keycloak-api-rails 0.10.2 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 87874dec1c650142ab5ab797da0242c54307a27f
-  data.tar.gz: 261fe67cecc45c6fd9831b15289d242e697ee354
+SHA256:
+  metadata.gz: 054b6e617974528c6588167886f7ab5da9b60ed82cddcb6f2770d0d295e8e2c4
+  data.tar.gz: 12ab9f5071f0f85fa2c13cbe5732d851e6eff88a0f9866ad349ba30f27348a42
 SHA512:
-  metadata.gz: 2eecc8d1fb2e293f265712b90d44b012b68b319a22739906a39fc03e4c159d6780793dd1a2210b0e510d175bf86df6c414ddaa9c7bd360250b2a101f275548bd
-  data.tar.gz: 96aa59b4a9d1617f946d827660bed9e7f97b6326ac02d91e00805d2ac989de33af5bb53f7ee92e0c598a81dc8e1800b63966c872b553180f07a8164f2c665803
+  metadata.gz: 57ca553cd13c49a4202af7c7ed8949eccacd591dae317c0e65a953e4449e16eb7d95300c7f71b8e4f2f1bf5ba52df7b80c7a56619a033ff5a57d633a4cd5d56a
+  data.tar.gz: 40888d970c304133ea101c9e207f7aa378388ca602cf75313b75ac871910ba9cbd13a5755269f603dc60ccf4848143e1256de2dcb27c0a708718d3edf3b8f2ee

data/CHANGELOG.md

@@ -0,0 +1,14 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.11.0] - 2019-11-21
+
+* Remove dependency to `rest-client` (thanks to @@loicvigneron)
+* Access Authorization Party from ENV (thanks to @@loicvigneron)
+* New configuration option: `ca_certificate_file` (thanks to @@loicvigneron)
+* Access the token from ENV
+* Upgrade `json-jwt` to `1.11.0`

data/Gemfile.lock

@@ -1,127 +1,129 @@
 PATH
   remote: .
   specs:
-    keycloak-api-rails (0.10.2)
-      json-jwt (>= 1.9.4)
+    keycloak-api-rails (0.11.0)
+      json-jwt (>= 1.11.0)
       rails (>= 4.2)
-      rest-client (>= 2.0.2)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.2.1)
-      actionpack (= 5.2.1)
+    actioncable (6.0.1)
+      actionpack (= 6.0.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailer (5.2.1)
-      actionpack (= 5.2.1)
-      actionview (= 5.2.1)
-      activejob (= 5.2.1)
+    actionmailbox (6.0.1)
+      actionpack (= 6.0.1)
+      activejob (= 6.0.1)
+      activerecord (= 6.0.1)
+      activestorage (= 6.0.1)
+      activesupport (= 6.0.1)
+      mail (>= 2.7.1)
+    actionmailer (6.0.1)
+      actionpack (= 6.0.1)
+      actionview (= 6.0.1)
+      activejob (= 6.0.1)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.2.1)
-      actionview (= 5.2.1)
-      activesupport (= 5.2.1)
+    actionpack (6.0.1)
+      actionview (= 6.0.1)
+      activesupport (= 6.0.1)
       rack (~> 2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.1)
-      activesupport (= 5.2.1)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (6.0.1)
+      actionpack (= 6.0.1)
+      activerecord (= 6.0.1)
+      activestorage (= 6.0.1)
+      activesupport (= 6.0.1)
+      nokogiri (>= 1.8.5)
+    actionview (6.0.1)
+      activesupport (= 6.0.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.2.1)
-      activesupport (= 5.2.1)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (6.0.1)
+      activesupport (= 6.0.1)
       globalid (>= 0.3.6)
-    activemodel (5.2.1)
-      activesupport (= 5.2.1)
-    activerecord (5.2.1)
-      activemodel (= 5.2.1)
-      activesupport (= 5.2.1)
-      arel (>= 9.0)
-    activestorage (5.2.1)
-      actionpack (= 5.2.1)
-      activerecord (= 5.2.1)
+    activemodel (6.0.1)
+      activesupport (= 6.0.1)
+    activerecord (6.0.1)
+      activemodel (= 6.0.1)
+      activesupport (= 6.0.1)
+    activestorage (6.0.1)
+      actionpack (= 6.0.1)
+      activejob (= 6.0.1)
+      activerecord (= 6.0.1)
       marcel (~> 0.3.1)
-    activesupport (5.2.1)
+    activesupport (6.0.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
+      zeitwerk (~> 2.2)
     aes_key_wrap (1.0.1)
-    arel (9.0.0)
-    bindata (2.4.3)
+    bindata (2.4.4)
     builder (3.2.3)
     byebug (9.1.0)
-    concurrent-ruby (1.0.5)
-    crass (1.0.4)
+    concurrent-ruby (1.1.5)
+    crass (1.0.5)
     diff-lcs (1.3)
-    domain_name (0.5.20180417)
-      unf (>= 0.0.5, < 1.0.0)
-    erubi (1.7.1)
-    globalid (0.4.1)
+    erubi (1.9.0)
+    globalid (0.4.2)
       activesupport (>= 4.2.0)
-    http-cookie (1.0.3)
-      domain_name (~> 0.5)
-    i18n (1.1.0)
+    i18n (1.7.0)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.9.4)
-      activesupport
+    json-jwt (1.11.0)
+      activesupport (>= 4.2)
       aes_key_wrap
       bindata
-    loofah (2.2.2)
+    loofah (2.3.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.7.0)
+    mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (0.3.2)
+    marcel (0.3.3)
       mimemagic (~> 0.3.2)
-    method_source (0.9.0)
-    mime-types (3.2.2)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2018.0812)
-    mimemagic (0.3.2)
-    mini_mime (1.0.1)
-    mini_portile2 (2.3.0)
-    minitest (5.11.3)
-    netrc (0.11.0)
-    nio4r (2.3.1)
-    nokogiri (1.8.4)
-      mini_portile2 (~> 2.3.0)
-    rack (2.0.6)
+    method_source (0.9.2)
+    mimemagic (0.3.3)
+    mini_mime (1.0.2)
+    mini_portile2 (2.4.0)
+    minitest (5.13.0)
+    nio4r (2.5.2)
+    nokogiri (1.10.5)
+      mini_portile2 (~> 2.4.0)
+    rack (2.0.7)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (5.2.1)
-      actioncable (= 5.2.1)
-      actionmailer (= 5.2.1)
-      actionpack (= 5.2.1)
-      actionview (= 5.2.1)
-      activejob (= 5.2.1)
-      activemodel (= 5.2.1)
-      activerecord (= 5.2.1)
-      activestorage (= 5.2.1)
-      activesupport (= 5.2.1)
+    rails (6.0.1)
+      actioncable (= 6.0.1)
+      actionmailbox (= 6.0.1)
+      actionmailer (= 6.0.1)
+      actionpack (= 6.0.1)
+      actiontext (= 6.0.1)
+      actionview (= 6.0.1)
+      activejob (= 6.0.1)
+      activemodel (= 6.0.1)
+      activerecord (= 6.0.1)
+      activestorage (= 6.0.1)
+      activesupport (= 6.0.1)
       bundler (>= 1.3.0)
-      railties (= 5.2.1)
+      railties (= 6.0.1)
       sprockets-rails (>= 2.0.0)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.4)
-      loofah (~> 2.2, >= 2.2.2)
-    railties (5.2.1)
-      actionpack (= 5.2.1)
-      activesupport (= 5.2.1)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.1)
+      actionpack (= 6.0.1)
+      activesupport (= 6.0.1)
       method_source
       rake (>= 0.8.7)
-      thor (>= 0.19.0, < 2.0)
-    rake (12.3.1)
-    rest-client (2.0.2)
-      http-cookie (>= 1.0.2, < 2.0)
-      mime-types (>= 1.16, < 4.0)
-      netrc (~> 0.8)
+      thor (>= 0.20.3, < 2.0)
+    rake (13.0.1)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)
@@ -135,24 +137,22 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.7.0)
     rspec-support (3.7.0)
-    sprockets (3.7.2)
+    sprockets (4.0.0)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-rails (3.2.1)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    thor (0.20.0)
+    thor (0.20.3)
     thread_safe (0.3.6)
     timecop (0.9.1)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    unf (0.1.4)
-      unf_ext
-    unf_ext (0.0.7.5)
-    websocket-driver (0.7.0)
+    websocket-driver (0.7.1)
       websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.3)
+    websocket-extensions (0.1.4)
+    zeitwerk (2.2.1)
 
 PLATFORMS
   ruby
@@ -164,4 +164,4 @@ DEPENDENCIES
   timecop (= 0.9.1)
 
 BUNDLED WITH
-   1.16.1
+   1.17.3

data/README.md

@@ -5,7 +5,7 @@ This gem aims at validates Keycloak JWT token in Ruby On Rails APIs.
 ## Install
 
 ```ruby
-gem "keycloak-api-rails", "0.10.2"
+gem "keycloak-api-rails", "0.11.0"
 ```
 
 ## Token validation
@@ -14,7 +14,7 @@ Tokens send (through query strings or Authorization headers) to this Railtie Mid
 
 ## Pass token to the API
 
-* Method 1: By adding an `Authorization` HTTP Header with its value set to `Bearer <your token>`. 
+* Method 1: By adding an `Authorization` HTTP Header with its value set to `Bearer <your token>`.
   _e.g_ using curl: `curl -H "Authorization: Bearer <your-token>" https://api.pouet.io/api/more-pouets`
 * Method 2: By providing the token via query string, especially via the parameter named `authorizationToken`. Keep in mind that this method is less secure (url are kept intact in your browser history, and so on...)
   _e.g._ using curl: `curl https://api.pouet.io/api/more-pouets?authorizationToken<your-token>`
@@ -42,8 +42,8 @@ All options have a default value. However, all of them can be changed in your in
 | `token_expiration_tolerance_in_seconds` | `10`| Logger | Optional | Number of seconds a token can expire before being rejected by the API. | `15` | 
 | `public_key_cache_ttl` | `86400`| Integer | Optional | Amount of time, in seconds, specifying maximum interval between two requests to {project_name} to retrieve new public keys. It is 86400 seconds (1 day) by default. At least once per this configured interval (1 day by default) will be new public key always downloaded. | `Rails.logger` | 
 | `custom_attributes` | `[]`| Array Of String | Optional | List of token attributes to read from each token and to add to their http request env | `["originalFirstName", "originalLastName"]` | 
-
-## Configure it 
+| `ca_certificate_file` | `nil`| String | Optional | Path to the certificate authority used to validate the Keycloak server certificate | `/credentials/production_root_ca_cert.pem` | 
+## Configure it
 
 Create a `keycloak.rb` file in your Rails `config/initializers` folder. For instance:
 
@@ -65,7 +65,7 @@ Once this gem is configured in your Rails project, you can read, validate and us
 
 ### Keycloak Id
 
-If you identify users using their Keycloak Id, this value can be read from your controllers using `Keycloak::Helper.current_user_id(request.env)`. 
+If you identify users using their Keycloak Id, this value can be read from your controllers using `Keycloak::Helper.current_user_id(request.env)`.
 
 ```ruby
 class AuthenticatedController < ApplicationController
@@ -173,4 +173,4 @@ From the `keycloak-rails-api` directory:
 
 ## Next developments
 
-* Remove dependency to `rest-client`
+* Manage multiple realms

data/keycloak-api-rails.gemspec

@@ -16,10 +16,9 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "rails",       ">= 4.2"
-  spec.add_dependency "json-jwt",    ">= 1.9.4"
-  spec.add_dependency "rest-client", ">= 2.0.2"
+  spec.add_dependency "json-jwt",    ">= 1.11.0"
 
   spec.add_development_dependency "rspec",   "3.7.0"
   spec.add_development_dependency "timecop", "0.9.1"
   spec.add_development_dependency "byebug", "9.1.0"
-end
+end

data/lib/keycloak-api-rails.rb

@@ -2,8 +2,10 @@ require "logger"
 require "json/jwt"
 require "uri"
 require "date"
+require "net/http"
 
 require_relative "keycloak-api-rails/configuration"
+require_relative "keycloak-api-rails/http_client"
 require_relative "keycloak-api-rails/token_error"
 require_relative "keycloak-api-rails/helper"
 require_relative "keycloak-api-rails/public_key_resolver"
@@ -22,8 +24,12 @@ module Keycloak
     @configuration
   end
 
+  def self.http_client
+    @http_client ||= Keycloak::HTTPClient.new(config)
+  end
+
   def self.public_key_resolver
-    @public_key_resolver ||= PublicKeyCachedResolver.from_configuration(config)
+    @public_key_resolver ||= PublicKeyCachedResolver.from_configuration(http_client, config)
   end
 
   def self.service

data/lib/keycloak-api-rails/configuration.rb

@@ -8,5 +8,6 @@ module Keycloak
     config_accessor :public_key_cache_ttl
     config_accessor :custom_attributes
     config_accessor :logger
+    config_accessor :ca_certificate_file
   end
 end

data/lib/keycloak-api-rails/helper.rb

@@ -1,12 +1,15 @@
 module Keycloak
   class Helper
-    
-    CURRENT_USER_ID_KEY     = "keycloak:keycloak_id"
-    CURRENT_USER_EMAIL_KEY  = "keycloak:email"
-    CURRENT_USER_LOCALE_KEY = "keycloak:locale"
-    CURRENT_USER_ATTRIBUTES = "keycloak:attributes"
-    ROLES_KEY               = "keycloak:roles"
-    QUERY_STRING_TOKEN_KEY  = "authorizationToken"
+
+    CURRENT_USER_ID_KEY          = "keycloak:keycloak_id"
+    CURRENT_AUTHORIZED_PARTY_KEY = "keycloak:authorized_party"
+    CURRENT_USER_EMAIL_KEY       = "keycloak:email"
+    CURRENT_USER_LOCALE_KEY      = "keycloak:locale"
+    CURRENT_USER_ATTRIBUTES      = "keycloak:attributes"
+    ROLES_KEY                    = "keycloak:roles"
+    RESOURCE_ROLES_KEY           = "keycloak:resource_roles"
+    TOKEN_KEY                    = "keycloak:token"
+    QUERY_STRING_TOKEN_KEY       = "authorizationToken"
 
     def self.current_user_id(env)
       env[CURRENT_USER_ID_KEY]
@@ -16,6 +19,22 @@ module Keycloak
       env[CURRENT_USER_ID_KEY] = token["sub"]
     end
 
+    def self.keycloak_token(env)
+      env[TOKEN_KEY]
+    end
+
+    def self.assign_keycloak_token(env, token)
+      env[TOKEN_KEY] = token
+    end
+
+    def self.current_authorized_party(env)
+      env[CURRENT_AUTHORIZED_PARTY_KEY]
+    end
+
+    def self.assign_current_authorized_party(env, token)
+      env[CURRENT_AUTHORIZED_PARTY_KEY] = token["azp"]
+    end
+
     def self.current_user_email(env)
       env[CURRENT_USER_EMAIL_KEY]
     end
@@ -40,8 +59,19 @@ module Keycloak
       env[ROLES_KEY] = token.dig("realm_access", "roles")
     end
 
+    def self.current_resource_roles(env)
+      env[RESOURCE_ROLES_KEY]
+    end
+
+    def self.assign_resource_roles(env, token)
+      env[RESOURCE_ROLES_KEY] = token.fetch("resource_access", {}).inject({}) do |resource_roles, (name, resource_attributes)|
+        resource_roles[name] = resource_attributes.fetch("roles", [])
+        resource_roles
+      end
+    end
+
     def self.assign_current_user_custom_attributes(env, token, attribute_names)
-      env[CURRENT_USER_ATTRIBUTES] = token.select { |key,value| attribute_names.include?(key) }
+      env[CURRENT_USER_ATTRIBUTES] = token.select { |key, value| attribute_names.include?(key) }
     end
 
     def self.current_user_custom_attributes(env)

data/lib/keycloak-api-rails/http_client.rb

@@ -0,0 +1,28 @@
+module Keycloak
+  class HTTPClient
+    def initialize(configuration)
+      @server_url          = configuration.server_url
+      @ca_certificate_file = configuration.ca_certificate_file
+      @x509_store          = OpenSSL::X509::Store.new
+      @x509_store.set_default_paths
+      @x509_store.add_file(@ca_certificate_file) if @ca_certificate_file
+    end
+
+    def get(realm_id, path)
+      uri          = build_uri(realm_id, path)
+      use_ssl      = uri.scheme == "http" ? false : true
+      Net::HTTP.start(uri.host, uri.port, :use_ssl => use_ssl, :cert_store => @x509_store) do |http|
+        request  = Net::HTTP::Get.new(uri)
+        response = http.request(request)
+        JSON.parse(response.body)
+      end
+    end
+
+    private
+
+    def build_uri(realm_id, path)
+      string_uri = File.join(@server_url, "realms", realm_id, path)
+      URI(string_uri)
+    end
+  end
+end

data/lib/keycloak-api-rails/middleware.rb

@@ -9,7 +9,7 @@ module Keycloak
       method = env["REQUEST_METHOD"]
       path   = env["PATH_INFO"]
       uri    = env["REQUEST_URI"]
-      
+
       if service.need_authentication?(method, path, env)
         logger.debug("Start authentication for #{method} : #{path}")
         token         = service.read_token(uri, env)
@@ -30,10 +30,13 @@ module Keycloak
 
     def authentication_succeeded(env, decoded_token)
       Helper.assign_current_user_id(env, decoded_token)
+      Helper.assign_current_authorized_party(env, decoded_token)
       Helper.assign_current_user_email(env, decoded_token)
       Helper.assign_current_user_locale(env, decoded_token)
       Helper.assign_current_user_custom_attributes(env, decoded_token, config.custom_attributes)
       Helper.assign_realm_roles(env, decoded_token)
+      Helper.assign_resource_roles(env, decoded_token)
+      Helper.assign_keycloak_token(env, decoded_token)
       @app.call(env)
     end
 

data/lib/keycloak-api-rails/public_key_cached_resolver.rb

@@ -2,15 +2,15 @@ module Keycloak
   class PublicKeyCachedResolver
     attr_reader :cached_public_key_retrieved_at
 
-    def initialize(server_url, realm_id, public_key_cache_ttl)
-      @resolver                       = PublicKeyResolver.new(server_url, realm_id)
+    def initialize(http_client, realm_id, public_key_cache_ttl)
+      @resolver                       = PublicKeyResolver.new(http_client, realm_id)
       @public_key_cache_ttl           = public_key_cache_ttl
       @cached_public_keys             = nil
       @cached_public_key_retrieved_at = nil
     end
 
-    def self.from_configuration(configuration)
-      PublicKeyCachedResolver.new(configuration.server_url, configuration.realm_id, configuration.public_key_cache_ttl)
+    def self.from_configuration(http_client, configuration)
+      PublicKeyCachedResolver.new(http_client, configuration.realm_id, configuration.public_key_cache_ttl)
     end
 
     def find_public_keys

data/lib/keycloak-api-rails/public_key_resolver.rb

@@ -1,21 +1,12 @@
 module Keycloak
   class PublicKeyResolver
-    def initialize(server_url, realm_id)
-      @public_certificate_url = create_public_certificate_url(server_url, realm_id)
+    def initialize(http_client, realm_id)
+      @realm_id    = realm_id
+      @http_client = http_client
     end
 
     def find_public_keys
-      JSON::JWK::Set.new(JSON.parse(RestClient.get(@public_certificate_url).body)["keys"])
-    end
-
-    private
-
-    def create_realm_url(server_url, realm_id)
-      "#{server_url}/realms/#{realm_id}"
-    end
-
-    def create_public_certificate_url(server_url, realm_id)
-      "#{create_realm_url(server_url, realm_id)}/protocol/openid-connect/certs"
+      JSON::JWK::Set.new(@http_client.get(@realm_id, "protocol/openid-connect/certs")["keys"])
     end
   end
-end
+end

data/lib/keycloak-api-rails/version.rb

@@ -1,3 +1,3 @@
 module Keycloak
-  VERSION = "0.10.2"
+  VERSION = "0.11.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keycloak-api-rails
 version: !ruby/object:Gem::Version
-  version: 0.10.2
+  version: 0.11.0
 platform: ruby
 authors:
 - Lorent Lempereur
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-16 00:00:00.000000000 Z
+date: 2019-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -30,28 +30,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.9.4
+        version: 1.11.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.9.4
-- !ruby/object:Gem::Dependency
-  name: rest-client
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.0.2
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.0.2
+        version: 1.11.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -103,6 +89,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- CHANGELOG.md
 - Dockerfile
 - Gemfile
 - Gemfile.lock
@@ -112,6 +99,7 @@ files:
 - lib/keycloak-api-rails.rb
 - lib/keycloak-api-rails/configuration.rb
 - lib/keycloak-api-rails/helper.rb
+- lib/keycloak-api-rails/http_client.rb
 - lib/keycloak-api-rails/middleware.rb
 - lib/keycloak-api-rails/public_key_cached_resolver.rb
 - lib/keycloak-api-rails/public_key_resolver.rb
@@ -145,8 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.4
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Rails middleware that validates Authorization token emitted by Keycloak