Merge pull request #533 from dlechevalier/Add-protocol-mappers

Add realm-role, client-role and session note mappers

Author: sergeylanzman

README.md

@@ -206,7 +206,7 @@ Links to download Terraform Providers:
     * Datadog provider >2.1.0 - [here](https://releases.hashicorp.com/terraform-provider-datadog/)
     * New Relic provider >1.5.0 - [here](https://releases.hashicorp.com/terraform-provider-newrelic/)
 * Community
-    * Keycloak provider >=1.12.0 - [here](https://github.com/mrparkers/terraform-provider-keycloak/)
+    * Keycloak provider >=1.19.0 - [here](https://github.com/mrparkers/terraform-provider-keycloak/)
     * Logz.io provider >=1.1.1 - [here](https://github.com/jonboydell/logzio_terraform_provider/)
     * Commercetools provider >= 0.21.0 - [here](https://github.com/labd/terraform-provider-commercetools)
     * Mikrotik provider >= 0.2.2 - [here](https://github.com/labd/terraform-provider-commercetools)
@@ -1247,7 +1247,7 @@ Example:
  terraformer import keycloak --resources=realms --targets realmA,realmB
 ```
 
-Here is the list of resources which are currently supported by Keycloak provider v.1.17.1:
+Here is the list of resources which are currently supported by Keycloak provider v.1.19.0:
 
 - `realms`
   - `keycloak_default_groups`
@@ -1272,14 +1272,17 @@ Here is the list of resources which are currently supported by Keycloak provider
   - `keycloak_openid_group_membership_protocol_mapper`
   - `keycloak_openid_hardcoded_claim_protocol_mapper`
   - `keycloak_openid_hardcoded_group_protocol_mapper`
-  - `keycloak_openid_hardcoded_role_protocol_mapper`
+  - `keycloak_openid_hardcoded_role_protocol_mapper` (only for client roles)
   - `keycloak_openid_user_attribute_protocol_mapper`
   - `keycloak_openid_user_property_protocol_mapper`
+  - `keycloak_openid_user_realm_role_protocol_mapper`
+  - `keycloak_openid_user_client_role_protocol_mapper`
+  - `keycloak_openid_user_session_note_protocol_mapper`
   - `keycloak_realm`
   - `keycloak_required_action`
   - `keycloak_role`
   - `keycloak_user`
-
+  
 ### Use with Logz.io
 
 Example:

providers/keycloak/openid_client.go

@@ -100,17 +100,37 @@ func (g RealmGenerator) createOpenIDProtocolMapperResources(clientID string, ope
 		case "oidc-hardcoded-group-mapper":
 			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("hardcoded_group", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
 		case "oidc-hardcoded-role-mapper":
-			// Not supported for the moment
 			// Only works with client roles
-			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("hardcoded_role", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientId))
-			continue
+			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("hardcoded_role", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
 		case "oidc-usermodel-attribute-mapper":
 			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_attribute", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
 		case "oidc-usermodel-property-mapper":
 			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_property", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
 		case "oidc-usermodel-realm-role-mapper":
+			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_realm_role", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+		case "oidc-usermodel-client-role-mapper":
+			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_client_role", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+		case "oidc-usersessionmodel-note-mapper":
+			resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_session_note", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+		case "oidc-address-mapper":
+			// Not supported for the moment
+			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("address", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+			continue
+		case "oidc-role-name-mapper":
+			// Not supported for the moment
+			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("role_name", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+			continue
+		case "oidc-sha256-pairwise-sub-mapper":
+			// Not supported for the moment
+			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("pairwise_subject_identifier", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+			continue
+		case "oidc-allowed-origins-mapper":
+			// Not supported for the moment
+			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("allowed_web_origins", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
+			continue
+		case "oidc-audience-resolve-mapper":
 			// Not supported for the moment
-			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("user_realm_role", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientId))
+			//resources = append(resources, g.createOpenIDGenericProtocolMapperResource("audience_resolve", protocolMapper.Id, protocolMapper.Name, openidClient.RealmId, openidClient.ClientId, clientID))
 			continue
 		}
 	}