search

adorsys / keycloak-config-cli

Import YAML/JSON-formatted configuration files into Keycloak - Configuration as Code for Keycloak.
Apache License 2.0
794 stars 146 forks source link

requiredActions not updating in realm #771

Open to-ph opened 2 years ago

to-ph commented 2 years ago

Current Behavior

When running the cli with

  "requiredActions": [
    {
      "alias": "CONFIGURE_TOTP",
      "name": "Configure OTP",
      "providerId": "CONFIGURE_TOTP",
      "enabled": true,
      "defaultAction": true,
      "priority": 0,
      "config": {}
    }
  ]

I do not see defaultAction set to true in the admin console

Also running (as seen from examples):

  "requiredActions": [
    {
      "alias": "MY_CONFIGURE_TOTP",
      "name": "My Configure OTP",
      "providerId": "MY_CONFIGURE_TOTP",
      "enabled": true,
      "defaultAction": true,
      "priority": 0,
      "config": {}
    }
  ]

Does not create the required action (should it?).

Expected Behavior

A Configure OTP required action with defaultAction set to true should be created on the keycloak realm.

Steps To Reproduce

Run the keycloak-config-cli command for Keycloak 18.0.2 with required actions in the config as specified above.

Environment

Anything else?

Hopefully nothing's obviously wrong on my end. Thanks for the help!

to-ph commented 2 years ago

I should clarify that I'm looking at required actions in the keycloak console through Authentication -> Required Actions

Motouom commented 4 days ago

Hello @to-ph

Thanks for reporting this issue.

you can check the new release of Keycloak and its respective keycloak config cli version that supports it

Motouom commented 1 day ago

As an example to see it working with that lates version,

I have a json file with no required actions as such

{
  "realm": "realm-one",
  "enabled": true,
  "clients": [
    {
      "clientId": "my-client",
      "enabled": true,
      "clientAuthenticatorType": "client-secret",
      "secret": "updated-client-secret",
      "redirectUris": ["https://my-updated-client.example.com/*"],
      "webOrigins": ["https://my-updated-client.example.com"]
    }
  ],
  "roles": {
    "realm": [
      {
        "name": "user",
        "description": "Updated user role description"
      },
      {
        "name": "admin",
        "description": "Updated admin role description"
      }
    ]
  }
}

Image

Now, i am going to update the realm with required actions but their defaultActions will be false.

{
 {
  "realm": "realm-one",
  "enabled": true,
  "requiredActions": [
    {
      "alias": "CONFIGURE_TOTP",
      "name": "Configure OTP",
      "providerId": "CONFIGURE_TOTP",
      "enabled": true,
      "defaultAction": false,
      "priority": 10,
      "config": {}
    },
    {
      "alias": "terms_and_conditions",
      "name": "Terms and Conditions",
      "providerId": "terms_and_conditions",
      "enabled": true,
      "defaultAction": false,
      "priority": 20,
      "config": {}
    },
    {
      "alias": "UPDATE_PASSWORD",
      "name": "Update Password",
      "providerId": "UPDATE_PASSWORD",
      "enabled": false,
      "defaultAction": false,
      "priority": 30,
      "config": {}
    },
    {
      "alias": "UPDATE_PROFILE",
      "name": "Update Profile",
      "providerId": "UPDATE_PROFILE",
      "enabled": true,
      "defaultAction": false,
      "priority": 40,
      "config": {}
    }
  ],
  "clients": [
    {
      "clientId": "my-client",
      "enabled": true,
      "clientAuthenticatorType": "client-secret",
      "secret": "updated-client-secret",
      "redirectUris": ["https://my-updated-client.example.com/*"],
      "webOrigins": ["https://my-updated-client.example.com"]
    }
  ],
  "roles": {
    "realm": [
      {
        "name": "user",
        "description": "Updated user role description"
      },
      {
        "name": "admin",
        "description": "Updated admin role description"
      }
    ]
  }
}

Image

Now we can update the defaultActions to be enabled as such

{
  "realm": "realm-one",
  "enabled": true,
  "requiredActions": [
    {
      "alias": "CONFIGURE_TOTP",
      "name": "Configure OTP",
      "providerId": "CONFIGURE_TOTP",
      "enabled": true,
      "defaultAction": true,
      "priority": 10,
      "config": {}
    },
    {
      "alias": "terms_and_conditions",
      "name": "Terms and Conditions",
      "providerId": "terms_and_conditions",
      "enabled": true,
      "defaultAction": true,
      "priority": 20,
      "config": {}
    },
    {
      "alias": "UPDATE_PASSWORD",
      "name": "Update Password",
      "providerId": "UPDATE_PASSWORD",
      "enabled": false,
      "defaultAction": true,
      "priority": 30,
      "config": {}
    },
    {
      "alias": "UPDATE_PROFILE",
      "name": "Update Profile",
      "providerId": "UPDATE_PROFILE",
      "enabled": true,
      "defaultAction": true,
      "priority": 40,
      "config": {}
    }
  ],
  "clients": [
    {
      "clientId": "my-client",
      "enabled": true,
      "clientAuthenticatorType": "client-secret",
      "secret": "updated-client-secret",
      "redirectUris": ["https://my-updated-client.example.com/*"],
      "webOrigins": ["https://my-updated-client.example.com"]
    }
  ],
  "roles": {
    "realm": [
      {
        "name": "user",
        "description": "Updated user role description"
      },
      {
        "name": "admin",
        "description": "Updated admin role description"
      }
    ]
  }
}

Image