conjur-api 5.4.0.pre.404 → 5.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d39f007a40ecbf4a9edfd87189801def062b00e4a240bbf405d02d362f7bdd24
-  data.tar.gz: 8f3fd11807b81446e0e35a34220c60eec19fc3e1985d075bb6dc39e6eef16c2f
+  metadata.gz: d0e6e603e128d52fb7d219106d9d9f2a4c302ea3a6ccd943fe424443f5640ff8
+  data.tar.gz: 4c788058b9ce44f5d044ea2635927cbfe31c6739901f514f5d796844bcb26b41
 SHA512:
-  metadata.gz: 8da8d30687d52bc01d2776c894e5450f7cb9486f32c29919fcffc43e37b198960c9b6f9119b011c1bd65c8bab823cdcdfbf5b93e959d564af4aa7cd25c836224
-  data.tar.gz: e4306d6d8c8ce9ec70492e62a1c6bfb4130af4276d9c3f231525d18ab67d8fc3088a82401a375e09459caffc65ad127d5d0d073fc6fa2ef4bac6f06ba45fdcde
+  metadata.gz: 7c516e5fcdefb9878d33e67addfee81b168721e4e861a8d0eabd25d6452943a35ccd6f0eb0f9701407710de2d8a4919e5259de2590d9ec009c2a6d798e54486e
+  data.tar.gz: 59166c9503087a5f9a81af241efd81c1151d5204aea33aa87bc61aecb003ca81169efac2a4c5ceb29d6d846be4e8d587574095e71277ef889e27a7e215cb90d4

data/VERSION

@@ -1 +1 @@
-5.4.0-404
+5.4.0

data/features/authn.feature

@@ -3,8 +3,8 @@ Feature: Authenticate with Conjur
   Background:
     Given I setup a keycloak authenticator
 
-  Scenario: Authenticate with OIDC code
-    When I retrieve the provider details for OIDC authenticator "keycloak"
+  Scenario: Authenticate with OIDC state and code
+    When I retrieve the login url for OIDC authenticator "keycloak"
     And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
     And I run the code:
     """
@@ -12,14 +12,3 @@ Feature: Authenticate with Conjur
     Conjur::API.authenticator_authenticate("authn-oidc", "keycloak", options: @auth_body)
     """
     Then the JSON should have "payload"
-
-  Scenario: Authenticate with OIDC code requesting unparsed result
-    When I retrieve the provider details for OIDC authenticator "keycloak"
-    And I retrieve auth info for the OIDC provider with username: "alice" and password: "alice"
-    And I run the code:
-    """
-    $conjur.authenticator_enable "authn-oidc", "keycloak"
-    Conjur::API.authenticator_authenticate_get("authn-oidc", "keycloak", options: @auth_body)
-    """
-    Then the response body contains: "payload"
-    And the response includes headers

data/features/step_definitions/api_steps.rb

@@ -17,11 +17,9 @@ Then(/^this code should fail with "([^"]*)"$/) do |error_msg, code|
   end
 end
 
-Given(/^I retrieve the provider details for OIDC authenticator "([^"]+)"$/) do |service_id|
+Given(/^I retrieve the login url for OIDC authenticator "([^"]+)"$/) do |service_id|
   provider = $conjur.authentication_providers("authn-oidc").select {|provider_details| provider_details["service_id"] == service_id}
   @login_url = provider[0]["redirect_uri"]
-  @nonce = provider[0]["nonce"]
-  @code_verifier = provider[0]["code_verifier"]
   puts @login_url
 end
 
@@ -49,14 +47,6 @@ Given(/^I retrieve auth info for the OIDC provider with username: "([^"]+)" and
 
   if response.is_a?(Net::HTTPRedirection)
     response_details = URI.decode_www_form(URI(response['location']).query)
-    @auth_body = {code: response_details.assoc('code')[1], nonce: @nonce, code_verifier: @code_verifier}
+    @auth_body = {state: response_details.assoc('state')[1], code: response_details.assoc('code')[1]}
   end
 end
-
-Then(/^the response body contains: "([^"]+)"$/) do |element|
-  expect(@result).to include(element)
-end
-
-Then(/^the response includes headers$/) do
-  expect(@result.headers).not_to be_empty
-end

data/lib/conjur/api/authn.rb

@@ -63,22 +63,10 @@ module Conjur
       # @param [Hash] params Additional params to send to authenticator
       # @return [String] A JSON formatted authentication token.
       def authenticator_authenticate authenticator, service_id, account: Conjur.configuration.account, options: {}
-        JSON.parse authenticator_authenticate_get authenticator, service_id, account: account, options: options
-      end
-
-      # Authenticates using a third party authenticator like authn-oidc via GET request.
-      # It will return an response object containing access/refresh token data.
-      #
-      # @param [String] authenticator
-      # @param [String] service_id
-      # @param [String] account The organization account.
-      # @param [Hash] params Additional params to send to authenticator
-      # @return [RestClient::Response] Response object
-      def authenticator_authenticate_get authenticator, service_id, account: Conjur.configuration.account, options: {}
         if Conjur.log
           Conjur.log << "Authenticating to account #{account} using #{authenticator}/#{service_id}\n"
         end
-        url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
+        JSON.parse url_for(:authenticator_authenticate, account, service_id, authenticator, options).get
       end
 
       # Exchanges Conjur the API key (refresh token) for an access token.  The access token can

data/spec/api/host_factories_spec.rb

@@ -13,7 +13,7 @@ describe "Conjur::API.host_factory_create_host", api: :dummy do
         resource = instance_double(RestClient::Resource, "hosts")
       )
 
-    allow(resource).to receive(:post).with({id: id}).and_return(
+    allow(resource).to receive(:post).with(id: id).and_return(
       instance_double(RestClient::Response, "host response", body: '
         {
           "id": "test-host",

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: conjur-api
 version: !ruby/object:Gem::Version
-  version: 5.4.0.pre.404
+  version: 5.4.0
 platform: ruby
 authors:
 - CyberArk Maintainers
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-09 00:00:00.000000000 Z
+date: 2022-08-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -410,9 +410,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '1.9'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.2.33
 signing_key: