keycloak_rack 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/main.yml +2 -1
- data/gemfiles/rack_only.gemfile.lock +47 -52
- data/gemfiles/rails_6_0.gemfile +0 -1
- data/gemfiles/rails_6_0.gemfile.lock +113 -118
- data/gemfiles/rails_6_1.gemfile +0 -1
- data/gemfiles/rails_6_1.gemfile.lock +118 -123
- data/keycloak_rack.gemspec +1 -1
- data/lib/keycloak_rack/authenticate.rb +7 -43
- data/lib/keycloak_rack/container.rb +8 -0
- data/lib/keycloak_rack/decode_and_verify.rb +51 -0
- data/lib/keycloak_rack/decoded_token.rb +18 -8
- data/lib/keycloak_rack/middleware.rb +1 -1
- data/lib/keycloak_rack/version.rb +1 -1
- data/lib/keycloak_rack/wrap_token.rb +58 -0
- metadata +7 -5
@@ -0,0 +1,58 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module KeycloakRack
|
4
|
+
# Wrap the result of {KeycloakRack::DecodeAndVerify#call} in a class that
|
5
|
+
# provides a unified interface for introspecting a Keycloak JWT.
|
6
|
+
class WrapToken
|
7
|
+
include Dry::Monads[:result]
|
8
|
+
|
9
|
+
# @param [Hash] payload
|
10
|
+
# @param [Hash] headers
|
11
|
+
# @return [Dry::Monads::Success(KeycloakRack::DecodedToken)]
|
12
|
+
def call(payload, headers)
|
13
|
+
raw_attributes = payload.merge(original_payload: payload, headers: headers)
|
14
|
+
|
15
|
+
Success DecodedToken.new raw_attributes
|
16
|
+
rescue Dry::Struct::Error => e
|
17
|
+
handle_struct_error e
|
18
|
+
rescue StandardError => e
|
19
|
+
unknown_failure e
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
|
24
|
+
# @param [Dry::Struct::Error] error
|
25
|
+
# @return [Dry::Monads::Failure]
|
26
|
+
def handle_struct_error(error)
|
27
|
+
cause = error.cause
|
28
|
+
|
29
|
+
case cause
|
30
|
+
when Dry::Types::MissingKeyError
|
31
|
+
claim = KeycloakRack::DecodedToken.maybe_unalias_key cause.key
|
32
|
+
|
33
|
+
wrap_failure "Missing expected JWT claim: #{claim}", error
|
34
|
+
when Dry::Types::SchemaError, Dry::Types::ConstraintError
|
35
|
+
# :nocov:
|
36
|
+
wrap_failure "Unexpected issue with JWT claim types", error
|
37
|
+
# :nocov:
|
38
|
+
else
|
39
|
+
# :nocov:
|
40
|
+
unknown_failure error
|
41
|
+
# :nocov:
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
# @param [Exception] error
|
46
|
+
# @return [Dry::Monads::Failure]
|
47
|
+
def unknown_failure(error)
|
48
|
+
wrap_failure "An unknown error occurred when decoding the token", error
|
49
|
+
end
|
50
|
+
|
51
|
+
# @param [String] message
|
52
|
+
# @param [Exception] error
|
53
|
+
# @return [Dry::Monads::Failure]
|
54
|
+
def wrap_failure(message, error)
|
55
|
+
Failure[:decoding_failed, message, error]
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: keycloak_rack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alexa Grey
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-02-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -282,14 +282,14 @@ dependencies:
|
|
282
282
|
requirements:
|
283
283
|
- - '='
|
284
284
|
- !ruby/object:Gem::Version
|
285
|
-
version: 2.
|
285
|
+
version: 2.19.0
|
286
286
|
type: :development
|
287
287
|
prerelease: false
|
288
288
|
version_requirements: !ruby/object:Gem::Requirement
|
289
289
|
requirements:
|
290
290
|
- - '='
|
291
291
|
- !ruby/object:Gem::Version
|
292
|
-
version: 2.
|
292
|
+
version: 2.19.0
|
293
293
|
- !ruby/object:Gem::Dependency
|
294
294
|
name: pry
|
295
295
|
requirement: !ruby/object:Gem::Requirement
|
@@ -534,6 +534,7 @@ files:
|
|
534
534
|
- lib/keycloak_rack/authorize_resource.rb
|
535
535
|
- lib/keycloak_rack/config.rb
|
536
536
|
- lib/keycloak_rack/container.rb
|
537
|
+
- lib/keycloak_rack/decode_and_verify.rb
|
537
538
|
- lib/keycloak_rack/decoded_token.rb
|
538
539
|
- lib/keycloak_rack/flexible_struct.rb
|
539
540
|
- lib/keycloak_rack/http_client.rb
|
@@ -550,6 +551,7 @@ files:
|
|
550
551
|
- lib/keycloak_rack/types.rb
|
551
552
|
- lib/keycloak_rack/version.rb
|
552
553
|
- lib/keycloak_rack/with_config.rb
|
554
|
+
- lib/keycloak_rack/wrap_token.rb
|
553
555
|
- spec/dummy/.ruby-version
|
554
556
|
- spec/dummy/README.md
|
555
557
|
- spec/dummy/Rakefile
|
@@ -609,7 +611,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
609
611
|
- !ruby/object:Gem::Version
|
610
612
|
version: '0'
|
611
613
|
requirements: []
|
612
|
-
rubygems_version: 3.2.
|
614
|
+
rubygems_version: 3.2.15
|
613
615
|
signing_key:
|
614
616
|
specification_version: 4
|
615
617
|
summary: Rack middleware for validating authorization tokens from Keycloak
|