hydra-keycloak-client 0.1.13 → 0.1.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/release.yml +26 -0
  3. data/.gitignore +2 -0
  4. data/Dockerfile.release +11 -0
  5. data/Gemfile +2 -0
  6. data/Gemfile.lock +13 -6
  7. data/lib/hydra/keycloak/client.rb +75 -69
  8. data/lib/hydra/keycloak/code_verifier.rb +2 -1
  9. data/lib/hydra/keycloak/container.rb +15 -3
  10. data/lib/hydra/keycloak/token.rb +9 -8
  11. data/lib/hydra/keycloak/{queries/http_client.rb → tokens/gateway.rb} +9 -4
  12. data/lib/hydra/keycloak/{queries/gateway.rb → tokens/repo.rb} +35 -16
  13. data/lib/hydra/keycloak/urls.rb +31 -16
  14. data/lib/hydra/keycloak/version.rb +1 -1
  15. data/release.sh +9 -0
  16. metadata +10 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6b9fb72f474785e45fca86279c8a7877f73605bf3da22507a801ef7458f107b1
4
- data.tar.gz: cc12951887ddd3f14aa662788b36c06d41095934707be9a4fe1ba685b8b1afa1
3
+ metadata.gz: e44c13e82949716bb5f91393dab600335b8c5d201065edff00b286084f15399d
4
+ data.tar.gz: 23662cc9f3ffdd48f77c1d05baeff95ea72af6681a5813cd46f22d155c532b1d
5
5
  SHA512:
6
- metadata.gz: 5b026319391803ea1da1bee4bd47eb019a6c99ca48abd4a330353cdf55285378d1ef7d57f38d42520b59499962bbc393e6d17a1ed4b78e18087dc8e892d69ab5
7
- data.tar.gz: 2bf4d76068843e4e82bb65c86653b04ed506d373f14990b77991f8c1064f1e193967c39a265536b364228bf1afa6bd4d2ad77f74201488f0d0d7e124c5c130b0
6
+ metadata.gz: b9fb3fe92fc2c065ff622a5dcbea04541a94c2f9bb0bac1a3d0b7f34af058f1801869a068d8720937fbd38cb349fc3b4a707a72c7a9a43f0763aa74c3fe5fd33
7
+ data.tar.gz: 0e5ec4ae6acfd1f9ca880f24741077cff808cd9a3d1ffdb1bc27c6db801f6b3d5c36864729401827d7918d341d5d3033e2ed2fe37e226cdc5f1a6522687aebf5
data/.github/workflows/release.yml ADDED
@@ -0,0 +1,26 @@
1
+ name: Create release
2
+
3
+ on:
4
+ push:
5
+ tags:
6
+ - '*'
7
+
8
+ jobs:
9
+ deploy:
10
+ runs-on: self-hosted
11
+
12
+ steps:
13
+ - uses: actions/checkout@v2
14
+
15
+ - name: Set env
16
+ run: echo "RELEASE_VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
17
+
18
+ - name: Build releaser image
19
+ run: docker build -f Dockerfile.release -t hkc:release .
20
+
21
+ - name: Release gem
22
+ run: |
23
+ docker run --rm --name hkc_release \
24
+ -e RUBYGEMS_TOKEN=${{ secrets.RUBYGEMS_TOKEN }} \
25
+ -e RELEASE_VERSION=${{ env.RELEASE_VERSION }} \
26
+ hkc:release
data/.gitignore CHANGED
@@ -1 +1,3 @@
1
1
  .rspec_status
2
+ coverage
3
+ .bundle
data/Dockerfile.release ADDED
@@ -0,0 +1,11 @@
1
+ FROM ruby:2.7.4
2
+
3
+ COPY . /app
4
+
5
+ WORKDIR /app
6
+
7
+ RUN chmod +x ./release.sh
8
+
9
+ RUN bundle install
10
+
11
+ ENTRYPOINT ["./release.sh"]
data/Gemfile CHANGED
@@ -11,5 +11,7 @@ gem 'rubocop', '~> 1.26'
11
11
 
12
12
  gem 'pry'
13
13
 
14
+ gem 'dalli', require: false, group: :test
15
+ gem 'redis', require: false, group: :test
14
16
  gem 'simplecov', require: false, group: :test
15
17
  gem 'simplecov-cobertura', require: false, group: :test
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- hydra-keycloak-client (0.1.12)
4
+ hydra-keycloak-client (0.1.15)
5
5
  dry-auto_inject
6
6
  dry-container
7
7
  dry-monads
@@ -15,6 +15,8 @@ GEM
15
15
  ast (2.4.2)
16
16
  coderay (1.1.3)
17
17
  concurrent-ruby (1.1.10)
18
+ connection_pool (2.3.0)
19
+ dalli (3.2.3)
18
20
  diff-lcs (1.4.4)
19
21
  docile (1.4.0)
20
22
  dry-auto_inject (0.9.0)
@@ -22,12 +24,11 @@ GEM
22
24
  dry-configurable (0.15.0)
23
25
  concurrent-ruby (~> 1.0)
24
26
  dry-core (~> 0.6)
25
- dry-container (0.9.0)
27
+ dry-container (0.10.1)
26
28
  concurrent-ruby (~> 1.0)
27
- dry-configurable (~> 0.13, >= 0.13.0)
28
- dry-core (0.7.1)
29
+ dry-core (0.8.1)
29
30
  concurrent-ruby (~> 1.0)
30
- dry-inflector (0.2.1)
31
+ dry-inflector (0.3.0)
31
32
  dry-initializer (3.1.1)
32
33
  dry-logic (1.2.0)
33
34
  concurrent-ruby (~> 1.0)
@@ -63,6 +64,10 @@ GEM
63
64
  method_source (~> 1.0)
64
65
  rainbow (3.1.1)
65
66
  rake (12.3.3)
67
+ redis (5.0.5)
68
+ redis-client (>= 0.9.0)
69
+ redis-client (0.11.2)
70
+ connection_pool
66
71
  regexp_parser (2.2.1)
67
72
  rexml (3.2.5)
68
73
  rspec (3.10.0)
@@ -105,13 +110,15 @@ PLATFORMS
105
110
  ruby
106
111
 
107
112
  DEPENDENCIES
113
+ dalli
108
114
  hydra-keycloak-client!
109
115
  pry
110
116
  rake (~> 12.0)
117
+ redis
111
118
  rspec (~> 3.0)
112
119
  rubocop (~> 1.26)
113
120
  simplecov
114
121
  simplecov-cobertura
115
122
 
116
123
  BUNDLED WITH
117
- 2.2.25
124
+ 2.3.5
data/lib/hydra/keycloak/client.rb CHANGED
@@ -12,16 +12,39 @@ module Hydra
12
12
  module Keycloak
13
13
  class ConfigurationError < ::StandardError; end
14
14
 
15
+ MEMCACHED_SCHEMA = Dry::Schema.JSON do
16
+ required(:memcached_host).filled(:string)
17
+ required(:memcached_port).filled(:integer)
18
+ required(:memcached_namespace).filled(:string)
19
+ end
20
+
21
+ REDIS_SCHEMA = Dry::Schema.JSON do
22
+ required(:redis_host).filled(:string)
23
+ required(:redis_port).filled(:integer)
24
+ end
25
+
26
+ CONFIG_SCHEMA = Dry::Schema.JSON do
27
+ required(:auth_server_url).filled(:string)
28
+ required(:realm).filled(:string)
29
+ required(:client_id).filled(:string)
30
+ required(:redirect_uri).filled(:string)
31
+ required(:secret).filled(:string)
32
+ required(:logout_redirect).filled(:string)
33
+ required(:store_client).value(included_in?: %w[redis memcached])
34
+ required(:store_client_options).hash(MEMCACHED_SCHEMA | REDIS_SCHEMA)
35
+ optional(:scope).array(:str?)
36
+ end
37
+
15
38
  class ClientCreator
16
39
  extend ::Hydra::Keycloak::Mixin
17
40
 
18
41
  class << self
19
42
  def call(config:)
20
- register_containers(validate_config(config))
43
+ register_containers(validate_config(config).to_h)
21
44
  end
22
45
 
23
46
  def validate_config(config)
24
- validated_config = config_schema.call(config)
47
+ validated_config = CONFIG_SCHEMA.call(config)
25
48
 
26
49
  if validated_config.failure?
27
50
  raise ConfigurationError, "Wrong configuration params: #{validated_config.errors(full: true).to_h}"
@@ -30,40 +53,8 @@ module Hydra
30
53
  validated_config
31
54
  end
32
55
 
33
- def config_schema
34
- memcached_schema = ::Hydra::Keycloak::ClientCreator.memcached_schema
35
- redis_schema = ::Hydra::Keycloak::ClientCreator.redis_schema
36
- Dry::Schema.JSON do
37
- required(:auth_server_url).filled(:string)
38
- required(:realm).filled(:string)
39
- required(:client_id).filled(:string)
40
- required(:redirect_uri).filled(:string)
41
- required(:secret).filled(:string)
42
- required(:logout_redirect).filled(:string)
43
- required(:store_client).value(included_in?: %w[redis memcached])
44
- required(:store_client_options).hash(memcached_schema | redis_schema)
45
- optional(:scope).array(:str?)
46
- end
47
- end
48
-
49
- def memcached_schema
50
- Dry::Schema.JSON do
51
- required(:memcached_host).filled(:string)
52
- required(:memcached_port).filled(:integer)
53
- required(:memcached_namespace).filled(:string)
54
- end
55
- end
56
-
57
- def redis_schema
58
- Dry::Schema.JSON do
59
- required(:redis_host).filled(:string)
60
- required(:redis_port).filled(:integer)
61
- end
62
- end
63
-
64
56
  def register_containers(validated_config)
65
57
  register_urls(validated_config)
66
- register_queries
67
58
  register_store_client(validated_config)
68
59
  register_store
69
60
  register_code_verifier
@@ -79,42 +70,43 @@ module Hydra
79
70
  end
80
71
  end
81
72
 
82
- def register_queries
83
- container.register :queries do
84
- require 'hydra/keycloak/queries/gateway'
73
+ def register_store_client(config)
74
+ case config.fetch(:store_client)
75
+ when 'redis'
76
+ register_redis_store(config.fetch(:store_client_options))
77
+ when 'memcached'
78
+ register_memcached_store(config.fetch(:store_client_options))
79
+ end
80
+ end
81
+
82
+ def register_redis_store(redis_host:, redis_port:)
83
+ require 'hydra/keycloak/store/adapters/redis'
85
84
 
86
- ::Hydra::Keycloak::Queries::Gateway.new
85
+ container.register :redis do
86
+ ::Redis.new(host: redis_host, port: redis_port)
87
+ end
88
+
89
+ container.register :store_client do
90
+ require 'hydra/keycloak/store/redis_client'
91
+
92
+ ::Hydra::Keycloak::Store::RedisClient.new
87
93
  end
88
94
  end
89
95
 
90
- def register_store_client(config)
91
- case config[:store_client]
92
- when 'redis'
93
- require 'hydra/keycloak/store/adapters/redis'
96
+ def register_memcached_store(memcached_host:, memcached_port:, memcached_namespace:)
97
+ require 'hydra/keycloak/store/adapters/memcached'
94
98
 
95
- container.register :redis do
96
- ::Redis.new(host: config[:redis_host], port: config[:redis_port])
97
- end
99
+ container.register :dalli do
100
+ ::Dalli::Client.new(
101
+ "#{memcached_host}:#{memcached_port}",
102
+ namespace: memcached_namespace
103
+ )
104
+ end
98
105
 
99
- container.register :store_client do
100
- require 'hydra/keycloak/store/redis_client'
106
+ container.register :store_client do
107
+ require 'hydra/keycloak/store/memcached_client'
101
108
 
102
- ::Hydra::Keycloak::Store::RedisClient.new
103
- end
104
- when 'memcached'
105
- require 'hydra/keycloak/store/adapters/memcached'
106
- container.register :dalli do
107
- ::Dalli::Client.new(
108
- "#{config[:store_client_options][:memcached_host]}:#{config[:store_client_options][:memcached_port]}",
109
- namespace: config[:store_client_options][:memcached_namespace]
110
- )
111
- end
112
-
113
- container.register :store_client do
114
- require 'hydra/keycloak/store/memcached_client'
115
-
116
- ::Hydra::Keycloak::Store::MemcachedClient.new
117
- end
109
+ ::Hydra::Keycloak::Store::MemcachedClient.new
118
110
  end
119
111
  end
120
112
 
@@ -135,7 +127,7 @@ module Hydra
135
127
  class Client
136
128
  extend ::Hydra::Keycloak::Mixin
137
129
  include ::Dry::Monads[:result, :do]
138
- inject['urls', 'queries', 'store', 'code_verifier']
130
+ inject['urls', 'tokens_repo', 'store', 'code_verifier']
139
131
 
140
132
  def auth_url
141
133
  code_verifier.generate
@@ -143,9 +135,23 @@ module Hydra
143
135
  end
144
136
 
145
137
  def authenticate!(auth_code)
146
- return Failure(status: 400, code: :auth_code_was_not_received) unless auth_code
138
+ tokens_repo.get_tokens(auth_code, code_verifier.value).fmap do |tokens|
139
+ access_token = tokens[:access_token]
140
+ id_token = tokens[:id_token]
141
+ refresh_token = tokens[:refresh_token]
142
+
143
+ session_state = access_token.session_state
144
+
145
+ save_token(session_state, 'access_token', access_token)
146
+ save_token(session_state, 'id_token', id_token)
147
+ save_token(session_state, 'refresh_token', refresh_token)
148
+
149
+ session_state
150
+ end
151
+ end
147
152
 
148
- queries.get_tokens(auth_code, code_verifier.value).fmap do |tokens|
153
+ def authenticate_by_password!(username, password)
154
+ tokens_repo.get_tokens_by_password(username, password).fmap do |tokens|
149
155
  access_token = tokens[:access_token]
150
156
  id_token = tokens[:id_token]
151
157
  refresh_token = tokens[:refresh_token]
@@ -180,7 +186,7 @@ module Hydra
180
186
  access_token = yield fetch_token(session_state, 'access_token')
181
187
  end
182
188
 
183
- queries.token_introspect(access_token.source)
189
+ tokens_repo.introspect_token(access_token.source)
184
190
  end
185
191
 
186
192
  def access_token_jti(session_state)
@@ -198,7 +204,7 @@ module Hydra
198
204
  end
199
205
 
200
206
  def introspect_token(token)
201
- queries.token_introspect(token)
207
+ tokens_repo.introspect_token(token)
202
208
  end
203
209
 
204
210
  private
@@ -229,7 +235,7 @@ module Hydra
229
235
 
230
236
  def refresh_tokens(session_state)
231
237
  refresh_token = yield fetch_token(session_state, 'refresh_token')
232
- new_tokens = yield queries.refresh_tokens(refresh_token.source)
238
+ new_tokens = yield tokens_repo.refresh_tokens(refresh_token.source)
233
239
 
234
240
  yield save_token(session_state, 'access_token', new_tokens[:access_token])
235
241
  yield save_token(session_state, 'id_token', new_tokens[:id_token])
data/lib/hydra/keycloak/code_verifier.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'base64'
3
4
  require 'digest'
4
5
  require 'securerandom'
5
6
 
@@ -26,7 +27,7 @@ module Hydra
26
27
 
27
28
  def _generate_pkce(code_verifier)
28
29
  # https://datatracker.ietf.org/doc/html/rfc7636#section-4.6
29
- Digest::SHA256.base64digest(code_verifier).tr('+/', '-_').tr('=', '')
30
+ Base64.urlsafe_encode64(Digest::SHA256.digest(code_verifier), padding: false)
30
31
  end
31
32
  end
32
33
  end
data/lib/hydra/keycloak/container.rb CHANGED
@@ -8,10 +8,22 @@ module Hydra
8
8
  class Container
9
9
  extend Dry::Container::Mixin
10
10
 
11
- register(:http_client) do
12
- require 'hydra/keycloak/queries/http_client'
11
+ register(:http) do
12
+ require 'net/http'
13
13
 
14
- ::Hydra::Keycloak::Queries::HttpClient.new
14
+ Net::HTTP
15
+ end
16
+
17
+ register(:tokens_gateway) do
18
+ require 'hydra/keycloak/tokens/gateway'
19
+
20
+ ::Hydra::Keycloak::Tokens::Gateway.new
21
+ end
22
+
23
+ register(:tokens_repo) do
24
+ require 'hydra/keycloak/tokens/repo'
25
+
26
+ ::Hydra::Keycloak::Tokens::Repo.new
15
27
  end
16
28
  end
17
29
 
data/lib/hydra/keycloak/token.rb CHANGED
@@ -5,21 +5,22 @@ require 'jwt'
5
5
  module Hydra
6
6
  module Keycloak
7
7
  class Token
8
+ REGISTERED_CLAIMS = %i[iss sub aud exp nbf iat jti].freeze
9
+ PUBLIC_CLAIMS = %i[auth_time scope].freeze
10
+ PRIVATE_CLAIMS = %i[session_state resource_access].freeze
11
+
8
12
  attr_reader :source,
9
- :exp,
10
- :iat,
11
- :auth_time,
12
- :iss,
13
- :session_state,
14
- :scope,
15
- :jti
13
+ :data,
14
+ *REGISTERED_CLAIMS,
15
+ *PUBLIC_CLAIMS,
16
+ *PRIVATE_CLAIMS
16
17
 
17
18
  def initialize(source)
18
19
  @source = source
19
20
  @data = ::JWT.decode(source, nil, false).first.transform_keys(&:to_sym)
20
21
  end
21
22
 
22
- %i[exp iat auth_time iss session_state scope jti].each do |field|
23
+ [*REGISTERED_CLAIMS, *PUBLIC_CLAIMS, *PRIVATE_CLAIMS].each do |field|
23
24
  define_method(field) do
24
25
  @data.fetch(field)
25
26
  end
data/lib/hydra/keycloak/{queries/http_client.rb → tokens/gateway.rb} RENAMED
@@ -3,13 +3,18 @@
3
3
  require 'net/http'
4
4
  require 'json'
5
5
  require 'dry/monads'
6
+ require 'hydra/keycloak/container'
6
7
 
7
8
  module Hydra
8
9
  module Keycloak
9
- module Queries
10
- class HttpClient
10
+ module Tokens
11
+ class Gateway
12
+ extend ::Hydra::Keycloak::Mixin
13
+
11
14
  include ::Dry::Monads[:result]
12
15
 
16
+ inject['http']
17
+
13
18
  NETWORK_ERRORS = [Timeout::Error,
14
19
  Errno::EINVAL,
15
20
  Errno::ECONNRESET,
@@ -19,8 +24,8 @@ module Hydra
19
24
  Net::HTTPHeaderSyntaxError,
20
25
  Net::ProtocolError].freeze
21
26
 
22
- def do_post_request(path, body)
23
- response = Net::HTTP.post_form(URI(path), **body)
27
+ def post(path, body)
28
+ response = http.post_form(URI(path), **body)
24
29
 
25
30
  if response.code == '200'
26
31
  json = JSON.parse(response.body)
data/lib/hydra/keycloak/{queries/gateway.rb → tokens/repo.rb} RENAMED
@@ -7,15 +7,19 @@ require 'hydra/keycloak/token'
7
7
 
8
8
  module Hydra
9
9
  module Keycloak
10
- module Queries
11
- class Gateway
10
+ module Tokens
11
+ class Repo
12
12
  extend ::Hydra::Keycloak::Mixin
13
13
  include ::Dry::Monads[:result]
14
- inject['http_client', 'urls']
14
+ inject['tokens_gateway', 'urls']
15
15
 
16
16
  def get_tokens(auth_code, code_verifier)
17
- result = make_request(urls.token_endpoint,
18
- urls.token_request_body(auth_code, code_verifier))
17
+ return Failure(status: 400, code: :auth_code_was_not_received) unless auth_code
18
+
19
+ result = tokens_gateway.post(
20
+ urls.token_endpoint,
21
+ urls.auth_code_token_request_body(auth_code, code_verifier)
22
+ )
19
23
 
20
24
  result.fmap do |tokens|
21
25
  {
@@ -26,9 +30,28 @@ module Hydra
26
30
  end
27
31
  end
28
32
 
29
- def token_introspect(token)
30
- make_request(urls.introspection_endpoint,
31
- urls.introspection_request_body(token)).bind do |result|
33
+ def get_tokens_by_password(username, password)
34
+ return Failure(status: 400, code: :username_or_password_is_empty) if username.nil? || password.nil?
35
+
36
+ result = tokens_gateway.post(
37
+ urls.token_endpoint,
38
+ urls.password_token_request_body(username, password)
39
+ )
40
+
41
+ result.fmap do |tokens|
42
+ {
43
+ access_token: ::Hydra::Keycloak::Token.new(tokens['access_token']),
44
+ id_token: ::Hydra::Keycloak::Token.new(tokens['id_token']),
45
+ refresh_token: ::Hydra::Keycloak::Token.new(tokens['refresh_token'])
46
+ }
47
+ end
48
+ end
49
+
50
+ def introspect_token(token)
51
+ tokens_gateway.post(
52
+ urls.introspection_endpoint,
53
+ urls.introspection_request_body(token)
54
+ ).bind do |result|
32
55
  if result['active']
33
56
  Success(result)
34
57
  else
@@ -38,8 +61,10 @@ module Hydra
38
61
  end
39
62
 
40
63
  def refresh_tokens(refresh_token)
41
- make_request(urls.token_endpoint,
42
- urls.refresh_request_body(refresh_token)).bind do |result|
64
+ tokens_gateway.post(
65
+ urls.token_endpoint,
66
+ urls.refresh_request_body(refresh_token)
67
+ ).bind do |result|
43
68
  if result['error']
44
69
  Failure(status: 400, code: :token_refreshing_error)
45
70
  else
@@ -51,12 +76,6 @@ module Hydra
51
76
  end
52
77
  end
53
78
  end
54
-
55
- private
56
-
57
- def make_request(path, body)
58
- http_client.do_post_request(path, body)
59
- end
60
79
  end
61
80
  end
62
81
  end
data/lib/hydra/keycloak/urls.rb CHANGED
@@ -10,22 +10,26 @@ module Hydra
10
10
  end
11
11
 
12
12
  def auth_url(code_challenge)
13
- "#{@config[:auth_server_url]}" \
14
- "realms/#{@config[:realm]}/protocol/openid-connect/auth/?" \
15
- 'response_type=code&' \
16
- "client_id=#{@config[:client_id]}&" \
17
- "redirect_uri=#{@config[:redirect_uri]}&" \
18
- "nonce=#{@config[:secret]}&" \
19
- "scope=#{scope}&" \
20
- "code_challenge=#{code_challenge}&" \
21
- 'code_challenge_method=S256'
13
+ URI(URI.join(@config[:auth_server_url], "realms/#{@config[:realm]}/protocol/openid-connect/auth")).tap do |uri|
14
+ uri.query = URI.encode_www_form(
15
+ {
16
+ response_type: 'code',
17
+ client_id: @config[:client_id],
18
+ redirect_uri: @config[:redirect_uri],
19
+ nonce: @config[:secret],
20
+ scope: scope,
21
+ code_challenge: code_challenge,
22
+ code_challenge_method: 'S256'
23
+ }
24
+ )
25
+ end.to_s
22
26
  end
23
27
 
24
28
  def token_endpoint
25
- "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/token"
29
+ URI.join(@config[:auth_server_url], "realms/#{@config[:realm]}/protocol/openid-connect/token")
26
30
  end
27
31
 
28
- def token_request_body(auth_code, code_verifier)
32
+ def auth_code_token_request_body(auth_code, code_verifier)
29
33
  {
30
34
  grant_type: 'authorization_code',
31
35
  code: auth_code,
@@ -36,8 +40,19 @@ module Hydra
36
40
  }
37
41
  end
38
42
 
43
+ def password_token_request_body(username, password)
44
+ {
45
+ grant_type: 'password',
46
+ username: username,
47
+ password: password,
48
+ scope: scope,
49
+ client_id: @config[:client_id],
50
+ client_secret: @config[:secret]
51
+ }
52
+ end
53
+
39
54
  def introspection_endpoint
40
- "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/token/introspect"
55
+ URI.join(@config[:auth_server_url], "realms/#{@config[:realm]}/protocol/openid-connect/token/introspect")
41
56
  end
42
57
 
43
58
  def introspection_request_body(token)
@@ -50,9 +65,9 @@ module Hydra
50
65
  end
51
66
 
52
67
  def end_session_url(id_token)
53
- "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/logout" \
54
- "?id_token_hint=#{id_token}" \
55
- "&post_logout_redirect_uri=#{@config[:logout_redirect]}"
68
+ URI.join(@config[:auth_server_url], "realms/#{@config[:realm]}/protocol/openid-connect/logout").tap do |uri|
69
+ uri.query = URI.encode_www_form(id_token_hint: id_token, post_logout_redirect_uri: @config[:logout_redirect])
70
+ end.to_s
56
71
  end
57
72
 
58
73
  def refresh_request_body(refresh_token)
@@ -68,7 +83,7 @@ module Hydra
68
83
  private
69
84
 
70
85
  def scope
71
- (DEFAULT_SCOPE + @config[:scope]).join('%20')
86
+ [*DEFAULT_SCOPE, *@config[:scope]].join(' ')
72
87
  end
73
88
  end
74
89
  end
data/lib/hydra/keycloak/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Hydra
4
4
  module Keycloak
5
- VERSION = '0.1.13'
5
+ VERSION = '0.1.15'
6
6
  end
7
7
  end
data/release.sh ADDED
@@ -0,0 +1,9 @@
1
+ #!/usr/bin/env bash
2
+
3
+ mkdir -p $HOME/.gem
4
+ touch $HOME/.gem/credentials
5
+ chmod 0600 $HOME/.gem/credentials
6
+ printf -- "---\n:rubygems_api_key: $RUBYGEMS_TOKEN\n" > $HOME/.gem/credentials
7
+
8
+ gem build hydra-keycloak-client.gemspec
9
+ gem push hydra-keycloak-client-$RELEASE_VERSION.gem
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hydra-keycloak-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.13
4
+ version: 0.1.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Fedor Kosolapov
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-31 00:00:00.000000000 Z
11
+ date: 2022-12-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt
@@ -104,9 +104,11 @@ extensions: []
104
104
  extra_rdoc_files: []
105
105
  files:
106
106
  - ".github/workflows/main.yml"
107
+ - ".github/workflows/release.yml"
107
108
  - ".gitignore"
108
109
  - ".rspec"
109
110
  - ".rubocop.yml"
111
+ - Dockerfile.release
110
112
  - Dockerfile.test
111
113
  - Gemfile
112
114
  - Gemfile.lock
@@ -118,16 +120,17 @@ files:
118
120
  - lib/hydra/keycloak/client.rb
119
121
  - lib/hydra/keycloak/code_verifier.rb
120
122
  - lib/hydra/keycloak/container.rb
121
- - lib/hydra/keycloak/queries/gateway.rb
122
- - lib/hydra/keycloak/queries/http_client.rb
123
123
  - lib/hydra/keycloak/store/adapters/memcached.rb
124
124
  - lib/hydra/keycloak/store/adapters/redis.rb
125
125
  - lib/hydra/keycloak/store/gateway.rb
126
126
  - lib/hydra/keycloak/store/memcached_client.rb
127
127
  - lib/hydra/keycloak/store/redis_client.rb
128
128
  - lib/hydra/keycloak/token.rb
129
+ - lib/hydra/keycloak/tokens/gateway.rb
130
+ - lib/hydra/keycloak/tokens/repo.rb
129
131
  - lib/hydra/keycloak/urls.rb
130
132
  - lib/hydra/keycloak/version.rb
133
+ - release.sh
131
134
  - run_tests.sh
132
135
  homepage: https://github.com/hydra-billing/hydra-keycloak-client
133
136
  licenses: []
@@ -136,7 +139,7 @@ metadata:
136
139
  homepage_uri: https://github.com/hydra-billing/hydra-keycloak-client
137
140
  source_code_uri: https://github.com/hydra-billing/hydra-keycloak-client
138
141
  changelog_uri: https://github.com/hydra-billing/hydra-keycloak-client
139
- post_install_message:
142
+ post_install_message:
140
143
  rdoc_options: []
141
144
  require_paths:
142
145
  - lib
@@ -152,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
152
155
  version: '0'
153
156
  requirements: []
154
157
  rubygems_version: 3.1.6
155
- signing_key:
158
+ signing_key:
156
159
  specification_version: 4
157
160
  summary: Keycloak client for SSO
158
161
  test_files: []