keycloak 3.0.0 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -1
- data/keycloak.gemspec +3 -3
- data/lib/generators/keycloak.rb +2 -2
- data/lib/keycloak.rb +62 -5
- data/lib/keycloak/version.rb +1 -1
- metadata +15 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 31c0cf08f09237855b198e4128d3e8b6419d3a404fafd413c2043015a6d7a4c9
|
|
4
|
+
data.tar.gz: f2265af7c22257d307b1bfe6bea0fca0db01dc5d8ecb6dd9a0374685c75821a8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b341ebe39b5cf767604c7b673300b1b14a27dac0f34d15c5afa7edf99d705d7cf3c3970345de2d9dbb4a4093ee1282b101a57840a0273e02386b9d317fb14510
|
|
7
|
+
data.tar.gz: cab5a14532198339f832690908a44dacea2072765603f770bfe103e07680e051a717438266616edda967b1902bd17ca271690536a0faa9459051b6af3c079733
|
data/.gitignore
CHANGED
data/keycloak.gemspec
CHANGED
|
@@ -33,7 +33,7 @@ Gem::Specification.new do |spec|
|
|
|
33
33
|
spec.add_development_dependency "bundler", "~> 1.15"
|
|
34
34
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
35
35
|
spec.add_development_dependency "rspec", "~> 3.0"
|
|
36
|
-
spec.add_runtime_dependency "rest-client"
|
|
37
|
-
spec.add_runtime_dependency "jwt"
|
|
38
|
-
spec.add_runtime_dependency "json"
|
|
36
|
+
spec.add_runtime_dependency "rest-client", "2.1.0"
|
|
37
|
+
spec.add_runtime_dependency "jwt", "2.2.1"
|
|
38
|
+
spec.add_runtime_dependency "json", "2.3.0"
|
|
39
39
|
end
|
data/lib/generators/keycloak.rb
CHANGED
|
@@ -4,9 +4,9 @@ Keycloak.proxy = ''
|
|
|
4
4
|
Keycloak.generate_request_exception = true
|
|
5
5
|
# controller that manage the user session
|
|
6
6
|
Keycloak.keycloak_controller = 'session'
|
|
7
|
-
#
|
|
7
|
+
# realm name (only if the installation file is not present)
|
|
8
8
|
Keycloak.realm = ''
|
|
9
|
-
#
|
|
9
|
+
# realm url (only if the installation file is not present)
|
|
10
10
|
Keycloak.auth_server_url = ''
|
|
11
11
|
# The introspect of the token will be executed every time the Keycloak::Client.has_role? method is invoked, if this setting is set to true.
|
|
12
12
|
Keycloak.validate_token_when_call_has_role = false
|
data/lib/keycloak.rb
CHANGED
|
@@ -53,12 +53,12 @@ module Keycloak
|
|
|
53
53
|
'client_secret' => secret,
|
|
54
54
|
'username' => user,
|
|
55
55
|
'password' => password,
|
|
56
|
-
'grant_type' => 'password'
|
|
56
|
+
'grant_type' => 'password'}
|
|
57
57
|
|
|
58
58
|
mount_request_token(payload)
|
|
59
59
|
end
|
|
60
60
|
|
|
61
|
-
def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '')
|
|
61
|
+
def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '', client_session_state = '', client_session_host = '')
|
|
62
62
|
verify_setup
|
|
63
63
|
|
|
64
64
|
client_id = @client_id if isempty?(client_id)
|
|
@@ -68,7 +68,9 @@ module Keycloak
|
|
|
68
68
|
'client_secret' => secret,
|
|
69
69
|
'code' => code,
|
|
70
70
|
'grant_type' => 'authorization_code',
|
|
71
|
-
'redirect_uri' => redirect_uri
|
|
71
|
+
'redirect_uri' => redirect_uri,
|
|
72
|
+
'client_session_state' => client_session_state,
|
|
73
|
+
'client_session_host' => client_session_host}
|
|
72
74
|
|
|
73
75
|
mount_request_token(payload)
|
|
74
76
|
end
|
|
@@ -80,7 +82,13 @@ module Keycloak
|
|
|
80
82
|
secret = @secret if isempty?(secret)
|
|
81
83
|
token_endpoint = @configuration['token_endpoint'] if isempty?(token_endpoint)
|
|
82
84
|
|
|
83
|
-
payload = { 'client_id' => client_id,
|
|
85
|
+
payload = { 'client_id' => client_id,
|
|
86
|
+
'client_secret' => secret,
|
|
87
|
+
'audience' => client_id,
|
|
88
|
+
'grant_type' => 'urn:ietf:params:oauth:grant-type:token-exchange',
|
|
89
|
+
'subject_token_type' => 'urn:ietf:params:oauth:token-type:access_token',
|
|
90
|
+
'subject_issuer' => issuer,
|
|
91
|
+
'subject_token' => issuer_token}
|
|
84
92
|
header = { 'Content-Type' => 'application/x-www-form-urlencoded' }
|
|
85
93
|
_request = -> do
|
|
86
94
|
RestClient.post(token_endpoint, payload, header){|response, request, result|
|
|
@@ -333,7 +341,7 @@ module Keycloak
|
|
|
333
341
|
@public_key = installation["realm-public-key"]
|
|
334
342
|
@auth_server_url = installation["auth-server-url"]
|
|
335
343
|
else
|
|
336
|
-
raise "#{Keycloak.installation_file} and
|
|
344
|
+
raise "#{Keycloak.installation_file} and realm settings not found." if isempty?(Keycloak.realm) || isempty?(Keycloak.auth_server_url)
|
|
337
345
|
|
|
338
346
|
@realm = Keycloak.realm
|
|
339
347
|
@auth_server_url = Keycloak.auth_server_url
|
|
@@ -414,6 +422,10 @@ module Keycloak
|
|
|
414
422
|
generic_get("users/", query_parameters, access_token)
|
|
415
423
|
end
|
|
416
424
|
|
|
425
|
+
def self.get_users_by_group(id, query_parameters = nil, access_token = nil)
|
|
426
|
+
generic_get("groups/#{id}/members", query_parameters, access_token)
|
|
427
|
+
end
|
|
428
|
+
|
|
417
429
|
def self.create_user(user_representation, access_token = nil)
|
|
418
430
|
generic_post("users/", nil, user_representation, access_token)
|
|
419
431
|
end
|
|
@@ -452,6 +464,14 @@ module Keycloak
|
|
|
452
464
|
generic_get("groups/", query_parameters, access_token)
|
|
453
465
|
end
|
|
454
466
|
|
|
467
|
+
def self.get_users_by_role_name(role_name, query_parameters = nil, access_token = nil)
|
|
468
|
+
generic_get("roles/#{role_name}/users", query_parameters, access_token)
|
|
469
|
+
end
|
|
470
|
+
|
|
471
|
+
def self.get_groups_by_role_name(role_name, query_parameters = nil, access_token = nil)
|
|
472
|
+
generic_get("roles/#{role_name}/groups", query_parameters, access_token)
|
|
473
|
+
end
|
|
474
|
+
|
|
455
475
|
def self.get_clients(query_parameters = nil, access_token = nil)
|
|
456
476
|
generic_get("clients/", query_parameters, access_token)
|
|
457
477
|
end
|
|
@@ -464,6 +484,10 @@ module Keycloak
|
|
|
464
484
|
generic_get("clients/#{id}/roles/#{role_name}", nil, access_token)
|
|
465
485
|
end
|
|
466
486
|
|
|
487
|
+
def self.get_users_client_by_role_name(id, role_name, access_token = nil)
|
|
488
|
+
generic_get("clients/#{id}/roles/#{role_name}/users", nil, access_token)
|
|
489
|
+
end
|
|
490
|
+
|
|
467
491
|
def self.add_client_level_roles_to_user(id, client, role_representation, access_token = nil)
|
|
468
492
|
generic_post("users/#{id}/role-mappings/clients/#{client}", nil, role_representation, access_token)
|
|
469
493
|
end
|
|
@@ -585,6 +609,17 @@ module Keycloak
|
|
|
585
609
|
default_call(proc, client_id, secret)
|
|
586
610
|
end
|
|
587
611
|
|
|
612
|
+
def self.get_users_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
|
|
613
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
614
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
615
|
+
|
|
616
|
+
proc = lambda do |token|
|
|
617
|
+
Keycloak::Admin.get_users_by_role_name(role_name, query_parameters, token['access_token'])
|
|
618
|
+
end
|
|
619
|
+
|
|
620
|
+
default_call(proc, client_id, secret)
|
|
621
|
+
end
|
|
622
|
+
|
|
588
623
|
def self.get_groups(query_parameters = nil, client_id = '', secret = '')
|
|
589
624
|
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
590
625
|
secret = Keycloak::Client.secret if isempty?(secret)
|
|
@@ -596,6 +631,28 @@ module Keycloak
|
|
|
596
631
|
default_call(proc, client_id, secret)
|
|
597
632
|
end
|
|
598
633
|
|
|
634
|
+
def self.get_groups_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
|
|
635
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
636
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
637
|
+
|
|
638
|
+
proc = lambda do |token|
|
|
639
|
+
Keycloak::Admin.get_groups_by_role_name(role_name, query_parameters, token['access_token'])
|
|
640
|
+
end
|
|
641
|
+
|
|
642
|
+
default_call(proc, client_id, secret)
|
|
643
|
+
end
|
|
644
|
+
|
|
645
|
+
def self.get_users_by_group(id, query_parameters = nil, client_id = '', secret = '')
|
|
646
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
647
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
648
|
+
|
|
649
|
+
proc = lambda do |token|
|
|
650
|
+
Keycloak::Admin.get_users_by_group(id, query_parameters, token['access_token'])
|
|
651
|
+
end
|
|
652
|
+
|
|
653
|
+
default_call(proc, client_id, secret)
|
|
654
|
+
end
|
|
655
|
+
|
|
599
656
|
def self.change_password(user_id, redirect_uri = '', client_id = '', secret = '')
|
|
600
657
|
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
601
658
|
secret = Keycloak::Client.secret if isempty?(secret)
|
data/lib/keycloak/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: keycloak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Guilherme Portugues
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -56,44 +56,44 @@ dependencies:
|
|
|
56
56
|
name: rest-client
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- -
|
|
59
|
+
- - '='
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version:
|
|
61
|
+
version: 2.1.0
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- -
|
|
66
|
+
- - '='
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version:
|
|
68
|
+
version: 2.1.0
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: jwt
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
|
-
- -
|
|
73
|
+
- - '='
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version:
|
|
75
|
+
version: 2.2.1
|
|
76
76
|
type: :runtime
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
|
-
- -
|
|
80
|
+
- - '='
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version:
|
|
82
|
+
version: 2.2.1
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: json
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
|
-
- -
|
|
87
|
+
- - '='
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version:
|
|
89
|
+
version: 2.3.0
|
|
90
90
|
type: :runtime
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
|
-
- -
|
|
94
|
+
- - '='
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version:
|
|
96
|
+
version: 2.3.0
|
|
97
97
|
description:
|
|
98
98
|
email:
|
|
99
99
|
- g_portugues@hotmail.com
|
|
@@ -139,8 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
139
139
|
- !ruby/object:Gem::Version
|
|
140
140
|
version: '0'
|
|
141
141
|
requirements: []
|
|
142
|
-
|
|
143
|
-
rubygems_version: 2.7.7
|
|
142
|
+
rubygems_version: 3.0.3
|
|
144
143
|
signing_key:
|
|
145
144
|
specification_version: 4
|
|
146
145
|
summary: Add authentication to applications and secure services with Keycloak
|