conjur-api 5.4.0.pre.341 → 5.4.0.pre.404

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ebf83cd8d162a64929094a300fa96a7d1a3bac22ef728826d0bb4dd2addf3ad9
4
- data.tar.gz: b10ff6b557c5cc16879950f638b0cacf7149a4fa68c752125d54f94bea78b298
3
+ metadata.gz: d39f007a40ecbf4a9edfd87189801def062b00e4a240bbf405d02d362f7bdd24
4
+ data.tar.gz: 8f3fd11807b81446e0e35a34220c60eec19fc3e1985d075bb6dc39e6eef16c2f
5
5
  SHA512:
6
- metadata.gz: 8e72a11c756d9bbf6517f5a6298a73ede7ef4087d74f021808471fe831d06db86bf23c9cf8f7e5efe78da248d032ec577c51813d5f0bbc12a345701f3d89eb61
7
- data.tar.gz: 4614348f7e47a4eb1643740e5015512d9b66413331ab8a7e777047811fdf7370fa40e4e4ae455919cf0fa4398dad754718c0ca44fa3e16f80eb55b0a16d44648
6
+ metadata.gz: 8da8d30687d52bc01d2776c894e5450f7cb9486f32c29919fcffc43e37b198960c9b6f9119b011c1bd65c8bab823cdcdfbf5b93e959d564af4aa7cd25c836224
7
+ data.tar.gz: e4306d6d8c8ce9ec70492e62a1c6bfb4130af4276d9c3f231525d18ab67d8fc3088a82401a375e09459caffc65ad127d5d0d073fc6fa2ef4bac6f06ba45fdcde
data/VERSION CHANGED
@@ -1 +1 @@
1
- 5.4.0-341
1
+ 5.4.0-404
@@ -3,8 +3,8 @@ Feature: Authenticate with Conjur
3
3
  Background:
4
4
  Given I setup a keycloak authenticator
5
5
 
6
- Scenario: Authenticate with OIDC state and code
7
- When I retrieve the login url for OIDC authenticator "keycloak"
6
+ Scenario: Authenticate with OIDC code
7
+ When I retrieve the provider details for OIDC authenticator "keycloak"
8
8
  And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
9
9
  And I run the code:
10
10
  """
@@ -12,3 +12,14 @@ Feature: Authenticate with Conjur
12
12
  Conjur::API.authenticator_authenticate("authn-oidc", "keycloak", options: @auth_body)
13
13
  """
14
14
  Then the JSON should have "payload"
15
+
16
+ Scenario: Authenticate with OIDC code requesting unparsed result
17
+ When I retrieve the provider details for OIDC authenticator "keycloak"
18
+ And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
19
+ And I run the code:
20
+ """
21
+ $conjur.authenticator_enable "authn-oidc", "keycloak"
22
+ Conjur::API.authenticator_authenticate_get("authn-oidc", "keycloak", options: @auth_body)
23
+ """
24
+ Then the response body contains: "payload"
25
+ And the response includes headers
@@ -17,9 +17,11 @@ Then(/^this code should fail with "([^"]*)"$/) do |error_msg, code|
17
17
  end
18
18
  end
19
19
 
20
- Given(/^I retrieve the login url for OIDC authenticator "([^"]+)"$/) do |service_id|
20
+ Given(/^I retrieve the provider details for OIDC authenticator "([^"]+)"$/) do |service_id|
21
21
  provider = $conjur.authentication_providers("authn-oidc").select {|provider_details| provider_details["service_id"] == service_id}
22
22
  @login_url = provider[0]["redirect_uri"]
23
+ @nonce = provider[0]["nonce"]
24
+ @code_verifier = provider[0]["code_verifier"]
23
25
  puts @login_url
24
26
  end
25
27
 
@@ -47,6 +49,14 @@ Given(/^I retrieve auth info for the OIDC provider with username: "([^"]+)" and
47
49
 
48
50
  if response.is_a?(Net::HTTPRedirection)
49
51
  response_details = URI.decode_www_form(URI(response['location']).query)
50
- @auth_body = {state: response_details.assoc('state')[1], code: response_details.assoc('code')[1]}
52
+ @auth_body = {code: response_details.assoc('code')[1], nonce: @nonce, code_verifier: @code_verifier}
51
53
  end
52
54
  end
55
+
56
+ Then(/^the response body contains: "([^"]+)"$/) do |element|
57
+ expect(@result).to include(element)
58
+ end
59
+
60
+ Then(/^the response includes headers$/) do
61
+ expect(@result.headers).not_to be_empty
62
+ end
@@ -63,10 +63,22 @@ module Conjur
63
63
  # @param [Hash] params Additional params to send to authenticator
64
64
  # @return [String] A JSON formatted authentication token.
65
65
  def authenticator_authenticate authenticator, service_id, account: Conjur.configuration.account, options: {}
66
+ JSON.parse authenticator_authenticate_get authenticator, service_id, account: account, options: options
67
+ end
68
+
69
+ # Authenticates using a third party authenticator like authn-oidc via GET request.
70
+ # It will return an response object containing access/refresh token data.
71
+ #
72
+ # @param [String] authenticator
73
+ # @param [String] service_id
74
+ # @param [String] account The organization account.
75
+ # @param [Hash] params Additional params to send to authenticator
76
+ # @return [RestClient::Response] Response object
77
+ def authenticator_authenticate_get authenticator, service_id, account: Conjur.configuration.account, options: {}
66
78
  if Conjur.log
67
79
  Conjur.log << "Authenticating to account #{account} using #{authenticator}/#{service_id}\n"
68
80
  end
69
- JSON.parse url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
81
+ url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
70
82
  end
71
83
 
72
84
  # Exchanges Conjur the API key (refresh token) for an access token. The access token can
@@ -13,7 +13,7 @@ describe "Conjur::API.host_factory_create_host", api: :dummy do
13
13
  resource = instance_double(RestClient::Resource, "hosts")
14
14
  )
15
15
 
16
- allow(resource).to receive(:post).with(id: id).and_return(
16
+ allow(resource).to receive(:post).with({id: id}).and_return(
17
17
  instance_double(RestClient::Response, "host response", body: '
18
18
  {
19
19
  "id": "test-host",
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.4.0.pre.341
4
+ version: 5.4.0.pre.404
5
5
  platform: ruby
6
6
  authors:
7
7
  - CyberArk Maintainers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-16 00:00:00.000000000 Z
11
+ date: 2022-11-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client