keycloak-admin 0.6.5 → 0.7.4

data/lib/keycloak-admin/resource/base_role_containing_resource.rb

@@ -0,0 +1,26 @@
+module KeycloakAdmin
+  class BaseRoleContainingResource
+    def initialize(configuration, realm_client, resource_id)
+      @configuration = configuration
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+      @resource_id = resource_id
+    end
+
+    def resources_name
+      raise NotImplementedError.new('must override in subclass')
+    end
+
+    def resource_url
+      "#{@realm_client.realm_admin_url}/#{resources_name}/#{@resource_id}"
+    end
+
+    def client_role_mappings(client_id)
+      ClientRoleMappingsClient.new(@configuration, self, client_id)
+    end
+
+    def role_mapper
+      RoleMapperClient.new(@configuration, self)
+    end
+  end
+end

data/lib/keycloak-admin/resource/group_resource.rb

@@ -0,0 +1,7 @@
+module KeycloakAdmin
+  class GroupResource < BaseRoleContainingResource
+    def resources_name
+      "groups"
+    end
+  end
+end

data/lib/keycloak-admin/resource/user_resource.rb

@@ -0,0 +1,7 @@
+module KeycloakAdmin
+  class UserResource < BaseRoleContainingResource
+    def resources_name
+      "users"
+    end
+  end
+end

data/lib/keycloak-admin/version.rb

@@ -1,3 +1,3 @@
 module KeycloakAdmin
-  VERSION = "0.6.5"
+  VERSION = "0.7.4"
 end

data/spec/client/client_client_spec.rb

@@ -0,0 +1,53 @@
+RSpec.describe KeycloakAdmin::ClientClient do
+  describe "#clients_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:client_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).clients.clients_url(client_id)
+    end
+
+    context "when client_id is not defined" do
+      let(:client_id) { nil }
+      it "return a proper url without client id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/clients"
+      end
+    end
+
+    context "when client_id is defined" do
+      let(:client_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the client id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/clients/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @client_client = KeycloakAdmin.realm(realm_name).clients
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_client_id","name":"test_client_name"}]'
+    end
+
+    it "lists clients" do
+      clients = @client_client.list
+      expect(clients.length).to eq 1
+      expect(clients[0].name).to eq "test_client_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/clients", rest_client_options).and_call_original
+
+      clients = @client_client.list
+      expect(clients.length).to eq 1
+      expect(clients[0].name).to eq "test_client_name"
+    end
+  end
+end

data/spec/client/client_role_mappings_client_spec.rb

@@ -0,0 +1,82 @@
+RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
+  describe "#available_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id).list_available_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available"
+    end
+  end
+
+  describe "#list_available" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_role_id","name":"test_role_name"}]'
+    end
+
+    it "lists roles" do
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available",
+        rest_client_options
+      ).and_call_original
+
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+    let(:role_list) { [
+      KeycloakAdmin::RoleRepresentation.from_hash(
+        "name" => "test_role_name",
+        "composite" => false,
+        "clientRole" => false
+      )
+    ] }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
+    end
+
+    it "saves client role mappings" do
+      @client_role_mappings_client.save(role_list)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client", rest_client_options).and_call_original
+
+      @client_role_mappings_client.save(role_list)
+    end
+  end
+end

data/spec/client/client_spec.rb

@@ -0,0 +1,28 @@
+RSpec.describe KeycloakAdmin::Client do
+  describe "#execute_http" do
+    let(:realm_name) { "valid-realm" }
+    before(:each) do
+      @client = KeycloakAdmin::Client.new(KeycloakAdmin.config)
+    end
+
+    it "handles timeout" do
+      expect do
+        @client.execute_http do
+          raise RestClient::Exceptions::OpenTimeout.new
+        end
+      end.to raise_error(RestClient::Exceptions::OpenTimeout)
+    end
+
+    it "handles response exception" do
+      response = double
+      allow(response).to receive(:code).and_return 500
+      allow(response).to receive(:body).and_return "Server error"
+
+      expect do
+        @client.execute_http do
+          raise RestClient::ExceptionWithResponse.new(response)
+        end
+      end.to raise_error("Keycloak: The request failed with response code 500 and message: Server error")
+    end
+  end
+end

data/spec/client/group_client_spec.rb

@@ -0,0 +1,125 @@
+RSpec.describe KeycloakAdmin::GroupClient do
+  describe "#groups_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:group_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).groups.groups_url(group_id)
+    end
+
+    context "when group_id is not defined" do
+      let(:group_id) { nil }
+      it "return a proper url without group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups"
+      end
+    end
+
+    context "when group_id is defined" do
+      let(:group_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_group_id","name":"test_group_name"}]'
+    end
+
+    it "lists groups" do
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:group) { KeycloakAdmin::GroupRepresentation.from_hash(
+      "name" => "test_group_name"
+    )}
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      response = double
+      allow(response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(group.to_json, anything).and_return response
+    end
+
+    it "saves a group" do
+      @group_client.save(group)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      @group_client.save(group)
+    end
+  end
+
+  describe "#create" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      @response = double
+      allow(@response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      allow_any_instance_of(RestClient::Resource).to receive(:post).and_return @response
+    end
+
+    it "creates a group" do
+      stub_net_http_res(Net::HTTPCreated, 201, 'Created')
+
+      group_id = @group_client.create!("test_group_name")
+      expect(group_id).to eq 'be061c48-6edd-4783-a726-1a57d4bfa22b'
+    end
+
+    it "detects unexpected response to create a group" do
+      stub_net_http_res(Net::HTTPOK, 200, 'OK')
+
+      expect{ @group_client.create!("test_group_name") }.to raise_error(
+        'Create method returned status OK (Code: 200); expected status: Created (201)'
+      )
+    end
+
+    def stub_net_http_res(res_class, code, message)
+      net_http_res = double
+      allow(net_http_res).to receive(:message).and_return message
+      allow(net_http_res).to receive(:code).and_return code
+      allow(net_http_res).to receive(:is_a?) do |target_class|
+        target_class == res_class
+      end
+      allow(@response).to receive(:net_http_res).and_return net_http_res
+    end
+  end
+end

data/spec/client/realm_client_spec.rb

@@ -44,4 +44,112 @@ RSpec.describe KeycloakAdmin::RealmClient do
       end
     end
   end
+
+  describe "#list" do
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm('master')
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_realm","realm":"test_realm"}]'
+    end
+
+    it "lists realms" do
+      realms = @realm_client.list
+      expect(realms.length).to eq 1
+      expect(realms[0].realm).to eq "test_realm"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms", rest_client_options).and_call_original
+
+      realms = @realm_client.list
+      expect(realms.length).to eq 1
+      expect(realms[0].realm).to eq "test_realm"
+    end
+  end
+
+  describe "#delete" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(realm_name)
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:delete)
+    end
+
+    it "delete realm" do
+      expect(@realm_client.delete).to be_truthy
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm", rest_client_options).and_call_original
+
+      expect(@realm_client.delete).to be_truthy
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:realm) { KeycloakAdmin::RealmRepresentation.from_hash(
+      "id" => realm_name,
+      "realm" => realm_name
+    )}
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(nil)
+
+      stub_token_client
+
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(realm.to_json, anything)
+    end
+
+    it "saves a realm" do
+      @realm_client.save(realm)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms", rest_client_options).and_call_original
+
+      @realm_client.save(realm)
+    end
+  end
+
+  describe "#update" do
+    let(:realm_name) { "valid-realm" }
+    let(:realm_json) { { smtpServer: { host: 'test_host' } } }
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(realm_name)
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:put).with(realm_json.to_json, anything)
+    end
+
+    it "updates a realm" do
+      @realm_client.update(realm_json)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm", rest_client_options).and_call_original
+
+      @realm_client.update(realm_json)
+    end
+  end
 end