search

mrparkers / terraform-provider-keycloak

Terraform provider for Keycloak
https://registry.terraform.io/providers/mrparkers/keycloak/latest/docs
MIT License
617 stars 303 forks source link

"error":"ProtocolMapper provider not found" #765

Open galiceau opened 1 year ago

galiceau commented 1 year ago

Hello

I'm trying to a specific protocol mapper in order to map kck role ans aws role. Here my code : `resource "keycloak_saml_script_protocol_mapper" "saml_script_mapper" { realm_id = module.keycloak_realm.realm_id client_id = module.keycloak_saml_client.client_id name = "script-mapper"

script = <<-EOT var saml_provider_name = "dev-ew3-ec2-devops-baseline-saml"; var ArrayList = Java.type("java.util.ArrayList"); var aws_roles = new ArrayList(); var client = keycloakSession.getContext().getClient(); var forEach = Array.prototype.forEach; forEach.call(client.getRoles().toArray(), function(roleModel) { if (user.hasRole(roleModel)) { var idp_role = roleModel.getName(); var tmp = idp_role.split("."); var account = tmp[0]; var role_name = tmp[1]; var saml_role = "arn:aws:iam::" + account + ":saml-provider/" + saml_provider_name + ",arn:aws:iam::" + account + ":role/" + role_name; aws_roles.add(saml_role); } });

exports = aws_roles; EOT saml_attribute_name = "https://aws.amazon.com/SAML/Attributes/Role" saml_attribute_name_format = "Basic" }`

here the raised issue : Error: error sending POST request to /admin/realms/myrealm/clients/6bcb1164-56a2-4d82-9f43-93ffa7080a8b/protocol-mappers/models: 404 Not Found. Response body: {"error":"ProtocolMapper provider not found"} │ │ with keycloak_saml_script_protocol_mapper.saml_script_mapper, │ on realm.tf line 25, in resource "keycloak_saml_script_protocol_mapper" "saml_script_mapper": │ 25: resource "keycloak_saml_script_protocol_mapper" "saml_script_mapper" {

I don't understand what is expected here. Of course in the Rest API documentation of Kck, there is no information about the expected protocol mappers values.

I used the latest version of KeyCloaK nad version 4.0.1 of the keycloak provider.

thanks in advance.

Regards

LmV4corbeau commented 1 year ago

Unfortunately I have the same error, is there a solution or a workaround? I'm working with terraform keycloak provider version 4.1.0 and keycloak 20

zivcex commented 1 year ago

You need to add the desired mapper provider id. One example is for user attribute mapper - oidc-usermodel-attribute-mapper. This id should go into protocol_mapper tf field.