From 632ad14bd87fd74d641472dc003e89451ab56201 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Sun, 13 Jul 2025 23:12:13 +0200
Subject: [PATCH] Solved application id bug in keycloak

---
 group_vars/all/13_ldap.yml                            | 2 +-
 roles/web-app-keycloak/templates/import/realm.json.j2 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/group_vars/all/13_ldap.yml b/group_vars/all/13_ldap.yml
index 76f0f4ba..f2f70a1c 100644
--- a/group_vars/all/13_ldap.yml
+++ b/group_vars/all/13_ldap.yml
@@ -6,7 +6,7 @@
 # Helper Variables:
 # Keep in mind to mapp this variables if there is ever the possibility for the user to define them in the inventory
 _ldap_dn_base:            "dc={{primary_domain_sld}},dc={{primary_domain_tld}}"
-_ldap_server_port:        "{% if applications['svc-db-openldap'].network.docker | bool %}{{ ports.localhost.ldap[application_id] }}{% else %}{{ ports.localhost.ldaps[application_id] }}{% endif %}"
+_ldap_server_port:        "{% if applications['svc-db-openldap'].network.docker | bool %}{{ ports.localhost.ldap['svc-db-openldap'] }}{% else %}{{ ports.localhost.ldaps['svc-db-openldap'] }}{% endif %}"
 _ldap_user_id:            "uid"
 _ldap_filters_users_all:  "(|(objectclass=inetOrgPerson))"
 
diff --git a/roles/web-app-keycloak/templates/import/realm.json.j2 b/roles/web-app-keycloak/templates/import/realm.json.j2
index 516899bf..d2fce6e9 100644
--- a/roles/web-app-keycloak/templates/import/realm.json.j2
+++ b/roles/web-app-keycloak/templates/import/realm.json.j2
@@ -834,8 +834,8 @@
       "clientAuthenticatorType": "desktop-secret",
       "secret": "{{oidc.client.secret}}",
       {%- set redirect_uris = [] %}
-      {%- for application_id, domain in domains.items() %}
-        {%- if applications | get_app_conf(application_id, 'features.oauth2', False) or applications | get_app_conf(application_id, 'features.oidc', False) %}
+      {%- for domain_application_id, domain in domains.items() %}
+        {%- if applications | get_app_conf(domain_application_id, 'features.oauth2', False) or applications | get_app_conf(domain_application_id, 'features.oidc', False) %}
           {%- if domain is string %}
             {%- set _ = redirect_uris.append(web_protocol ~ '://' ~ domain ~ '/*') %}
           {%- else %}