keycloak 3.0.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -1
- data/keycloak.gemspec +3 -3
- data/lib/generators/keycloak.rb +2 -2
- data/lib/keycloak.rb +62 -5
- data/lib/keycloak/version.rb +1 -1
- metadata +15 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 31c0cf08f09237855b198e4128d3e8b6419d3a404fafd413c2043015a6d7a4c9
|
|
4
|
+
data.tar.gz: f2265af7c22257d307b1bfe6bea0fca0db01dc5d8ecb6dd9a0374685c75821a8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b341ebe39b5cf767604c7b673300b1b14a27dac0f34d15c5afa7edf99d705d7cf3c3970345de2d9dbb4a4093ee1282b101a57840a0273e02386b9d317fb14510
|
|
7
|
+
data.tar.gz: cab5a14532198339f832690908a44dacea2072765603f770bfe103e07680e051a717438266616edda967b1902bd17ca271690536a0faa9459051b6af3c079733
|
data/.gitignore
CHANGED
data/keycloak.gemspec
CHANGED
|
@@ -33,7 +33,7 @@ Gem::Specification.new do |spec|
|
|
|
33
33
|
spec.add_development_dependency "bundler", "~> 1.15"
|
|
34
34
|
spec.add_development_dependency "rake", "~> 10.0"
|
|
35
35
|
spec.add_development_dependency "rspec", "~> 3.0"
|
|
36
|
-
spec.add_runtime_dependency "rest-client"
|
|
37
|
-
spec.add_runtime_dependency "jwt"
|
|
38
|
-
spec.add_runtime_dependency "json"
|
|
36
|
+
spec.add_runtime_dependency "rest-client", "2.1.0"
|
|
37
|
+
spec.add_runtime_dependency "jwt", "2.2.1"
|
|
38
|
+
spec.add_runtime_dependency "json", "2.3.0"
|
|
39
39
|
end
|
data/lib/generators/keycloak.rb
CHANGED
|
@@ -4,9 +4,9 @@ Keycloak.proxy = ''
|
|
|
4
4
|
Keycloak.generate_request_exception = true
|
|
5
5
|
# controller that manage the user session
|
|
6
6
|
Keycloak.keycloak_controller = 'session'
|
|
7
|
-
#
|
|
7
|
+
# realm name (only if the installation file is not present)
|
|
8
8
|
Keycloak.realm = ''
|
|
9
|
-
#
|
|
9
|
+
# realm url (only if the installation file is not present)
|
|
10
10
|
Keycloak.auth_server_url = ''
|
|
11
11
|
# The introspect of the token will be executed every time the Keycloak::Client.has_role? method is invoked, if this setting is set to true.
|
|
12
12
|
Keycloak.validate_token_when_call_has_role = false
|
data/lib/keycloak.rb
CHANGED
|
@@ -53,12 +53,12 @@ module Keycloak
|
|
|
53
53
|
'client_secret' => secret,
|
|
54
54
|
'username' => user,
|
|
55
55
|
'password' => password,
|
|
56
|
-
'grant_type' => 'password'
|
|
56
|
+
'grant_type' => 'password'}
|
|
57
57
|
|
|
58
58
|
mount_request_token(payload)
|
|
59
59
|
end
|
|
60
60
|
|
|
61
|
-
def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '')
|
|
61
|
+
def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '', client_session_state = '', client_session_host = '')
|
|
62
62
|
verify_setup
|
|
63
63
|
|
|
64
64
|
client_id = @client_id if isempty?(client_id)
|
|
@@ -68,7 +68,9 @@ module Keycloak
|
|
|
68
68
|
'client_secret' => secret,
|
|
69
69
|
'code' => code,
|
|
70
70
|
'grant_type' => 'authorization_code',
|
|
71
|
-
'redirect_uri' => redirect_uri
|
|
71
|
+
'redirect_uri' => redirect_uri,
|
|
72
|
+
'client_session_state' => client_session_state,
|
|
73
|
+
'client_session_host' => client_session_host}
|
|
72
74
|
|
|
73
75
|
mount_request_token(payload)
|
|
74
76
|
end
|
|
@@ -80,7 +82,13 @@ module Keycloak
|
|
|
80
82
|
secret = @secret if isempty?(secret)
|
|
81
83
|
token_endpoint = @configuration['token_endpoint'] if isempty?(token_endpoint)
|
|
82
84
|
|
|
83
|
-
payload = { 'client_id' => client_id,
|
|
85
|
+
payload = { 'client_id' => client_id,
|
|
86
|
+
'client_secret' => secret,
|
|
87
|
+
'audience' => client_id,
|
|
88
|
+
'grant_type' => 'urn:ietf:params:oauth:grant-type:token-exchange',
|
|
89
|
+
'subject_token_type' => 'urn:ietf:params:oauth:token-type:access_token',
|
|
90
|
+
'subject_issuer' => issuer,
|
|
91
|
+
'subject_token' => issuer_token}
|
|
84
92
|
header = { 'Content-Type' => 'application/x-www-form-urlencoded' }
|
|
85
93
|
_request = -> do
|
|
86
94
|
RestClient.post(token_endpoint, payload, header){|response, request, result|
|
|
@@ -333,7 +341,7 @@ module Keycloak
|
|
|
333
341
|
@public_key = installation["realm-public-key"]
|
|
334
342
|
@auth_server_url = installation["auth-server-url"]
|
|
335
343
|
else
|
|
336
|
-
raise "#{Keycloak.installation_file} and
|
|
344
|
+
raise "#{Keycloak.installation_file} and realm settings not found." if isempty?(Keycloak.realm) || isempty?(Keycloak.auth_server_url)
|
|
337
345
|
|
|
338
346
|
@realm = Keycloak.realm
|
|
339
347
|
@auth_server_url = Keycloak.auth_server_url
|
|
@@ -414,6 +422,10 @@ module Keycloak
|
|
|
414
422
|
generic_get("users/", query_parameters, access_token)
|
|
415
423
|
end
|
|
416
424
|
|
|
425
|
+
def self.get_users_by_group(id, query_parameters = nil, access_token = nil)
|
|
426
|
+
generic_get("groups/#{id}/members", query_parameters, access_token)
|
|
427
|
+
end
|
|
428
|
+
|
|
417
429
|
def self.create_user(user_representation, access_token = nil)
|
|
418
430
|
generic_post("users/", nil, user_representation, access_token)
|
|
419
431
|
end
|
|
@@ -452,6 +464,14 @@ module Keycloak
|
|
|
452
464
|
generic_get("groups/", query_parameters, access_token)
|
|
453
465
|
end
|
|
454
466
|
|
|
467
|
+
def self.get_users_by_role_name(role_name, query_parameters = nil, access_token = nil)
|
|
468
|
+
generic_get("roles/#{role_name}/users", query_parameters, access_token)
|
|
469
|
+
end
|
|
470
|
+
|
|
471
|
+
def self.get_groups_by_role_name(role_name, query_parameters = nil, access_token = nil)
|
|
472
|
+
generic_get("roles/#{role_name}/groups", query_parameters, access_token)
|
|
473
|
+
end
|
|
474
|
+
|
|
455
475
|
def self.get_clients(query_parameters = nil, access_token = nil)
|
|
456
476
|
generic_get("clients/", query_parameters, access_token)
|
|
457
477
|
end
|
|
@@ -464,6 +484,10 @@ module Keycloak
|
|
|
464
484
|
generic_get("clients/#{id}/roles/#{role_name}", nil, access_token)
|
|
465
485
|
end
|
|
466
486
|
|
|
487
|
+
def self.get_users_client_by_role_name(id, role_name, access_token = nil)
|
|
488
|
+
generic_get("clients/#{id}/roles/#{role_name}/users", nil, access_token)
|
|
489
|
+
end
|
|
490
|
+
|
|
467
491
|
def self.add_client_level_roles_to_user(id, client, role_representation, access_token = nil)
|
|
468
492
|
generic_post("users/#{id}/role-mappings/clients/#{client}", nil, role_representation, access_token)
|
|
469
493
|
end
|
|
@@ -585,6 +609,17 @@ module Keycloak
|
|
|
585
609
|
default_call(proc, client_id, secret)
|
|
586
610
|
end
|
|
587
611
|
|
|
612
|
+
def self.get_users_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
|
|
613
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
614
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
615
|
+
|
|
616
|
+
proc = lambda do |token|
|
|
617
|
+
Keycloak::Admin.get_users_by_role_name(role_name, query_parameters, token['access_token'])
|
|
618
|
+
end
|
|
619
|
+
|
|
620
|
+
default_call(proc, client_id, secret)
|
|
621
|
+
end
|
|
622
|
+
|
|
588
623
|
def self.get_groups(query_parameters = nil, client_id = '', secret = '')
|
|
589
624
|
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
590
625
|
secret = Keycloak::Client.secret if isempty?(secret)
|
|
@@ -596,6 +631,28 @@ module Keycloak
|
|
|
596
631
|
default_call(proc, client_id, secret)
|
|
597
632
|
end
|
|
598
633
|
|
|
634
|
+
def self.get_groups_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
|
|
635
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
636
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
637
|
+
|
|
638
|
+
proc = lambda do |token|
|
|
639
|
+
Keycloak::Admin.get_groups_by_role_name(role_name, query_parameters, token['access_token'])
|
|
640
|
+
end
|
|
641
|
+
|
|
642
|
+
default_call(proc, client_id, secret)
|
|
643
|
+
end
|
|
644
|
+
|
|
645
|
+
def self.get_users_by_group(id, query_parameters = nil, client_id = '', secret = '')
|
|
646
|
+
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
647
|
+
secret = Keycloak::Client.secret if isempty?(secret)
|
|
648
|
+
|
|
649
|
+
proc = lambda do |token|
|
|
650
|
+
Keycloak::Admin.get_users_by_group(id, query_parameters, token['access_token'])
|
|
651
|
+
end
|
|
652
|
+
|
|
653
|
+
default_call(proc, client_id, secret)
|
|
654
|
+
end
|
|
655
|
+
|
|
599
656
|
def self.change_password(user_id, redirect_uri = '', client_id = '', secret = '')
|
|
600
657
|
client_id = Keycloak::Client.client_id if isempty?(client_id)
|
|
601
658
|
secret = Keycloak::Client.secret if isempty?(secret)
|
data/lib/keycloak/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: keycloak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Guilherme Portugues
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -56,44 +56,44 @@ dependencies:
|
|
|
56
56
|
name: rest-client
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- -
|
|
59
|
+
- - '='
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version:
|
|
61
|
+
version: 2.1.0
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- -
|
|
66
|
+
- - '='
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version:
|
|
68
|
+
version: 2.1.0
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: jwt
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
|
-
- -
|
|
73
|
+
- - '='
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version:
|
|
75
|
+
version: 2.2.1
|
|
76
76
|
type: :runtime
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
|
-
- -
|
|
80
|
+
- - '='
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version:
|
|
82
|
+
version: 2.2.1
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: json
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
|
-
- -
|
|
87
|
+
- - '='
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version:
|
|
89
|
+
version: 2.3.0
|
|
90
90
|
type: :runtime
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
|
-
- -
|
|
94
|
+
- - '='
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version:
|
|
96
|
+
version: 2.3.0
|
|
97
97
|
description:
|
|
98
98
|
email:
|
|
99
99
|
- g_portugues@hotmail.com
|
|
@@ -139,8 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
139
139
|
- !ruby/object:Gem::Version
|
|
140
140
|
version: '0'
|
|
141
141
|
requirements: []
|
|
142
|
-
|
|
143
|
-
rubygems_version: 2.7.7
|
|
142
|
+
rubygems_version: 3.0.3
|
|
144
143
|
signing_key:
|
|
145
144
|
specification_version: 4
|
|
146
145
|
summary: Add authentication to applications and secure services with Keycloak
|