keycloak-admin 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -2
- data/Gemfile.lock +1 -1
- data/README.md +41 -3
- data/lib/keycloak-admin/client/client_role_mappings_client.rb +12 -0
- data/lib/keycloak-admin/client/realm_client.rb +4 -0
- data/lib/keycloak-admin/client/role_mapper_client.rb +20 -0
- data/lib/keycloak-admin/resource/base_role_containing_resource.rb +26 -0
- data/lib/keycloak-admin/resource/group_resource.rb +7 -0
- data/lib/keycloak-admin/resource/user_resource.rb +3 -14
- data/lib/keycloak-admin/version.rb +1 -1
- data/lib/keycloak-admin.rb +3 -0
- data/spec/client/client_role_mappings_client_spec.rb +34 -0
- data/spec/client/role_mapper_client_spec.rb +47 -0
- data/spec/resource/group_resource_spec.rb +14 -0
- metadata +7 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ef2112e82d91e64a41f612eb13dd37bbd6e7b09b
|
4
|
+
data.tar.gz: 66218b9a1051a9d592d236235ddb1ac6e22161cf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8034f148b70ded3b877a486865eadec656bb6a551cc71630d326aa3f81c4bbf2ed87541e6aa7ec5528934cad3d1dab65cc9dbf8adf747e3bf9f5b61531b8a01c
|
7
|
+
data.tar.gz: cd4abc841445b3e73b4ee385b2e0a762c27a927d02a6814752929650fe6ccc37e06c8ec8e1b73552ede40f1e1652571032ed0ede0fc107ca3eec49d69dcd1e36
|
data/CHANGELOG.md
CHANGED
@@ -5,7 +5,15 @@ All notable changes to this project will be documented in this file.
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
7
7
|
|
8
|
-
## [0.7.
|
8
|
+
## [0.7.2] - 2019-06-17
|
9
|
+
|
10
|
+
Thanks to @vlad-ro:
|
11
|
+
|
12
|
+
* Get list of client role mappings for a group
|
13
|
+
* Save client role mappings for a user/group
|
14
|
+
* Save realm-level role mappings for a user/group
|
15
|
+
|
16
|
+
## [0.7.1] - 2019-06-11
|
9
17
|
|
10
18
|
Thanks to @vlad-ro:
|
11
19
|
|
@@ -18,7 +26,7 @@ Thanks to @vlad-ro:
|
|
18
26
|
* Support passing rest client options for user save and search
|
19
27
|
* Support using gem without ActiveSupport
|
20
28
|
|
21
|
-
## [0.7.0] - 2019-06-
|
29
|
+
## [0.7.0] - 2019-06-06
|
22
30
|
|
23
31
|
Thanks to @vlad-ro:
|
24
32
|
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -12,7 +12,7 @@ This gem *does not* require Rails.
|
|
12
12
|
For example, using `bundle`, add this line to your Gemfile.
|
13
13
|
|
14
14
|
```ruby
|
15
|
-
gem "keycloak-admin", "0.7.
|
15
|
+
gem "keycloak-admin", "0.7.2"
|
16
16
|
```
|
17
17
|
|
18
18
|
## Login
|
@@ -94,7 +94,9 @@ All options have a default value. However, all of them can be changed in your in
|
|
94
94
|
* Get list of groups, create/save a group
|
95
95
|
* Get list of roles, save a role
|
96
96
|
* Get list of realms, save/update/delete a realm
|
97
|
-
* Get list of client role mappings for a user
|
97
|
+
* Get list of client role mappings for a user/group
|
98
|
+
* Save client role mappings for a user/group
|
99
|
+
* Save realm-level role mappings for a user/group
|
98
100
|
|
99
101
|
### Get an access token
|
100
102
|
|
@@ -285,7 +287,7 @@ Takes `role`, which must be of type `KeycloakAdmin::RoleRepresentation`.
|
|
285
287
|
KeycloakAdmin.realm("a_realm").roles.save(role)
|
286
288
|
```
|
287
289
|
|
288
|
-
### Get list of client role mappings for a user
|
290
|
+
### Get list of client role mappings for a user/group
|
289
291
|
|
290
292
|
Returns an array of `KeycloakAdmin::RoleRepresentation`.
|
291
293
|
|
@@ -294,6 +296,42 @@ user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
|
294
296
|
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
295
297
|
KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).list_available
|
296
298
|
```
|
299
|
+
or
|
300
|
+
```ruby
|
301
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
302
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
303
|
+
KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).list_available
|
304
|
+
```
|
305
|
+
|
306
|
+
### Save list of client role mappings for a user/group
|
307
|
+
|
308
|
+
Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
|
309
|
+
|
310
|
+
```ruby
|
311
|
+
user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
312
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
313
|
+
KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).save(role_list)
|
314
|
+
```
|
315
|
+
or
|
316
|
+
```ruby
|
317
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
318
|
+
client_id = "1869e876-71b4-4de2-849e-66540db3a098"
|
319
|
+
KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).save(role_list)
|
320
|
+
```
|
321
|
+
|
322
|
+
### Save list of realm-level role mappings for a user/group
|
323
|
+
|
324
|
+
Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
|
325
|
+
|
326
|
+
```ruby
|
327
|
+
user_id = "95985b21-d884-4bbd-b852-cb8cd365afc2"
|
328
|
+
KeycloakAdmin.realm("a_realm").user(user_id).role_mapper.save_realm_level(role_list)
|
329
|
+
```
|
330
|
+
or
|
331
|
+
```ruby
|
332
|
+
group_id = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
|
333
|
+
KeycloakAdmin.realm("a_realm").group(group_id).role_mapper.save_realm_level(role_list)
|
334
|
+
```
|
297
335
|
|
298
336
|
## How to execute library tests
|
299
337
|
|
@@ -13,8 +13,20 @@ module KeycloakAdmin
|
|
13
13
|
JSON.parse(response).map { |role_as_hash| RoleRepresentation.from_hash(role_as_hash) }
|
14
14
|
end
|
15
15
|
|
16
|
+
def save(role_representation_list)
|
17
|
+
execute_http do
|
18
|
+
RestClient::Resource.new(base_url, @configuration.rest_client_options).post(
|
19
|
+
role_representation_list.to_json, headers
|
20
|
+
)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
16
24
|
def list_available_url
|
17
25
|
"#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}/available"
|
18
26
|
end
|
27
|
+
|
28
|
+
def base_url
|
29
|
+
"#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}"
|
30
|
+
end
|
19
31
|
end
|
20
32
|
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module KeycloakAdmin
|
2
|
+
class RoleMapperClient < Client
|
3
|
+
def initialize(configuration, user_resource)
|
4
|
+
super(configuration)
|
5
|
+
@user_resource = user_resource
|
6
|
+
end
|
7
|
+
|
8
|
+
def save_realm_level(role_representation_list)
|
9
|
+
execute_http do
|
10
|
+
RestClient::Resource.new(realm_level_url, @configuration.rest_client_options).post(
|
11
|
+
role_representation_list.to_json, headers
|
12
|
+
)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
def realm_level_url
|
17
|
+
"#{@user_resource.resource_url}/role-mappings/realm"
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module KeycloakAdmin
|
2
|
+
class BaseRoleContainingResource
|
3
|
+
def initialize(configuration, realm_client, resource_id)
|
4
|
+
@configuration = configuration
|
5
|
+
raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
|
6
|
+
@realm_client = realm_client
|
7
|
+
@resource_id = resource_id
|
8
|
+
end
|
9
|
+
|
10
|
+
def resources_name
|
11
|
+
raise NotImplementedError.new('must override in subclass')
|
12
|
+
end
|
13
|
+
|
14
|
+
def resource_url
|
15
|
+
"#{@realm_client.realm_admin_url}/#{resources_name}/#{@resource_id}"
|
16
|
+
end
|
17
|
+
|
18
|
+
def client_role_mappings(client_id)
|
19
|
+
ClientRoleMappingsClient.new(@configuration, self, client_id)
|
20
|
+
end
|
21
|
+
|
22
|
+
def role_mapper
|
23
|
+
RoleMapperClient.new(@configuration, self)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,18 +1,7 @@
|
|
1
1
|
module KeycloakAdmin
|
2
|
-
class UserResource
|
3
|
-
def
|
4
|
-
|
5
|
-
raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
|
6
|
-
@realm_client = realm_client
|
7
|
-
@id = id
|
8
|
-
end
|
9
|
-
|
10
|
-
def resource_url
|
11
|
-
"#{@realm_client.realm_admin_url}/users/#{@id}"
|
12
|
-
end
|
13
|
-
|
14
|
-
def client_role_mappings(client_id)
|
15
|
-
ClientRoleMappingsClient.new(@configuration, self, client_id)
|
2
|
+
class UserResource < BaseRoleContainingResource
|
3
|
+
def resources_name
|
4
|
+
"users"
|
16
5
|
end
|
17
6
|
end
|
18
7
|
end
|
data/lib/keycloak-admin.rb
CHANGED
@@ -7,6 +7,7 @@ require_relative "keycloak-admin/client/client_role_mappings_client"
|
|
7
7
|
require_relative "keycloak-admin/client/group_client"
|
8
8
|
require_relative "keycloak-admin/client/realm_client"
|
9
9
|
require_relative "keycloak-admin/client/role_client"
|
10
|
+
require_relative "keycloak-admin/client/role_mapper_client"
|
10
11
|
require_relative "keycloak-admin/client/token_client"
|
11
12
|
require_relative "keycloak-admin/client/user_client"
|
12
13
|
require_relative "keycloak-admin/client/configurable_token_client"
|
@@ -21,6 +22,8 @@ require_relative "keycloak-admin/representation/credential_representation"
|
|
21
22
|
require_relative "keycloak-admin/representation/realm_representation"
|
22
23
|
require_relative "keycloak-admin/representation/role_representation"
|
23
24
|
require_relative "keycloak-admin/representation/user_representation"
|
25
|
+
require_relative "keycloak-admin/resource/base_role_containing_resource"
|
26
|
+
require_relative "keycloak-admin/resource/group_resource"
|
24
27
|
require_relative "keycloak-admin/resource/user_resource"
|
25
28
|
|
26
29
|
module KeycloakAdmin
|
@@ -45,4 +45,38 @@ RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
|
|
45
45
|
expect(roles[0].name).to eq "test_role_name"
|
46
46
|
end
|
47
47
|
end
|
48
|
+
|
49
|
+
describe "#save" do
|
50
|
+
let(:realm_name) { "valid-realm" }
|
51
|
+
let(:user_id) { "test_user" }
|
52
|
+
let(:client_id) { "test_client" }
|
53
|
+
let(:role_list) { [
|
54
|
+
KeycloakAdmin::RoleRepresentation.from_hash(
|
55
|
+
"name" => "test_role_name",
|
56
|
+
"composite" => false,
|
57
|
+
"clientRole" => false
|
58
|
+
)
|
59
|
+
] }
|
60
|
+
|
61
|
+
before(:each) do
|
62
|
+
@client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
|
63
|
+
|
64
|
+
stub_token_client
|
65
|
+
expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
|
66
|
+
end
|
67
|
+
|
68
|
+
it "saves client role mappings" do
|
69
|
+
@client_role_mappings_client.save(role_list)
|
70
|
+
end
|
71
|
+
|
72
|
+
it "passes rest client options" do
|
73
|
+
rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
|
74
|
+
allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
|
75
|
+
|
76
|
+
expect(RestClient::Resource).to receive(:new).with(
|
77
|
+
"http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client", rest_client_options).and_call_original
|
78
|
+
|
79
|
+
@client_role_mappings_client.save(role_list)
|
80
|
+
end
|
81
|
+
end
|
48
82
|
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
RSpec.describe KeycloakAdmin::RoleMapperClient do
|
2
|
+
describe "#available_url" do
|
3
|
+
let(:realm_name) { "valid-realm" }
|
4
|
+
let(:user_id) { "test_user" }
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
@built_url = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper.realm_level_url
|
8
|
+
end
|
9
|
+
|
10
|
+
it "return a proper url" do
|
11
|
+
expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "#save_realm_level" do
|
16
|
+
let(:realm_name) { "valid-realm" }
|
17
|
+
let(:user_id) { "test_user" }
|
18
|
+
let(:role_list) { [
|
19
|
+
KeycloakAdmin::RoleRepresentation.from_hash(
|
20
|
+
"name" => "test_role_name",
|
21
|
+
"composite" => false,
|
22
|
+
"clientRole" => false
|
23
|
+
)
|
24
|
+
] }
|
25
|
+
|
26
|
+
before(:each) do
|
27
|
+
@role_mapper_client = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper
|
28
|
+
|
29
|
+
stub_token_client
|
30
|
+
expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
|
31
|
+
end
|
32
|
+
|
33
|
+
it "saves realm-elevel role mappings" do
|
34
|
+
@role_mapper_client.save_realm_level(role_list)
|
35
|
+
end
|
36
|
+
|
37
|
+
it "passes rest client options" do
|
38
|
+
rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
|
39
|
+
allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
|
40
|
+
|
41
|
+
expect(RestClient::Resource).to receive(:new).with(
|
42
|
+
"http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm", rest_client_options).and_call_original
|
43
|
+
|
44
|
+
@role_mapper_client.save_realm_level(role_list)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
RSpec.describe KeycloakAdmin::GroupResource do
|
2
|
+
describe "#resource_url" do
|
3
|
+
let(:realm_name) { "valid-realm" }
|
4
|
+
let(:group_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
@built_url = KeycloakAdmin.realm(realm_name).group(group_id).resource_url
|
8
|
+
end
|
9
|
+
|
10
|
+
it "return a proper url" do
|
11
|
+
expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: keycloak-admin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lorent Lempereur
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-06-
|
11
|
+
date: 2019-06-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: http-cookie
|
@@ -96,6 +96,7 @@ files:
|
|
96
96
|
- lib/keycloak-admin/client/group_client.rb
|
97
97
|
- lib/keycloak-admin/client/realm_client.rb
|
98
98
|
- lib/keycloak-admin/client/role_client.rb
|
99
|
+
- lib/keycloak-admin/client/role_mapper_client.rb
|
99
100
|
- lib/keycloak-admin/client/token_client.rb
|
100
101
|
- lib/keycloak-admin/client/user_client.rb
|
101
102
|
- lib/keycloak-admin/configuration.rb
|
@@ -110,6 +111,8 @@ files:
|
|
110
111
|
- lib/keycloak-admin/representation/role_representation.rb
|
111
112
|
- lib/keycloak-admin/representation/token_representation.rb
|
112
113
|
- lib/keycloak-admin/representation/user_representation.rb
|
114
|
+
- lib/keycloak-admin/resource/base_role_containing_resource.rb
|
115
|
+
- lib/keycloak-admin/resource/group_resource.rb
|
113
116
|
- lib/keycloak-admin/resource/user_resource.rb
|
114
117
|
- lib/keycloak-admin/version.rb
|
115
118
|
- spec/client/client_client_spec.rb
|
@@ -119,11 +122,13 @@ files:
|
|
119
122
|
- spec/client/group_client_spec.rb
|
120
123
|
- spec/client/realm_client_spec.rb
|
121
124
|
- spec/client/role_client_spec.rb
|
125
|
+
- spec/client/role_mapper_client_spec.rb
|
122
126
|
- spec/client/token_client_spec.rb
|
123
127
|
- spec/client/user_client_spec.rb
|
124
128
|
- spec/configuration_spec.rb
|
125
129
|
- spec/representation/impersonation_representation_spec.rb
|
126
130
|
- spec/representation/user_representation_spec.rb
|
131
|
+
- spec/resource/group_resource_spec.rb
|
127
132
|
- spec/resource/user_resource_spec.rb
|
128
133
|
- spec/spec_helper.rb
|
129
134
|
homepage: https://github.com/looorent/keycloak-admin-ruby
|