search

epam / edp-keycloak-operator

It is responsible for establishing a connection to provided Keycloak Server, reconciling realms, and clients according to the created CRs
https://docs.kuberocketci.io
Apache License 2.0
34 stars 20 forks source link

Add Scopes to Keycloak Client Authorizations #41

Closed dougkirkley closed 5 months ago

dougkirkley commented 5 months ago

Is your feature request related to a problem? Please describe. When using the new Authorization field for KeycloakClient (Thanks for adding that feature), if the permission is scoped based, then the scope needs to exist in the Authorization Scopes for the Client.

Describe the solution you'd like Add a Scopes field to the KeycloakClient Authorization spec

Describe alternatives you've considered Manually adding the authorization scope e.g "token-exchange" allows the KeycloakClient to reconcile properly

Additional context I am working on a branch for this now, but I'm currently stuck at the mock pieces because make mocks is hitting a nil pointer. If you could possibly point into the right direction of which piece I could have missed, I would love to get this PR in for your team.

zmotso commented 5 months ago

@dougkirkley You can open a draft pull request. I will check why the mocks aren't working.