keycloak-admin 0.7.7 → 0.7.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/Gemfile.lock +1 -1
- data/README.md +48 -26
- data/lib/keycloak-admin.rb +1 -1
- data/lib/keycloak-admin/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b7d17b8a5f55e87b615da11c9554bfeec127629207e81bd4e4950fb85971010c
|
|
4
|
+
data.tar.gz: '097affd8e18b7e778557fe4ecc787e93127bcef133a4dd9e6db590fc7ad65982'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ffc55b0f6c7719ce1fa38b93838fe2d137fe3cd6395fe1717ac4ef352484bdfedab0363811f88bf9e82815d1ae6f94ec008ab1fb4db5038f638cc816d66362fd
|
|
7
|
+
data.tar.gz: b8053bb57699928d793523b9d0274a284ebafbedd8e05d8294fbcdebcca967d69531dddf2048fd890b8e51dc3bb9bea2c83a9aee19e34bac13fccbed95a547b7
|
data/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [0.7.8] - 2020-10-15
|
|
9
|
+
|
|
10
|
+
* Bug: `rest_client_options` default value does not match the documentation (was `nil` by default, should be `{}`)
|
|
11
|
+
* Update documentation about client setup (based on Keycloak 11)
|
|
12
|
+
|
|
8
13
|
## [0.7.7] - 2020-07-10
|
|
9
14
|
|
|
10
15
|
* Fix: `Replace request method shorthand with .execute for proper RestClient option support` (thanks to @RomanHargrave)
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -12,37 +12,59 @@ This gem *does not* require Rails.
|
|
|
12
12
|
For example, using `bundle`, add this line to your Gemfile.
|
|
13
13
|
|
|
14
14
|
```ruby
|
|
15
|
-
gem "keycloak-admin", "0.7.
|
|
15
|
+
gem "keycloak-admin", "0.7.8"
|
|
16
16
|
```
|
|
17
17
|
|
|
18
18
|
## Login
|
|
19
19
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
*
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
*
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
43
|
-
*
|
|
20
|
+
To login on Keycloak's Admin API, you first need to setup a client.
|
|
21
|
+
|
|
22
|
+
Go to your realm administration page and open `Clients`. Then, click on the `Create` button.
|
|
23
|
+
On the first screen, enter:
|
|
24
|
+
* `Client ID`: _e.g. my-app-admin-client_
|
|
25
|
+
* `Client Protocol`: select `openid-connect`
|
|
26
|
+
* `Root URL`: let it blank
|
|
27
|
+
|
|
28
|
+
The next screen must be configured depending on how you want to authenticate:
|
|
29
|
+
* `username/password` with a user of the realm
|
|
30
|
+
* `Direct Access Grants` with a service account
|
|
31
|
+
|
|
32
|
+
### Login with username/password (realm user)
|
|
33
|
+
|
|
34
|
+
* In Keycloak, during the client setup:
|
|
35
|
+
* `Access Type`: `public` or `confidential`
|
|
36
|
+
* `Service Accounts Enabled` (when `confidential`): `false`
|
|
37
|
+
* After saving your client, if you have chosen a `confidential` client, go to `Credentials` tab and copy the `Client Secret`
|
|
38
|
+
|
|
39
|
+
* In Keycloak, create a dedicated user (and her credentials):
|
|
40
|
+
* Go to `Users`
|
|
41
|
+
* Click on the `Add user` button
|
|
42
|
+
* Setup her mandatory information, depending on your realm's configuration
|
|
43
|
+
* On the `Credentials` tab, create her a password (toggle off `Temporary`)
|
|
44
|
+
|
|
45
|
+
* In this gem's configuration (see Section `Configuration`):
|
|
46
|
+
* Setup `username` and `password` according to your user's configuration
|
|
47
|
+
* Setup `client_id` with your `Client ID` (_e.g. my-app-admin-client_)
|
|
48
|
+
* If your client is `confidential`, copy its Client Secret to `client_secret`
|
|
49
|
+
|
|
50
|
+
### Login with `Direct Access Grants` (Service account)
|
|
51
|
+
|
|
52
|
+
Using a service account to use the REST Admin API does not require to create a dedicated user (https://www.keycloak.org/docs/latest/server_admin/#_service_accounts).
|
|
53
|
+
|
|
54
|
+
* In Keycloak, during the client setup:
|
|
55
|
+
* `Access Type`: `confidential`
|
|
56
|
+
* `Service Accounts Enabled` (when `confidential`): `true`
|
|
57
|
+
* `Standard Flow Enabled`: `false`
|
|
58
|
+
* `Implicit Flow Enabled`: `false`
|
|
59
|
+
* `Direct Access Grants Enabled`: `true`
|
|
60
|
+
* After saving this client
|
|
61
|
+
* open the `Service Account Roles` and add relevant `realm-management.` client's roles. For instance: `view-users` if you want to search for users using this gem.
|
|
62
|
+
* open the `Credentials` tab and copy the `Client Secret`
|
|
63
|
+
|
|
64
|
+
* In this gem's configuration (see Section `Configuration`):
|
|
44
65
|
* Set `use_service_account` to `true`
|
|
45
|
-
* Setup `
|
|
66
|
+
* Setup `client_id` with your `Client ID` (_e.g. my-app-admin-client_)
|
|
67
|
+
* Copy its Client Secret to `client_secret`
|
|
46
68
|
|
|
47
69
|
## Configuration
|
|
48
70
|
|
data/lib/keycloak-admin.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: keycloak-admin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lorent Lempereur
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-10-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: http-cookie
|