in controllers/keycloakclient/chain/process_resources.go [27:80]
func (h *ProcessResources) Serve(ctx context.Context, keycloakClient *keycloakApi.KeycloakClient, realmName string) error {
log := ctrl.LoggerFrom(ctx)
if keycloakClient.Spec.Authorization == nil {
log.Info("Authorization settings are not specified")
return nil
}
clientID, err := h.keycloakApiClient.GetClientID(keycloakClient.Spec.ClientId, realmName)
if err != nil {
return fmt.Errorf("failed to get client id: %w", err)
}
existingResources, err := h.keycloakApiClient.GetResources(ctx, realmName, clientID)
if err != nil {
return fmt.Errorf("failed to get resources: %w", err)
}
for i := 0; i < len(keycloakClient.Spec.Authorization.Resources); i++ {
log.Info("Processing resource", resourceLogKey, keycloakClient.Spec.Authorization.Resources[i].Name)
var resourceRepresentation *gocloak.ResourceRepresentation
if resourceRepresentation, err = h.toResourceRepresentation(ctx, &keycloakClient.Spec.Authorization.Resources[i], clientID, realmName); err != nil {
return fmt.Errorf("failed to convert resource: %w", err)
}
existingResource, ok := existingResources[keycloakClient.Spec.Authorization.Resources[i].Name]
if ok {
resourceRepresentation.ID = existingResource.ID
if err = h.keycloakApiClient.UpdateResource(ctx, realmName, clientID, *resourceRepresentation); err != nil {
return fmt.Errorf("failed to update resource: %w", err)
}
log.Info("Resource updated", resourceLogKey, keycloakClient.Spec.Authorization.Resources[i].Name)
delete(existingResources, keycloakClient.Spec.Authorization.Resources[i].Name)
continue
}
if _, err = h.keycloakApiClient.CreateResource(ctx, realmName, clientID, *resourceRepresentation); err != nil {
return fmt.Errorf("failed to create resource: %w", err)
}
log.Info("Resource created", resourceLogKey, keycloakClient.Spec.Authorization.Resources[i].Name)
}
if err = h.deleteResources(ctx, existingResources, realmName, clientID); err != nil {
return err
}
return nil
}