From 04e5d830348c04619f0e9796d937c12b44b32aee Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Fri, 18 Sep 2020 06:14:30 +0200
Subject: [PATCH 1/3] keycloak: Add WebAuthn policy

Fix #120
---
 tf-stage2/keycloak.tf | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/tf-stage2/keycloak.tf b/tf-stage2/keycloak.tf
index 58412286..c7f2769b 100644
--- a/tf-stage2/keycloak.tf
+++ b/tf-stage2/keycloak.tf
@@ -58,11 +58,12 @@ resource "keycloak_realm" "archlinux" {
   verify_email = true
   login_with_email_allowed = true
   password_policy = "length(8) and notUsername"
-  // TODO: WebAuthn policy
-  // https://github.com/mrparkers/terraform-provider-keycloak/issues/355
-  // "Relying Party Entity Name": "Arch Linux SSO"
-  // "Relying Party ID": "accounts.archlinux.org"
-  // "Signature Algorithms": "ES256, ES384, ES512"
+
+  web_authn_policy {
+    relying_party_entity_name = "Arch Linux SSO"
+    relying_party_id          = "accounts.archlinux.org"
+    signature_algorithms      = ["ES256", "RS256", "ES512"]
+  }
 
   login_theme = "archlinux"
   account_theme = "archlinux"
-- 
GitLab


From e52dbab833b47e912b7b05347dfe615be8786485 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Fri, 18 Sep 2020 06:15:14 +0200
Subject: [PATCH 2/3] keycloak: Register "required action" webauthn-register

---
 tf-stage2/keycloak.tf | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tf-stage2/keycloak.tf b/tf-stage2/keycloak.tf
index c7f2769b..71831a39 100644
--- a/tf-stage2/keycloak.tf
+++ b/tf-stage2/keycloak.tf
@@ -109,8 +109,12 @@ resource "keycloak_realm" "archlinux" {
   }
 }
 
-// TODO: Register webauthn-register required action
-// https://github.com/mrparkers/terraform-provider-keycloak/issues/354
+resource "keycloak_required_action" "required_action" {
+  realm_id  = "archlinux"
+  alias     = "webauthn-register"
+  enabled   = true
+  name      = "Webauthn Register"
+}
 
 resource "keycloak_realm_events" "realm_events" {
   realm_id = "archlinux"
-- 
GitLab


From 2fd1c89a041bc15fb831e62f1075f78de852af6c Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Mon, 21 Sep 2020 23:01:28 +0200
Subject: [PATCH 3/3] keycloak: Bump provider version

---
 tf-stage2/versions.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tf-stage2/versions.tf b/tf-stage2/versions.tf
index 406aa7c5..aa545e7b 100644
--- a/tf-stage2/versions.tf
+++ b/tf-stage2/versions.tf
@@ -5,7 +5,7 @@ terraform {
     }
     keycloak = {
       source  = "mrparkers/keycloak"
-      version = "2.0.0-rc.0"
+      version = "2.0.0"
     }
   }
   required_version = ">= 0.13"
-- 
GitLab