keycloak-admin 0.7.0 → 0.7.1

data/lib/keycloak-admin/client/role_client.rb

@@ -0,0 +1,32 @@
+module KeycloakAdmin
+  class RoleClient < Client
+    def initialize(configuration, realm_client)
+      super(configuration)
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+    end
+
+    def list
+      response = execute_http do
+        RestClient::Resource.new(roles_url, @configuration.rest_client_options).get(headers)
+      end
+      JSON.parse(response).map { |role_as_hash| RoleRepresentation.from_hash(role_as_hash) }
+    end
+
+    def save(role_representation)
+      execute_http do
+        RestClient::Resource.new(roles_url, @configuration.rest_client_options).post(
+          role_representation.to_json, headers
+        )
+      end
+    end
+
+    def roles_url(id=nil)
+      if id
+        "#{@realm_client.realm_admin_url}/roles/#{id}"
+      else
+        "#{@realm_client.realm_admin_url}/roles"
+      end
+    end
+  end
+end

data/lib/keycloak-admin/client/user_client.rb

@@ -13,7 +13,9 @@ module KeycloakAdmin
 
     def save(user_representation)
       execute_http do
-        RestClient.post(users_url, user_representation.to_json, headers)
+        RestClient::Resource.new(users_url, @configuration.rest_client_options).post(
+          user_representation.to_json, headers
+        )
       end
       user_representation
     end
@@ -30,12 +32,17 @@ module KeycloakAdmin
     end
 
     def search(query)
+      derived_headers = query ? headers.merge({params: { search: query }}) : headers
       response = execute_http do
-        RestClient.get(users_url, headers.merge({params: { search: query }}))
+        RestClient::Resource.new(users_url, @configuration.rest_client_options).get(derived_headers)
       end
       JSON.parse(response).map { |user_as_hash| UserRepresentation.from_hash(user_as_hash) }
     end
 
+    def list
+      search(nil)
+    end
+
     def delete(user_id)
       execute_http do
         RestClient::Resource.new(users_url(user_id), @configuration.rest_client_options).delete(headers)

data/lib/keycloak-admin/representation/camel_json.rb

@@ -5,7 +5,7 @@ module KeycloakAdmin
       if first_letter_in_uppercase
         lower_case_and_underscored_word.to_s.gsub(/\/(.?)/) { "::" + $1.upcase }.gsub(/(^|_)(.)/) { $2.upcase }
       else
-        lower_case_and_underscored_word.first + camelize(lower_case_and_underscored_word)[1..-1]
+        lower_case_and_underscored_word[0] + camelize(lower_case_and_underscored_word)[1..-1]
       end
     end
   end

data/lib/keycloak-admin/representation/client_representation.rb

@@ -0,0 +1,16 @@
+module KeycloakAdmin
+  class ClientRepresentation < Representation
+    attr_accessor :id,
+      :name,
+      :client_id
+    # TODO: Add more attributes
+
+    def self.from_hash(hash)
+      client           = new
+      client.id        = hash["id"]
+      client.name      = hash["name"]
+      client.client_id = hash["clientId"]
+      client
+    end
+  end
+end

data/lib/keycloak-admin/representation/group_representation.rb

@@ -0,0 +1,15 @@
+module KeycloakAdmin
+  class GroupRepresentation < Representation
+    attr_accessor :id,
+      :name,
+      :path
+
+    def self.from_hash(hash)
+      group      = new
+      group.id   = hash["id"]
+      group.name = hash["name"]
+      group.path = hash["path"]
+      group
+    end
+  end
+end

data/lib/keycloak-admin/representation/realm_representation.rb

@@ -0,0 +1,14 @@
+module KeycloakAdmin
+  class RealmRepresentation < Representation
+    attr_accessor :id,
+      :realm
+    # TODO: Add more attributes
+
+    def self.from_hash(hash)
+      realm       = new
+      realm.id    = hash["id"]
+      realm.realm = hash["realm"]
+      realm
+    end
+  end
+end

data/lib/keycloak-admin/representation/representation.rb

@@ -4,6 +4,10 @@ require_relative "camel_json"
 class Representation
   include ::KeycloakAdmin::CamelJson
 
+  def as_json
+    Hash[instance_variables.map { |ivar| [ivar.to_s[1..-1], instance_variable_get(ivar)] }]
+  end
+
   def to_json(options=nil)
     snaked_hash = as_json
     snaked_hash.keys.reduce({}) do |camelized_hash, key|

data/lib/keycloak-admin/representation/role_representation.rb

@@ -0,0 +1,17 @@
+module KeycloakAdmin
+  class RoleRepresentation < Representation
+    attr_accessor :id,
+      :name,
+      :composite,
+      :client_role
+
+    def self.from_hash(hash)
+      role             = new
+      role.id          = hash["id"]
+      role.name        = hash["name"]
+      role.composite   = hash["composite"]
+      role.client_role = hash["clientRole"]
+      role
+    end
+  end
+end

data/lib/keycloak-admin/representation/user_representation.rb

@@ -1,7 +1,7 @@
 module KeycloakAdmin
   class UserRepresentation < Representation
     attr_accessor :id,
-      :created_at,
+      :created_timestamp,
       :attributes,
       :origin,
       :username,
@@ -13,18 +13,18 @@ module KeycloakAdmin
       :credentials
 
     def self.from_hash(hash)
-      user                = new
-      user.id             = hash["id"]
-      user.created_at     = Time.at(hash["createdTimestamp"] / 1000).to_datetime
-      user.origin         = hash["origin"]
-      user.username       = hash["username"]
-      user.email          = hash["email"]
-      user.enabled        = hash["enabled"]
-      user.email_verified = hash["emailVerified"]
-      user.first_name     = hash["firstName"]
-      user.last_name      = hash["lastName"]
-      user.attributes     = hash["attributes"]
-      user.credentials    = hash["credentials"]&.map{ |hash| CredentialRepresentation.from_hash(hash) } || []
+      user                   = new
+      user.id                = hash["id"]
+      user.created_timestamp = hash["createdTimestamp"]
+      user.origin            = hash["origin"]
+      user.username          = hash["username"]
+      user.email             = hash["email"]
+      user.enabled           = hash["enabled"]
+      user.email_verified    = hash["emailVerified"]
+      user.first_name        = hash["firstName"]
+      user.last_name         = hash["lastName"]
+      user.attributes        = hash["attributes"]
+      user.credentials       = hash["credentials"]&.map{ |hash| CredentialRepresentation.from_hash(hash) } || []
       user
     end
 

data/lib/keycloak-admin/resource/user_resource.rb

@@ -0,0 +1,18 @@
+module KeycloakAdmin
+  class UserResource
+    def initialize(configuration, realm_client, id)
+      @configuration = configuration
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+      @id = id
+    end
+
+    def resource_url
+      "#{@realm_client.realm_admin_url}/users/#{@id}"
+    end
+
+    def client_role_mappings(client_id)
+      ClientRoleMappingsClient.new(@configuration, self, client_id)
+    end
+  end
+end

data/lib/keycloak-admin/version.rb

@@ -1,3 +1,3 @@
 module KeycloakAdmin
-  VERSION = "0.7.0"
+  VERSION = "0.7.1"
 end

data/spec/client/client_client_spec.rb

@@ -0,0 +1,53 @@
+RSpec.describe KeycloakAdmin::ClientClient do
+  describe "#clients_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:client_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).clients.clients_url(client_id)
+    end
+
+    context "when client_id is not defined" do
+      let(:client_id) { nil }
+      it "return a proper url without client id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/clients"
+      end
+    end
+
+    context "when client_id is defined" do
+      let(:client_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the client id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/clients/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @client_client = KeycloakAdmin.realm(realm_name).clients
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_client_id","name":"test_client_name"}]'
+    end
+
+    it "lists clients" do
+      clients = @client_client.list
+      expect(clients.length).to eq 1
+      expect(clients[0].name).to eq "test_client_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/clients", rest_client_options).and_call_original
+
+      clients = @client_client.list
+      expect(clients.length).to eq 1
+      expect(clients[0].name).to eq "test_client_name"
+    end
+  end
+end

data/spec/client/client_role_mappings_client_spec.rb

@@ -0,0 +1,48 @@
+RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
+  describe "#available_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id).list_available_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available"
+    end
+  end
+
+  describe "#list_available" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_role_id","name":"test_role_name"}]'
+    end
+
+    it "lists roles" do
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available",
+        rest_client_options
+      ).and_call_original
+
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+  end
+end

data/spec/client/group_client_spec.rb

@@ -0,0 +1,125 @@
+RSpec.describe KeycloakAdmin::GroupClient do
+  describe "#groups_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:group_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).groups.groups_url(group_id)
+    end
+
+    context "when group_id is not defined" do
+      let(:group_id) { nil }
+      it "return a proper url without group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups"
+      end
+    end
+
+    context "when group_id is defined" do
+      let(:group_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_group_id","name":"test_group_name"}]'
+    end
+
+    it "lists groups" do
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:group) { KeycloakAdmin::GroupRepresentation.from_hash(
+      "name" => "test_group_name"
+    )}
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      response = double
+      allow(response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(group.to_json, anything).and_return response
+    end
+
+    it "saves a group" do
+      @group_client.save(group)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      @group_client.save(group)
+    end
+  end
+
+  describe "#create" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      @response = double
+      allow(@response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      allow_any_instance_of(RestClient::Resource).to receive(:post).and_return @response
+    end
+
+    it "creates a group" do
+      stub_net_http_res(Net::HTTPCreated, 201, 'Created')
+
+      group_id = @group_client.create!("test_group_name")
+      expect(group_id).to eq 'be061c48-6edd-4783-a726-1a57d4bfa22b'
+    end
+
+    it "detects unexpected response to create a group" do
+      stub_net_http_res(Net::HTTPOK, 200, 'OK')
+
+      expect{ @group_client.create!("test_group_name") }.to raise_error(
+        'Create method returned status OK (Code: 200); expected status: Created (201)'
+      )
+    end
+
+    def stub_net_http_res(res_class, code, message)
+      net_http_res = double
+      allow(net_http_res).to receive(:message).and_return message
+      allow(net_http_res).to receive(:code).and_return code
+      allow(net_http_res).to receive(:is_a?) do |target_class|
+        target_class == res_class
+      end
+      allow(@response).to receive(:net_http_res).and_return net_http_res
+    end
+  end
+end