conjur-api 5.4.0 → 5.4.1.pre.539

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d0e6e603e128d52fb7d219106d9d9f2a4c302ea3a6ccd943fe424443f5640ff8
4
- data.tar.gz: 4c788058b9ce44f5d044ea2635927cbfe31c6739901f514f5d796844bcb26b41
3
+ metadata.gz: 82ab76771a88091c1d819b35474d59e90ab4f315d53d9cf5cdad37b29d2b5c02
4
+ data.tar.gz: cb73219fe20674c5a7de24f2c99f9e7b75baa44e1596807f404810ac7456ba3d
5
5
  SHA512:
6
- metadata.gz: 7c516e5fcdefb9878d33e67addfee81b168721e4e861a8d0eabd25d6452943a35ccd6f0eb0f9701407710de2d8a4919e5259de2590d9ec009c2a6d798e54486e
7
- data.tar.gz: 59166c9503087a5f9a81af241efd81c1151d5204aea33aa87bc61aecb003ca81169efac2a4c5ceb29d6d846be4e8d587574095e71277ef889e27a7e215cb90d4
6
+ metadata.gz: 8789f3ded3ba98012c6af691ef46c9c35701f6e7320206f474e9aa853981d91e68d473efc5b3453d09c020f8fdc61b42e51be16b2460b4d6867c6051ca2f1779
7
+ data.tar.gz: 5e05f63d1b2a66a0c2fbb55c8bed1458ac9ce86234e57a781e2f6e11d63dfa38eabb8dde5f65460b4e68aa52e365b34d0ddf1a93af01ed93dc892a6ad68d9409
data/CHANGELOG.md CHANGED
@@ -9,13 +9,18 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
9
9
  - Nothing should go in this section, please add to the latest unreleased version
10
10
  (and update the corresponding date), or add a new version.
11
11
 
12
+ ## [5.4.1] - 2023-03-29
13
+ ### Added
14
+ - Added authenticate wrapper to access unparsed response object (including headers).
15
+ [cyberark/conjur-api-ruby#213](https://github.com/cyberark/conjur-api-ruby/pull/213)
16
+
12
17
  ## [5.4.0] - 2022-08-16
13
18
 
14
19
  ### Added
15
20
  - Added support for OIDC V2 authentication endpoint.
16
- [cyberark/cojnur-api-ruby#207](https://github.com/cyberark/conjur-api-ruby/pull/207)
21
+ [cyberark/conjur-api-ruby#207](https://github.com/cyberark/conjur-api-ruby/pull/207)
17
22
  - Added support for OIDC authenticator providers endpoint.
18
- [cyberark/cojnur-api-ruby#207](https://github.com/cyberark/conjur-api-ruby/pull/207)
23
+ [cyberark/conjur-api-ruby#207](https://github.com/cyberark/conjur-api-ruby/pull/207)
19
24
 
20
25
  ### Changed
21
26
  - Remove support for Ruby versions <2.7 which are [end of life](https://endoflife.date/ruby).
data/Jenkinsfile CHANGED
@@ -44,7 +44,7 @@ pipeline {
44
44
  }
45
45
  stage('Validate Changelog and set version') {
46
46
  steps {
47
- sh './bin/parse-changelog.sh'
47
+ parseChangelog()
48
48
  updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
49
49
  }
50
50
  }
data/VERSION CHANGED
@@ -1 +1 @@
1
- 5.4.0
1
+ 5.4.1-539
data/conjur-api.gemspec CHANGED
@@ -38,4 +38,5 @@ Gem::Specification.new do |gem|
38
38
  gem.add_development_dependency 'fakefs'
39
39
  gem.add_development_dependency 'pry-byebug'
40
40
  gem.add_development_dependency 'nokogiri'
41
+ gem.add_development_dependency 'webrick'
41
42
  end
@@ -3,8 +3,8 @@ Feature: Authenticate with Conjur
3
3
  Background:
4
4
  Given I setup a keycloak authenticator
5
5
 
6
- Scenario: Authenticate with OIDC state and code
7
- When I retrieve the login url for OIDC authenticator "keycloak"
6
+ Scenario: Authenticate with OIDC code
7
+ When I retrieve the provider details for OIDC authenticator "keycloak"
8
8
  And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
9
9
  And I run the code:
10
10
  """
@@ -12,3 +12,14 @@ Feature: Authenticate with Conjur
12
12
  Conjur::API.authenticator_authenticate("authn-oidc", "keycloak", options: @auth_body)
13
13
  """
14
14
  Then the JSON should have "payload"
15
+
16
+ Scenario: Authenticate with OIDC code requesting unparsed result
17
+ When I retrieve the provider details for OIDC authenticator "keycloak"
18
+ And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
19
+ And I run the code:
20
+ """
21
+ $conjur.authenticator_enable "authn-oidc", "keycloak"
22
+ Conjur::API.authenticator_authenticate_get("authn-oidc", "keycloak", options: @auth_body)
23
+ """
24
+ Then the response body contains: "payload"
25
+ And the response includes headers
@@ -56,6 +56,7 @@ Feature: Load a policy.
56
56
  Then the JSON should be:
57
57
  """
58
58
  [
59
- "cucumber:policy:root"
59
+ "cucumber:policy:root",
60
+ "cucumber:user:admin"
60
61
  ]
61
62
  """
@@ -17,9 +17,11 @@ Then(/^this code should fail with "([^"]*)"$/) do |error_msg, code|
17
17
  end
18
18
  end
19
19
 
20
- Given(/^I retrieve the login url for OIDC authenticator "([^"]+)"$/) do |service_id|
20
+ Given(/^I retrieve the provider details for OIDC authenticator "([^"]+)"$/) do |service_id|
21
21
  provider = $conjur.authentication_providers("authn-oidc").select {|provider_details| provider_details["service_id"] == service_id}
22
22
  @login_url = provider[0]["redirect_uri"]
23
+ @nonce = provider[0]["nonce"]
24
+ @code_verifier = provider[0]["code_verifier"]
23
25
  puts @login_url
24
26
  end
25
27
 
@@ -47,6 +49,14 @@ Given(/^I retrieve auth info for the OIDC provider with username: "([^"]+)" and
47
49
 
48
50
  if response.is_a?(Net::HTTPRedirection)
49
51
  response_details = URI.decode_www_form(URI(response['location']).query)
50
- @auth_body = {state: response_details.assoc('state')[1], code: response_details.assoc('code')[1]}
52
+ @auth_body = {code: response_details.assoc('code')[1], nonce: @nonce, code_verifier: @code_verifier}
51
53
  end
52
54
  end
55
+
56
+ Then(/^the response body contains: "([^"]+)"$/) do |element|
57
+ expect(@result).to include(element)
58
+ end
59
+
60
+ Then(/^the response includes headers$/) do
61
+ expect(@result.headers).not_to be_empty
62
+ end
@@ -63,10 +63,22 @@ module Conjur
63
63
  # @param [Hash] params Additional params to send to authenticator
64
64
  # @return [String] A JSON formatted authentication token.
65
65
  def authenticator_authenticate authenticator, service_id, account: Conjur.configuration.account, options: {}
66
+ JSON.parse authenticator_authenticate_get authenticator, service_id, account: account, options: options
67
+ end
68
+
69
+ # Authenticates using a third party authenticator like authn-oidc via GET request.
70
+ # It will return an response object containing access/refresh token data.
71
+ #
72
+ # @param [String] authenticator
73
+ # @param [String] service_id
74
+ # @param [String] account The organization account.
75
+ # @param [Hash] params Additional params to send to authenticator
76
+ # @return [RestClient::Response] Response object
77
+ def authenticator_authenticate_get authenticator, service_id, account: Conjur.configuration.account, options: {}
66
78
  if Conjur.log
67
79
  Conjur.log << "Authenticating to account #{account} using #{authenticator}/#{service_id}\n"
68
80
  end
69
- JSON.parse url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
81
+ url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
70
82
  end
71
83
 
72
84
  # Exchanges Conjur the API key (refresh token) for an access token. The access token can
@@ -13,7 +13,7 @@ describe "Conjur::API.host_factory_create_host", api: :dummy do
13
13
  resource = instance_double(RestClient::Resource, "hosts")
14
14
  )
15
15
 
16
- allow(resource).to receive(:post).with(id: id).and_return(
16
+ allow(resource).to receive(:post).with({id: id}).and_return(
17
17
  instance_double(RestClient::Response, "host response", body: '
18
18
  {
19
19
  "id": "test-host",
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.4.0
4
+ version: 5.4.1.pre.539
5
5
  platform: ruby
6
6
  authors:
7
7
  - CyberArk Maintainers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-16 00:00:00.000000000 Z
11
+ date: 2023-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rest-client
@@ -240,6 +240,20 @@ dependencies:
240
240
  - - ">="
241
241
  - !ruby/object:Gem::Version
242
242
  version: '0'
243
+ - !ruby/object:Gem::Dependency
244
+ name: webrick
245
+ requirement: !ruby/object:Gem::Requirement
246
+ requirements:
247
+ - - ">="
248
+ - !ruby/object:Gem::Version
249
+ version: '0'
250
+ type: :development
251
+ prerelease: false
252
+ version_requirements: !ruby/object:Gem::Requirement
253
+ requirements:
254
+ - - ">="
255
+ - !ruby/object:Gem::Version
256
+ version: '0'
243
257
  description: Conjur API
244
258
  email:
245
259
  - conj_maintainers@cyberark.com
@@ -268,7 +282,6 @@ files:
268
282
  - Rakefile
269
283
  - SECURITY.md
270
284
  - VERSION
271
- - bin/parse-changelog.sh
272
285
  - ci/configure_v4.sh
273
286
  - ci/configure_v5.sh
274
287
  - ci/oauth/keycloak/create_client
@@ -410,9 +423,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
410
423
  version: '1.9'
411
424
  required_rubygems_version: !ruby/object:Gem::Requirement
412
425
  requirements:
413
- - - ">="
426
+ - - ">"
414
427
  - !ruby/object:Gem::Version
415
- version: '0'
428
+ version: 1.3.1
416
429
  requirements: []
417
430
  rubygems_version: 3.2.33
418
431
  signing_key:
@@ -1,12 +0,0 @@
1
- #!/bin/bash -ex
2
-
3
- cd "$(dirname "$0")"
4
-
5
- docker run --rm \
6
- -v "$PWD/..:/work" \
7
- -w "/work" \
8
- ruby:2.7 bash -ec "
9
- gem install -N parse_a_changelog
10
- parse ./CHANGELOG.md
11
- "
12
-