keycloak-admin 0.7.0 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 970da832a135573c026406dd6e24bebad0faadde
-  data.tar.gz: 0116019f2c32443bbd8c9567b8243cb84e75da7a
+  metadata.gz: 39322dd0c0035b30a67644fa401bbe55c835dbf1
+  data.tar.gz: 268b16b6d6e20aac7a44ba993a76114f8d86e1b8
 SHA512:
-  metadata.gz: 65fab8de261bdb5bbef86e05961e4c49858143d6b0eb3e1282ed13b67aa3d4b2e2a7bf6a54788cf02ebaee78eea9c2658644d54e70b45777e6348ac4867c199e
-  data.tar.gz: b8ab004c2772051d424f277572b42c57ef523d04fc1f43274c97964bd4dc1291b54d24bb70b8785b0fe404c30a23f2bba2636efb244ac6a4eb663bc40e58708f
+  metadata.gz: 8f57fe6316a4378bfc8e3c90e6732b5977fc2f14a7871f0b69fb2790bcf60ec047a4a3841e8075eabfdd83d3961d3f1c4bdc38ac2a13a630e8a236e098d877bd
+  data.tar.gz: bb2384c3c9c16d498baade9a2ef02766396ca370724114da3b0136976bca61f6a9a6912d106ef5420f3bbdba65f06c88daa476088e77f28c2eaa73546857e1f6

data/.gitignore

@@ -5,4 +5,5 @@ test/dummy/db/*.sqlite3
 test/dummy/db/*.sqlite3-journal
 test/dummy/log/*.log
 test/dummy/tmp/
-*.gem
+*.gem
+.idea/

data/CHANGELOG.md

@@ -0,0 +1,48 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.7.1] - Next version
+
+Thanks to @vlad-ro:
+
+* List users
+* List clients
+* List groups, create/save a group
+* List roles, save a role
+* List realms, save/update/delete a realm
+* Get list of client role mappings for a user
+* Support passing rest client options for user save and search
+* Support using gem without ActiveSupport
+
+## [0.7.0] - 2019-06-11
+
+Thanks to @vlad-ro:
+
+* Support passing rest client options
+* More documentation
+* More tests
+* Better handling of timeouts
+
+## [0.6.5] - 2019-05-14
+
+* Get user
+
+## [0.6.2] - 2019-05-14
+
+* Update users
+
+## [0.6] - 2019-03-06
+
+* Save a locale when creating a new user
+
+## [0.5] - 2018-01-26
+
+* Client to access Custom REST API configurable-token
+
+## [0.3] - 2018-01-19
+
+* Support of impersonation

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    keycloak-admin (0.7.0)
+    keycloak-admin (0.7.1)
       http-cookie (~> 1.0, >= 1.0.3)
       rest-client (~> 2.0)
 

data/README.md

@@ -58,6 +58,7 @@ KeycloakAdmin.configure do |config|
   config.username            = ENV["KEYCLOAK_ADMIN_USER"]
   config.password            = ENV["KEYCLOAK_ADMIN_PASSWORD"]
   config.logger              = Rails.logger
+  config.rest_client_options = { verify_ssl: OpenSSL::SSL::VERIFY_NONE }
 end
 ```
 This example is autoloaded in a Rails environment.
@@ -76,6 +77,7 @@ All options have a default value. However, all of them can be changed in your in
 | `username` | `nil`| String | Optional | Username to access the Admin REST API. Recommended if `user_service_account` is set to `false`. | `mummy` |
 | `password` | `nil`| String | Optional | Clear password to access the Admin REST API. Recommended if `user_service_account` is set to `false`. | `bobby` |
 | `logger` | `Logger.new(STDOUT)`| Logger | Optional | The logger used by `keycloak-admin` | `Rails.logger` | 
+| `rest_client_options` | `{}`| Hash | Optional | Options to pass to `RestClient` | `{ verify_ssl: OpenSSL::SSL::VERIFY_NONE }` | 
 
 
 ## Use Case
@@ -83,11 +85,16 @@ All options have a default value. However, all of them can be changed in your in
 ### Supported features
 
 * Get an access token
-* Create/update/get a user
+* Create/update/get/delete a user
+* Get list of users, search for user(s)
 * Reset credentials
-* Delete a user
 * Impersonate a user
 * Exchange a configurable token
+* Get list of clients
+* Get list of groups, create/save a group
+* Get list of roles, save a role
+* Get list of realms, save/update/delete a realm
+* Get list of client role mappings for a user
 
 ### Get an access token
 
@@ -114,6 +121,14 @@ Returns an array of `KeycloakAdmin::UserRepresentation`.
 KeycloakAdmin.realm("a_realm").users.search("a_username_or_an_email")
 ```
 
+### List all users in a realm
+
+Returns an array of `KeycloakAdmin::UserRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").users.list
+```
+
 ### Save a user
 
 Returns the provided `user`, which must be of type `KeycloakAdmin::UserRepresentation`.
@@ -188,6 +203,98 @@ token_lifespan_in_seconds = 20
 KeycloakAdmin.realm("a_realm").configurable_token.exchange_with(user_access_token, token_lifespan_in_seconds)
 ```
 
+### Get list of realms
+
+Returns an array of `KeycloakAdmin::RealmRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("master").list
+```
+
+### Save a realm
+
+Takes `realm` of type `KeycloakAdmin::RealmRepresentation`, or an object implementing `to_json`, such as a `Hash`.
+
+```ruby
+KeycloakAdmin.realm(nil).save(realm)
+```
+
+### Update a realm
+
+If you want to update its entire entity. To update some specific attributes, provide an object implementing `to_json`, such as a `Hash`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").update({
+  smtpServer: { host: 'test_host' }
+})
+```
+
+### Delete a realm
+
+```ruby
+KeycloakAdmin.realm("a_realm").delete
+```
+
+### Get list of clients in a realm
+
+Returns an array of `KeycloakAdmin::ClientRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").clients.list
+```
+
+### Get list of groups in a realm
+
+Returns an array of `KeycloakAdmin::GroupRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").groups.list
+```
+
+### Save a group
+
+Returns the id of saved `group` provided, which must be of type `KeycloakAdmin::GroupRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").groups.save(group)
+```
+
+### Create and save a group with a name and path
+
+Returns the id of created group.
+
+```ruby
+group_name = "test"
+group_path = "/top"
+group_id = KeycloakAdmin.realm("a_realm").groups.create!(group_name, group_path)
+```
+
+### Get list of roles in a realm
+
+Returns an array of `KeycloakAdmin::RoleRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").roles.list
+```
+
+### Save a role
+
+Takes `role`, which must be of type `KeycloakAdmin::RoleRepresentation`.
+
+```ruby
+KeycloakAdmin.realm("a_realm").roles.save(role)
+```
+
+### Get list of client role mappings for a user
+
+Returns an array of `KeycloakAdmin::RoleRepresentation`.
+
+```ruby
+user_id   = "95985b21-d884-4bbd-b852-cb8cd365afc2"
+client_id = "1869e876-71b4-4de2-849e-66540db3a098"
+KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).list_available
+```
+
 ## How to execute library tests
 
 From the `keycloak-admin-api` directory:

data/lib/keycloak-admin.rb

@@ -2,17 +2,26 @@ require "logger"
 
 require_relative "keycloak-admin/configuration"
 require_relative "keycloak-admin/client/client"
+require_relative "keycloak-admin/client/client_client"
+require_relative "keycloak-admin/client/client_role_mappings_client"
+require_relative "keycloak-admin/client/group_client"
 require_relative "keycloak-admin/client/realm_client"
+require_relative "keycloak-admin/client/role_client"
 require_relative "keycloak-admin/client/token_client"
 require_relative "keycloak-admin/client/user_client"
 require_relative "keycloak-admin/client/configurable_token_client"
 require_relative "keycloak-admin/representation/camel_json"
 require_relative "keycloak-admin/representation/representation"
+require_relative "keycloak-admin/representation/client_representation"
+require_relative "keycloak-admin/representation/group_representation"
 require_relative "keycloak-admin/representation/token_representation"
 require_relative "keycloak-admin/representation/impersonation_redirection_representation"
 require_relative "keycloak-admin/representation/impersonation_representation"
 require_relative "keycloak-admin/representation/credential_representation"
+require_relative "keycloak-admin/representation/realm_representation"
+require_relative "keycloak-admin/representation/role_representation"
 require_relative "keycloak-admin/representation/user_representation"
+require_relative "keycloak-admin/resource/user_resource"
 
 module KeycloakAdmin
 

data/lib/keycloak-admin/client/client.rb

@@ -9,13 +9,13 @@ module KeycloakAdmin
       @configuration.server_url
     end
 
-    def token
-      @token ||= KeycloakAdmin.realm(@configuration.client_realm_name).token.get
+    def current_token
+      @current_token ||= KeycloakAdmin.realm(@configuration.client_realm_name).token.get
     end
 
     def headers
       {
-        Authorization: "Bearer #{token.access_token}",
+        Authorization: "Bearer #{current_token.access_token}",
         content_type: :json,
         accept:       :json
       }
@@ -29,6 +29,14 @@ module KeycloakAdmin
       http_error(e.response)
     end
 
+    def created_id(response)
+      unless response.net_http_res.is_a? Net::HTTPCreated
+        raise "Create method returned status #{response.net_http_res.message} (Code: #{response.net_http_res.code}); expected status: Created (201)"
+      end
+      (_head, _separator, id) = response.headers[:location].rpartition('/')
+      id
+    end
+
     private
 
     def http_error(response)

data/lib/keycloak-admin/client/client_client.rb

@@ -0,0 +1,24 @@
+module KeycloakAdmin
+  class ClientClient < Client
+    def initialize(configuration, realm_client)
+      super(configuration)
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+    end
+
+    def list
+      response = execute_http do
+        RestClient::Resource.new(clients_url, @configuration.rest_client_options).get(headers)
+      end
+      JSON.parse(response).map { |client_as_hash| ClientRepresentation.from_hash(client_as_hash) }
+    end
+
+    def clients_url(id=nil)
+      if id
+        "#{@realm_client.realm_admin_url}/clients/#{id}"
+      else
+        "#{@realm_client.realm_admin_url}/clients"
+      end
+    end
+  end
+end

data/lib/keycloak-admin/client/client_role_mappings_client.rb

@@ -0,0 +1,20 @@
+module KeycloakAdmin
+  class ClientRoleMappingsClient < Client
+    def initialize(configuration, user_resource, client_id)
+      super(configuration)
+      @user_resource = user_resource
+      @client_id = client_id
+    end
+
+    def list_available
+      response = execute_http do
+        RestClient::Resource.new(list_available_url, @configuration.rest_client_options).get(headers)
+      end
+      JSON.parse(response).map { |role_as_hash| RoleRepresentation.from_hash(role_as_hash) }
+    end
+
+    def list_available_url
+      "#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}/available"
+    end
+  end
+end

data/lib/keycloak-admin/client/group_client.rb

@@ -0,0 +1,46 @@
+module KeycloakAdmin
+  class GroupClient < Client
+    def initialize(configuration, realm_client)
+      super(configuration)
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+    end
+
+    def list
+      response = execute_http do
+        RestClient::Resource.new(groups_url, @configuration.rest_client_options).get(headers)
+      end
+      JSON.parse(response).map { |group_as_hash| GroupRepresentation.from_hash(group_as_hash) }
+    end
+
+    def create!(name, path = nil)
+      response = save(build(name, path))
+      created_id(response)
+    end
+
+    def save(group_representation)
+      execute_http do
+        RestClient::Resource.new(groups_url, @configuration.rest_client_options).post(
+          group_representation.to_json, headers
+        )
+      end
+    end
+
+    def groups_url(id=nil)
+      if id
+        "#{@realm_client.realm_admin_url}/groups/#{id}"
+      else
+        "#{@realm_client.realm_admin_url}/groups"
+      end
+    end
+
+    private
+
+    def build(name, path)
+      group      = GroupRepresentation.new
+      group.name = name
+      group.path = path
+      group
+    end
+  end
+end

data/lib/keycloak-admin/client/realm_client.rb

@@ -5,6 +5,36 @@ module KeycloakAdmin
       @realm_name = realm_name
     end
 
+    def list
+      response = execute_http do
+        RestClient::Resource.new(realm_list_url, @configuration.rest_client_options).get(headers)
+      end
+      JSON.parse(response).map { |realm_as_hash| RealmRepresentation.from_hash(realm_as_hash) }
+    end
+
+    def delete
+      execute_http do
+        RestClient::Resource.new(realm_admin_url, @configuration.rest_client_options).delete(headers)
+      end
+      true
+    end
+
+    def save(realm_representation)
+      execute_http do
+        RestClient::Resource.new(realm_list_url, @configuration.rest_client_options).post(
+          realm_representation.to_json, headers
+        )
+      end
+    end
+
+    def update(realm_representation_body)
+      execute_http do
+        RestClient::Resource.new(realm_admin_url, @configuration.rest_client_options).put(
+          realm_representation_body.to_json, headers
+        )
+      end
+    end
+
     def realm_url
       if @realm_name
         "#{server_url}/realms/#{@realm_name}"
@@ -21,6 +51,10 @@ module KeycloakAdmin
       end
     end
 
+    def realm_list_url
+      "#{server_url}/admin/realms"
+    end
+
     def token
       TokenClient.new(@configuration, self)
     end
@@ -29,10 +63,26 @@ module KeycloakAdmin
       ConfigurableTokenClient.new(@configuration, self)
     end
 
+    def clients
+      ClientClient.new(@configuration, self)
+    end
+
+    def groups
+      GroupClient.new(@configuration, self)
+    end
+
+    def roles
+      RoleClient.new(@configuration, self)
+    end
+
     def users
       UserClient.new(@configuration, self)
     end
 
+    def user(user_id)
+      UserResource.new(@configuration, self, user_id)
+    end
+
     def name_defined?
       !@realm_name.nil?
     end