Skip to content

Commit

Permalink
Add 'optional_claims' to the return value of azure_rm_adapplication
Browse files Browse the repository at this point in the history
  • Loading branch information
Fred-sun committed Mar 22, 2024
1 parent b06e3bd commit 8ff40b3
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 10 deletions.
30 changes: 27 additions & 3 deletions plugins/modules/azure_rm_adapplication.py
Original file line number Diff line number Diff line change
Expand Up @@ -430,6 +430,30 @@
returned: always
type: list
sample: []
optional_claims:
description:
- Declare the optional claims for the application.
type: complex
returned: always
contains:
access_token_claims :
description:
- The optional claims returned in the JWT access token
type: list
returned: always
sample: ['name': 'aud', 'source': null, 'essential': false, 'additional_properties': []]
id_token_claims:
description:
- The optional claims returned in the JWT ID token
type: list
returned: always
sample: ['name': 'acct', 'source': null, 'essential': false, 'additional_properties': []]
saml2_token_claims:
description:
- The optional claims returned in the SAML token
type: list
returned: always
sample: ['name': 'acct', 'source': null, 'essential': false, 'additional_properties': []]
'''

from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common_ext import AzureRMModuleBaseExt
Expand Down Expand Up @@ -861,9 +885,9 @@ def build_claims(claims_dict):
) for claim in claims_dict]

claims = OptionalClaims(
access_token=build_claims(optional_claims.get("access_token")),
id_token=build_claims(optional_claims.get("id_token")),
saml2_token=build_claims(optional_claims.get("saml2_token"))
access_token=build_claims(optional_claims.get("access_token_claims")),
id_token=build_claims(optional_claims.get("id_token_claims")),
saml2_token=build_claims(optional_claims.get("saml2_token_claims"))
)
return claims

Expand Down
44 changes: 42 additions & 2 deletions plugins/modules/azure_rm_adapplication_info.py
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,30 @@
returned: always
type: list
sample: []
optional_claims:
description:
- Declare the optional claims for the application.
type: complex
returned: always
contains:
access_token_claims :
description:
- The optional claims returned in the JWT access token
type: list
returned: always
sample: ['name': 'aud', 'source': null, 'essential': false, 'additional_properties': []]
id_token_claims:
description:
- The optional claims returned in the JWT ID token
type: list
returned: always
sample: ['name': 'acct', 'source': null, 'essential': false, 'additional_properties': []]
saml2_token_claims:
description:
- The optional claims returned in the SAML token
type: list
returned: always
sample: ['name': 'acct', 'source': null, 'essential': false, 'additional_properties': []]
'''

from ansible_collections.azure.azcollection.plugins.module_utils.azure_rm_common_ext import AzureRMModuleBase
Expand Down Expand Up @@ -191,8 +215,17 @@ def exec_module(self, **kwargs):

return self.results

def serialize_claims(self, claims):
if claims is None:
return None
return [{
"additional_properties": claim.additional_properties,
"essential": claim.essential,
"name": claim.name,
"source": claim.source} for claim in claims]

def to_dict(self, object):
return dict(
response = dict(
app_id=object.app_id,
object_id=object.id,
app_display_name=object.display_name,
Expand All @@ -201,9 +234,16 @@ def to_dict(self, object):
sign_in_audience=object.sign_in_audience,
web_reply_urls=object.web.redirect_uris,
spa_reply_urls=object.spa.redirect_uris,
public_client_reply_urls=object.public_client.redirect_uris
public_client_reply_urls=object.public_client.redirect_uris,
optional_claims=dict(access_token=[], id_token=[], saml2_token=[])
)

if object.optional_claims is not None:
response['optional_claims']['id_token'] = self.serialize_claims(object.optional_claims.id_token)
response['optional_claims']['saml2_token'] = self.serialize_claims(object.optional_claims.saml2_token)
response['optional_claims']['access_token'] = self.serialize_claims(object.optional_claims.access_token)
return response

async def get_application(self, obj_id):
return await self._client.applications.by_application_id(obj_id).get()

Expand Down
10 changes: 5 additions & 5 deletions tests/integration/targets/azure_rm_adapplication/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,14 @@
is_enabled: true
value: Password@0329
optional_claims:
access_token:
access_token_claims:
- name: aud
essential: true
id_token:
- name: aud
id_token_claims:
- name: acct
essential: true
saml2_token:
- name: aud
saml2_token_claims:
- name: acct
essential: true
register: second_output

Expand Down

0 comments on commit 8ff40b3

Please sign in to comment.