6 changed files with 24 additions and 41 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1 @@
-/out
-/meta/.galaxy_install_info
+/out
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -17,13 +17,6 @@ hydra_database_port: 3306
 public_scheme: http
 public_host: "{{ ansible_default_ipv4.address | default(ansible_all_ipv4_addresses[0]) }}"

-# Hydra clients
-
-hydra_clients:
-  - client_id: default-client
-    client_name: Default client
-    redirect_uris: ["{{ public_scheme }}://{{ public_host }}"]
-
 # Hydra Passwordless configuration

 enable_hydra_passwordless: yes
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -51,15 +51,6 @@
    - Restart HAProxy
  become: true

- name: Create hydra-clients
-  template:
-    src: hydra-client.json.j2
-    dest: "/etc/hydra/clients.d/{{ item.client_id }}.json"
-  with_items: "{{ hydra_clients }}"
-  notify:
-    - Restart cadoles-pod-hydra-v1
-  become: true
-
 - name: Configure cadoles-pod-hydra-v1
  template:
    src: "{{ item.src }}"
--- a/tasks/oidc-test.yml
+++ b/tasks/oidc-test.yml
@ -2,16 +2,11 @@

 - name: Create oidc-test OpenID Connect client configuration
  template:
-    src: hydra-client.json.j2
-    dest: "/etc/hydra/clients.d/{{ item.client_id }}.json"
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
  with_items:
-    - client_id: "{{ oidc_test_app_client_id }}"
-      client_secret: "{{ oidc_test_app_client_secret }}"
-      client_name: "OIDC Test"
-      redirect_uris: ["{{ public_scheme }}://{{ public_host }}:8080/oauth2/callback"]
-      post_logout_redirect_uris: ["{{ public_scheme }}://{{ public_host }}:8080"]
-      logo_uri: https://www.cadoles.com/images/logo.svg
-
+    - src: oidc-test-client.json.j2
+      dest: /etc/hydra/clients.d/oidc-test.json
  notify:
    - Restart cadoles-pod-hydra-v1
  become: true
--- a/templates/hydra-client.json.j2
+++ b/templates/hydra-client.json.j2
@ -1,14 +0,0 @@
-{
-	"client_id": {{ item.client_id | to_json }},
-	"client_name": {{ item.client_name | default(item.client_id) | to_json }},
-	"client_secret": {{ item.client_secret | default(lookup('ansible.builtin.password', '/dev/null chars=ascii_lowercase,digits length=32')) | to_json }},
-	"grant_types": {{ item.grant_types | default(["authorization_code","refresh_token"]) | to_json }},
-	"jwks": {},
-	"metadata": {},
-	"post_logout_redirect_uris": {{ item.post_logout_redirect_uris | default([]) | to_json }},
-	"redirect_uris": {{ item.redirect_uris | default([]) | to_json }},
-	"response_types": {{ item.response_types | default(["code"]) | to_json }},
-	"logo_uri": {{ item.logo_uri | default("") | to_json }},
-	"scope": {{ item.scope | default("openid profile email") | to_json }},
-	"token_endpoint_auth_method": {{ item.token_endpoint_auth_method | default("client_secret_post") | to_json }}
-}
--- a/templates/oidc-test-client.json.j2
+++ b/templates/oidc-test-client.json.j2
@ -0,0 +1,19 @@
+{
+	"client_id": "{{ oidc_test_app_client_id }}",
+	"client_name": "OIDC Test",
+	"client_secret": "{{ oidc_test_app_client_secret }}",
+	"grant_types": [
+		"authorization_code",
+		"refresh_token"
+	],
+	"jwks": {},
+	"metadata": {},
+	"post_logout_redirect_uris": ["{{ public_scheme }}://{{ public_host }}:8080"],
+	"redirect_uris": ["{{ public_scheme }}://{{ public_host }}:8080/oauth2/callback"],
+	"response_types": [
+		"code"
+	],
+	"logo_uri": "https://www.cadoles.com/images/logo.svg",
+	"scope": "openid profile email",
+	"token_endpoint_auth_method": "client_secret_post"
+}