keycloak_rack 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/main.yml +2 -1
- data/gemfiles/rack_only.gemfile.lock +47 -52
- data/gemfiles/rails_6_0.gemfile +0 -1
- data/gemfiles/rails_6_0.gemfile.lock +113 -118
- data/gemfiles/rails_6_1.gemfile +0 -1
- data/gemfiles/rails_6_1.gemfile.lock +118 -123
- data/keycloak_rack.gemspec +1 -1
- data/lib/keycloak_rack/authenticate.rb +7 -43
- data/lib/keycloak_rack/container.rb +8 -0
- data/lib/keycloak_rack/decode_and_verify.rb +51 -0
- data/lib/keycloak_rack/decoded_token.rb +18 -8
- data/lib/keycloak_rack/middleware.rb +1 -1
- data/lib/keycloak_rack/version.rb +1 -1
- data/lib/keycloak_rack/wrap_token.rb +58 -0
- metadata +7 -5
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module KeycloakRack
|
|
4
|
+
# Wrap the result of {KeycloakRack::DecodeAndVerify#call} in a class that
|
|
5
|
+
# provides a unified interface for introspecting a Keycloak JWT.
|
|
6
|
+
class WrapToken
|
|
7
|
+
include Dry::Monads[:result]
|
|
8
|
+
|
|
9
|
+
# @param [Hash] payload
|
|
10
|
+
# @param [Hash] headers
|
|
11
|
+
# @return [Dry::Monads::Success(KeycloakRack::DecodedToken)]
|
|
12
|
+
def call(payload, headers)
|
|
13
|
+
raw_attributes = payload.merge(original_payload: payload, headers: headers)
|
|
14
|
+
|
|
15
|
+
Success DecodedToken.new raw_attributes
|
|
16
|
+
rescue Dry::Struct::Error => e
|
|
17
|
+
handle_struct_error e
|
|
18
|
+
rescue StandardError => e
|
|
19
|
+
unknown_failure e
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
# @param [Dry::Struct::Error] error
|
|
25
|
+
# @return [Dry::Monads::Failure]
|
|
26
|
+
def handle_struct_error(error)
|
|
27
|
+
cause = error.cause
|
|
28
|
+
|
|
29
|
+
case cause
|
|
30
|
+
when Dry::Types::MissingKeyError
|
|
31
|
+
claim = KeycloakRack::DecodedToken.maybe_unalias_key cause.key
|
|
32
|
+
|
|
33
|
+
wrap_failure "Missing expected JWT claim: #{claim}", error
|
|
34
|
+
when Dry::Types::SchemaError, Dry::Types::ConstraintError
|
|
35
|
+
# :nocov:
|
|
36
|
+
wrap_failure "Unexpected issue with JWT claim types", error
|
|
37
|
+
# :nocov:
|
|
38
|
+
else
|
|
39
|
+
# :nocov:
|
|
40
|
+
unknown_failure error
|
|
41
|
+
# :nocov:
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# @param [Exception] error
|
|
46
|
+
# @return [Dry::Monads::Failure]
|
|
47
|
+
def unknown_failure(error)
|
|
48
|
+
wrap_failure "An unknown error occurred when decoding the token", error
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# @param [String] message
|
|
52
|
+
# @param [Exception] error
|
|
53
|
+
# @return [Dry::Monads::Failure]
|
|
54
|
+
def wrap_failure(message, error)
|
|
55
|
+
Failure[:decoding_failed, message, error]
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: keycloak_rack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexa Grey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-02-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -282,14 +282,14 @@ dependencies:
|
|
|
282
282
|
requirements:
|
|
283
283
|
- - '='
|
|
284
284
|
- !ruby/object:Gem::Version
|
|
285
|
-
version: 2.
|
|
285
|
+
version: 2.19.0
|
|
286
286
|
type: :development
|
|
287
287
|
prerelease: false
|
|
288
288
|
version_requirements: !ruby/object:Gem::Requirement
|
|
289
289
|
requirements:
|
|
290
290
|
- - '='
|
|
291
291
|
- !ruby/object:Gem::Version
|
|
292
|
-
version: 2.
|
|
292
|
+
version: 2.19.0
|
|
293
293
|
- !ruby/object:Gem::Dependency
|
|
294
294
|
name: pry
|
|
295
295
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -534,6 +534,7 @@ files:
|
|
|
534
534
|
- lib/keycloak_rack/authorize_resource.rb
|
|
535
535
|
- lib/keycloak_rack/config.rb
|
|
536
536
|
- lib/keycloak_rack/container.rb
|
|
537
|
+
- lib/keycloak_rack/decode_and_verify.rb
|
|
537
538
|
- lib/keycloak_rack/decoded_token.rb
|
|
538
539
|
- lib/keycloak_rack/flexible_struct.rb
|
|
539
540
|
- lib/keycloak_rack/http_client.rb
|
|
@@ -550,6 +551,7 @@ files:
|
|
|
550
551
|
- lib/keycloak_rack/types.rb
|
|
551
552
|
- lib/keycloak_rack/version.rb
|
|
552
553
|
- lib/keycloak_rack/with_config.rb
|
|
554
|
+
- lib/keycloak_rack/wrap_token.rb
|
|
553
555
|
- spec/dummy/.ruby-version
|
|
554
556
|
- spec/dummy/README.md
|
|
555
557
|
- spec/dummy/Rakefile
|
|
@@ -609,7 +611,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
609
611
|
- !ruby/object:Gem::Version
|
|
610
612
|
version: '0'
|
|
611
613
|
requirements: []
|
|
612
|
-
rubygems_version: 3.2.
|
|
614
|
+
rubygems_version: 3.2.15
|
|
613
615
|
signing_key:
|
|
614
616
|
specification_version: 4
|
|
615
617
|
summary: Rack middleware for validating authorization tokens from Keycloak
|