| 123456789101112131415161718192021222324252627282930 |
- ---
- # Required variables:
- # rhbk_fqdn the FQDN of the Keycloak server (XXX will blow up without it)
- # rhbk.admin.username admin user (default "rhbk")
- # rhbk.admin.password admin password (default "secret")
- #
- # Registers (or refreshes) a fact called admin_token which you can use for auth.
- #
- - name: Get an auth token from Keycloak
- ansible.builtin.uri:
- method: POST
- return_content: yes
- validate_certs: no
- url: "https://{{ rhbk_fqdn }}/realms/master/protocol/openid-connect/token"
- headers:
- Accept: application/json
- body: "client_id=admin-cli&username={{ rhbk.admin.username | default('rhbk') }}&password={{ rhbk.admin.password | default('secret') }}&grant_type=password"
- register: sso_token_rsp
- - name: Verify that the token is usable.
- ansible.builtin.assert:
- that: sso_token_rsp.json is defined and sso_token_rsp.json.access_token is defined
- fail_msg: "ERROR: Failed to obtain authentication token from Keycloak."
- success_msg: "OK: got authentication token."
- - name: Store the token as a fact
- ansible.builtin.set_fact:
- admin_token: "{{ sso_token_rsp.json.access_token }}"
- ...
|
