Sam Morris
Sam Morris
I tried removing the hardcoding of the API context = `client` in `ipacert.py` and then running: ``` $ ANSIBLE_REMOTE_USER=admin IPA_SERVER_HOST=192.168.0.7 /tmp/ansible-freeipa.venv/bin/python -m pytest tests/test_playbook_runs.py::cert::test_cert_client_context --capture=sys ============================================================================================================ test session starts =============================================================================================================...
I've cleaned up the argument handling code (turns out `ansible_module` does a lot of the hard work for you. I've also got the tests passing, by forcing the use of...
Current failures are all `user_add: pinky: Constraint violation: Account expired` which I assume is the timestamp issue.
/remove-lifecycle stale
You might find [cert-utils](https://github.com/redhat-cop/cert-utils-operator#Creating-java-keystore-and-truststore) useful - you can annotate a secret containing a certificate & it will add keystore & truststore keys to the secret.
I've figured out that `response` is the result of fetching an additional v1.0 access token (I don't understand why), with the resulting dict updated with the result of calling the...
This does the same thing but more cleanly, by relying on the `id_token` attribute set on the backend instance in its `request_access_token` method. ```python REMOTE_AUTH_BACKEND = 'netbox.configuration.OpenIdConnectAuth' from social_core.backends import...
I have an idea about why OpenIdConnectAuth receives a v1.0 token instead of a v2.0 token. It turns out there is a hidden property on app registrations, `accesTokenAcceptedVersion`. You can't...
Well, even after setting `accesTokenAcceptedVersion` to `2`, the `access_token` in the response is a v1.0 access token! Not that it actually matters anyway -- on closer inspection the claims from...
/remove-lifecycle rotten