Skip to content

codimd: init-keycloak is not correctly generated

Problem

When building a configuration, the init-keycloak script is bogus:

install/addons/codimd/init-keycloak 
if ${CURL_CMD} \
    -H "Authorization: bearer ${ADMIN_TOKEN}" \
    -H "Content-Type: application/json" \
    "${KEYCLOAK_URL}/auth/admin/realms/${REALM}/clients?search=true&&clientId=codimd" \
    | jq --exit-status 'length == 1' > /dev/null
then
    echo "Keycloak client 'codimd' already exists"
else
    echo "Create new keycloak client 'codimd'"
    ${CURL_CMD} \
        -H "Authorization: bearer ${ADMIN_TOKEN}" \
        -H "Content-Type: application/json" \
        -d @- \
        "${KEYCLOAK_URL}/auth/admin/realms/${REALM}/clients" <<EOF
{
    "clientId": "codimd",
    "directAccessGrantsEnabled": true,
    "enabled": true,
    "publicClient": false,
    "redirectUris": [
        "http://codimd.test.eole3.dev/*",
        "https://codimd.apps.education.fr/*"
    ],
    "secret": "mybestsecret",
    "standardFlowEnabled": true
}
EOF
fi
  • the redirectUris contains http://codimd.test.eole3.dev/*
  • the secret is the hard coded mybestsecret