com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermission Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of keycloak Show documentation
Show all versions of keycloak Show documentation
A Pulumi package for creating and managing keycloak cloud resources.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.keycloak;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermissionArgs;
import com.pulumi.keycloak.Utilities;
import com.pulumi.keycloak.inputs.IdentityProviderTokenExchangeScopePermissionState;
import java.lang.String;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* ## Example Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.keycloak.Realm;
* import com.pulumi.keycloak.RealmArgs;
* import com.pulumi.keycloak.oidc.IdentityProvider;
* import com.pulumi.keycloak.oidc.IdentityProviderArgs;
* import com.pulumi.keycloak.openid.Client;
* import com.pulumi.keycloak.openid.ClientArgs;
* import com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermission;
* import com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermissionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var tokenExchangeRealm = new Realm("tokenExchangeRealm", RealmArgs.builder()
* .realm("token-exchange_destination_realm")
* .enabled(true)
* .build());
*
* var tokenExchangeMyOidcIdp = new IdentityProvider("tokenExchangeMyOidcIdp", IdentityProviderArgs.builder()
* .realm(tokenExchangeRealm.id())
* .alias("myIdp")
* .authorizationUrl("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth")
* .tokenUrl("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token")
* .clientId("clientId")
* .clientSecret("secret")
* .defaultScopes("openid")
* .build());
*
* var token_exchangeWebappClient = new Client("token-exchangeWebappClient", ClientArgs.builder()
* .realmId(tokenExchangeRealm.id())
* .name("webapp_client")
* .clientId("webapp_client")
* .clientSecret("secret")
* .description("a webapp client on the destination realm")
* .accessType("CONFIDENTIAL")
* .standardFlowEnabled(true)
* .validRedirectUris("http://localhost:8080/*")
* .build());
*
* //relevant part
* var oidcIdpPermission = new IdentityProviderTokenExchangeScopePermission("oidcIdpPermission", IdentityProviderTokenExchangeScopePermissionArgs.builder()
* .realmId(tokenExchangeRealm.id())
* .providerAlias(tokenExchangeMyOidcIdp.alias())
* .policyType("client")
* .clients(token_exchangeWebappClient.id())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* This resource can be imported using the format `{{realm_id}}/{{provider_alias}}`, where `provider_alias` is the alias that
*
* you assign to the identity provider upon creation.
*
* Example:
*
* bash
*
* ```sh
* $ pulumi import keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission oidc_idp_permission my-realm/myIdp
* ```
*
*/
@ResourceType(type="keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission")
public class IdentityProviderTokenExchangeScopePermission extends com.pulumi.resources.CustomResource {
/**
* (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
*
*/
@Export(name="authorizationIdpResourceId", refs={String.class}, tree="[0]")
private Output authorizationIdpResourceId;
/**
* @return (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
*
*/
public Output authorizationIdpResourceId() {
return this.authorizationIdpResourceId;
}
/**
* (Computed) Resource server ID representing the realm management client on which this permission is managed.
*
*/
@Export(name="authorizationResourceServerId", refs={String.class}, tree="[0]")
private Output authorizationResourceServerId;
/**
* @return (Computed) Resource server ID representing the realm management client on which this permission is managed.
*
*/
public Output authorizationResourceServerId() {
return this.authorizationResourceServerId;
}
/**
* (Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
*
*/
@Export(name="authorizationTokenExchangeScopePermissionId", refs={String.class}, tree="[0]")
private Output authorizationTokenExchangeScopePermissionId;
/**
* @return (Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
*
*/
public Output authorizationTokenExchangeScopePermissionId() {
return this.authorizationTokenExchangeScopePermissionId;
}
/**
* A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
*
*/
@Export(name="clients", refs={List.class,String.class}, tree="[0,1]")
private Output> clients;
/**
* @return A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
*
*/
public Output> clients() {
return this.clients;
}
/**
* (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
*
*/
@Export(name="policyId", refs={String.class}, tree="[0]")
private Output policyId;
/**
* @return (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
*
*/
public Output policyId() {
return this.policyId;
}
/**
* Defaults to "client" This is also the only value policy type supported by this provider.
*
*/
@Export(name="policyType", refs={String.class}, tree="[0]")
private Output policyType;
/**
* @return Defaults to "client" This is also the only value policy type supported by this provider.
*
*/
public Output> policyType() {
return Codegen.optional(this.policyType);
}
/**
* Alias of the identity provider.
*
*/
@Export(name="providerAlias", refs={String.class}, tree="[0]")
private Output providerAlias;
/**
* @return Alias of the identity provider.
*
*/
public Output providerAlias() {
return this.providerAlias;
}
/**
* The realm that the identity provider exists in.
*
*/
@Export(name="realmId", refs={String.class}, tree="[0]")
private Output realmId;
/**
* @return The realm that the identity provider exists in.
*
*/
public Output realmId() {
return this.realmId;
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public IdentityProviderTokenExchangeScopePermission(java.lang.String name) {
this(name, IdentityProviderTokenExchangeScopePermissionArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public IdentityProviderTokenExchangeScopePermission(java.lang.String name, IdentityProviderTokenExchangeScopePermissionArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public IdentityProviderTokenExchangeScopePermission(java.lang.String name, IdentityProviderTokenExchangeScopePermissionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private IdentityProviderTokenExchangeScopePermission(java.lang.String name, Output id, @Nullable IdentityProviderTokenExchangeScopePermissionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission", name, state, makeResourceOptions(options, id), false);
}
private static IdentityProviderTokenExchangeScopePermissionArgs makeArgs(IdentityProviderTokenExchangeScopePermissionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? IdentityProviderTokenExchangeScopePermissionArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static IdentityProviderTokenExchangeScopePermission get(java.lang.String name, Output id, @Nullable IdentityProviderTokenExchangeScopePermissionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new IdentityProviderTokenExchangeScopePermission(name, id, state, options);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy