INF-162 - Configure keycloak client setting via built-in Ansible plugin
Change-Id: Ifd6b43d148a52727e2044c0c4314203fa7711286
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 08b9c30..5796c8d 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -21,5 +21,35 @@
debian-11-priv:
keycloak_admin_username: "admin"
keycloak_admin_password: "changeme"
+ keycloak_client_settings:
+ - name: client_testing
+ client_id: https://testing.client.site/v1-saml/keycloak/saml/metadata
+ auth_realm: master
+ protocol: saml
+ description: "Testing Server"
+ attributes:
+ saml.client.signature: false
+ saml.assertion.signature: true
+ saml_idp_initiated_sso_url_name: "IdPSSOName"
+ saml.server.signature: true
+ saml_name_id_format: "username"
+ redirect_uris:
+ - https://testing.client.site/v1-saml/keycloak/saml/acs
+ protocol_mappers:
+ - config:
+ attribute.name: "uid"
+ attribute.nameformat: "Basic"
+ user.attribute: "username"
+ name: "x509 username"
+ protocol: "saml"
+ protocolMapper: "saml-user-property-mapper"
+ - config:
+ attribute.name: "member"
+ attribute.nameformat: "Basic"
+ full.path: "false"
+ single: "true"
+ name: "groups"
+ protocol: "saml"
+ protocolMapper: "saml-group-membership-mapper"
verifier:
name: ansible