From b2c44dd57f0739923ffe75c17f1fe5db675db9a1 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Sat, 26 Nov 2022 10:50:19 +0000 Subject: [PATCH] keycloak: fix userinfo.token.claim setup --- keycloak/mapper-setup.sh | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/keycloak/mapper-setup.sh b/keycloak/mapper-setup.sh index f0d1c4a..5c67c05 100755 --- a/keycloak/mapper-setup.sh +++ b/keycloak/mapper-setup.sh @@ -2,7 +2,7 @@ # Turn on the userinfo for the roles/cient roles default protocol mapper. # this should be so much easier, but they don't have ways to do queries? # and they don't include jq in the keycloak container, so updating the JSON -# it bangning the rocks together with sed and awk. +# it banging the rocks together with sed and awk. die() { echo >&2 "ERROR: $@" ; exit 1 ; } @@ -12,11 +12,24 @@ if [ -z "$SCOPE_ID" ]; then die "no client scope" ; fi MAPPER_ID=$(kcadm.sh get -r $REALM client-scopes/$SCOPE_ID/protocol-mappers/models --format csv --noquotes | awk -F, '/,client roles,/ { print $1 }') if [ -z "$MAPPER_ID" ]; then die "no mapper defined" ; fi -kcadm.sh get -r $REALM client-scopes/$SCOPE_ID/protocol-mappers/models/$MAPPER_ID \ - | sed 's/"userinfo.token.claim" : "false"/"userinfo.token.claim" : "true"/' \ - > /tmp/map - -cat /tmp/map - -kcadm.sh update -r $REALM client-scopes/$SCOPE_ID/protocol-mappers/models/$MAPPER_ID -f /tmp/map +tee /tmp/map <