aserto 0.20.3 → 0.20.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +120 -16
- data/VERSION +1 -1
- data/lib/aserto/directory/client.rb +143 -0
- data/lib/aserto/directory/interceptors/headers.rb +22 -0
- data/lib/aserto/directory/requests.rb +95 -0
- data/lib/aserto.rb +1 -0
- metadata +18 -91
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 96e9f934b980519a7f6f2a737ba3f3120a255fdcaff12a9adf4b343e4b74df27
|
4
|
+
data.tar.gz: 775bf4b1af000a1fed33d3dd1a86073cb8d021ca3220b941919d3ba58ce3903d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d25293714c54198bf6ecbfadde8fde7b99e329205a95bd56bd74691d1afafb359f086ee09a68f6c82560f45b4b5107d6405d8b24787a68b93210b1f3bbcd9fef
|
7
|
+
data.tar.gz: 833aa4f4416ca12352a857557c53433e129bf80768c9d3d4df5f7ad948c48c114295d929497f3e1eb64552ba2fd64cb7e20ea229259b6fec6c7cd523a9007da4
|
data/README.md
CHANGED
@@ -1,16 +1,10 @@
|
|
1
|
-
# Ruby
|
1
|
+
# Aserto Ruby SDK
|
2
2
|
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/aserto.svg)](https://badge.fury.io/rb/aserto)
|
4
4
|
[![ci](https://github.com/aserto-dev/aserto-ruby/actions/workflows/ci.yaml/badge.svg)](https://github.com/aserto-dev/aserto-ruby/actions/workflows/ci.yaml)
|
5
5
|
[![slack](https://img.shields.io/badge/slack-Aserto%20Community-brightgreen)](https://asertocommunity.slack.com
|
6
6
|
)
|
7
7
|
|
8
|
-
`Aserto::Authorization` is a middleware that allows Ruby applications to use Aserto as the Authorization provider.
|
9
|
-
|
10
|
-
## Prerequisites
|
11
|
-
* [Ruby](https://www.ruby-lang.org/en/downloads/) 2.7 or newer.
|
12
|
-
* An [Aserto](https://console.aserto.com) account.
|
13
|
-
|
14
8
|
## Installation
|
15
9
|
Add to your application Gemfile:
|
16
10
|
|
@@ -27,7 +21,117 @@ Or install it yourself as:
|
|
27
21
|
gem install aserto
|
28
22
|
```
|
29
23
|
|
30
|
-
##
|
24
|
+
## Directory
|
25
|
+
|
26
|
+
The Directory APIs can be used to get or set object instances and relation instances. They can also be used to check whether a user has a permission or relation on an object instance.
|
27
|
+
|
28
|
+
### Directory Client
|
29
|
+
|
30
|
+
You can initialize a directory client as follows:
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
require 'aserto/directory/client'
|
34
|
+
|
35
|
+
directory_client = Aserto::Directory::Client.new(
|
36
|
+
url: "directory.eng.aserto.com:8443",
|
37
|
+
tenant_id: "aserto-tenant-id",
|
38
|
+
api_key: "basic directory api key",
|
39
|
+
)
|
40
|
+
```
|
41
|
+
|
42
|
+
- `url`: hostname:port of directory service (_required_)
|
43
|
+
- `api_key`: API key for directory service (_required_ if using hosted directory)
|
44
|
+
- `tenant_id`: Aserto tenant ID (_required_ if using hosted directory)
|
45
|
+
- `cert_path`: Path to the grpc service certificate when connecting to local topaz instance.
|
46
|
+
|
47
|
+
### Getting objects and relations
|
48
|
+
Get an object instance with the type `type-name` and the key `object-key`. For example:
|
49
|
+
|
50
|
+
```ruby
|
51
|
+
user = directory_client.object(type: 'user', key: 'euang@acmecorp.com')
|
52
|
+
```
|
53
|
+
|
54
|
+
Get an array of relations of a certain type for an object instance. For example:
|
55
|
+
|
56
|
+
```ruby
|
57
|
+
identity = 'euang@acmecorp.com';
|
58
|
+
relations = directory_client.relation(
|
59
|
+
{
|
60
|
+
subject: {
|
61
|
+
type: 'user',
|
62
|
+
},
|
63
|
+
object: {
|
64
|
+
type: 'identity',
|
65
|
+
key: identity
|
66
|
+
},
|
67
|
+
relation: {
|
68
|
+
name: 'identifier',
|
69
|
+
objectType: 'identity'
|
70
|
+
}
|
71
|
+
}
|
72
|
+
)
|
73
|
+
```
|
74
|
+
|
75
|
+
### Setting objects and relations
|
76
|
+
|
77
|
+
Create a new object
|
78
|
+
```ruby
|
79
|
+
user = directory_client.set_object(object: { type: "user", key: "test-object", display_name: "test object" })
|
80
|
+
identity = directory_client.set_object(object: { type: "identity", key: "test-identity" })
|
81
|
+
```
|
82
|
+
|
83
|
+
Update an existing object
|
84
|
+
```ruby
|
85
|
+
user = directory_client.set_object(object: { type: "user", key: "test-object", display_name: "test object" })
|
86
|
+
user.display_name = 'test object edit'
|
87
|
+
updated_user = directory_client.set_object(object: user)
|
88
|
+
```
|
89
|
+
|
90
|
+
Create a new relation
|
91
|
+
```ruby
|
92
|
+
directory_client.set_relation(
|
93
|
+
subject: { type: "user", "test-object" },
|
94
|
+
relation: "identifier",
|
95
|
+
object: { type: "identity", key: "test-identity" }
|
96
|
+
)
|
97
|
+
```
|
98
|
+
|
99
|
+
Delete a relation
|
100
|
+
```ruby
|
101
|
+
pp client.delete_relation(
|
102
|
+
subject: { type: "user", key: "test-object" },
|
103
|
+
relation: { name: "identifier", object_type: "identity" },
|
104
|
+
object: { type: "identity", key: "test-identity" }
|
105
|
+
)
|
106
|
+
```
|
107
|
+
|
108
|
+
### Checking permissions and relations
|
109
|
+
Check permission
|
110
|
+
```ruby
|
111
|
+
directory_client.check_permission(
|
112
|
+
subject: { type: "user", key: "011a88bc-7df9-4d92-ba1f-2ff319e101e1" },
|
113
|
+
permission: { name: "read" },
|
114
|
+
object: { type: "group", key: "executive" }
|
115
|
+
)
|
116
|
+
```
|
117
|
+
|
118
|
+
Check relation
|
119
|
+
```ruby
|
120
|
+
directory_client.check_relation(
|
121
|
+
subject: { type: "user", key: "dfdadc39-7335-404d-af66-c77cf13a15f8" },
|
122
|
+
relation: { name: "identifier", object_type: "identity" },
|
123
|
+
object: { type: "identity", key: "euang@acmecorp.com" }
|
124
|
+
)
|
125
|
+
```
|
126
|
+
|
127
|
+
## Authorizer
|
128
|
+
`Aserto::Authorization` is a middleware that allows Ruby applications to use Aserto as the Authorization provider.
|
129
|
+
|
130
|
+
### Prerequisites
|
131
|
+
* [Ruby](https://www.ruby-lang.org/en/downloads/) 2.7 or newer.
|
132
|
+
* An [Aserto](https://console.aserto.com) account.
|
133
|
+
|
134
|
+
### Configuration
|
31
135
|
The following configuration settings are required for the authorization middleware:
|
32
136
|
- policy_root
|
33
137
|
|
@@ -50,7 +154,7 @@ The middleware accepts the following optional parameters:
|
|
50
154
|
| disabled_for | `[{}]` | Which path and actions to skip the authorization for. |
|
51
155
|
| on_unauthorized | `-> { return [403, {}, ["Forbidden"]] }`| A lambda that is executed when the authorization fails. |
|
52
156
|
|
53
|
-
|
157
|
+
### Identity
|
54
158
|
To determine the identity of the user, the middleware can be configured to use a JWT token or a claim using the `identity_mapping` config.
|
55
159
|
```ruby
|
56
160
|
# configure the middleware to use a JWT token from the `my-auth-header` header.
|
@@ -82,7 +186,7 @@ Aserto.with_identity_mapper do |request|
|
|
82
186
|
end
|
83
187
|
```
|
84
188
|
|
85
|
-
|
189
|
+
### URL path to policy mapping
|
86
190
|
By default, when computing the policy path, the middleware:
|
87
191
|
* converts all slashes to dots
|
88
192
|
* converts any character that is not alpha, digit, dot or underscore to underscore
|
@@ -101,7 +205,7 @@ Aserto.with_policy_path_mapper do |policy_root, request|
|
|
101
205
|
end
|
102
206
|
```
|
103
207
|
|
104
|
-
|
208
|
+
### Resource
|
105
209
|
A resource can be any structured data that the authorization policy uses to evaluate decisions. By default, middleware does not include a resource in authorization calls.
|
106
210
|
|
107
211
|
This behaviour can be overwritten by providing a custom function:
|
@@ -115,14 +219,14 @@ Aserto.with_resource_mapper do |request|
|
|
115
219
|
end
|
116
220
|
```
|
117
221
|
|
118
|
-
|
222
|
+
### Disable authorization for specific paths
|
119
223
|
|
120
224
|
The middleware exposes a `disable_for` configuration option that
|
121
225
|
accepts an array of hashes with the following keys:
|
122
226
|
- path - the path to disable authorization for
|
123
227
|
- actions - an array of actions to disable authorization for
|
124
228
|
|
125
|
-
|
229
|
+
#### Rails
|
126
230
|
You can find the paths and actions using `bundle exec rails routes`
|
127
231
|
```bash
|
128
232
|
bundle exec rails routes
|
@@ -142,9 +246,9 @@ config.disabled_for = [
|
|
142
246
|
}
|
143
247
|
]
|
144
248
|
```
|
145
|
-
|
249
|
+
### Examples
|
146
250
|
|
147
|
-
|
251
|
+
#### Rails
|
148
252
|
```ruby
|
149
253
|
# config/initializers/aserto.rb
|
150
254
|
|
@@ -179,7 +283,7 @@ Rails.application.config.middleware.use Aserto::Authorization do |config|
|
|
179
283
|
end
|
180
284
|
```
|
181
285
|
|
182
|
-
|
286
|
+
#### Sinatra
|
183
287
|
```ruby
|
184
288
|
# server.rb
|
185
289
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.20.
|
1
|
+
0.20.4
|
@@ -0,0 +1,143 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "aserto/directory"
|
4
|
+
require_relative "interceptors/headers"
|
5
|
+
require_relative "requests"
|
6
|
+
|
7
|
+
module Aserto
|
8
|
+
module Directory
|
9
|
+
class Client
|
10
|
+
include Requests
|
11
|
+
|
12
|
+
# Creates a new Directory Client
|
13
|
+
#
|
14
|
+
# @param url [String] the gRpc url of the directory server
|
15
|
+
# @param api_key [String] the api key of the directory server(for hosted directory)
|
16
|
+
# @param tenant_id [String] the tenant id of the directory server(for hosted directory)
|
17
|
+
# @param cert_path [String] the path to the certificates folder
|
18
|
+
#
|
19
|
+
# @return [Aserto::Directory::Client] the new Directory Client
|
20
|
+
def initialize(url: "directory.prod.aserto.com:8443", api_key: nil, tenant_id: nil, cert_path: nil)
|
21
|
+
@reader_client = ::Aserto::Directory::Reader::V2::Reader::Stub.new(
|
22
|
+
url,
|
23
|
+
load_creds(cert_path),
|
24
|
+
interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
|
25
|
+
)
|
26
|
+
@writer_client = ::Aserto::Directory::Writer::V2::Writer::Stub.new(
|
27
|
+
url,
|
28
|
+
load_creds(cert_path),
|
29
|
+
interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
|
30
|
+
)
|
31
|
+
end
|
32
|
+
|
33
|
+
# Check permissions
|
34
|
+
#
|
35
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
36
|
+
# @param permission [String] permission name to be checked
|
37
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
38
|
+
# @param trace [Boolean] whether to enable tracing
|
39
|
+
#
|
40
|
+
# @return [Boolean]
|
41
|
+
def check_permission(subject:, permission:, object:, trace: false)
|
42
|
+
reader_client.check_permission(check_permission_request(subject, permission, object, trace))
|
43
|
+
end
|
44
|
+
|
45
|
+
# Check relation
|
46
|
+
#
|
47
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
48
|
+
# @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier] relation name to be checked
|
49
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
50
|
+
# @param trace [Boolean] whether to enable tracing
|
51
|
+
#
|
52
|
+
# @return [Boolean]
|
53
|
+
def check_relation(subject:, relation:, object:, trace: false)
|
54
|
+
reader_client.check_relation(check_relation_request(subject, relation, object, trace))
|
55
|
+
end
|
56
|
+
|
57
|
+
# Get an object by type and key
|
58
|
+
#
|
59
|
+
# @param type [String] the type of object
|
60
|
+
# @param key [String] the key of the object
|
61
|
+
#
|
62
|
+
# @return [::Aserto::Directory::Common::V2::Object]
|
63
|
+
def object(type:, key:)
|
64
|
+
reader_client.get_object(object_request(key, type)).result
|
65
|
+
end
|
66
|
+
|
67
|
+
# Set an object
|
68
|
+
#
|
69
|
+
# @param object [::Aserto::Directory::Common::V2::Object]
|
70
|
+
#
|
71
|
+
# @return [::Aserto::Directory::Common::V2::Object] the created/updated object
|
72
|
+
def set_object(object:)
|
73
|
+
writer_client.set_object(new_object_request(object)).result
|
74
|
+
end
|
75
|
+
|
76
|
+
# Get a list of objects by type
|
77
|
+
#
|
78
|
+
# @param type [String] the type of objects
|
79
|
+
# @param page [::Aserto::Directory::Common::V2::PaginationRequest]
|
80
|
+
#
|
81
|
+
# @return [Array<::Aserto::Directory::Common::V2::Object>]
|
82
|
+
def objects(type:, page: nil)
|
83
|
+
reader_client.get_objects(objects_request(type, page)).results
|
84
|
+
end
|
85
|
+
|
86
|
+
# Get a relation
|
87
|
+
#
|
88
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
89
|
+
# @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
|
90
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
91
|
+
#
|
92
|
+
# @return [::Aserto::Directory::Common::V2::Relation]
|
93
|
+
def relation(subject: nil, relation: nil, object: nil)
|
94
|
+
reader_client.get_relation(relation_request(subject, relation, object)).results
|
95
|
+
end
|
96
|
+
|
97
|
+
# Get a list of relations
|
98
|
+
#
|
99
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
100
|
+
# @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
|
101
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
102
|
+
#
|
103
|
+
# @return [Array<::Aserto::Directory::Common::V2::Relation>]
|
104
|
+
def relations(subject: nil, relation: nil, object: nil, page: nil)
|
105
|
+
reader_client.get_relations(relations_request(subject, relation, object, page)).results
|
106
|
+
end
|
107
|
+
|
108
|
+
# Set a relation
|
109
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
110
|
+
# @param relation [String] name of the relation
|
111
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
112
|
+
# @param hash [String] hash of the relation(required for updating a relation)
|
113
|
+
#
|
114
|
+
# @return [::Aserto::Directory::Common::V2::Relation] the created/updated relation
|
115
|
+
def set_relation(subject:, relation:, object:, hash: nil)
|
116
|
+
writer_client.set_relation(new_relation_request(subject, relation, object, hash)).result
|
117
|
+
end
|
118
|
+
|
119
|
+
# Delete a relation
|
120
|
+
#
|
121
|
+
# @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
122
|
+
# @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
|
123
|
+
# @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
|
124
|
+
#
|
125
|
+
# @return nil
|
126
|
+
def delete_relation(subject:, relation:, object:)
|
127
|
+
writer_client.delete_relation(delete_relation_request(subject, relation, object))
|
128
|
+
end
|
129
|
+
|
130
|
+
private
|
131
|
+
|
132
|
+
attr_reader :reader_client, :writer_client
|
133
|
+
|
134
|
+
def load_creds(cert_path)
|
135
|
+
if cert_path && File.file?(cert_path)
|
136
|
+
GRPC::Core::ChannelCredentials.new(File.read(cert_path))
|
137
|
+
else
|
138
|
+
GRPC::Core::ChannelCredentials.new
|
139
|
+
end
|
140
|
+
end
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aserto
|
4
|
+
module Directory
|
5
|
+
module Interceptors
|
6
|
+
class Headers < GRPC::ClientInterceptor
|
7
|
+
def initialize(api_key, tenant_id)
|
8
|
+
@api_key = api_key
|
9
|
+
@tenant_id = tenant_id
|
10
|
+
super()
|
11
|
+
end
|
12
|
+
|
13
|
+
def request_response(method:, request:, call:, metadata:)
|
14
|
+
metadata["aserto-tenant-id"] = @tenant_id
|
15
|
+
metadata["authorization"] = @api_key
|
16
|
+
|
17
|
+
yield(method, request, call, metadata)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Aserto
|
4
|
+
module Directory
|
5
|
+
module Requests
|
6
|
+
private
|
7
|
+
|
8
|
+
def check_permission_request(subject, permission, object, trace)
|
9
|
+
subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
|
10
|
+
permission_identifier = ::Aserto::Directory::Common::V2::PermissionIdentifier.new(permission)
|
11
|
+
object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
|
12
|
+
::Aserto::Directory::Reader::V2::CheckPermissionRequest.new(
|
13
|
+
{
|
14
|
+
object: object_identifier,
|
15
|
+
subject: subject_identifier,
|
16
|
+
permission: permission_identifier,
|
17
|
+
trace: trace
|
18
|
+
}
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
def check_relation_request(subject, relation, object, trace)
|
23
|
+
subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
|
24
|
+
relation_identifier = ::Aserto::Directory::Common::V2::RelationTypeIdentifier.new(relation)
|
25
|
+
object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
|
26
|
+
::Aserto::Directory::Reader::V2::CheckRelationRequest.new(
|
27
|
+
{
|
28
|
+
object: object_identifier,
|
29
|
+
subject: subject_identifier,
|
30
|
+
relation: relation_identifier,
|
31
|
+
trace: trace
|
32
|
+
}
|
33
|
+
)
|
34
|
+
end
|
35
|
+
|
36
|
+
def object_request(key, type)
|
37
|
+
object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(type: type, key: key)
|
38
|
+
::Aserto::Directory::Reader::V2::GetObjectRequest.new(param: object_identifier)
|
39
|
+
end
|
40
|
+
|
41
|
+
def new_object_request(object)
|
42
|
+
::Aserto::Directory::Writer::V2::SetObjectRequest.new(object: object)
|
43
|
+
end
|
44
|
+
|
45
|
+
def objects_request(type, page)
|
46
|
+
object_type_identifier = ::Aserto::Directory::Common::V2::ObjectTypeIdentifier.new(
|
47
|
+
{ name: type }
|
48
|
+
)
|
49
|
+
::Aserto::Directory::Reader::V2::GetObjectsRequest.new(param: object_type_identifier, page: page)
|
50
|
+
end
|
51
|
+
|
52
|
+
def relation_request(subject, relation, object)
|
53
|
+
::Aserto::Directory::Reader::V2::GetRelationRequest.new(
|
54
|
+
param: relation_identifier(subject, relation, object)
|
55
|
+
)
|
56
|
+
end
|
57
|
+
|
58
|
+
def relations_request(subject, relation, object, page)
|
59
|
+
::Aserto::Directory::Reader::V2::GetRelationsRequest.new(
|
60
|
+
param: relation_identifier(subject, relation, object),
|
61
|
+
page: page
|
62
|
+
)
|
63
|
+
end
|
64
|
+
|
65
|
+
def new_relation_request(subject, relation, object, hash)
|
66
|
+
subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
|
67
|
+
object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
|
68
|
+
::Aserto::Directory::Writer::V2::SetRelationRequest.new(
|
69
|
+
{
|
70
|
+
relation: {
|
71
|
+
subject: subject_identifier,
|
72
|
+
relation: relation,
|
73
|
+
object: object_identifier,
|
74
|
+
hash: hash
|
75
|
+
}
|
76
|
+
}
|
77
|
+
)
|
78
|
+
end
|
79
|
+
|
80
|
+
def delete_relation_request(subject, relation, object)
|
81
|
+
::Aserto::Directory::Writer::V2::DeleteRelationRequest.new(
|
82
|
+
param: relation_identifier(subject, relation, object)
|
83
|
+
)
|
84
|
+
end
|
85
|
+
|
86
|
+
def relation_identifier(subject, relation, object)
|
87
|
+
relation_identifier = ::Aserto::Directory::Common::V2::RelationIdentifier.new
|
88
|
+
relation_identifier.subject = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject) if subject
|
89
|
+
relation_identifier.relation = ::Aserto::Directory::Common::V2::RelationTypeIdentifier.new(relation) if relation
|
90
|
+
relation_identifier.object = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object) if object
|
91
|
+
relation_identifier
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
data/lib/aserto.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aserto
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.20.
|
4
|
+
version: 0.20.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aserto
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-05-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aserto-authorizer
|
@@ -25,123 +25,47 @@ dependencies:
|
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: 0.0.3
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
|
-
name:
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '2.4'
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '2.4'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: rack
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - "~>"
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '2.0'
|
48
|
-
type: :runtime
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - "~>"
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '2.0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: bundler
|
28
|
+
name: aserto-directory
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
58
30
|
requirements:
|
59
31
|
- - ">="
|
60
32
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
62
|
-
|
63
|
-
- !ruby/object:Gem::Version
|
64
|
-
version: '3.0'
|
65
|
-
type: :development
|
33
|
+
version: 0.0.2
|
34
|
+
type: :runtime
|
66
35
|
prerelease: false
|
67
36
|
version_requirements: !ruby/object:Gem::Requirement
|
68
37
|
requirements:
|
69
38
|
- - ">="
|
70
39
|
- !ruby/object:Gem::Version
|
71
|
-
version:
|
72
|
-
- - "<"
|
73
|
-
- !ruby/object:Gem::Version
|
74
|
-
version: '3.0'
|
40
|
+
version: 0.0.2
|
75
41
|
- !ruby/object:Gem::Dependency
|
76
|
-
name:
|
77
|
-
requirement: !ruby/object:Gem::Requirement
|
78
|
-
requirements:
|
79
|
-
- - "~>"
|
80
|
-
- !ruby/object:Gem::Version
|
81
|
-
version: '0.6'
|
82
|
-
type: :development
|
83
|
-
prerelease: false
|
84
|
-
version_requirements: !ruby/object:Gem::Requirement
|
85
|
-
requirements:
|
86
|
-
- - "~>"
|
87
|
-
- !ruby/object:Gem::Version
|
88
|
-
version: '0.6'
|
89
|
-
- !ruby/object:Gem::Dependency
|
90
|
-
name: grpc_mock
|
91
|
-
requirement: !ruby/object:Gem::Requirement
|
92
|
-
requirements:
|
93
|
-
- - "~>"
|
94
|
-
- !ruby/object:Gem::Version
|
95
|
-
version: '0.4'
|
96
|
-
type: :development
|
97
|
-
prerelease: false
|
98
|
-
version_requirements: !ruby/object:Gem::Requirement
|
99
|
-
requirements:
|
100
|
-
- - "~>"
|
101
|
-
- !ruby/object:Gem::Version
|
102
|
-
version: '0.4'
|
103
|
-
- !ruby/object:Gem::Dependency
|
104
|
-
name: rspec
|
105
|
-
requirement: !ruby/object:Gem::Requirement
|
106
|
-
requirements:
|
107
|
-
- - "~>"
|
108
|
-
- !ruby/object:Gem::Version
|
109
|
-
version: '3.0'
|
110
|
-
type: :development
|
111
|
-
prerelease: false
|
112
|
-
version_requirements: !ruby/object:Gem::Requirement
|
113
|
-
requirements:
|
114
|
-
- - "~>"
|
115
|
-
- !ruby/object:Gem::Version
|
116
|
-
version: '3.0'
|
117
|
-
- !ruby/object:Gem::Dependency
|
118
|
-
name: rubocop-performance
|
42
|
+
name: jwt
|
119
43
|
requirement: !ruby/object:Gem::Requirement
|
120
44
|
requirements:
|
121
45
|
- - "~>"
|
122
46
|
- !ruby/object:Gem::Version
|
123
|
-
version: '
|
124
|
-
type: :
|
47
|
+
version: '2.4'
|
48
|
+
type: :runtime
|
125
49
|
prerelease: false
|
126
50
|
version_requirements: !ruby/object:Gem::Requirement
|
127
51
|
requirements:
|
128
52
|
- - "~>"
|
129
53
|
- !ruby/object:Gem::Version
|
130
|
-
version: '
|
54
|
+
version: '2.4'
|
131
55
|
- !ruby/object:Gem::Dependency
|
132
|
-
name:
|
56
|
+
name: rack
|
133
57
|
requirement: !ruby/object:Gem::Requirement
|
134
58
|
requirements:
|
135
59
|
- - "~>"
|
136
60
|
- !ruby/object:Gem::Version
|
137
|
-
version: '2.
|
138
|
-
type: :
|
61
|
+
version: '2.0'
|
62
|
+
type: :runtime
|
139
63
|
prerelease: false
|
140
64
|
version_requirements: !ruby/object:Gem::Requirement
|
141
65
|
requirements:
|
142
66
|
- - "~>"
|
143
67
|
- !ruby/object:Gem::Version
|
144
|
-
version: '2.
|
68
|
+
version: '2.0'
|
145
69
|
description: Aserto Middleware
|
146
70
|
email:
|
147
71
|
- aserto@aserto.com
|
@@ -156,6 +80,9 @@ files:
|
|
156
80
|
- lib/aserto/auth_client.rb
|
157
81
|
- lib/aserto/authorization.rb
|
158
82
|
- lib/aserto/config.rb
|
83
|
+
- lib/aserto/directory/client.rb
|
84
|
+
- lib/aserto/directory/interceptors/headers.rb
|
85
|
+
- lib/aserto/directory/requests.rb
|
159
86
|
- lib/aserto/errors.rb
|
160
87
|
- lib/aserto/identity_mapper.rb
|
161
88
|
- lib/aserto/identity_mapper/base.rb
|
@@ -192,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
192
119
|
- !ruby/object:Gem::Version
|
193
120
|
version: '0'
|
194
121
|
requirements: []
|
195
|
-
rubygems_version: 3.
|
122
|
+
rubygems_version: 3.4.10
|
196
123
|
signing_key:
|
197
124
|
specification_version: 4
|
198
125
|
summary: Aserto Middleware
|