---

- name: Read users of realm {{ current_realm_name }}
  uri:
    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
    method: GET
    headers:
      Authorization: "Bearer {{ access_token }} "
    status_code: [200]
  register: realm_users
  tags:
    - create_users
    - update_realms

- name: Print realm users
  debug:
    msg: "{{ realm_users }}"
  tags:
    - always
  when:
    - debug

- name: Save realm users as variable (fact)
  set_fact: 
    realm_users_json: "{{ realm_users.json }}"
  tags:
    - create_users
    - update_realms

- name: Read realm user ids
  set_fact:  
    realm_user_usernames:  "{{ realm_users_json | json_query(jmesquery) }}"
  vars:
    jmesquery: '[*].username'
  tags:
    - create_users
    - update_realms

- name: Print realm usernames
  debug:
    msg: "{{ realm_user_usernames }}"
  tags:
    - always
  when:
    - debug

- name: "Create users for realm {{ current_realm_name }}"
  uri:
    url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/users"
    method: POST
    body_format: json
    body: "{{ lookup('template','keycloak-realm-create-user.json.j2') }}"
    headers:
      Content-Type: "application/json"
      Authorization: "Bearer {{ access_token }}"
    status_code: [201]
  with_items: "{{ current_realm_users }}"
  when: current_realm_user.username not in realm_user_usernames
  loop_control:
    loop_var: current_realm_user
  tags:
    - create_users
    - update_realms