Fix controller_oauthtoken regression and more

* aap_token now functions like controller_oauthtoken * lookup('awx.awx.controller_api', ...) fixed
2026-02-23 22:16:00 -03:30 · 2025-08-14 13:58:17 -04:00
parent 11f31ef796
commit e82de50edb
4 changed files with 54 additions and 10 deletions
--- a/awx_collection/plugins/doc_fragments/auth.py
+++ b/awx_collection/plugins/doc_fragments/auth.py
@@ -40,6 +40,7 @@ options:
    - A dictionary structure as returned by the token module.
    - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files
    type: raw
+    aliases: [ controller_oauthtoken ]
    version_added: "3.7.0"
  validate_certs:
    description:
--- a/awx_collection/plugins/doc_fragments/auth_plugin.py
+++ b/awx_collection/plugins/doc_fragments/auth_plugin.py
@@ -40,15 +40,18 @@ options:
        version: '4.0.0'
        why: Collection name change
        alternatives: 'TOWER_PASSWORD, AAP_PASSWORD'
-  aap_token:
+  oauth_token:
    description:
    - The OAuth token to use.
    env:
    - name: AAP_TOKEN
+    - name: CONTROLLER_OAUTH_TOKEN
+    - name: TOWER_OAUTH_TOKEN
      deprecated:
        collection_name: 'awx.awx'
        version: '4.0.0'
        why: Collection name change
+        alternatives: 'CONTROLLER_OAUTH_TOKEN'
  verify_ssl:
    description:
    - Specify whether Ansible should verify the SSL certificate of the controller host.
--- a/awx_collection/plugins/module_utils/controller_api.py
+++ b/awx_collection/plugins/module_utils/controller_api.py
@@ -73,6 +73,7 @@ class ControllerModule(AnsibleModule):
        aap_token=dict(
            type='raw',
            no_log=True,
+            aliases=['controller_oauthtoken',],
            required=False,
            fallback=(env_fallback, ['CONTROLLER_OAUTH_TOKEN', 'TOWER_OAUTH_TOKEN', 'AAP_TOKEN'])
        ),
@@ -129,18 +130,18 @@ class ControllerModule(AnsibleModule):
            if direct_value is not None:
                setattr(self, short_param, direct_value)

-        # Perform magic depending on whether controller_oauthtoken is a string or a dict
-        if self.params.get('controller_oauthtoken'):
-            token_param = self.params.get('controller_oauthtoken')
+        # Perform magic depending on whether aap_token is a string or a dict
+        if self.params.get('aap_token'):
+            token_param = self.params.get('aap_token')
            if isinstance(token_param, dict):
                if 'token' in token_param:
-                    self.oauth_token = self.params.get('controller_oauthtoken')['token']
+                    self.oauth_token = self.params.get('aap_token')['token']
                else:
-                    self.fail_json(msg="The provided dict in controller_oauthtoken did not properly contain the token entry")
+                    self.fail_json(msg="The provided dict in aap_token did not properly contain the token entry")
            elif isinstance(token_param, string_types):
-                self.oauth_token = self.params.get('controller_oauthtoken')
+                self.oauth_token = self.params.get('aap_token')
            else:
-                error_msg = "The provided controller_oauthtoken type was not valid ({0}). Valid options are str or dict.".format(type(token_param).__name__)
+                error_msg = "The provided aap_token type was not valid ({0}). Valid options are str or dict.".format(type(token_param).__name__)
                self.fail_json(msg=error_msg)

        # Perform some basic validation