hydra-keycloak-client 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c0702045813eaac89c7c6de7629d3b1df9704e230491c7ad138f1c9bab5f2b0c
+  data.tar.gz: 0b40b85cb591c1f8a85d1689ce7d78d471c77053826604632b8fae0e90d37977
+SHA512:
+  metadata.gz: 7e297eeabbb1a26cfaa4299b9a76b963838eec4ef1e71ba7ab9d9195dd994d46db4eec80d2d8e525e3bbeed63e02ce11d7aaedb69e7bc309bab80acc3f760ae0
+  data.tar.gz: 19f1c1fd13474f31e040f6802dd8459f0ab3d0dffabc083de1f749ec5b50e53951fbb1f87b32401bec61434ba06f5c58d6cb225061de2509b80fab4ea0d363d6

data/Gemfile

@@ -0,0 +1,19 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in hydra-keycloak-client.gemspec
+gemspec
+
+gem "rake", "~> 12.0"
+gem "rspec", "~> 3.0"
+
+gem 'jwt'
+gem 'dalli'
+gem 'redis'
+
+gem 'dry-monads'
+gem 'dry-auto_inject'
+gem 'dry-container'
+gem 'dry-schema'
+gem 'dry-struct'
+
+gem 'pry'

data/Gemfile.lock

@@ -0,0 +1,88 @@
+PATH
+  remote: .
+  specs:
+    hydra-keycloak-client (0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    coderay (1.1.3)
+    concurrent-ruby (1.1.9)
+    dalli (3.1.1)
+    diff-lcs (1.4.4)
+    dry-auto_inject (0.8.0)
+      dry-container (>= 0.3.4)
+    dry-configurable (0.13.0)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.6)
+    dry-container (0.9.0)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.13, >= 0.13.0)
+    dry-core (0.7.1)
+      concurrent-ruby (~> 1.0)
+    dry-inflector (0.2.1)
+    dry-initializer (3.0.4)
+    dry-logic (1.2.0)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.5, >= 0.5)
+    dry-monads (1.4.0)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.7)
+    dry-schema (1.8.0)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.13, >= 0.13.0)
+      dry-core (~> 0.5, >= 0.5)
+      dry-initializer (~> 3.0)
+      dry-logic (~> 1.0)
+      dry-types (~> 1.5)
+    dry-struct (1.4.0)
+      dry-core (~> 0.5, >= 0.5)
+      dry-types (~> 1.5)
+      ice_nine (~> 0.11)
+    dry-types (1.5.1)
+      concurrent-ruby (~> 1.0)
+      dry-container (~> 0.3)
+      dry-core (~> 0.5, >= 0.5)
+      dry-inflector (~> 0.1, >= 0.1.2)
+      dry-logic (~> 1.0, >= 1.0.2)
+    ice_nine (0.11.2)
+    jwt (2.3.0)
+    method_source (1.0.0)
+    pry (0.14.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    rake (12.3.3)
+    redis (4.6.0)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  dalli
+  dry-auto_inject
+  dry-container
+  dry-monads
+  dry-schema
+  dry-struct
+  hydra-keycloak-client!
+  jwt
+  pry
+  rake (~> 12.0)
+  redis
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   2.2.25

data/README.md

@@ -0,0 +1,38 @@
+# Hydra::Keycloak::Client
+
+Keycloak client for SSO implementation.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'hydra-keycloak-client'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install hydra-keycloak-client
+
+## Usage
+
+Create client instance for usage:
+
+```
+keycloack_client = Hydra::Keycloak::ClientCreator.call(
+  config: {
+    auth_server_url:          "http://0.0.0.0:8080/auth/",
+    realm:                    "hydra",
+    client_id:                "hoper",
+    redirect_uri:             "http://localhost:3000/authenticate_by_keycloak",
+    secret:                   "1fad7395-de0e-456a-a559-2896aa82f5e3",
+    logout_redirect:          "http://localhost:3000",
+    memcached_host:           "localhost",
+    memcached_port:           "11211",
+    memcached_namespace:      "hoper",
+  })
+```

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "hydra/keycloak/client"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/hydra-keycloak-client.gemspec

@@ -0,0 +1,28 @@
+require './lib/hydra/keycloak/version'
+
+Gem::Specification.new do |spec|
+  spec.require_paths = ["lib"]
+  spec.name          = "hydra-keycloak-client"
+  spec.version       = Hydra::Keycloak::VERSION
+  spec.authors       = ["Fedor Kosolapov"]
+  spec.email         = ["f.kosolapov@latera.ru"]
+
+  spec.summary       = "Keycloak client for SSO"
+  spec.description   = "Keycloak client for SSO"
+  spec.homepage      = "https://github.com/latera/hydra-keycloak-client"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+
+  spec.metadata["allowed_push_host"] = "https://rubygems.org"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = spec.homepage
+  spec.metadata["changelog_uri"] = spec.homepage
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "bin"
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+end

data/lib/hydra/keycloak/client.rb

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+require 'dry/monads'
+require 'dry/auto_inject'
+require 'dry/container'
+require 'dry/schema'
+
+require 'hydra/keycloak/container'
+require 'hydra/keycloak/user_data'
+require 'hydra/keycloak/code_verifier'
+
+module Hydra
+  module Keycloak
+    class ConfigurationError < ::StandardError; end
+
+    class ClientCreator
+      extend ::Hydra::Keycloak::Mixin
+
+      def self.call(config:)
+        config_schema = Dry::Schema.JSON do
+          required(:auth_server_url).filled(:string)
+          required(:realm).filled(:string)
+          required(:client_id).filled(:string)
+          required(:redirect_uri).filled(:string)
+          required(:secret).filled(:string)
+          required(:logout_redirect).filled(:string)
+          required(:store_client).value(included_in?: ['redis', 'memcached'])
+
+          optional(:memcached).hash do
+            required(:memcached_host).filled(:string)
+            required(:memcached_port).filled(:string)
+            required(:memcached_namespace).filled(:string)
+          end
+
+          optional(:redis).hash do
+            required(:redis_host).filled(:string)
+            required(:redis_port).filled(:string)
+          end
+        end
+
+        validated_config = config_schema.call(config)
+
+        if validated_config.failure?
+          raise ConfigurationError, "Wrong configuration params: #{validated_config.errors(full: true).to_h}"
+        end
+
+        container.register :urls do
+          require 'hydra/keycloak/urls'
+
+          ::Hydra::Keycloak::Urls.new(validated_config)
+        end
+
+        container.register :queries do
+          require 'hydra/keycloak/queries/gateway'
+
+          ::Hydra::Keycloak::Queries::Gateway.new
+        end
+
+        if validated_config[:store_client] == :redis
+          container.register :redis do
+            require 'redis'
+  
+            ::Redis.new(host: validated_config[:redis_host], port: validated_config[:redis_port])
+          end
+  
+          container.register :store_client do
+            require 'hydra/keycloak/store/redis_client'
+  
+            ::Hydra::Keycloak::Store::RedisClient.new
+          end
+        else validated_config[:store_client] == :memcached
+          container.register :dalli do
+            require 'dalli'
+  
+            ::Dalli::Client.new(
+              "#{validated_config[:memcached_host]}:#{validated_config[:memcached_port]}",
+              namespace: validated_config[:memcached_namespace]
+            )
+          end
+  
+          container.register :store_client do
+            require 'hydra/keycloak/store/memcached_client'
+  
+            ::Hydra::Keycloak::Store::MemcachedClient.new
+          end
+        end 
+
+        container.register :store do
+          require 'hydra/keycloak/store/gateway'
+
+          ::Hydra::Keycloak::Store::Gateway.new
+        end
+
+        container.register(:code_verifier, ::Hydra::Keycloak::CodeVerifier.new)
+
+        ::Hydra::Keycloak::Client.new
+      end
+    end
+
+    class Client
+      extend ::Hydra::Keycloak::Mixin
+      include ::Dry::Monads[:result, :do]
+      inject['urls', 'queries', 'store', 'code_verifier']
+
+      def auth_url
+        code_verifier.generate
+        urls.auth_url(code_verifier.code_challenge)
+      end
+
+      def authenticate!(auth_code)
+        unless auth_code
+          return Failure(status: 400, code: :auth_code_was_not_received)
+        end
+
+        queries.get_tokens(auth_code, code_verifier.value).fmap do |tokens|
+          access_token  = tokens[:access_token]
+          id_token      = tokens[:id_token]
+          refresh_token = tokens[:refresh_token]
+
+          session_state = access_token.session_state
+
+          save_token(session_state, 'access_token',  access_token)
+          save_token(session_state, 'id_token',      id_token)
+          save_token(session_state, 'refresh_token', refresh_token)
+
+          session_state
+        end
+      end
+
+      def authenticated?(session_state)
+        fetch_token(session_state, 'access_token').success?
+      end
+
+      def user_data(session_state)
+        unless authenticated?(session_state)
+          return Failure(status: 400, code: :not_authenticated)
+        end
+
+        fetch_token(session_state, 'access_token').fmap do |access_token|
+          UserData.new(
+            username:                access_token[:login],
+            base_subject_id:         access_token[:base_subject_id],
+            subj_group_id:           access_token[:subj_group_id],
+            firm_id:                 access_token[:firm_id],
+            base_subject_first_name: access_token[:base_subject_first_name],
+            jti:                     access_token[:jti])
+        end
+      end
+
+      def access_token(session_state)
+        unless authenticated?(session_state)
+          return Failure(status: 400, code: :not_authenticated)
+        end
+
+        fetch_token(session_state, 'access_token')
+      end
+
+      def authorize!(session_state)
+        unless authenticated?(session_state)
+          return Failure(status: 400, code: :not_authenticated)
+        end
+
+        access_token = yield fetch_token(session_state, 'access_token')
+        if token_expired?(access_token)
+          refresh_tokens(session_state)
+
+          access_token = yield fetch_token(session_state, 'access_token')
+        end
+
+        queries.token_introspect(access_token.source)
+      end
+
+      def access_token_jti(session_state)
+        unless authenticated?(session_state)
+          return Failure(status: 400, code: :not_authenticated)
+        end
+
+        fetch_token(session_state, 'access_token').fmap do |access_token|
+          access_token.jti
+        end
+      end
+
+      def logout!(session_state)
+        fetch_token(session_state, 'id_token').bind do |id_token|
+          clear_tokens(session_state)
+
+          urls.end_session_url(id_token.source)
+        end
+      end
+
+      private
+
+      def save_token(session_state, token_name, token)
+        store.set("#{session_state}_#{token_name}", token.source)
+      end
+
+      def fetch_token(session_state, token_name)
+        store.get("#{session_state}_#{token_name}").bind do |value|
+          if value
+            Success(::Hydra::Keycloak::Token.new(value))
+          else
+            Failure(status: 400, code: :token_not_found)
+          end
+        end
+      end
+
+      def clear_tokens(session_state)
+        store.delete("#{session_state}_access_token")
+        store.delete("#{session_state}_id_token")
+        store.delete("#{session_state}_refresh_token")
+      end
+
+      def token_expired?(token)
+        token.exp <= Time.now.to_i
+      end
+
+      def refresh_tokens(session_state)
+        refresh_token = yield fetch_token(session_state, 'refresh_token')
+        new_tokens = yield queries.refresh_tokens(refresh_token.source)
+
+        yield save_token(session_state, 'access_token',  new_tokens[:access_token])
+        yield save_token(session_state, 'id_token',      new_tokens[:id_token])
+        yield save_token(session_state, 'refresh_token', new_tokens[:refresh_token])
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/code_verifier.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require "digest"
+require "securerandom"
+
+require 'hydra/keycloak/container'
+
+module Hydra
+  module Keycloak
+    class CodeVerifier
+      attr_reader :value, :code_challenge
+    
+      def generate
+        @value = _generate
+        @code_challenge = _generate_pkce(@value)
+      end
+    
+      private
+    
+      def _generate
+        # https://datatracker.ietf.org/doc/html/rfc7636#section-4.1
+        charset = Array('A'..'Z') + Array('a'..'z') + Array(0..9)
+        charset.push("-").push(".").push("_").push("~")  
+        Array.new(128) { charset.sample }.join
+      end
+
+      def _generate_pkce(code_verifier)
+        # https://datatracker.ietf.org/doc/html/rfc7636#section-4.6
+        Digest::SHA256.base64digest(code_verifier).tr("+/", "-_").tr("=", "")
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/container.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require 'dry/auto_inject'
+require 'dry/container'
+
+module Hydra
+  module Keycloak
+    class Container
+      extend Dry::Container::Mixin
+
+      register(:http_client) do
+        require 'hydra/keycloak/queries/http_client'
+
+        ::Hydra::Keycloak::Queries::HttpClient.new
+      end
+    end
+
+    Import = Dry::AutoInject(Container)
+
+    class << self
+      def inject(target)
+        -> *values { target.send(:include, Import[*values]) }
+      end
+  
+      def args_inject(target)
+        -> *values { target.send(:include, Import.args[*values]) }
+      end
+    end
+
+    module Mixin
+      def container
+        ::Hydra::Keycloak::Container
+      end
+  
+      def inject
+        ::Hydra::Keycloak.inject(self)
+      end
+  
+      def args_inject
+        ::Hydra::Keycloak.args_inject(self)
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/queries/gateway.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'dry/monads'
+require 'hydra/keycloak/container'
+require 'hydra/keycloak/token'
+
+module Hydra
+  module Keycloak
+    module Queries
+      class Gateway
+        extend ::Hydra::Keycloak::Mixin
+        include ::Dry::Monads[:result]
+        inject['http_client', 'urls']
+
+        def get_tokens(auth_code, code_verifier)
+          result = make_request(urls.token_endpoint,
+                                urls.token_request_body(auth_code, code_verifier))
+
+          result.fmap do |tokens|
+            {
+              access_token:  ::Hydra::Keycloak::Token.new(tokens['access_token']), 
+              id_token:      ::Hydra::Keycloak::Token.new(tokens['id_token']), 
+              refresh_token: ::Hydra::Keycloak::Token.new(tokens['refresh_token'])
+            }
+          end
+        end
+
+        def token_introspect(token)
+          make_request(urls.introspection_endpoint,
+                       urls.introspection_request_body(token)).bind do |result|
+            if result['active']
+              Success(result)
+            else
+              Failure(status: 400, code: :token_not_active)
+            end
+          end
+        end
+
+        def refresh_tokens(refresh_token)
+          make_request(urls.token_endpoint,
+                       urls.refresh_request_body(refresh_token)).bind do |result|
+            if result['error']
+              Failure(status: 400, code: :token_refreshing_error)
+            else
+              Success({
+                access_token:  ::Hydra::Keycloak::Token.new(result['access_token']), 
+                id_token:      ::Hydra::Keycloak::Token.new(result['id_token']), 
+                refresh_token: ::Hydra::Keycloak::Token.new(result['refresh_token'])
+              })
+            end
+          end
+        end
+
+        private
+
+        def make_request(path, body)
+          http_client.do_post_request(path, body)
+        end
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/queries/http_client.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'json'
+require 'dry/monads'
+
+module Hydra
+  module Keycloak
+    module Queries
+      class HttpClient
+        include ::Dry::Monads[:result]
+
+        NetworkErrors = [Timeout::Error,
+                         Errno::EINVAL,
+                         Errno::ECONNRESET,
+                         EOFError,
+                         Errno::ECONNREFUSED,
+                         Net::HTTPBadResponse,
+                         Net::HTTPHeaderSyntaxError,
+                         Net::ProtocolError]
+
+        def do_post_request(path, body)
+          response = Net::HTTP.post_form(URI(path), **body)
+
+          if response.code == '200'
+            json = JSON.parse(response.body)
+
+            Success(json)
+          else
+            Failure(status: response.code, code: :bad_keycloak_response)
+          end
+        rescue *NetworkErrors
+          Failure(status: 400, code: :keycloak_unavailable)
+        rescue JSON::ParserError
+          Failure(status: 400, code: :json_parser_error)
+        end
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/store/gateway.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'hydra/keycloak/container'
+
+module Hydra
+  module Keycloak
+    module Store
+      class Gateway
+        extend ::Hydra::Keycloak::Mixin
+        inject['store_client']
+
+        def set(key, value)
+          store_client.set(key, value)
+        end
+
+        def get(key)
+          store_client.get(key)
+        end
+
+        def delete(key)
+          store_client.delete(key)
+        end
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/store/memcached_client.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'dalli'
+require 'dry/monads'
+require 'dry/auto_inject'
+
+module Hydra
+  module Keycloak
+    module Store
+      class MemcachedClient
+        extend ::Hydra::Keycloak::Mixin
+        include ::Dry::Monads[:result]
+        inject['dalli']
+
+        def set(key, value)
+          dalli.set(key, value)
+
+          Success(:ok)
+        rescue Dalli::DalliError
+          Failure(status: 400, code: :memcached_unavailable)
+        end
+
+        def get(key)
+          Success(dalli.get(key))
+        rescue Dalli::DalliError
+          Failure(status: 400, code: :memcached_unavailable)
+        end
+
+        def delete(key)
+          dalli.delete(key)
+
+          Success(:ok)
+        rescue Dalli::DalliError
+          Failure(status: 400, code: :memcached_unavailable)
+        end
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/token.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'jwt'
+
+module Hydra
+  module Keycloak
+    class Token
+      attr_reader :source,
+                  :exp,
+                  :iat,
+                  :auth_time,
+                  :iss,
+                  :session_state,
+                  :scope,
+                  :jti
+
+      def initialize(source)
+        @source = source
+        @data = ::JWT.decode(source, nil, false).first.transform_keys(&:to_sym)
+      end
+
+      %i(exp iat auth_time iss session_state scope jti).each do |field|
+        define_method(field) do
+          @data.fetch(field)
+        end
+      end
+
+      def [](key)
+        @data.fetch(key)
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/urls.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+module Hydra
+  module Keycloak
+    class Urls
+      def initialize(config)
+        @config = config
+      end
+
+      def auth_url(code_challenge)
+        "#{@config[:auth_server_url]}" \
+          "realms/#{@config[:realm]}/protocol/openid-connect/auth/?" \
+          'response_type=code&' \
+          "client_id=#{@config[:client_id]}&" \
+          "redirect_uri=#{@config[:redirect_uri]}&" \
+          "nonce=#{@config[:secret]}&" \
+          'scope=openid&' \
+          "code_challenge=#{code_challenge}&" \
+          "code_challenge_method=S256"
+      end
+
+      def token_endpoint
+        "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/token"
+      end
+
+      def token_request_body(auth_code, code_verifier)
+        {
+          grant_type: 'authorization_code',
+          code: auth_code,
+          redirect_uri: @config[:redirect_uri],
+          client_id: @config[:client_id],
+          client_secret: @config[:secret],
+          code_verifier: code_verifier
+        }
+      end
+
+      def introspection_endpoint
+        "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/token/introspect"
+      end
+
+      def introspection_request_body(token)
+        {
+          token: token,
+          token_type_hint: 'access_token',
+          client_id: @config[:client_id],
+          client_secret: @config[:secret]
+        }
+      end
+
+      def end_session_url(id_token)
+        "#{@config[:auth_server_url]}realms/#{@config[:realm]}/protocol/openid-connect/logout" \
+        "?id_token_hint=#{id_token}" \
+        "&post_logout_redirect_uri=#{@config[:logout_redirect]}"
+      end
+
+      def refresh_request_body(refresh_token)
+        {
+          client_id: @config[:client_id],
+          client_secret: @config[:secret],
+          grant_type: 'refresh_token',
+          refresh_token: refresh_token,
+          scope: 'openid'
+        }
+      end
+    end
+  end
+end

data/lib/hydra/keycloak/user_data.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'dry/struct'
+
+module Hydra
+  module Keycloak
+    module Types
+      include Dry.Types()
+    end
+
+    class UserData < Dry::Struct
+      attribute :username, Types::String
+      attribute :base_subject_id, Types::Coercible::Integer
+      attribute :subj_group_id, Types::Coercible::Integer
+      attribute :firm_id, Types::Coercible::Integer
+      attribute :base_subject_first_name, Types::String
+      attribute :jti, Types::String
+    end
+  end
+end

data/lib/hydra/keycloak/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Hydra
+  module Keycloak
+    VERSION = '0.1.1'
+  end
+end

metadata

@@ -0,0 +1,66 @@
+--- !ruby/object:Gem::Specification
+name: hydra-keycloak-client
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Fedor Kosolapov
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2022-02-08 00:00:00.000000000 Z
+dependencies: []
+description: Keycloak client for SSO
+email:
+- f.kosolapov@latera.ru
+executables:
+- console
+- setup
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- hydra-keycloak-client.gemspec
+- lib/hydra/keycloak/client.rb
+- lib/hydra/keycloak/code_verifier.rb
+- lib/hydra/keycloak/container.rb
+- lib/hydra/keycloak/queries/gateway.rb
+- lib/hydra/keycloak/queries/http_client.rb
+- lib/hydra/keycloak/store/gateway.rb
+- lib/hydra/keycloak/store/memcached_client.rb
+- lib/hydra/keycloak/token.rb
+- lib/hydra/keycloak/urls.rb
+- lib/hydra/keycloak/user_data.rb
+- lib/hydra/keycloak/version.rb
+homepage: https://github.com/latera/hydra-keycloak-client
+licenses: []
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/latera/hydra-keycloak-client
+  source_code_uri: https://github.com/latera/hydra-keycloak-client
+  changelog_uri: https://github.com/latera/hydra-keycloak-client
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.6
+signing_key:
+specification_version: 4
+summary: Keycloak client for SSO
+test_files: []