keycloak 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: b9b66ff5c33100fbe4a1221a3ad0fe8899c26de8
4
+ data.tar.gz: ca9645e61cb4ae023a988f0fc50ba7cebc943236
5
+ SHA512:
6
+ metadata.gz: 5ce5a1507693b069e489f4355caa64a6530697bb837c8b3e3f798f511f660f8a209e5f6af5b5a1bb1912fe6c0a5a94729f6e8c8c74083e106e3fada6159c2322
7
+ data.tar.gz: 0b976a1c591ef4b1089e485ead5db390838dff1781a4a5b633952cee3508625b890a7d98bc79a35e287517fd16a6e4d5c8c36b3b73fe0a7a629e48382e7e1975
data/.gitignore ADDED
@@ -0,0 +1 @@
1
+ keycloak-*.gem
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ sudo: false
2
+ language: ruby
3
+ rvm:
4
+ - 2.4.0
5
+ before_install: gem install bundler -v 1.15.1
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at g_portugues@hotmail.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "https://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in keycloak.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2017 Guilherme Portugues
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,43 @@
1
+ # Keycloak
2
+
3
+ Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/keycloak`. To experiment with that code, run `bin/console` for an interactive prompt.
4
+
5
+ TODO: Delete this and the text above, and describe your gem
6
+
7
+ ## Installation
8
+
9
+ Add this line to your application's Gemfile:
10
+
11
+ ```ruby
12
+ gem 'keycloak'
13
+ ```
14
+
15
+ And then execute:
16
+
17
+ $ bundle
18
+
19
+ Or install it yourself as:
20
+
21
+ $ gem install keycloak
22
+
23
+ ## Usage
24
+
25
+ TODO: Write usage instructions here
26
+
27
+ ## Development
28
+
29
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
30
+
31
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
32
+
33
+ ## Contributing
34
+
35
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/keycloak. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
36
+
37
+ ## License
38
+
39
+ The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
40
+
41
+ ## Code of Conduct
42
+
43
+ Everyone interacting in the Keycloak project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/keycloak/blob/master/CODE_OF_CONDUCT.md).
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "keycloak"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/keycloak.gemspec ADDED
@@ -0,0 +1,39 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path("../lib", __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require "keycloak/version"
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "keycloak"
8
+ spec.version = Keycloak::VERSION
9
+ spec.authors = ["Guilherme Portugues"]
10
+ spec.email = ["g_portugues@hotmail.com"]
11
+
12
+ spec.summary = %q{Add authentication to applications and secure services with Keycloak}
13
+ #spec.description = %q{TODO: Write a longer description or delete this line.}
14
+ spec.homepage = "https://github.com/imagov/keycloak.git"
15
+ spec.license = "MIT"
16
+
17
+ # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
18
+ # to allow pushing to a single host or delete this section to allow pushing to any host.
19
+ # if spec.respond_to?(:metadata)
20
+ # spec.metadata["allowed_push_host"] = "https://github.com/imagov/keycloak.git"
21
+ # else
22
+ # raise "RubyGems 2.0 or newer is required to protect against " \
23
+ # "public gem pushes."
24
+ # end
25
+
26
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
27
+ f.match(%r{^(test|spec|features)/})
28
+ end
29
+ spec.bindir = "exe"
30
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
31
+ spec.require_paths = ["lib"]
32
+
33
+ spec.add_development_dependency "bundler", "~> 1.15"
34
+ spec.add_development_dependency "rake", "~> 10.0"
35
+ spec.add_development_dependency "rspec", "~> 3.0"
36
+ spec.add_development_dependency "rest-client"
37
+ spec.add_development_dependency "jwt"
38
+ spec.add_development_dependency "json"
39
+ end
@@ -0,0 +1,14 @@
1
+ class InitializerGenerator < Rails::Generators::Base
2
+ def create_initializer_file
3
+ create_file "config/initializers/keycloak.rb" do
4
+ proxy = ""
5
+ generate_request_exception = true
6
+ "# Set proxy to connect in keycloak server
7
+ Keycloak::proxy = #{proxy}
8
+ # If true, then all request exception will explode in application (this is the default value)
9
+ Keycloak::generate_request_exception = #{generate_request_exception}
10
+ # controller that manage the user session
11
+ Keycloak::keycloak_controller = 'session'"
12
+ end
13
+ end
14
+ end
data/lib/keycloak.rb ADDED
@@ -0,0 +1,509 @@
1
+ require "keycloak/version"
2
+ require 'rest-client'
3
+ require 'json'
4
+ require 'jwt'
5
+ require 'base64'
6
+ require 'uri'
7
+
8
+ module Keycloak
9
+
10
+ class << self
11
+ attr_accessor :proxy, :generate_request_exception, :keycloak_controller
12
+ end
13
+
14
+
15
+ def self.explode_exception
16
+ if Keycloak::generate_request_exception == nil
17
+ Keycloak::generate_request_exception = true
18
+ end
19
+ Keycloak::generate_request_exception
20
+ end
21
+
22
+ module Client
23
+
24
+ class << self
25
+ attr_reader :user, :password, :realm, :url, :client_id, :auth_server_url,
26
+ :secret, :configuration, :public_key, :decoded_access_token,
27
+ :token, :token_introspection, :decoded_refresh_token,
28
+ :active, :decoded_id_token, :userinfo
29
+
30
+ attr_accessor :external_attributes
31
+ end
32
+
33
+ KEYCLOAK_JSON_FILE = 'keycloak.json'
34
+
35
+ def self.get_token(user, password)
36
+ setup_module
37
+ reset_active
38
+
39
+ @user, @password = user, password
40
+
41
+ payload = {'client_id' => @client_id,
42
+ 'client_secret' => @secret,
43
+ 'username' => @user,
44
+ 'password' => @password,
45
+ 'grant_type' => 'password'
46
+ }
47
+
48
+ mount_request_token(payload)
49
+ end
50
+
51
+ def self.get_token_by_code(code, redirect_uri)
52
+ reset_active
53
+
54
+ payload = {'client_id' => @client_id,
55
+ 'client_secret' => @secret,
56
+ 'code' => code,
57
+ 'grant_type' => 'authorization_code',
58
+ 'redirect_uri' => redirect_uri
59
+ }
60
+
61
+ mount_request_token(payload)
62
+ end
63
+
64
+ def self.get_token_introspection(refresh = false)
65
+ reset_active(false)
66
+ unless refresh
67
+ payload = {'token' => @token["access_token"]}
68
+ else
69
+ payload = {'token' => @token["refresh_token"]}
70
+ end
71
+
72
+ authorization = Base64.strict_encode64("#{@client_id}:#{@secret}")
73
+ authorization = "Basic #{authorization}"
74
+
75
+ header = {'Content-Type' => 'application/x-www-form-urlencoded',
76
+ 'authorization' => authorization}
77
+
78
+ _request = -> do
79
+ RestClient.post(@configuration['token_introspection_endpoint'], payload, header){|response, request, result|
80
+ case response.code
81
+ when 200..399
82
+ @token_introspection = JSON response.body
83
+ @active = @token_introspection['active']
84
+ @token_introspection
85
+ else
86
+ response.return!
87
+ end
88
+ if !@active
89
+ reset_active
90
+ end
91
+ }
92
+ end
93
+
94
+ exec_request _request
95
+ end
96
+
97
+ def self.url_login_redirect(redirect_uri, response_type = 'code')
98
+ p = URI.encode_www_form({:response_type => response_type, :client_id => @client_id, :redirect_uri => redirect_uri})
99
+ "#{@configuration['authorization_endpoint']}?#{p}"
100
+ end
101
+
102
+ def self.logout(redirect_uri = '')
103
+ if @token
104
+ payload = {'client_id' => @client_id,
105
+ 'client_secret' => @secret,
106
+ 'refresh_token' => @token["refresh_token"]
107
+ }
108
+
109
+ header = {'Content-Type' => 'application/x-www-form-urlencoded'}
110
+
111
+ if redirect_uri.empty?
112
+ final_url = @configuration['end_session_endpoint']
113
+ else
114
+ final_url = "#{@configuration['end_session_endpoint']}?#{URI.encode_www_form({:redirect_uri => redirect_uri})}"
115
+ end
116
+
117
+ _request = -> do
118
+ RestClient.post(final_url, payload, header){|response, request, result|
119
+ case response.code
120
+ when 200..399
121
+ reset_active
122
+ true
123
+ else
124
+ response.return!
125
+ end
126
+ }
127
+ end
128
+
129
+ exec_request _request
130
+ else
131
+ true
132
+ end
133
+ end
134
+
135
+ def self.get_userinfo
136
+ payload = {'access_token' => @token["access_token"]}
137
+
138
+ header = {'Content-Type' => 'application/x-www-form-urlencoded'}
139
+
140
+ _request = -> do
141
+ RestClient.post(@configuration['userinfo_endpoint'], payload, header){|response, request, result|
142
+ case response.code
143
+ when 200
144
+ @userinfo = JSON response.body
145
+ @userinfo
146
+ else
147
+ response.return!
148
+ end
149
+ }
150
+ end
151
+
152
+ exec_request _request
153
+ end
154
+
155
+ def self.url_user_account
156
+ "#{@url}/realms/#{@realm}/account"
157
+ end
158
+
159
+ def self.get_installation
160
+ if File.exists?(KEYCLOAK_JSON_FILE)
161
+ installation = JSON File.read(KEYCLOAK_JSON_FILE)
162
+ @realm = installation["realm"]
163
+ @url = installation["auth-server-url"]
164
+ @client_id = installation["resource"]
165
+ @secret = installation["credentials"]["secret"]
166
+ @public_key = installation["realm-public-key"]
167
+ @auth_server_url = installation["auth-server-url"]
168
+ reset_active
169
+ openid_configuration
170
+ else
171
+ raise "#{KEYCLOAK_JSON_FILE} not found."
172
+ end
173
+ end
174
+
175
+ def self.has_role?(userRole)
176
+ if user_signed_in?
177
+ dt = @decoded_access_token[0]
178
+ dt = dt["resource_access"][@client_id]
179
+ if dt != nil
180
+ dt["roles"].each do |role|
181
+ return true if role.to_s == userRole.to_s
182
+ end
183
+ false
184
+ else
185
+ false
186
+ end
187
+ else
188
+ false
189
+ end
190
+ end
191
+
192
+ def self.user_signed_in?
193
+ begin
194
+ get_token_introspection['active']
195
+ rescue
196
+ @active
197
+ end
198
+ end
199
+
200
+ def self.get_attribute(attributeName)
201
+ attr = @decoded_access_token[0]
202
+ attr[attributeName]
203
+ end
204
+
205
+ private
206
+
207
+ KEYCLOACK_CONTROLLER_DEFAULT = 'session'
208
+
209
+ def self.setup_module
210
+ Keycloak::proxy ||= ''
211
+ Keycloak::keycloak_controller ||= KEYCLOACK_CONTROLLER_DEFAULT
212
+ get_installation
213
+ end
214
+
215
+ def self.exec_request(proc_request)
216
+ if Keycloak::explode_exception
217
+ proc_request.call
218
+ else
219
+ begin
220
+ proc_request.call
221
+ rescue RestClient::ExceptionWithResponse => err
222
+ err.response
223
+ end
224
+ end
225
+ end
226
+
227
+ def self.openid_configuration
228
+ RestClient.proxy = Keycloak::proxy unless Keycloak::proxy.empty?
229
+ full_url = "#{@url}/realms/#{@realm}/.well-known/openid-configuration"
230
+ _request = -> do
231
+ RestClient.get full_url
232
+ end
233
+ response = exec_request _request
234
+ if response.code == 200
235
+ @configuration = JSON response.body
236
+ else
237
+ response.return!
238
+ end
239
+ end
240
+
241
+ def self.reset_active(resetExternalAttributes = true)
242
+ @active = false
243
+ @userinfo = nil
244
+ if resetExternalAttributes
245
+ @external_attributes = nil
246
+ end
247
+ end
248
+
249
+ def self.mount_request_token(payload)
250
+ header = {'Content-Type' => 'application/x-www-form-urlencoded'}
251
+
252
+ _request = -> do
253
+ RestClient.post(@configuration['token_endpoint'], payload, header){|response, request, result|
254
+ case response.code
255
+ when 200
256
+ @active = true
257
+ @token = JSON response.body
258
+ @decoded_access_token = JWT.decode @token["access_token"], @public_key, false, { :algorithm => 'RS256' }
259
+ @decoded_refresh_token = JWT.decode @token["refresh_token"], @public_key, false, { :algorithm => 'RS256' }
260
+ if @token["id_token"]
261
+ @decoded_id_token = JWT.decode @token["id_token"], @public_key, false, { :algorithm => 'RS256' }
262
+ end
263
+ Keycloak::Admin::setup_admin(@auth_server_url, @realm, @token["access_token"])
264
+ @token
265
+ else
266
+ response.return!
267
+ end
268
+ }
269
+ end
270
+
271
+ exec_request _request
272
+ end
273
+
274
+ end
275
+
276
+ # Os recursos desse module (admin) serão utilizadas apenas por usuários que possuem as roles do client realm-management
277
+ module Admin
278
+
279
+ class << self
280
+ attr_reader :access_token, :auth_server_url, :realm, :last_response
281
+ end
282
+
283
+ def self.setup_admin(auth_server_url, realm, access_token)
284
+ @auth_server_url = auth_server_url
285
+ @access_token = access_token
286
+ @realm = realm
287
+ end
288
+
289
+ def self.get_users( queryParameters = nil)
290
+ generic_get("users/", queryParameters)
291
+ end
292
+
293
+ def self.create_user(userRepresentation)
294
+ generic_post("users/", nil, userRepresentation)
295
+ end
296
+
297
+ def self.count_users
298
+ generic_get("users/count/")
299
+ end
300
+
301
+ def self.get_user(id)
302
+ generic_get("users/#{id}")
303
+ end
304
+
305
+ def self.update_user(id, userRepresentation)
306
+ generic_put("users/#{id}", nil, userRepresentation)
307
+ end
308
+
309
+ def self.delete_user(id)
310
+ generic_delete("users/#{id}")
311
+ end
312
+
313
+ def self.revoke_consent_user(id, clientID = nil)
314
+ if !clientID
315
+ clientID = Keycloak::Client.client_id
316
+ end
317
+ generic_delete("users/#{id}/consents/#{clientID}")
318
+ end
319
+
320
+ def self.update_account_email(id, actions, redirectUri = '', clientID = nil)
321
+ generic_put("users/#{id}/execute-actions-email", {:redirect_uri => redirectUri, :client_id => clientID}, actions)
322
+ end
323
+
324
+ def self.get_role_mappings(id)
325
+ generic_get("users/#{id}/role-mappings")
326
+ end
327
+
328
+ def self.get_clients(queryParameters = nil)
329
+ generic_get("clients/", queryParameters)
330
+ end
331
+
332
+ def self.get_all_roles_client(id)
333
+ generic_get("clients/#{id}/roles")
334
+ end
335
+
336
+ def self.get_roles_client_by_name(id, roleName)
337
+ generic_get("clients/#{id}/roles/#{roleName}")
338
+ end
339
+
340
+ def self.add_client_level_roles_to_user(id, client, roleRepresentation)
341
+ generic_post("users/#{id}/role-mappings/clients/#{client}", nil, roleRepresentation)
342
+ end
343
+
344
+ def self.delete_client_level_roles_fom_user(id, client, roleRepresentation)
345
+ generic_delete("users/#{id}/role-mappings/clients/#{client}", nil, roleRepresentation)
346
+ end
347
+
348
+ def self.get_client_level_role_for_user_and_app(id, client)
349
+ generic_get("users/#{id}/role-mappings/clients/#{client}")
350
+ end
351
+
352
+ def self.update_effective_user_roles(id, clientID, rolesNames)
353
+ client = JSON get_clients({:clientId => clientID})
354
+
355
+ userRoles = JSON get_client_level_role_for_user_and_app(id, client[0]['id'])
356
+
357
+ roles = Array.new
358
+ # Include new role
359
+ rolesNames.each do |r|
360
+ if r && !r.empty?
361
+ found = false
362
+ userRoles.each do |ur|
363
+ found = ur['name'] == r
364
+ break if found
365
+ found = false
366
+ end
367
+ if !found
368
+ role = JSON get_roles_client_by_name(client[0]['id'], r)
369
+ roles.push(role)
370
+ end
371
+ end
372
+ end
373
+
374
+ garbageRoles = Array.new
375
+ # Exclude old role
376
+ userRoles.each do |ur|
377
+ found = false
378
+ rolesNames.each do |r|
379
+ if r && !r.empty?
380
+ found = ur['name'] == r
381
+ break if found
382
+ found = false
383
+ end
384
+ end
385
+ if !found
386
+ garbageRoles.push(ur)
387
+ end
388
+ end
389
+
390
+ if garbageRoles.count > 0
391
+ delete_client_level_roles_fom_user(id, client[0]['id'], garbageRoles)
392
+ end
393
+
394
+ if roles.count > 0
395
+ add_client_level_roles_to_user(id, client[0]['id'], roles)
396
+ end
397
+ end
398
+
399
+ def self.reset_password(id, credentialRepresentation)
400
+ generic_put("users/#{id}/reset-password", nil, credentialRepresentation)
401
+ end
402
+
403
+ # Generics methods
404
+
405
+ def self.generic_get(service, queryParameters = nil)
406
+ generic_request(service, queryParameters, nil, 'GET')
407
+ end
408
+
409
+ def self.generic_post(service, queryParameters, bodyParameter)
410
+ generic_request(service, queryParameters, bodyParameter, 'POST')
411
+ end
412
+
413
+ def self.generic_put(service, queryParameters, bodyParameter)
414
+ generic_request(service, queryParameters, bodyParameter, 'PUT')
415
+ end
416
+
417
+ def self.generic_delete(service, queryParameters = nil, bodyParameter = nil)
418
+ generic_request(service, queryParameters, bodyParameter, 'DELETE')
419
+ end
420
+
421
+ private
422
+
423
+ def self.base_url
424
+ @auth_server_url + "/admin/realms/#{@realm}/"
425
+ end
426
+
427
+ def self.generic_request(service, queryParameters, bodyParameter, method)
428
+ final_url = base_url + service
429
+
430
+ header = {'Content-Type' => 'application/x-www-form-urlencoded',
431
+ 'Authorization' => "Bearer #{@access_token}"}
432
+
433
+ if queryParameters
434
+ parameters = URI.encode_www_form(queryParameters)
435
+ final_url = final_url << '?' << parameters
436
+ end
437
+
438
+ case method.upcase
439
+ when 'GET'
440
+ _request = -> do
441
+ RestClient.get(final_url, header){|response, request, result|
442
+ rescue_response(response)
443
+ }
444
+ end
445
+ when 'POST', 'PUT'
446
+ header["Content-Type"] = 'application/json'
447
+ parameters = JSON.generate bodyParameter
448
+ _request = -> do
449
+ case method.upcase
450
+ when 'POST'
451
+ RestClient.post(final_url, parameters, header){|response, request, result|
452
+ rescue_response(response)
453
+ }
454
+ else
455
+ RestClient.put(final_url, parameters, header){|response, request, result|
456
+ rescue_response(response)
457
+ }
458
+ end
459
+ end
460
+ when 'DELETE'
461
+ _request = -> do
462
+ if bodyParameter
463
+ header["Content-Type"] = 'application/json'
464
+ parameters = JSON.generate bodyParameter
465
+ RestClient::Request.execute(method: :delete, url: final_url,
466
+ payload: parameters, headers: header){|response, request, result|
467
+ rescue_response(response)
468
+ }
469
+ else
470
+ RestClient.delete(final_url, header){|response, request, result|
471
+ rescue_response(response)
472
+ }
473
+ end
474
+ end
475
+ else
476
+ raise
477
+ end
478
+
479
+ _request.call
480
+
481
+ end
482
+
483
+ def self.rescue_response(response)
484
+ @last_response = response
485
+ case @last_response.code
486
+ when 200..399
487
+ if @last_response.body.empty?
488
+ true
489
+ else
490
+ @last_response.body
491
+ end
492
+ else
493
+ if Keycloak::explode_exception
494
+ @last_response.return!
495
+ else
496
+ begin
497
+ @last_response.return!
498
+ rescue RestClient::ExceptionWithResponse => err
499
+ err.response
500
+ rescue Exception => e
501
+ e.message
502
+ end
503
+ end
504
+ end
505
+ end
506
+
507
+ end
508
+
509
+ end
@@ -0,0 +1,3 @@
1
+ module Keycloak
2
+ VERSION = "1.0.0"
3
+ end
metadata ADDED
@@ -0,0 +1,142 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: keycloak
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Guilherme Portugues
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2017-08-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.15'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.15'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rspec
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '3.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '3.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rest-client
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: jwt
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: json
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ description:
98
+ email:
99
+ - g_portugues@hotmail.com
100
+ executables: []
101
+ extensions: []
102
+ extra_rdoc_files: []
103
+ files:
104
+ - ".gitignore"
105
+ - ".rspec"
106
+ - ".travis.yml"
107
+ - CODE_OF_CONDUCT.md
108
+ - Gemfile
109
+ - LICENSE.txt
110
+ - README.md
111
+ - Rakefile
112
+ - bin/console
113
+ - bin/setup
114
+ - keycloak.gemspec
115
+ - lib/generators/initializer_generator.rb
116
+ - lib/keycloak.rb
117
+ - lib/keycloak/version.rb
118
+ homepage: https://github.com/imagov/keycloak.git
119
+ licenses:
120
+ - MIT
121
+ metadata: {}
122
+ post_install_message:
123
+ rdoc_options: []
124
+ require_paths:
125
+ - lib
126
+ required_ruby_version: !ruby/object:Gem::Requirement
127
+ requirements:
128
+ - - ">="
129
+ - !ruby/object:Gem::Version
130
+ version: '0'
131
+ required_rubygems_version: !ruby/object:Gem::Requirement
132
+ requirements:
133
+ - - ">="
134
+ - !ruby/object:Gem::Version
135
+ version: '0'
136
+ requirements: []
137
+ rubyforge_project:
138
+ rubygems_version: 2.6.8
139
+ signing_key:
140
+ specification_version: 4
141
+ summary: Add authentication to applications and secure services with Keycloak
142
+ test_files: []