keycloak-api-rails 0.12.1 → 0.12.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 33430ef5e956f8a04b6e3de5b91bd4e3103fa45a005fccea305358f07936eeb3
-  data.tar.gz: '09a89800ff5dec64ba052f666dce839593ed85e3bf5d226d00050e2850387163'
+  metadata.gz: 834cdb0350ed3724a6f28aed40c36b3a51d96850f49ef8a0b9946a8135f1ca56
+  data.tar.gz: 8ec6a52a53e688cb20feaf9762e17bde13fbbf483d0413bf95400833a79ac6e1
 SHA512:
-  metadata.gz: 1965c3091b5a5b205e4c83dd233768889ea91a3585ddb5b81ed2d13643b0fbce2fada58ddcedb9bbb61865477395eafdd18f2fe15b4f49bbef497b130484262f
-  data.tar.gz: 5869dd930cb4f68189f38f7bc2c7405e92b59c384a82718aed93a2d158b6ce29de563e6363b557a1ef5744ca73985d98661be4a56c901b96a0a0c17cb2a1f04a
+  metadata.gz: 947afe4ef457d63988f592b16a57b9dd8bf7a58e7c6f403525e5a228a992c49d51262541cd5feb6b7c3c7722fd7390f7447fb698c273f359448ed3f46b3d2fd8
+  data.tar.gz: efb05a679ff2c389618534e975425276c9007651b495abc19a7f381116fe81fba490571e4d751cfbd69aa8a02c685d1738b543fabd99ca9fe07dcf9319a87701

data/CHANGELOG.md

@@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+
+## [0.12.3] - 2024-06-20
+
+* Add a debug log when not being able to validate a JWT
+
+## [0.12.2] - 2023-06-03
+
+* Avoid methods `logger`, `service` an `config` of `Keycloak::Authentication` to conflict with other concerns, such as rails. (thanks to @mkrawc)
+
 ## [0.12.1] - 2023-04-15
 
 * Fixes for opt-in mode (#48) (thanks to @theSteveMitchell)

data/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.7.5-slim-bullseye
+FROM ruby:3.2.2-slim-bullseye
 
 RUN apt-get update -qq && apt-get install -y build-essential git ruby-dev && apt-get clean && \
   mkdir -p /usr/src/app/lib/keycloak-api-rails

data/Gemfile.lock

@@ -1,183 +1,219 @@
 PATH
   remote: .
   specs:
-    keycloak-api-rails (0.12.0)
+    keycloak-api-rails (0.12.3)
       json-jwt (>= 1.11.0)
       rails (>= 4.2)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actioncable (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+      zeitwerk (~> 2.6)
+    actionmailbox (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      activejob (= 7.1.3.4)
+      activerecord (= 7.1.3.4)
+      activestorage (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailer (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      actionview (= 7.1.3.4)
+      activejob (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
-      rails-dom-testing (~> 2.0)
-    actionpack (7.0.4.3)
-      actionview (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      rack (~> 2.0, >= 2.2.0)
+      rails-dom-testing (~> 2.2)
+    actionpack (7.1.3.4)
+      actionview (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    actiontext (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      activerecord (= 7.1.3.4)
+      activestorage (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionview (7.1.3.4)
+      activesupport (= 7.1.3.4)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.4.3)
-      activesupport (= 7.0.4.3)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (7.1.3.4)
+      activesupport (= 7.1.3.4)
       globalid (>= 0.3.6)
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activestorage (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activemodel (7.1.3.4)
+      activesupport (= 7.1.3.4)
+    activerecord (7.1.3.4)
+      activemodel (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
+      timeout (>= 0.4.0)
+    activestorage (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      activejob (= 7.1.3.4)
+      activerecord (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
-    activesupport (7.0.4.3)
+    activesupport (7.1.3.4)
+      base64
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
+      mutex_m
       tzinfo (~> 2.0)
     aes_key_wrap (1.1.0)
-    bindata (2.4.15)
-    builder (3.2.4)
+    base64 (0.2.0)
+    bigdecimal (3.1.8)
+    bindata (2.5.0)
+    builder (3.3.0)
     byebug (11.1.3)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.3.3)
+    connection_pool (2.4.1)
     crass (1.0.6)
-    date (3.3.3)
-    diff-lcs (1.5.0)
-    erubi (1.12.0)
-    faraday (2.7.4)
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
+    date (3.3.4)
+    diff-lcs (1.5.1)
+    drb (2.2.1)
+    erubi (1.13.0)
+    faraday (2.9.2)
+      faraday-net_http (>= 2.0, < 3.2)
     faraday-follow_redirects (0.3.0)
       faraday (>= 1, < 3)
-    faraday-net_http (3.0.2)
-    globalid (1.1.0)
-      activesupport (>= 5.0)
-    i18n (1.12.0)
+    faraday-net_http (3.1.0)
+      net-http
+    globalid (1.2.1)
+      activesupport (>= 6.1)
+    i18n (1.14.5)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.16.3)
+    io-console (0.7.2)
+    irb (1.13.2)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json-jwt (1.16.6)
       activesupport (>= 4.2)
       aes_key_wrap
+      base64
       bindata
       faraday (~> 2.0)
       faraday-follow_redirects
-    loofah (2.20.0)
+    loofah (2.22.0)
       crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
+      nokogiri (>= 1.12.0)
     mail (2.8.1)
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
       net-smtp
-    marcel (1.0.2)
-    method_source (1.0.0)
-    mini_mime (1.1.2)
-    mini_portile2 (2.8.1)
-    minitest (5.18.0)
-    net-imap (0.3.4)
+    marcel (1.0.4)
+    mini_mime (1.1.5)
+    mini_portile2 (2.8.7)
+    minitest (5.24.0)
+    mutex_m (0.2.0)
+    net-http (0.4.1)
+      uri
+    net-imap (0.4.13)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.5.0)
       net-protocol
-    nio4r (2.5.9)
-    nokogiri (1.14.3)
-      mini_portile2 (~> 2.8.0)
+    nio4r (2.7.3)
+    nokogiri (1.16.6)
+      mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    racc (1.6.2)
-    rack (2.2.6.4)
+    psych (5.1.2)
+      stringio
+    racc (1.8.0)
+    rack (3.1.3)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.4.3)
-      actioncable (= 7.0.4.3)
-      actionmailbox (= 7.0.4.3)
-      actionmailer (= 7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actiontext (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails (7.1.3.4)
+      actioncable (= 7.1.3.4)
+      actionmailbox (= 7.1.3.4)
+      actionmailer (= 7.1.3.4)
+      actionpack (= 7.1.3.4)
+      actiontext (= 7.1.3.4)
+      actionview (= 7.1.3.4)
+      activejob (= 7.1.3.4)
+      activemodel (= 7.1.3.4)
+      activerecord (= 7.1.3.4)
+      activestorage (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
       bundler (>= 1.15.0)
-      railties (= 7.0.4.3)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
+      railties (= 7.1.3.4)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
-      loofah (~> 2.19, >= 2.19.1)
-    railties (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      method_source
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
+    railties (7.1.3.4)
+      actionpack (= 7.1.3.4)
+      activesupport (= 7.1.3.4)
+      irb
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
-    rake (13.0.6)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
+    rake (13.2.1)
+    rdoc (6.7.0)
+      psych (>= 4.0.0)
+    reline (0.5.9)
+      io-console (~> 0.5)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
       rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.1)
+    rspec-core (3.12.3)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rspec-expectations (3.12.4)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+    rspec-mocks (3.12.7)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
-    ruby2_keywords (0.0.5)
-    thor (1.2.1)
+    rspec-support (3.12.2)
+    stringio (3.1.1)
+    thor (1.3.1)
     timecop (0.9.6)
-    timeout (0.3.2)
+    timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    websocket-driver (0.7.5)
+    uri (0.13.0)
+    webrick (1.8.1)
+    websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.6.7)
+    zeitwerk (2.6.16)
 
 PLATFORMS
   ruby
@@ -189,4 +225,4 @@ DEPENDENCIES
   timecop (= 0.9.6)
 
 BUNDLED WITH
-   2.1.4
+   2.4.13

data/README.md

@@ -5,7 +5,7 @@ This gem validates Keycloak JWT token for Ruby On Rails APIs.
 ## Install
 
 ```ruby
-gem "keycloak-api-rails", "0.12.0"
+gem "keycloak-api-rails", "0.12.3"
 ```
 
 ## Token validation
@@ -219,4 +219,5 @@ From the `keycloak-rails-api` directory:
 
 ## Next developments
 
-* Manage multiple realms
+* Manage multiple realms
+* Avoid duplicate code in Keycloak::Middleware and `Keycloak::Authentication`

data/lib/keycloak-api-rails/authentication.rb

@@ -11,23 +11,21 @@ module Keycloak
     protected
 
     def keycloak_authenticate
-      
       env = request.env
       method = env["REQUEST_METHOD"]
       path   = env["PATH_INFO"]
       uri    = env["REQUEST_URI"]
 
-      logger.debug("Start authentication for #{method} : #{path}")
-      token         = service.read_token(uri, env)
-      decoded_token = service.decode_and_verify(token)
+      Keycloak.logger.debug("Start authentication for #{method} : #{path}")
+      token         = Keycloak.service.read_token(uri, env)
+      decoded_token = Keycloak.service.decode_and_verify(token)
       authentication_succeeded(env, decoded_token)
-      
     rescue TokenError => e
       authentication_failed(e.message)
     end
 
     def authentication_failed(message)
-      logger.info(message)
+      Keycloak.logger.info(message)
       render status: :unauthorized, json: { error: message }
     end
 
@@ -36,22 +34,10 @@ module Keycloak
       Helper.assign_current_authorized_party(env, decoded_token)
       Helper.assign_current_user_email(env, decoded_token)
       Helper.assign_current_user_locale(env, decoded_token)
-      Helper.assign_current_user_custom_attributes(env, decoded_token, config.custom_attributes)
+      Helper.assign_current_user_custom_attributes(env, decoded_token, Keycloak.config.custom_attributes)
       Helper.assign_realm_roles(env, decoded_token)
       Helper.assign_resource_roles(env, decoded_token)
       Helper.assign_keycloak_token(env, decoded_token)
     end
-
-    def service
-      Keycloak.service
-    end
-
-    def logger
-      Keycloak.logger
-    end
-
-    def config
-      Keycloak.config
-    end
   end
-end
+end

data/lib/keycloak-api-rails/middleware.rb

@@ -20,11 +20,11 @@ module Keycloak
         @app.call(env)
       end
     rescue TokenError => e
+      logger.debug("The error causing the Token to fail: #{e.original_error&.message || e.message}")
       authentication_failed(e.message)
     end
 
     def authentication_failed(message)
-      logger.info(message)
       [401, {"Content-Type" => "application/json"}, [ { error: message }.to_json]]
     end
 

data/lib/keycloak-api-rails/version.rb

@@ -1,3 +1,3 @@
 module Keycloak
-  VERSION = "0.12.1"
+  VERSION = "0.12.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keycloak-api-rails
 version: !ruby/object:Gem::Version
-  version: 0.12.1
+  version: 0.12.3
 platform: ruby
 authors:
 - Lorent Lempereur
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-15 00:00:00.000000000 Z
+date: 2024-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -120,7 +120,7 @@ homepage: https://github.com/looorent/keycloak-api-rails
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -135,8 +135,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key: 
+rubygems_version: 3.5.11
+signing_key:
 specification_version: 4
 summary: Rails middleware that validates Authorization token emitted by Keycloak
 test_files: []