conjur-api 5.3.8.pre.321 → 5.4.0.pre.404

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7b42679986af9d47ca9f914f1e2760af5ef6769d2c530e24ae05db1359af428e
4
- data.tar.gz: 8c8bde20c45449f87d4407779c5b593a4577a5023d9d3b5e6c1d150550c191f5
3
+ metadata.gz: d39f007a40ecbf4a9edfd87189801def062b00e4a240bbf405d02d362f7bdd24
4
+ data.tar.gz: 8f3fd11807b81446e0e35a34220c60eec19fc3e1985d075bb6dc39e6eef16c2f
5
5
  SHA512:
6
- metadata.gz: 116ad35025c9dc312d509b2ef884d1a2c94bae1732d7e2bbb6decc09869088c1490705f35eb4941eeac37bdeba8c4a09d03e8e9588886aa9fef6426eee919f36
7
- data.tar.gz: a5b10cb251d0afd7ea51436eec264811b1448d2159fa624d24c3edd62e5deaf92043030f9f9ef9c3c948427eacfc8e52c432a4c2384f3c5af6efecc759bd55c0
6
+ metadata.gz: 8da8d30687d52bc01d2776c894e5450f7cb9486f32c29919fcffc43e37b198960c9b6f9119b011c1bd65c8bab823cdcdfbf5b93e959d564af4aa7cd25c836224
7
+ data.tar.gz: e4306d6d8c8ce9ec70492e62a1c6bfb4130af4276d9c3f231525d18ab67d8fc3088a82401a375e09459caffc65ad127d5d0d073fc6fa2ef4bac6f06ba45fdcde
data/CHANGELOG.md CHANGED
@@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
9
9
  - Nothing should go in this section, please add to the latest unreleased version
10
10
  (and update the corresponding date), or add a new version.
11
11
 
12
- ## [5.3.8] - 2022-07-19
12
+ ## [5.4.0] - 2022-08-16
13
13
 
14
14
  ### Added
15
15
  - Added support for OIDC V2 authentication endpoint.
@@ -376,8 +376,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
376
376
 
377
377
  ## [2.0.0] - 2013-13-12
378
378
 
379
- [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.8...HEAD
380
- [5.3.8]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.7...v5.3.8
379
+ [Unreleased]: https://github.com/cyberark/conjur-api-ruby/compare/v5.4.0...HEAD
380
+ [5.4.0]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.7...v5.4.0
381
381
  [5.3.7]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.6...v5.3.7
382
382
  [5.3.6]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.5...v5.3.6
383
383
  [5.3.5]: https://github.com/cyberark/conjur-api-ruby/compare/v5.3.4...v5.3.5
data/VERSION CHANGED
@@ -1 +1 @@
1
- 5.3.8-321
1
+ 5.4.0-404
@@ -3,8 +3,8 @@ Feature: Authenticate with Conjur
3
3
  Background:
4
4
  Given I setup a keycloak authenticator
5
5
 
6
- Scenario: Authenticate with OIDC state and code
7
- When I retrieve the login url for OIDC authenticator "keycloak"
6
+ Scenario: Authenticate with OIDC code
7
+ When I retrieve the provider details for OIDC authenticator "keycloak"
8
8
  And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
9
9
  And I run the code:
10
10
  """
@@ -12,3 +12,14 @@ Feature: Authenticate with Conjur
12
12
  Conjur::API.authenticator_authenticate("authn-oidc", "keycloak", options: @auth_body)
13
13
  """
14
14
  Then the JSON should have "payload"
15
+
16
+ Scenario: Authenticate with OIDC code requesting unparsed result
17
+ When I retrieve the provider details for OIDC authenticator "keycloak"
18
+ And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
19
+ And I run the code:
20
+ """
21
+ $conjur.authenticator_enable "authn-oidc", "keycloak"
22
+ Conjur::API.authenticator_authenticate_get("authn-oidc", "keycloak", options: @auth_body)
23
+ """
24
+ Then the response body contains: "payload"
25
+ And the response includes headers
@@ -17,9 +17,11 @@ Then(/^this code should fail with "([^"]*)"$/) do |error_msg, code|
17
17
  end
18
18
  end
19
19
 
20
- Given(/^I retrieve the login url for OIDC authenticator "([^"]+)"$/) do |service_id|
20
+ Given(/^I retrieve the provider details for OIDC authenticator "([^"]+)"$/) do |service_id|
21
21
  provider = $conjur.authentication_providers("authn-oidc").select {|provider_details| provider_details["service_id"] == service_id}
22
22
  @login_url = provider[0]["redirect_uri"]
23
+ @nonce = provider[0]["nonce"]
24
+ @code_verifier = provider[0]["code_verifier"]
23
25
  puts @login_url
24
26
  end
25
27
 
@@ -47,6 +49,14 @@ Given(/^I retrieve auth info for the OIDC provider with username: "([^"]+)" and
47
49
 
48
50
  if response.is_a?(Net::HTTPRedirection)
49
51
  response_details = URI.decode_www_form(URI(response['location']).query)
50
- @auth_body = {state: response_details.assoc('state')[1], code: response_details.assoc('code')[1]}
52
+ @auth_body = {code: response_details.assoc('code')[1], nonce: @nonce, code_verifier: @code_verifier}
51
53
  end
52
54
  end
55
+
56
+ Then(/^the response body contains: "([^"]+)"$/) do |element|
57
+ expect(@result).to include(element)
58
+ end
59
+
60
+ Then(/^the response includes headers$/) do
61
+ expect(@result.headers).not_to be_empty
62
+ end
@@ -63,10 +63,22 @@ module Conjur
63
63
  # @param [Hash] params Additional params to send to authenticator
64
64
  # @return [String] A JSON formatted authentication token.
65
65
  def authenticator_authenticate authenticator, service_id, account: Conjur.configuration.account, options: {}
66
+ JSON.parse authenticator_authenticate_get authenticator, service_id, account: account, options: options
67
+ end
68
+
69
+ # Authenticates using a third party authenticator like authn-oidc via GET request.
70
+ # It will return an response object containing access/refresh token data.
71
+ #
72
+ # @param [String] authenticator
73
+ # @param [String] service_id
74
+ # @param [String] account The organization account.
75
+ # @param [Hash] params Additional params to send to authenticator
76
+ # @return [RestClient::Response] Response object
77
+ def authenticator_authenticate_get authenticator, service_id, account: Conjur.configuration.account, options: {}
66
78
  if Conjur.log
67
79
  Conjur.log << "Authenticating to account #{account} using #{authenticator}/#{service_id}\n"
68
80
  end
69
- JSON.parse url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
81
+ url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
70
82
  end
71
83
 
72
84
  # Exchanges Conjur the API key (refresh token) for an access token. The access token can
@@ -13,7 +13,7 @@ describe "Conjur::API.host_factory_create_host", api: :dummy do
13
13
  resource = instance_double(RestClient::Resource, "hosts")
14
14
  )
15
15
 
16
- allow(resource).to receive(:post).with(id: id).and_return(
16
+ allow(resource).to receive(:post).with({id: id}).and_return(
17
17
  instance_double(RestClient::Response, "host response", body: '
18
18
  {
19
19
  "id": "test-host",
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.3.8.pre.321
4
+ version: 5.4.0.pre.404
5
5
  platform: ruby
6
6
  authors:
7
7
  - CyberArk Maintainers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-07-20 00:00:00.000000000 Z
11
+ date: 2022-11-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client