From 66475d6bea7a6f8613af59cc7996f38a219e82d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Antoine-Gombeaud?= Date: Wed, 11 Sep 2019 17:43:28 +0200 Subject: [PATCH] Add option to configure the Keycloak client timeout --- docs/index.md | 1 + keycloak/keycloak_client.go | 4 ++-- keycloak/keycloak_client_test.go | 2 +- provider/provider.go | 9 ++++++++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/docs/index.md b/docs/index.md index c3d81ee3f..47501e397 100644 --- a/docs/index.md +++ b/docs/index.md @@ -56,6 +56,7 @@ The following provider attributes are supported: - `password` (Optional) - The password of the user used by the provider for authentication via the password grant. Defaults to environment variable `KEYCLOAK_PASSWORD`. This attribute is required when using the password grant, and cannot be set when using the client credentials grant. - `realm` (Optional) - The realm used by the provider for authentication. Defaults to environment variable `KEYCLOAK_REALM`, or `master` if the environment variable is not specified. - `initial_login` (Optional) - Optionally avoid Keycloak login during provider setup, for when Keycloak itself is being provisioned by terraform. Defaults to true, which is the original method. +- `client_timeout` (Optional) - Sets the timeout of the client when addressing Keycloak, in seconds. Defaults to 5. #### Example (client credentials) diff --git a/keycloak/keycloak_client.go b/keycloak/keycloak_client.go index fe6ee209b..76a4c17a7 100644 --- a/keycloak/keycloak_client.go +++ b/keycloak/keycloak_client.go @@ -38,9 +38,9 @@ const ( tokenUrl = "%s/auth/realms/%s/protocol/openid-connect/token" ) -func NewKeycloakClient(baseUrl, clientId, clientSecret, realm, username, password string, initialLogin bool) (*KeycloakClient, error) { +func NewKeycloakClient(baseUrl, clientId, clientSecret, realm, username, password string, initialLogin bool, clientTimeout int) (*KeycloakClient, error) { httpClient := &http.Client{ - Timeout: time.Second * 5, + Timeout: time.Second * time.Duration(clientTimeout), } clientCredentials := &ClientCredentials{ ClientId: clientId, diff --git a/keycloak/keycloak_client_test.go b/keycloak/keycloak_client_test.go index 88d5f86d7..7fe4bedc8 100644 --- a/keycloak/keycloak_client_test.go +++ b/keycloak/keycloak_client_test.go @@ -44,7 +44,7 @@ func TestAccKeycloakApiClientRefresh(t *testing.T) { defer log.SetOutput(os.Stdout) } - keycloakClient, err := NewKeycloakClient(os.Getenv("KEYCLOAK_URL"), os.Getenv("KEYCLOAK_CLIENT_ID"), os.Getenv("KEYCLOAK_CLIENT_SECRET"), os.Getenv("KEYCLOAK_REALM"), os.Getenv("KEYCLOAK_USER"), os.Getenv("KEYCLOAK_PASSWORD"), true) + keycloakClient, err := NewKeycloakClient(os.Getenv("KEYCLOAK_URL"), os.Getenv("KEYCLOAK_CLIENT_ID"), os.Getenv("KEYCLOAK_CLIENT_SECRET"), os.Getenv("KEYCLOAK_REALM"), os.Getenv("KEYCLOAK_USER"), os.Getenv("KEYCLOAK_PASSWORD"), true, 5) if err != nil { t.Fatalf("%s", err) } diff --git a/provider/provider.go b/provider/provider.go index a3f2c88f3..7355a5b29 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -93,6 +93,12 @@ func KeycloakProvider() *schema.Provider { Description: "Whether or not to login to Keycloak instance on provider initialization", Default: true, }, + "client_timeout": { + Optional: true, + Type: schema.TypeInt, + Description: "Timeout (in seconds) of the Keycloak client", + Default: 5, + }, }, ConfigureFunc: configureKeycloakProvider, } @@ -106,6 +112,7 @@ func configureKeycloakProvider(data *schema.ResourceData) (interface{}, error) { password := data.Get("password").(string) realm := data.Get("realm").(string) initialLogin := data.Get("initial_login").(bool) + clientTimeout := data.Get("client_timeout").(int) - return keycloak.NewKeycloakClient(url, clientId, clientSecret, realm, username, password, initialLogin) + return keycloak.NewKeycloakClient(url, clientId, clientSecret, realm, username, password, initialLogin, clientTimeout) }