keycloak-admin 0.7.1 → 0.7.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +29 -2
- data/Dockerfile +1 -1
- data/Gemfile.lock +8 -6
- data/README.md +44 -3
- data/lib/keycloak-admin.rb +4 -0
- data/lib/keycloak-admin/client/client_role_mappings_client.rb +12 -0
- data/lib/keycloak-admin/client/realm_client.rb +4 -0
- data/lib/keycloak-admin/client/role_mapper_client.rb +20 -0
- data/lib/keycloak-admin/client/user_client.rb +51 -0
- data/lib/keycloak-admin/representation/federated_identity_representation.rb +15 -0
- data/lib/keycloak-admin/representation/representation.rb +2 -2
- data/lib/keycloak-admin/representation/user_representation.rb +20 -13
- data/lib/keycloak-admin/resource/base_role_containing_resource.rb +26 -0
- data/lib/keycloak-admin/resource/group_resource.rb +7 -0
- data/lib/keycloak-admin/resource/user_resource.rb +3 -14
- data/lib/keycloak-admin/version.rb +1 -1
- data/spec/client/client_role_mappings_client_spec.rb +34 -0
- data/spec/client/role_mapper_client_spec.rb +47 -0
- data/spec/client/user_client_spec.rb +25 -0
- data/spec/representation/user_representation_spec.rb +1 -1
- data/spec/resource/group_resource_spec.rb +14 -0
- metadata +9 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 4496dbc0b6fbd52610640546a149a2bc42cc7fb114acc210876c88c8b3626216
|
4
|
+
data.tar.gz: f9426c7701e10cac266df4a75a39fc20a717d3d31e92de88ca7bd3a6e2716a92
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 17ce324b2a3e555c756a095443902fbb616f88a91168b2f07245ca055c3714bd0aff0435afd1346b81fa456f60eaf5a07b3b1d4a01d66f0af3b3e39490d916f2
|
7
|
+
data.tar.gz: c7e81693e55556d5bb8f6fa4ead25a1172c9e5cb3f5e77a34ed420c92baa1b574a4b0746e5dfc314097a3a3f28c9d97e4f651444fee76a60dda89bda65e6a8ff
|
data/CHANGELOG.md
CHANGED
@@ -5,7 +5,34 @@ All notable changes to this project will be documented in this file.
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
7
7
|
|
8
|
-
## [0.7.
|
8
|
+
## [0.7.6] - 2020-06-22
|
9
|
+
|
10
|
+
Thanks to @hobbypunk90
|
11
|
+
* Support for action emails and send forgot passsword mail
|
12
|
+
|
13
|
+
## [0.7.5] - 2020-03-28
|
14
|
+
|
15
|
+
Thanks to @RomanHargrave
|
16
|
+
* Support for working with federated identity provider (broker) links
|
17
|
+
|
18
|
+
## [0.7.4] - 2019-10-17
|
19
|
+
|
20
|
+
* Support for Rails 6
|
21
|
+
|
22
|
+
## [0.7.3] - 2019-07-11
|
23
|
+
|
24
|
+
Thanks to @cederigo=
|
25
|
+
* For a given user, get her list of groups
|
26
|
+
|
27
|
+
## [0.7.2] - 2019-06-17
|
28
|
+
|
29
|
+
Thanks to @vlad-ro:
|
30
|
+
|
31
|
+
* Get list of client role mappings for a group
|
32
|
+
* Save client role mappings for a user/group
|
33
|
+
* Save realm-level role mappings for a user/group
|
34
|
+
|
35
|
+
## [0.7.1] - 2019-06-11
|
9
36
|
|
10
37
|
Thanks to @vlad-ro:
|
11
38
|
|
@@ -18,7 +45,7 @@ Thanks to @vlad-ro:
|
|
18
45
|
* Support passing rest client options for user save and search
|
19
46
|
* Support using gem without ActiveSupport
|
20
47
|
|
21
|
-
## [0.7.0] - 2019-06-
|
48
|
+
## [0.7.0] - 2019-06-06
|
22
49
|
|
23
50
|
Thanks to @vlad-ro:
|
24
51
|
|
data/Dockerfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
keycloak-admin (0.7.
|
4
|
+
keycloak-admin (0.7.6)
|
5
5
|
http-cookie (~> 1.0, >= 1.0.3)
|
6
6
|
rest-client (~> 2.0)
|
7
7
|
|
@@ -10,15 +10,17 @@ GEM
|
|
10
10
|
specs:
|
11
11
|
byebug (9.1.0)
|
12
12
|
diff-lcs (1.3)
|
13
|
-
domain_name (0.5.
|
13
|
+
domain_name (0.5.20190701)
|
14
14
|
unf (>= 0.0.5, < 1.0.0)
|
15
|
+
http-accept (1.7.0)
|
15
16
|
http-cookie (1.0.3)
|
16
17
|
domain_name (~> 0.5)
|
17
|
-
mime-types (3.
|
18
|
+
mime-types (3.3.1)
|
18
19
|
mime-types-data (~> 3.2015)
|
19
|
-
mime-types-data (3.
|
20
|
+
mime-types-data (3.2020.0512)
|
20
21
|
netrc (0.11.0)
|
21
|
-
rest-client (2.0
|
22
|
+
rest-client (2.1.0)
|
23
|
+
http-accept (>= 1.7.0, < 2.0)
|
22
24
|
http-cookie (>= 1.0.2, < 2.0)
|
23
25
|
mime-types (>= 1.16, < 4.0)
|
24
26
|
netrc (~> 0.8)
|
@@ -37,7 +39,7 @@ GEM
|
|
37
39
|
rspec-support (3.7.0)
|
38
40
|
unf (0.1.4)
|
39
41
|
unf_ext
|
40
|
-
unf_ext (0.0.7.
|
42
|
+
unf_ext (0.0.7.7)
|
41
43
|
|
42
44
|
PLATFORMS
|
43
45
|
ruby
|
data/README.md
CHANGED
@@ -12,7 +12,7 @@ This gem *does not* require Rails.
|
|
12
12
|
For example, using `bundle`, add this line to your Gemfile.
|
13
13
|
|
14
14
|
```ruby
|
15
|
-
gem "keycloak-admin", "0.7.
|
15
|
+
gem "keycloak-admin", "0.7.6"
|
16
16
|
```
|
17
17
|
|
18
18
|
## Login
|
@@ -94,7 +94,12 @@ All options have a default value. However, all of them can be changed in your in
|
|
94
94
|
* Get list of groups, create/save a group
|
95
95
|
* Get list of roles, save a role
|
96
96
|
* Get list of realms, save/update/delete a realm
|
97
|
-
* Get list of client role mappings for a user
|
97
|
+
* Get list of client role mappings for a user/group
|
98
|
+
* Save client role mappings for a user/group
|
99
|
+
* Save realm-level role mappings for a user/group
|
100
|
+
* Link/Unlink users to federated identity provider brokers
|
101
|
+
* Execute actions emails
|
102
|
+
* Send forgot passsword mail
|
98
103
|
|
99
104
|
### Get an access token
|
100
105
|
|
@@ -285,7 +290,7 @@ Takes `role`, which must be of type `KeycloakAdmin::RoleRepresentation`.
|
|
285
290
|
KeycloakAdmin.realm("a_realm").roles.save(role)
|
286
291
|
```
|
287
292
|
|
288
|
-
### Get list of client role mappings for a user
|
293
|
+
### Get list of client role mappings for a user/group
|
289
294
|
|
290
295
|
Returns an array of `KeycloakAdmin::RoleRepresentation`.
|
291
296
|
|
@@ -294,6 +299,42 @@ user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
|
294
299
|
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
295
300
|
KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).list_available
|
296
301
|
```
|
302
|
+
or
|
303
|
+
```ruby
|
304
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
305
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
306
|
+
KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).list_available
|
307
|
+
```
|
308
|
+
|
309
|
+
### Save list of client role mappings for a user/group
|
310
|
+
|
311
|
+
Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
|
312
|
+
|
313
|
+
```ruby
|
314
|
+
user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
315
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
316
|
+
KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).save(role_list)
|
317
|
+
```
|
318
|
+
or
|
319
|
+
```ruby
|
320
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
321
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
322
|
+
KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).save(role_list)
|
323
|
+
```
|
324
|
+
|
325
|
+
### Save list of realm-level role mappings for a user/group
|
326
|
+
|
327
|
+
Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
|
328
|
+
|
329
|
+
```ruby
|
330
|
+
user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
331
|
+
KeycloakAdmin.realm("a_realm").user(user_id).role_mapper.save_realm_level(role_list)
|
332
|
+
```
|
333
|
+
or
|
334
|
+
```ruby
|
335
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
336
|
+
KeycloakAdmin.realm("a_realm").group(group_id).role_mapper.save_realm_level(role_list)
|
337
|
+
```
|
297
338
|
|
298
339
|
## How to execute library tests
|
299
340
|
|
data/lib/keycloak-admin.rb
CHANGED
@@ -7,6 +7,7 @@ require_relative "keycloak-admin/client/client_role_mappings_client"
|
|
7
7
|
require_relative "keycloak-admin/client/group_client"
|
8
8
|
require_relative "keycloak-admin/client/realm_client"
|
9
9
|
require_relative "keycloak-admin/client/role_client"
|
10
|
+
require_relative "keycloak-admin/client/role_mapper_client"
|
10
11
|
require_relative "keycloak-admin/client/token_client"
|
11
12
|
require_relative "keycloak-admin/client/user_client"
|
12
13
|
require_relative "keycloak-admin/client/configurable_token_client"
|
@@ -20,7 +21,10 @@ require_relative "keycloak-admin/representation/impersonation_representation"
|
|
20
21
|
require_relative "keycloak-admin/representation/credential_representation"
|
21
22
|
require_relative "keycloak-admin/representation/realm_representation"
|
22
23
|
require_relative "keycloak-admin/representation/role_representation"
|
24
|
+
require_relative "keycloak-admin/representation/federated_identity_representation"
|
23
25
|
require_relative "keycloak-admin/representation/user_representation"
|
26
|
+
require_relative "keycloak-admin/resource/base_role_containing_resource"
|
27
|
+
require_relative "keycloak-admin/resource/group_resource"
|
24
28
|
require_relative "keycloak-admin/resource/user_resource"
|
25
29
|
|
26
30
|
module KeycloakAdmin
|
@@ -13,8 +13,20 @@ module KeycloakAdmin
|
|
13
13
|
JSON.parse(response).map { |role_as_hash| RoleRepresentation.from_hash(role_as_hash) }
|
14
14
|
end
|
15
15
|
|
16
|
+
def save(role_representation_list)
|
17
|
+
execute_http do
|
18
|
+
RestClient::Resource.new(base_url, @configuration.rest_client_options).post(
|
19
|
+
role_representation_list.to_json, headers
|
20
|
+
)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
16
24
|
def list_available_url
|
17
25
|
"#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}/available"
|
18
26
|
end
|
27
|
+
|
28
|
+
def base_url
|
29
|
+
"#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}"
|
30
|
+
end
|
19
31
|
end
|
20
32
|
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module KeycloakAdmin
|
2
|
+
class RoleMapperClient < Client
|
3
|
+
def initialize(configuration, user_resource)
|
4
|
+
super(configuration)
|
5
|
+
@user_resource = user_resource
|
6
|
+
end
|
7
|
+
|
8
|
+
def save_realm_level(role_representation_list)
|
9
|
+
execute_http do
|
10
|
+
RestClient::Resource.new(realm_level_url, @configuration.rest_client_options).post(
|
11
|
+
role_representation_list.to_json, headers
|
12
|
+
)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
def realm_level_url
|
17
|
+
"#{@user_resource.resource_url}/role-mappings/realm"
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -50,6 +50,13 @@ module KeycloakAdmin
|
|
50
50
|
true
|
51
51
|
end
|
52
52
|
|
53
|
+
def groups(user_id)
|
54
|
+
response = execute_http do
|
55
|
+
RestClient::Resource.new(groups_url(user_id), @configuration.rest_client_options).get(headers)
|
56
|
+
end
|
57
|
+
JSON.parse(response).map { |group_as_hash| GroupRepresentation.from_hash(group_as_hash) }
|
58
|
+
end
|
59
|
+
|
53
60
|
def update_password(user_id, new_password)
|
54
61
|
execute_http do
|
55
62
|
RestClient.put(reset_password_url(user_id), {
|
@@ -61,6 +68,17 @@ module KeycloakAdmin
|
|
61
68
|
user_id
|
62
69
|
end
|
63
70
|
|
71
|
+
def forgot_password(user_id)
|
72
|
+
execute_actions_email(user_id, ["UPDATE_PASSWORD"])
|
73
|
+
end
|
74
|
+
|
75
|
+
def execute_actions_email(user_id, actions=[])
|
76
|
+
execute_http do
|
77
|
+
RestClient.put(execute_actions_email_url(user_id), actions.to_json, headers)
|
78
|
+
end
|
79
|
+
user_id
|
80
|
+
end
|
81
|
+
|
64
82
|
def impersonate(user_id)
|
65
83
|
impersonation = get_redirect_impersonation(user_id)
|
66
84
|
response = execute_http do
|
@@ -73,6 +91,23 @@ module KeycloakAdmin
|
|
73
91
|
ImpersonationRedirectionRepresentation.from_url(impersonation_url(user_id), headers)
|
74
92
|
end
|
75
93
|
|
94
|
+
def link_idp(user_id, idp_id, idp_user_id, idp_username)
|
95
|
+
fed_id_rep = FederatedIdentityRepresentation.new
|
96
|
+
fed_id_rep.user_id = idp_user_id
|
97
|
+
fed_id_rep.user_name = idp_username
|
98
|
+
fed_id_rep.identity_provider = idp_id
|
99
|
+
|
100
|
+
execute_http do
|
101
|
+
RestClient.post(federated_identity_url(user_id, idp_id), fed_id_rep.to_json, headers)
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
def unlink_idp(user_id, idp_id)
|
106
|
+
execute_http do
|
107
|
+
RestClient::Resource.new(federated_identity_url(user_id, idp_id), @configuration.rest_client_options).delete(headers)
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
76
111
|
def users_url(id=nil)
|
77
112
|
if id
|
78
113
|
"#{@realm_client.realm_admin_url}/users/#{id}"
|
@@ -86,11 +121,27 @@ module KeycloakAdmin
|
|
86
121
|
"#{users_url(user_id)}/reset-password"
|
87
122
|
end
|
88
123
|
|
124
|
+
def execute_actions_email_url(user_id)
|
125
|
+
raise ArgumentError.new("user_id must be defined") if user_id.nil?
|
126
|
+
"#{users_url(user_id)}/execute-actions-email"
|
127
|
+
end
|
128
|
+
|
129
|
+
def groups_url(user_id)
|
130
|
+
raise ArgumentError.new("user_id must be defined") if user_id.nil?
|
131
|
+
"#{users_url(user_id)}/groups"
|
132
|
+
end
|
133
|
+
|
89
134
|
def impersonation_url(user_id)
|
90
135
|
raise ArgumentError.new("user_id must be defined") if user_id.nil?
|
91
136
|
"#{users_url(user_id)}/impersonation"
|
92
137
|
end
|
93
138
|
|
139
|
+
def federated_identity_url(user_id, identity_provider)
|
140
|
+
raise ArgumentError.new("user_id must be defined") if user_id.nil?
|
141
|
+
raise ArgumentError.new("identity_provider must be defined") if identity_provider.nil?
|
142
|
+
"#{users_url(user_id)}/federated-identity/#{identity_provider}"
|
143
|
+
end
|
144
|
+
|
94
145
|
private
|
95
146
|
|
96
147
|
def build(username, email, password, email_verified, locale)
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module KeycloakAdmin
|
2
|
+
class FederatedIdentityRepresentation < Representation
|
3
|
+
attr_accessor :identity_provider,
|
4
|
+
:user_id,
|
5
|
+
:user_name
|
6
|
+
|
7
|
+
def self.from_hash(hash)
|
8
|
+
rep = new
|
9
|
+
rep.identity_provider = hash['identityProvider']
|
10
|
+
rep.user_id = hash['userId']
|
11
|
+
rep.user_name = hash['userName']
|
12
|
+
rep
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -4,12 +4,12 @@ require_relative "camel_json"
|
|
4
4
|
class Representation
|
5
5
|
include ::KeycloakAdmin::CamelJson
|
6
6
|
|
7
|
-
def as_json
|
7
|
+
def as_json(options=nil)
|
8
8
|
Hash[instance_variables.map { |ivar| [ivar.to_s[1..-1], instance_variable_get(ivar)] }]
|
9
9
|
end
|
10
10
|
|
11
11
|
def to_json(options=nil)
|
12
|
-
snaked_hash = as_json
|
12
|
+
snaked_hash = as_json(options)
|
13
13
|
snaked_hash.keys.reduce({}) do |camelized_hash, key|
|
14
14
|
camelized_hash[camelize(key, false)] = snaked_hash[key]
|
15
15
|
camelized_hash
|
@@ -10,21 +10,23 @@ module KeycloakAdmin
|
|
10
10
|
:email_verified,
|
11
11
|
:first_name,
|
12
12
|
:last_name,
|
13
|
-
:credentials
|
13
|
+
:credentials,
|
14
|
+
:federated_identities
|
14
15
|
|
15
16
|
def self.from_hash(hash)
|
16
|
-
user
|
17
|
-
user.id
|
18
|
-
user.created_timestamp
|
19
|
-
user.origin
|
20
|
-
user.username
|
21
|
-
user.email
|
22
|
-
user.enabled
|
23
|
-
user.email_verified
|
24
|
-
user.first_name
|
25
|
-
user.last_name
|
26
|
-
user.attributes
|
27
|
-
user.credentials
|
17
|
+
user = new
|
18
|
+
user.id = hash["id"]
|
19
|
+
user.created_timestamp = hash["createdTimestamp"]
|
20
|
+
user.origin = hash["origin"]
|
21
|
+
user.username = hash["username"]
|
22
|
+
user.email = hash["email"]
|
23
|
+
user.enabled = hash["enabled"]
|
24
|
+
user.email_verified = hash["emailVerified"]
|
25
|
+
user.first_name = hash["firstName"]
|
26
|
+
user.last_name = hash["lastName"]
|
27
|
+
user.attributes = hash["attributes"]
|
28
|
+
user.credentials = hash["credentials"]&.map{ |hash| CredentialRepresentation.from_hash(hash) } || []
|
29
|
+
user.federated_identities = hash["federatedIdentities"]&.map { |hash| FederatedIdentityRepresentation.from_hash(hash) } || []
|
28
30
|
user
|
29
31
|
end
|
30
32
|
|
@@ -32,5 +34,10 @@ module KeycloakAdmin
|
|
32
34
|
@credentials ||= []
|
33
35
|
@credentials.push(credential_representation)
|
34
36
|
end
|
37
|
+
|
38
|
+
def add_federated_identity(federated_identity_representation)
|
39
|
+
@federated_identities ||= []
|
40
|
+
@federated_identities.push(federated_identity_representation)
|
41
|
+
end
|
35
42
|
end
|
36
43
|
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module KeycloakAdmin
|
2
|
+
class BaseRoleContainingResource
|
3
|
+
def initialize(configuration, realm_client, resource_id)
|
4
|
+
@configuration = configuration
|
5
|
+
raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
|
6
|
+
@realm_client = realm_client
|
7
|
+
@resource_id = resource_id
|
8
|
+
end
|
9
|
+
|
10
|
+
def resources_name
|
11
|
+
raise NotImplementedError.new('must override in subclass')
|
12
|
+
end
|
13
|
+
|
14
|
+
def resource_url
|
15
|
+
"#{@realm_client.realm_admin_url}/#{resources_name}/#{@resource_id}"
|
16
|
+
end
|
17
|
+
|
18
|
+
def client_role_mappings(client_id)
|
19
|
+
ClientRoleMappingsClient.new(@configuration, self, client_id)
|
20
|
+
end
|
21
|
+
|
22
|
+
def role_mapper
|
23
|
+
RoleMapperClient.new(@configuration, self)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,18 +1,7 @@
|
|
1
1
|
module KeycloakAdmin
|
2
|
-
class UserResource
|
3
|
-
def
|
4
|
-
|
5
|
-
raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
|
6
|
-
@realm_client = realm_client
|
7
|
-
@id = id
|
8
|
-
end
|
9
|
-
|
10
|
-
def resource_url
|
11
|
-
"#{@realm_client.realm_admin_url}/users/#{@id}"
|
12
|
-
end
|
13
|
-
|
14
|
-
def client_role_mappings(client_id)
|
15
|
-
ClientRoleMappingsClient.new(@configuration, self, client_id)
|
2
|
+
class UserResource < BaseRoleContainingResource
|
3
|
+
def resources_name
|
4
|
+
"users"
|
16
5
|
end
|
17
6
|
end
|
18
7
|
end
|
@@ -45,4 +45,38 @@ RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
|
|
45
45
|
expect(roles[0].name).to eq "test_role_name"
|
46
46
|
end
|
47
47
|
end
|
48
|
+
|
49
|
+
describe "#save" do
|
50
|
+
let(:realm_name) { "valid-realm" }
|
51
|
+
let(:user_id) { "test_user" }
|
52
|
+
let(:client_id) { "test_client" }
|
53
|
+
let(:role_list) { [
|
54
|
+
KeycloakAdmin::RoleRepresentation.from_hash(
|
55
|
+
"name" => "test_role_name",
|
56
|
+
"composite" => false,
|
57
|
+
"clientRole" => false
|
58
|
+
)
|
59
|
+
] }
|
60
|
+
|
61
|
+
before(:each) do
|
62
|
+
@client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
|
63
|
+
|
64
|
+
stub_token_client
|
65
|
+
expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
|
66
|
+
end
|
67
|
+
|
68
|
+
it "saves client role mappings" do
|
69
|
+
@client_role_mappings_client.save(role_list)
|
70
|
+
end
|
71
|
+
|
72
|
+
it "passes rest client options" do
|
73
|
+
rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
|
74
|
+
allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
|
75
|
+
|
76
|
+
expect(RestClient::Resource).to receive(:new).with(
|
77
|
+
"http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client", rest_client_options).and_call_original
|
78
|
+
|
79
|
+
@client_role_mappings_client.save(role_list)
|
80
|
+
end
|
81
|
+
end
|
48
82
|
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
RSpec.describe KeycloakAdmin::RoleMapperClient do
|
2
|
+
describe "#available_url" do
|
3
|
+
let(:realm_name) { "valid-realm" }
|
4
|
+
let(:user_id) { "test_user" }
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
@built_url = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper.realm_level_url
|
8
|
+
end
|
9
|
+
|
10
|
+
it "return a proper url" do
|
11
|
+
expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "#save_realm_level" do
|
16
|
+
let(:realm_name) { "valid-realm" }
|
17
|
+
let(:user_id) { "test_user" }
|
18
|
+
let(:role_list) { [
|
19
|
+
KeycloakAdmin::RoleRepresentation.from_hash(
|
20
|
+
"name" => "test_role_name",
|
21
|
+
"composite" => false,
|
22
|
+
"clientRole" => false
|
23
|
+
)
|
24
|
+
] }
|
25
|
+
|
26
|
+
before(:each) do
|
27
|
+
@role_mapper_client = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper
|
28
|
+
|
29
|
+
stub_token_client
|
30
|
+
expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
|
31
|
+
end
|
32
|
+
|
33
|
+
it "saves realm-elevel role mappings" do
|
34
|
+
@role_mapper_client.save_realm_level(role_list)
|
35
|
+
end
|
36
|
+
|
37
|
+
it "passes rest client options" do
|
38
|
+
rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
|
39
|
+
allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
|
40
|
+
|
41
|
+
expect(RestClient::Resource).to receive(:new).with(
|
42
|
+
"http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm", rest_client_options).and_call_original
|
43
|
+
|
44
|
+
@role_mapper_client.save_realm_level(role_list)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -72,6 +72,31 @@ RSpec.describe KeycloakAdmin::TokenClient do
|
|
72
72
|
end
|
73
73
|
end
|
74
74
|
|
75
|
+
describe "#execute_actions_email_url" do
|
76
|
+
let(:realm_name) { "valid-realm" }
|
77
|
+
let(:user_id) { nil }
|
78
|
+
|
79
|
+
before(:each) do
|
80
|
+
@client = KeycloakAdmin.realm(realm_name).users
|
81
|
+
end
|
82
|
+
|
83
|
+
context "when user_id is not defined" do
|
84
|
+
let(:user_id) { nil }
|
85
|
+
it "raises an error" do
|
86
|
+
expect {
|
87
|
+
@client.execute_actions_email_url(user_id)
|
88
|
+
}.to raise_error(ArgumentError)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context "when user_id is defined" do
|
93
|
+
let(:user_id) { 42 }
|
94
|
+
it "return a proper url" do
|
95
|
+
expect(@client.execute_actions_email_url(user_id)).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/42/execute-actions-email"
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
75
100
|
describe "#impersonation_url" do
|
76
101
|
let(:realm_name) { "valid-realm" }
|
77
102
|
let(:user_id) { nil }
|
@@ -9,7 +9,7 @@ RSpec.describe KeycloakAdmin::UserRepresentation do
|
|
9
9
|
end
|
10
10
|
|
11
11
|
it "can convert to json" do
|
12
|
-
expect(@user.to_json).to eq '{"id":null,"createdTimestamp":1559836000,"origin":null,"username":"test_username","email":null,"enabled":true,"emailVerified":null,"firstName":null,"lastName":null,"attributes":null,"credentials":[]}'
|
12
|
+
expect(@user.to_json).to eq '{"id":null,"createdTimestamp":1559836000,"origin":null,"username":"test_username","email":null,"enabled":true,"emailVerified":null,"firstName":null,"lastName":null,"attributes":null,"credentials":[],"federatedIdentities":[]}'
|
13
13
|
end
|
14
14
|
end
|
15
15
|
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
RSpec.describe KeycloakAdmin::GroupResource do
|
2
|
+
describe "#resource_url" do
|
3
|
+
let(:realm_name) { "valid-realm" }
|
4
|
+
let(:group_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
@built_url = KeycloakAdmin.realm(realm_name).group(group_id).resource_url
|
8
|
+
end
|
9
|
+
|
10
|
+
it "return a proper url" do
|
11
|
+
expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: keycloak-admin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lorent Lempereur
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-06-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: http-cookie
|
@@ -96,12 +96,14 @@ files:
|
|
96
96
|
- lib/keycloak-admin/client/group_client.rb
|
97
97
|
- lib/keycloak-admin/client/realm_client.rb
|
98
98
|
- lib/keycloak-admin/client/role_client.rb
|
99
|
+
- lib/keycloak-admin/client/role_mapper_client.rb
|
99
100
|
- lib/keycloak-admin/client/token_client.rb
|
100
101
|
- lib/keycloak-admin/client/user_client.rb
|
101
102
|
- lib/keycloak-admin/configuration.rb
|
102
103
|
- lib/keycloak-admin/representation/camel_json.rb
|
103
104
|
- lib/keycloak-admin/representation/client_representation.rb
|
104
105
|
- lib/keycloak-admin/representation/credential_representation.rb
|
106
|
+
- lib/keycloak-admin/representation/federated_identity_representation.rb
|
105
107
|
- lib/keycloak-admin/representation/group_representation.rb
|
106
108
|
- lib/keycloak-admin/representation/impersonation_redirection_representation.rb
|
107
109
|
- lib/keycloak-admin/representation/impersonation_representation.rb
|
@@ -110,6 +112,8 @@ files:
|
|
110
112
|
- lib/keycloak-admin/representation/role_representation.rb
|
111
113
|
- lib/keycloak-admin/representation/token_representation.rb
|
112
114
|
- lib/keycloak-admin/representation/user_representation.rb
|
115
|
+
- lib/keycloak-admin/resource/base_role_containing_resource.rb
|
116
|
+
- lib/keycloak-admin/resource/group_resource.rb
|
113
117
|
- lib/keycloak-admin/resource/user_resource.rb
|
114
118
|
- lib/keycloak-admin/version.rb
|
115
119
|
- spec/client/client_client_spec.rb
|
@@ -119,11 +123,13 @@ files:
|
|
119
123
|
- spec/client/group_client_spec.rb
|
120
124
|
- spec/client/realm_client_spec.rb
|
121
125
|
- spec/client/role_client_spec.rb
|
126
|
+
- spec/client/role_mapper_client_spec.rb
|
122
127
|
- spec/client/token_client_spec.rb
|
123
128
|
- spec/client/user_client_spec.rb
|
124
129
|
- spec/configuration_spec.rb
|
125
130
|
- spec/representation/impersonation_representation_spec.rb
|
126
131
|
- spec/representation/user_representation_spec.rb
|
132
|
+
- spec/resource/group_resource_spec.rb
|
127
133
|
- spec/resource/user_resource_spec.rb
|
128
134
|
- spec/spec_helper.rb
|
129
135
|
homepage: https://github.com/looorent/keycloak-admin-ruby
|
@@ -145,8 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
145
151
|
- !ruby/object:Gem::Version
|
146
152
|
version: '0'
|
147
153
|
requirements: []
|
148
|
-
|
149
|
-
rubygems_version: 2.6.4
|
154
|
+
rubygems_version: 3.0.3
|
150
155
|
signing_key:
|
151
156
|
specification_version: 4
|
152
157
|
summary: Keycloak Admin REST API client written in Ruby
|