func MakeFromServiceAccount()

in pkg/client/keycloak/adapter/gocloak_adapter.go [199:251]

• 45 lines of code
• 7 McCabe index (conditional complexity)

func MakeFromServiceAccount(ctx context.Context,
	conf GoCloakConfig,
	realm string,
	log logr.Logger,
	restyClient *resty.Client,
) (*GoCloakAdapter, error) {
	if restyClient == nil {
		restyClient = resty.New()
	}

	if conf.InsecureSkipVerify {
		restyClient.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true})
	}

	if conf.RootCertificate != "" {
		restyClient.SetRootCertificateFromString(conf.RootCertificate)
	}

	kcCl := gocloak.NewClient(conf.Url)
	kcCl.SetRestyClient(restyClient)

	token, err := kcCl.LoginClient(ctx, conf.User, conf.Password, realm)
	if err == nil {
		return &GoCloakAdapter{
			client:     kcCl,
			token:      token,
			log:        log,
			basePath:   conf.Url,
			legacyMode: false,
		}, nil
	}

	if isNotLegacyResponseCode(err) {
		return nil, fmt.Errorf("unexpected error received while trying to get realms using the modern client: %w", err)
	}

	kcCl = gocloak.NewClient(conf.Url, gocloak.SetLegacyWildFlySupport())
	kcCl.SetRestyClient(restyClient)

	token, err = kcCl.LoginClient(ctx, conf.User, conf.Password, realm)
	if err != nil {
		return nil, fmt.Errorf("failed to login with client creds on both current and legacy clients - "+
			"clientID: %s, realm: %s: %w", conf.User, realm, err)
	}

	return &GoCloakAdapter{
		client:     kcCl,
		token:      token,
		log:        log,
		basePath:   conf.Url,
		legacyMode: true,
	}, nil
}