user.password }}"                                                 # Master Administrator Password
@@ -17,7 +17,7 @@ keycloak_image:                     "{{ applications | get_app_conf(application_
 keycloak_version:                   "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.version') }}"   # Keycloak docker version
 keycloak_debug_enabled:             "{{ MODE_DEBUG }}"
 keycloak_redirect_features:         ["features.oauth2","features.oidc"]
-keycloak_client_id:                 "{{ oidc.client.id }}"
+keycloak_client_id:                 "{{ OIDC.CLIENT.ID }}"
 keycloak_ldap_component_name:       "{{ ldap.server.domain }}"                                                                                    # Name of the LDAP User Federation component in Keycloak (as shown in UI)
 keycloak_import_realm:              "{{ applications | get_app_conf(application_id, 'actions.import_realm') }}"               # Activate realm import  
 keycloak_update_ldap_bind:          "{{ applications | get_app_conf(application_id, 'actions.update_ldap_bind') }}"           # Toggle the LDAP bind update step