hydra-keycloak-client 0.1.8 → 0.1.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4e7087568f245ec3f7b88cf24e7006da3e74bda757177d44ca109e914d4e7814
-  data.tar.gz: 2643f7fe37e38a43f9052d006a3693e335b4721d051dd66169a7c8dc99d3a1fc
+  metadata.gz: 84abeff9bb6fc129c0f1735211b5b519ca9d5570bad6d240c196a7eab5187e17
+  data.tar.gz: 39ba322f013e055547490e6661d6b3f37fb658eaa2a7a582c0c17e42f028afc5
 SHA512:
-  metadata.gz: 847680ed2c9520cabbd720929d264fd901138aca6069b319a7a577a098a1991fe54d34714a4e1a64e1ead16ebe4b53e15c2c496c5c556930335386282792bf75
-  data.tar.gz: 4a6baa901c8d4fae1b2658849a459d844b585368fb587ac02e673c9442e798f8161dde3bb53b2a1e5457a8f07090150637db76a71ea6df8ada3e43530b222c31
+  metadata.gz: 4b26d5274c9b28d2a8d8b93fbdb0d0277ddfd783f613228963277f8b562bcbe751156aa0fbf2599853266f28724a0d2230345311814f839b2a64200bce1c9a86
+  data.tar.gz: 352f55a4a3a39886aa9446a56edfa63c618760b2d34c0da43f470ad2eb59356e84c4ed027a6d74d917c7aa610c08ce6a1cba4fffddc6b8fc03fdda9aa6676cc0

data/.github/workflows/main.yml

@@ -12,5 +12,8 @@ jobs:
     - name: Build image
       run: docker build -f Dockerfile.test -t hkc_test_image .
 
+    - name: Run rubocop
+      run: docker run hkc_test_image rubocop
+
     - name: Run tests
       run: docker run hkc_test_image rspec

data/.rubocop.yml

@@ -0,0 +1,13 @@
+AllCops:
+  TargetRubyVersion: 2.5.8
+  Exclude:
+    - 'spec/**/**/*'
+
+Style/Documentation:
+  Enabled: false
+
+Metrics/AbcSize:
+  Max: 50
+
+Metrics/MethodLength:
+  Max: 30

data/Dockerfile.test

@@ -4,4 +4,3 @@ COPY . /app
 WORKDIR /app
 
 RUN bundle install
-CMD bundle exec rspec

data/Gemfile

@@ -1,9 +1,12 @@
-source "https://rubygems.org"
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
 
 # Specify your gem's dependencies in hydra-keycloak-client.gemspec
 gemspec
 
-gem "rake", "~> 12.0"
-gem "rspec", "~> 3.0"
+gem 'rake', '~> 12.0'
+gem 'rspec', '~> 3.0'
+gem 'rubocop', '~> 1.26'
 
 gem 'pry'

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hydra-keycloak-client (0.1.8)
+    hydra-keycloak-client (0.1.9)
       dalli
       dry-auto_inject
       dry-container
@@ -14,6 +14,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
+    ast (2.4.2)
     coderay (1.1.3)
     concurrent-ruby (1.1.9)
     dalli (3.2.1)
@@ -56,11 +57,17 @@ GEM
     ice_nine (0.11.2)
     jwt (2.3.0)
     method_source (1.0.0)
+    parallel (1.21.0)
+    parser (3.1.1.0)
+      ast (~> 2.4.1)
     pry (0.14.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
+    rainbow (3.1.1)
     rake (12.3.3)
     redis (4.6.0)
+    regexp_parser (2.2.1)
+    rexml (3.2.5)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
@@ -74,6 +81,19 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.3)
+    rubocop (1.26.0)
+      parallel (~> 1.10)
+      parser (>= 3.1.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.16.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.16.0)
+      parser (>= 3.1.1.0)
+    ruby-progressbar (1.11.0)
+    unicode-display_width (2.1.0)
 
 PLATFORMS
   ruby
@@ -83,6 +103,7 @@ DEPENDENCIES
   pry
   rake (~> 12.0)
   rspec (~> 3.0)
+  rubocop (~> 1.26)
 
 BUNDLED WITH
    2.2.25

data/Rakefile

@@ -1,6 +1,8 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/bin/console

@@ -1,7 +1,8 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
-require "bundler/setup"
-require "hydra/keycloak/client"
+require 'bundler/setup'
+require 'hydra/keycloak/client'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +11,5 @@ require "hydra/keycloak/client"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start(__FILE__)

data/hydra-keycloak-client.gemspec

@@ -1,38 +1,40 @@
+# frozen_string_literal: true
+
 require './lib/hydra/keycloak/version'
 
 Gem::Specification.new do |spec|
-  spec.require_paths = ["lib"]
-  spec.name          = "hydra-keycloak-client"
+  spec.require_paths = ['lib']
+  spec.name          = 'hydra-keycloak-client'
   spec.version       = Hydra::Keycloak::VERSION
-  spec.authors       = ["Fedor Kosolapov"]
-  spec.email         = ["f.kosolapov@latera.ru"]
+  spec.authors       = ['Fedor Kosolapov']
+  spec.email         = ['f.kosolapov@latera.ru']
 
-  spec.summary       = "Keycloak client for SSO"
-  spec.description   = "Keycloak client for SSO"
-  spec.homepage      = "https://github.com/latera/hydra-keycloak-client"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+  spec.summary       = 'Keycloak client for SSO'
+  spec.description   = 'Keycloak client for SSO'
+  spec.homepage      = 'https://github.com/latera/hydra-keycloak-client'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.8')
 
-  spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  spec.metadata['allowed_push_host'] = 'https://rubygems.org'
 
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = spec.homepage
-  spec.metadata["changelog_uri"] = spec.homepage
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = spec.homepage
+  spec.metadata['changelog_uri'] = spec.homepage
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "bin"
+  spec.bindir        = 'bin'
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
 
-  spec.add_dependency('jwt')
   spec.add_dependency('dalli')
+  spec.add_dependency('jwt')
   spec.add_dependency('redis')
 
-  spec.add_dependency('dry-monads')
   spec.add_dependency('dry-auto_inject')
   spec.add_dependency('dry-container')
+  spec.add_dependency('dry-monads')
   spec.add_dependency('dry-schema')
   spec.add_dependency('dry-struct')
 end

data/lib/hydra/keycloak/client.rb

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 require 'dry/monads'
 require 'dry/auto_inject'
 require 'dry/container'
@@ -14,85 +15,120 @@ module Hydra
     class ClientCreator
       extend ::Hydra::Keycloak::Mixin
 
-      def self.call(config:)
-        memcached_schema = Dry::Schema.JSON do
-          required(:memcached_host).filled(:string)
-          required(:memcached_port).filled(:string)
-          required(:memcached_namespace).filled(:string)
+      class << self
+        def call(config:)
+          register_containers(validate_config(config))
         end
 
-        redis_schema = Dry::Schema.JSON do
-          required(:redis_host).filled(:string)
-          required(:redis_port).filled(:string)
-        end
+        def validate_config(config)
+          validated_config = config_schema.call(config)
+
+          if validated_config.failure?
+            raise ConfigurationError, "Wrong configuration params: #{validated_config.errors(full: true).to_h}"
+          end
 
-        config_schema = Dry::Schema.JSON do
-          required(:auth_server_url).filled(:string)
-          required(:realm).filled(:string)
-          required(:client_id).filled(:string)
-          required(:redirect_uri).filled(:string)
-          required(:secret).filled(:string)
-          required(:logout_redirect).filled(:string)
-          required(:store_client).value(included_in?: ['redis', 'memcached'])
-          required(:store_client_options).hash(memcached_schema | redis_schema)
+          validated_config
+        end
+
+        def config_schema
+          memcached_schema = ::Hydra::Keycloak::ClientCreator.memcached_schema
+          redis_schema     = ::Hydra::Keycloak::ClientCreator.redis_schema
+          Dry::Schema.JSON do
+            required(:auth_server_url).filled(:string)
+            required(:realm).filled(:string)
+            required(:client_id).filled(:string)
+            required(:redirect_uri).filled(:string)
+            required(:secret).filled(:string)
+            required(:logout_redirect).filled(:string)
+            required(:store_client).value(included_in?: %w[redis memcached])
+            required(:store_client_options).hash(memcached_schema | redis_schema)
+          end
         end
 
-        validated_config = config_schema.call(config)
+        def memcached_schema
+          Dry::Schema.JSON do
+            required(:memcached_host).filled(:string)
+            required(:memcached_port).filled(:string)
+            required(:memcached_namespace).filled(:string)
+          end
+        end
 
-        if validated_config.failure?
-          raise ConfigurationError, "Wrong configuration params: #{validated_config.errors(full: true).to_h}"
+        def redis_schema
+          Dry::Schema.JSON do
+            required(:redis_host).filled(:string)
+            required(:redis_port).filled(:string)
+          end
         end
 
-        container.register :urls do
-          require 'hydra/keycloak/urls'
+        def register_containers(validated_config)
+          register_urls(validated_config)
+          register_queries
+          register_store_client(validated_config)
+          register_store
+          register_code_verifier
 
-          ::Hydra::Keycloak::Urls.new(validated_config)
+          ::Hydra::Keycloak::Client.new
         end
 
-        container.register :queries do
-          require 'hydra/keycloak/queries/gateway'
+        def register_urls(config)
+          container.register :urls do
+            require 'hydra/keycloak/urls'
 
-          ::Hydra::Keycloak::Queries::Gateway.new
+            ::Hydra::Keycloak::Urls.new(config)
+          end
         end
 
-        if validated_config[:store_client] == 'redis'
-          container.register :redis do
-            require 'redis'
-  
-            ::Redis.new(host: validated_config[:redis_host], port: validated_config[:redis_port])
-          end
-  
-          container.register :store_client do
-            require 'hydra/keycloak/store/redis_client'
-  
-            ::Hydra::Keycloak::Store::RedisClient.new
-          end
-        elsif validated_config[:store_client] == 'memcached'
-          container.register :dalli do
-            require 'dalli'
-  
-            ::Dalli::Client.new(
-              "#{validated_config[:store_client_options][:memcached_host]}:#{validated_config[:store_client_options][:memcached_port]}",
-              namespace: validated_config[:store_client_options][:memcached_namespace]
-            )
-          end
-  
-          container.register :store_client do
-            require 'hydra/keycloak/store/memcached_client'
-  
-            ::Hydra::Keycloak::Store::MemcachedClient.new
+        def register_queries
+          container.register :queries do
+            require 'hydra/keycloak/queries/gateway'
+
+            ::Hydra::Keycloak::Queries::Gateway.new
           end
-        end 
+        end
+
+        def register_store_client(config)
+          case config[:store_client]
+          when 'redis'
+            container.register :redis do
+              require 'redis'
 
-        container.register :store do
-          require 'hydra/keycloak/store/gateway'
+              ::Redis.new(host: config[:redis_host], port: config[:redis_port])
+            end
 
-          ::Hydra::Keycloak::Store::Gateway.new
+            container.register :store_client do
+              require 'hydra/keycloak/store/redis_client'
+
+              ::Hydra::Keycloak::Store::RedisClient.new
+            end
+          when 'memcached'
+            container.register :dalli do
+              require 'dalli'
+
+              ::Dalli::Client.new(
+                "#{config[:store_client_options][:memcached_host]}:#{config[:store_client_options][:memcached_port]}",
+                namespace: config[:store_client_options][:memcached_namespace]
+              )
+            end
+
+            container.register :store_client do
+              require 'hydra/keycloak/store/memcached_client'
+
+              ::Hydra::Keycloak::Store::MemcachedClient.new
+            end
+          end
         end
 
-        container.register(:code_verifier, ::Hydra::Keycloak::CodeVerifier.new)
+        def register_store
+          container.register :store do
+            require 'hydra/keycloak/store/gateway'
+
+            ::Hydra::Keycloak::Store::Gateway.new
+          end
+        end
 
-        ::Hydra::Keycloak::Client.new
+        def register_code_verifier
+          container.register(:code_verifier, ::Hydra::Keycloak::CodeVerifier.new)
+        end
       end
     end
 
@@ -107,9 +143,7 @@ module Hydra
       end
 
       def authenticate!(auth_code)
-        unless auth_code
-          return Failure(status: 400, code: :auth_code_was_not_received)
-        end
+        return Failure(status: 400, code: :auth_code_was_not_received) unless auth_code
 
         queries.get_tokens(auth_code, code_verifier.value).fmap do |tokens|
           access_token  = tokens[:access_token]
@@ -131,17 +165,13 @@ module Hydra
       end
 
       def access_token(session_state)
-        unless authenticated?(session_state)
-          return Failure(status: 400, code: :not_authenticated)
-        end
+        return Failure(status: 400, code: :not_authenticated) unless authenticated?(session_state)
 
         fetch_token(session_state, 'access_token')
       end
 
       def authorize!(session_state)
-        unless authenticated?(session_state)
-          return Failure(status: 400, code: :not_authenticated)
-        end
+        return Failure(status: 400, code: :not_authenticated) unless authenticated?(session_state)
 
         access_token = yield fetch_token(session_state, 'access_token')
         if token_expired?(access_token)
@@ -154,13 +184,9 @@ module Hydra
       end
 
       def access_token_jti(session_state)
-        unless authenticated?(session_state)
-          return Failure(status: 400, code: :not_authenticated)
-        end
+        return Failure(status: 400, code: :not_authenticated) unless authenticated?(session_state)
 
-        fetch_token(session_state, 'access_token').fmap do |access_token|
-          access_token.jti
-        end
+        fetch_token(session_state, 'access_token').fmap(&:jti)
       end
 
       def logout!(session_state)

data/lib/hydra/keycloak/code_verifier.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require "digest"
-require "securerandom"
+require 'digest'
+require 'securerandom'
 
 require 'hydra/keycloak/container'
 
@@ -9,24 +9,24 @@ module Hydra
   module Keycloak
     class CodeVerifier
       attr_reader :value, :code_challenge
-    
+
       def generate
         @value = _generate
         @code_challenge = _generate_pkce(@value)
       end
-    
+
       private
-    
+
       def _generate
         # https://datatracker.ietf.org/doc/html/rfc7636#section-4.1
         charset = Array('A'..'Z') + Array('a'..'z') + Array(0..9)
-        charset.push("-").push(".").push("_").push("~")  
+        charset.push('-').push('.').push('_').push('~')
         Array.new(128) { charset.sample }.join
       end
 
       def _generate_pkce(code_verifier)
         # https://datatracker.ietf.org/doc/html/rfc7636#section-4.6
-        Digest::SHA256.base64digest(code_verifier).tr("+/", "-_").tr("=", "")
+        Digest::SHA256.base64digest(code_verifier).tr('+/', '-_').tr('=', '')
       end
     end
   end

data/lib/hydra/keycloak/container.rb

@@ -19,11 +19,11 @@ module Hydra
 
     class << self
       def inject(target)
-        -> *values { target.send(:include, Import[*values]) }
+        ->(*values) { target.send(:include, Import[*values]) }
       end
-  
+
       def args_inject(target)
-        -> *values { target.send(:include, Import.args[*values]) }
+        ->(*values) { target.send(:include, Import.args[*values]) }
       end
     end
 
@@ -31,11 +31,11 @@ module Hydra
       def container
         ::Hydra::Keycloak::Container
       end
-  
+
       def inject
         ::Hydra::Keycloak.inject(self)
       end
-  
+
       def args_inject
         ::Hydra::Keycloak.args_inject(self)
       end

data/lib/hydra/keycloak/queries/gateway.rb

@@ -19,8 +19,8 @@ module Hydra
 
           result.fmap do |tokens|
             {
-              access_token:  ::Hydra::Keycloak::Token.new(tokens['access_token']), 
-              id_token:      ::Hydra::Keycloak::Token.new(tokens['id_token']), 
+              access_token: ::Hydra::Keycloak::Token.new(tokens['access_token']),
+              id_token: ::Hydra::Keycloak::Token.new(tokens['id_token']),
               refresh_token: ::Hydra::Keycloak::Token.new(tokens['refresh_token'])
             }
           end
@@ -44,10 +44,10 @@ module Hydra
               Failure(status: 400, code: :token_refreshing_error)
             else
               Success({
-                access_token:  ::Hydra::Keycloak::Token.new(result['access_token']), 
-                id_token:      ::Hydra::Keycloak::Token.new(result['id_token']), 
-                refresh_token: ::Hydra::Keycloak::Token.new(result['refresh_token'])
-              })
+                        access_token: ::Hydra::Keycloak::Token.new(result['access_token']),
+                        id_token: ::Hydra::Keycloak::Token.new(result['id_token']),
+                        refresh_token: ::Hydra::Keycloak::Token.new(result['refresh_token'])
+                      })
             end
           end
         end

data/lib/hydra/keycloak/queries/http_client.rb

@@ -10,14 +10,14 @@ module Hydra
       class HttpClient
         include ::Dry::Monads[:result]
 
-        NetworkErrors = [Timeout::Error,
-                         Errno::EINVAL,
-                         Errno::ECONNRESET,
-                         EOFError,
-                         Errno::ECONNREFUSED,
-                         Net::HTTPBadResponse,
-                         Net::HTTPHeaderSyntaxError,
-                         Net::ProtocolError]
+        NETWORK_ERRORS = [Timeout::Error,
+                          Errno::EINVAL,
+                          Errno::ECONNRESET,
+                          EOFError,
+                          Errno::ECONNREFUSED,
+                          Net::HTTPBadResponse,
+                          Net::HTTPHeaderSyntaxError,
+                          Net::ProtocolError].freeze
 
         def do_post_request(path, body)
           response = Net::HTTP.post_form(URI(path), **body)
@@ -29,7 +29,7 @@ module Hydra
           else
             Failure(status: response.code, code: :bad_keycloak_response)
           end
-        rescue *NetworkErrors
+        rescue *NETWORK_ERRORS
           Failure(status: 400, code: :keycloak_unavailable)
         rescue JSON::ParserError
           Failure(status: 400, code: :json_parser_error)

data/lib/hydra/keycloak/token.rb

@@ -19,7 +19,7 @@ module Hydra
         @data = ::JWT.decode(source, nil, false).first.transform_keys(&:to_sym)
       end
 
-      %i(exp iat auth_time iss session_state scope jti).each do |field|
+      %i[exp iat auth_time iss session_state scope jti].each do |field|
         define_method(field) do
           @data.fetch(field)
         end

data/lib/hydra/keycloak/urls.rb

@@ -16,7 +16,7 @@ module Hydra
           "nonce=#{@config[:secret]}&" \
           'scope=openid&' \
           "code_challenge=#{code_challenge}&" \
-          "code_challenge_method=S256"
+          'code_challenge_method=S256'
       end
 
       def token_endpoint

data/lib/hydra/keycloak/version.rb

@@ -2,6 +2,6 @@
 
 module Hydra
   module Keycloak
-    VERSION = '0.1.8'
+    VERSION = '0.1.9'
   end
 end

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: hydra-keycloak-client
 version: !ruby/object:Gem::Version
-  version: 0.1.8
+  version: 0.1.9
 platform: ruby
 authors:
 - Fedor Kosolapov
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-14 00:00:00.000000000 Z
+date: 2022-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: jwt
+  name: dalli
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -25,7 +25,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: dalli
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -53,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: dry-monads
+  name: dry-auto_inject
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -67,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: dry-auto_inject
+  name: dry-container
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -81,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: dry-container
+  name: dry-monads
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -132,6 +132,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".github/workflows/main.yml"
+- ".rubocop.yml"
 - Dockerfile.test
 - Gemfile
 - Gemfile.lock
@@ -166,7 +167,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.5.8
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="