From 3195393eaaa01002e868d457b0aa9f88894ef05c Mon Sep 17 00:00:00 2001
From: Nicolas Dandrimont <nicolas@dandrimont.eu>
Date: Mon, 17 Oct 2022 17:37:42 +0000
Subject: [PATCH] Generated commit for differential D4995

---
 data/common/common.yaml                        |  6 ++++++
 .../profile/manifests/keycloak/resources.pp    | 18 ++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/data/common/common.yaml b/data/common/common.yaml
index a46bc0fc9..98e769867 100644
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -3106,6 +3106,12 @@ keycloak::resources::realms:
         protocol_mappers:
           - "%{alias('keycloak::resources::protocol_mappers::audience')}"
           - "%{alias('keycloak::resources::protocol_mappers::groups')}"
+      hedgedoc:
+        settings:
+          redirect_uris:
+            # Should match letsencrypt::certificates.hedgedoc.domains
+            - https://hedgedoc.softwareheritage.org/*
+          secret: "%{alias('keycloak::clients::hedgedoc::secret')}"
   SoftwareHeritageStaging:
     settings:
       display_name: Software Heritage (Staging)
diff --git a/site-modules/profile/manifests/keycloak/resources.pp b/site-modules/profile/manifests/keycloak/resources.pp
index 84caa91e2..3228f51d8 100644
--- a/site-modules/profile/manifests/keycloak/resources.pp
+++ b/site-modules/profile/manifests/keycloak/resources.pp
@@ -66,6 +66,24 @@ class profile::keycloak::resources {
       }
     }
 
+    $client_scopes = pick($realm_data['client_scopes'], {})
+    $realm_client_scope_common_settings = deep_merge(
+      $client_scope_common_settings,
+      pick($realm_data['client_scope_settings'], {})
+    )
+    $client_scopes.each |$client_scope_name, $client_scope_data| {
+      $_local_client_scope_settings = pick($client_scope_data['settings'], {})
+      $_full_client_scope_settings = deep_merge($realm_client_scope_common_settings, $_local_client_scope_settings)
+
+      $client_scope_id = fqdn_uuid("${realm_name}.${client_scope_name}")
+
+      keycloak_client_scope {"${client_scope_name} on ${realm_name}":
+        ensure => present,
+        id => $client_scope_id,
+        *  => $_full_client_scope_settings,
+      }
+    }
+
     $clients = pick($realm_data['clients'], {})
     $realm_client_common_settings = deep_merge($client_common_settings,
                                                pick($realm_data['client_settings'], {}))
-- 
GitLab