Keycloak
65 строк · 4.0 Кб
1embed-server --server-config=${server.config:standalone.xml}
2
3if (outcome != success) of /extension=org.keycloak.keycloak-adapter-subsystem:read-resource
4/extension=org.keycloak.keycloak-adapter-subsystem/:add(module=org.keycloak.keycloak-adapter-subsystem)
5else
6echo Keycloak OpenID Connect Extension already installed
7end-if
8
9if (outcome != success) of /subsystem=keycloak:read-resource
10/subsystem=keycloak:add
11else
12echo Keycloak OpenID Connect Subsystem already installed
13end-if
14
15if (outcome != success) of /subsystem=elytron/custom-realm=KeycloakOIDCRealm:read-resource
16/subsystem=elytron/custom-realm=KeycloakOIDCRealm:add(class-name=org.keycloak.adapters.elytron.KeycloakSecurityRealm, module=org.keycloak.keycloak-wildfly-elytron-oidc-adapter)
17else
18echo Keycloak OpenID Connect Realm already installed
19end-if
20
21if (outcome != success) of /subsystem=elytron/security-domain=KeycloakDomain:read-resource
22/subsystem=elytron/security-domain=KeycloakDomain:add(default-realm=KeycloakOIDCRealm,permission-mapper=default-permission-mapper,security-event-listener=local-audit,realms=[{realm=KeycloakOIDCRealm}])
23else
24echo Keycloak Security Domain already installed. Trying to install Keycloak OpenID Connect Realm.
25/subsystem=elytron/security-domain=KeycloakDomain:list-add(name=realms, value={realm=KeycloakOIDCRealm})
26end-if
27
28if (outcome != success) of /subsystem=elytron/constant-realm-mapper=keycloak-oidc-realm-mapper:read-resource
29/subsystem=elytron/constant-realm-mapper=keycloak-oidc-realm-mapper:add(realm-name=KeycloakOIDCRealm)
30else
31echo Keycloak OpenID Connect Realm Mapper already installed
32end-if
33
34if (outcome != success) of /subsystem=elytron/service-loader-http-server-mechanism-factory=keycloak-oidc-http-server-mechanism-factory:read-resource
35/subsystem=elytron/service-loader-http-server-mechanism-factory=keycloak-oidc-http-server-mechanism-factory:add(module=org.keycloak.keycloak-wildfly-elytron-oidc-adapter)
36else
37echo Keycloak OpenID Connect HTTP Mechanism already installed
38end-if
39
40if (outcome != success) of /subsystem=elytron/aggregate-http-server-mechanism-factory=keycloak-http-server-mechanism-factory:read-resource
41/subsystem=elytron/aggregate-http-server-mechanism-factory=keycloak-http-server-mechanism-factory:add(http-server-mechanism-factories=[keycloak-oidc-http-server-mechanism-factory, global])
42else
43echo Keycloak HTTP Mechanism Factory already installed. Trying to install Keycloak OpenID Connect HTTP Mechanism Factory.
44/subsystem=elytron/aggregate-http-server-mechanism-factory=keycloak-http-server-mechanism-factory:list-add(name=http-server-mechanism-factories, value=keycloak-oidc-http-server-mechanism-factory)
45end-if
46
47
48if (outcome != success) of /subsystem=elytron/http-authentication-factory=keycloak-http-authentication:read-resource
49/subsystem=elytron/http-authentication-factory=keycloak-http-authentication:add(security-domain=KeycloakDomain,http-server-mechanism-factory=keycloak-http-server-mechanism-factory,mechanism-configurations=[{mechanism-name=KEYCLOAK,mechanism-realm-configurations=[{realm-name=KeycloakOIDCRealm,realm-mapper=keycloak-oidc-realm-mapper}]}])
50else
51echo Keycloak HTTP Authentication Factory already installed. Trying to install Keycloak OpenID Connect Mechanism Configuration
52/subsystem=elytron/http-authentication-factory=keycloak-http-authentication:list-add(name=mechanism-configurations, value={mechanism-name=KEYCLOAK,mechanism-realm-configurations=[{realm-name=KeycloakOIDCRealm,realm-mapper=keycloak-oidc-realm-mapper}]})
53end-if
54
55if (outcome != success) of /subsystem=undertow/application-security-domain=other:read-resource
56/subsystem=undertow/application-security-domain=other:add(http-authentication-factory=keycloak-http-authentication)
57else
58echo Undertow already configured with Keycloak
59end-if
60
61if (outcome != success) of /subsystem=ejb3/application-security-domain=other:read-resource
62/subsystem=ejb3/application-security-domain=other:add(security-domain=KeycloakDomain)
63else
64echo EJB already configured with Keycloak
65end-if