keycloak_rails 1.0.0.pre.beta → 1.0.0.pre.beta.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -12
- data/Rakefile +4 -2
- data/lib/app/models/keycloak_rails/concerns/sso_recipient.rb +4 -2
- data/lib/app/models/keycloak_rails/sso.rb +3 -1
- data/lib/generators/keycloak_rails/config/config_generator.rb +2 -2
- data/lib/generators/keycloak_rails/install/install_generator.rb +5 -5
- data/lib/keycloak_rails/client.rb +7 -5
- data/lib/keycloak_rails/controller/helpers.rb +3 -1
- data/lib/keycloak_rails/controller/magic_links.rb +2 -2
- data/lib/keycloak_rails/controller/omniauth.rb +0 -1
- data/lib/keycloak_rails/controller/registrations.rb +6 -4
- data/lib/keycloak_rails/controller/sessions.rb +2 -1
- data/lib/keycloak_rails/controller/unlocks.rb +0 -1
- data/lib/keycloak_rails/curl.rb +1 -1
- data/lib/keycloak_rails/user.rb +1 -0
- data/lib/keycloak_rails/version.rb +3 -1
- metadata +59 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 98a0ecf5db2abf6298d50a58478da3bdc91134c02444097faba3b2e010c558fd
|
4
|
+
data.tar.gz: 74ac6dd209b07faffae9aceeaea82cf499fdc16f9980f78cd0f1dc314d93ec64
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7beab89686351e4e50bf9b01b4a110816bf0f66cca3467cfe1a597478b3e3b2e8559b980330a4cf51e83d9fcce080761542769fec3ceceb0ffd6297c4ab47872
|
7
|
+
data.tar.gz: 43ca92304b4f19843800a3d14fcaaef92042ea325be158129503f8fa543e5e94b8ecb5403554a2999bb55489f11580262978f821f7e64b167ecaf3f33df1f73c
|
data/README.md
CHANGED
@@ -1,3 +1,9 @@
|
|
1
|
+
[![Gem Version](https://badge.fury.io/rb/keycloak_rails.svg)](https://badge.fury.io/rb/keycloak_rails)
|
2
|
+
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
|
3
|
+
[![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop/rubocop)
|
4
|
+
[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-%23FE5196?logo=conventionalcommits&logoColor=white)](https://conventionalcommits.org)
|
5
|
+
[![unstable](http://badges.github.io/stability-badges/dist/unstable.svg)](http://github.com/badges/stability-badges)
|
6
|
+
|
1
7
|
# KeycloakRails
|
2
8
|
Keycloak_rails is an api wrapper for open source project [Keycloak](https://www.keycloak.org/)
|
3
9
|
|
@@ -165,19 +171,8 @@ end
|
|
165
171
|
|
166
172
|
#### KeycloakRails::Client
|
167
173
|
|
168
|
-
|
169
|
-
## Architecte plan
|
170
|
-
|
171
|
-
### Engine Strecture
|
172
|
-
<img width="573" alt="Screen Shot 2022-11-20 at 1 11 50 AM" src="https://user-images.githubusercontent.com/84993125/202890379-b7f8abe9-105c-4d7d-bdf8-c5768f4111af.png">
|
173
|
-
|
174
|
-
### Some use cases
|
175
|
-
|auth request|redirect|protected route request
|
176
|
-
|:-:|:-:|:-:|
|
177
|
-
|![auth request](https://user-images.githubusercontent.com/84993125/202890457-7d58c789-368a-4423-9064-4c50a8ffa296.png)|![redirect](https://user-images.githubusercontent.com/84993125/202890476-2420025e-0f23-4102-8a63-e961411eff16.png)|![protected route request](https://user-images.githubusercontent.com/84993125/202890490-854bda28-2dd3-41b8-8f06-ce80de4825e9.png)
|
178
|
-
|
179
174
|
## Contributing
|
180
|
-
|
175
|
+
refer to [CONTRIBUTING.md](https://github.com/Laborocity/keycloak_rails/blob/main/CONTRIBUTING.md) .
|
181
176
|
|
182
177
|
## License
|
183
178
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
data/Rakefile
CHANGED
@@ -1,12 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module KeycloakRails
|
2
4
|
module SsoRecipient
|
3
5
|
extend ActiveSupport::Concern
|
4
6
|
|
5
7
|
included do
|
6
|
-
has_one :keycloak_rails_sso, as: :recipient, class_name:
|
8
|
+
has_one :keycloak_rails_sso, as: :recipient, class_name: '::KeycloakRails::Sso'
|
7
9
|
|
8
10
|
def sub
|
9
|
-
keycloak_rails_sso
|
11
|
+
keycloak_rails_sso&.sub
|
10
12
|
end
|
11
13
|
end
|
12
14
|
end
|
@@ -3,10 +3,10 @@
|
|
3
3
|
module KeycloakRails
|
4
4
|
module Generators
|
5
5
|
class ConfigGenerator < Rails::Generators::Base
|
6
|
-
source_root(
|
6
|
+
source_root(__dir__)
|
7
7
|
def copy_initializer
|
8
8
|
copy_file '../keycloak_rails.rb', 'config/initializers/keycloak_rails.rb'
|
9
9
|
end
|
10
10
|
end
|
11
11
|
end
|
12
|
-
end
|
12
|
+
end
|
@@ -3,15 +3,15 @@
|
|
3
3
|
module KeycloakRails
|
4
4
|
module Generators
|
5
5
|
class InstallGenerator < Rails::Generators::Base
|
6
|
-
source_root(
|
6
|
+
source_root(__dir__)
|
7
7
|
|
8
|
-
TABLE_NAME = 'keycloak_rails_sso'
|
8
|
+
TABLE_NAME = 'keycloak_rails_sso'
|
9
9
|
|
10
|
-
desc
|
10
|
+
desc 'Generates a name space SSO model to store user subs.'
|
11
11
|
|
12
12
|
def generate_keycloak_rails_model
|
13
|
-
generate :migration, "create_#{TABLE_NAME}",
|
13
|
+
generate :migration, "create_#{TABLE_NAME}", 'recipient:references{polymorphic}', 'sub:string:index'
|
14
14
|
end
|
15
15
|
end
|
16
16
|
end
|
17
|
-
end
|
17
|
+
end
|
@@ -16,7 +16,8 @@ module KeycloakRails
|
|
16
16
|
attributes: {}, groups: [], enabled: true }.to_json)
|
17
17
|
raise StandardError, request[:response] unless request[:status] == :ok
|
18
18
|
|
19
|
-
set_perm_password(email, password)
|
19
|
+
set_perm_password(email, password) unless password.nil? || password.empty?
|
20
|
+
request[:response]
|
20
21
|
end
|
21
22
|
|
22
23
|
def current_user_has_active_session?
|
@@ -51,7 +52,7 @@ module KeycloakRails
|
|
51
52
|
def update_user_attributes(user_id, attributes)
|
52
53
|
request = @curl.put(path: "/admin/realms/#{KeycloakRails.realm}/users/#{user_id}",
|
53
54
|
headers: { 'Authorization': client_token, 'Content-Type': 'application/json' },
|
54
|
-
body: attributes.to_json)
|
55
|
+
body: attributes.to_json(only: attributes.keys))
|
55
56
|
raise StandardError, request[:response] unless request[:status] == :ok
|
56
57
|
|
57
58
|
request[:response]
|
@@ -59,7 +60,7 @@ module KeycloakRails
|
|
59
60
|
|
60
61
|
def require_set_otp(user_email)
|
61
62
|
user = user_by_username(user_email)
|
62
|
-
required_actions = user['requiredActions'].push(
|
63
|
+
required_actions = user['requiredActions'].push('CONFIGURE_TOTP')
|
63
64
|
request = @curl.put(path: "/admin/realms/#{KeycloakRails.realm}/users/#{user['id']}",
|
64
65
|
headers: { 'Authorization': client_token, 'Content-Type': 'application/json' },
|
65
66
|
body: { "requiredActions": required_actions }.to_json)
|
@@ -78,8 +79,9 @@ module KeycloakRails
|
|
78
79
|
request[:response]
|
79
80
|
end
|
80
81
|
|
81
|
-
def get_magic_link(email:, redirect_uri:, expiration_seconds: 3600, force_create: false, send_email: false,
|
82
|
-
|
82
|
+
def get_magic_link(email:, redirect_uri:, expiration_seconds: 3600, force_create: false, send_email: false,
|
83
|
+
client_id: KeycloakRails.client_id)
|
84
|
+
request = @curl.post(path: "/realms/#{KeycloakRails.realm}/magic-link",
|
83
85
|
headers: { 'Authorization': client_token, 'Content-Type': 'application/json' },
|
84
86
|
body: { "email": email, "client_id": client_id,
|
85
87
|
"redirect_uri": redirect_uri, "expiration_seconds": expiration_seconds,
|
@@ -18,7 +18,9 @@ module KeycloakRails
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def ensure_active_session(accept_magic_link_handshake: false)
|
21
|
-
|
21
|
+
return if user_has_active_sso_session?(accept_magic_link_handshake: accept_magic_link_handshake)
|
22
|
+
|
23
|
+
redirect_to root_path
|
22
24
|
end
|
23
25
|
|
24
26
|
def ensure_no_active_session
|
@@ -9,8 +9,8 @@ module KeycloakRails
|
|
9
9
|
extend ActiveSupport::Concern
|
10
10
|
|
11
11
|
included do
|
12
|
-
|
13
|
-
|
12
|
+
def generate_magic_link(url:, email:, expiration_seconds: 3600, force_create: false, send_email: false,
|
13
|
+
client_id: KeycloakRails.client_id)
|
14
14
|
magic_link_obj = keycloak_client.get_magic_link(email: email,
|
15
15
|
redirect_uri: url,
|
16
16
|
expiration_seconds: expiration_seconds,
|
@@ -8,17 +8,18 @@ module KeycloakRails
|
|
8
8
|
extend ActiveSupport::Concern
|
9
9
|
|
10
10
|
included do
|
11
|
-
def create_or_find_sso_user(email:,
|
11
|
+
def create_or_find_sso_user(email:, first_name:, last_name:, password_confirmation: nil, set_session: true, password: nil)
|
12
12
|
user = keycloak_client.user_by_username(email)
|
13
13
|
if user
|
14
14
|
{ sso_sub: user['id'], email: email,
|
15
15
|
first_name: first_name, last_name: last_name }
|
16
16
|
else
|
17
|
-
create_sso_user(email: email, password: password, first_name: first_name, last_name: last_name,
|
17
|
+
create_sso_user(email: email, password: password, first_name: first_name, last_name: last_name,
|
18
|
+
password_confirmation: password_confirmation, set_session: set_session)
|
18
19
|
end
|
19
20
|
end
|
20
21
|
|
21
|
-
def create_sso_user(email:,
|
22
|
+
def create_sso_user(email:, first_name:, last_name:, password_confirmation: nil, set_session: true, password: nil)
|
22
23
|
raise StandardError, 'Passwords must match' if password_confirmation && password != password_confirmation
|
23
24
|
|
24
25
|
keycloak_client.create_user(email: email,
|
@@ -29,7 +30,8 @@ module KeycloakRails
|
|
29
30
|
tokens = keycloak_user.fetch_tokens(email: email, password: password)
|
30
31
|
set_auth_cookies(tokens)
|
31
32
|
end
|
32
|
-
|
33
|
+
user_sub = keycloak_client.user_by_username(email)['id']
|
34
|
+
{ sso_sub: user_sub, email: email,
|
33
35
|
first_name: first_name, last_name: last_name }
|
34
36
|
end
|
35
37
|
|
data/lib/keycloak_rails/curl.rb
CHANGED
@@ -51,7 +51,7 @@ module KeycloakRails
|
|
51
51
|
end
|
52
52
|
end
|
53
53
|
|
54
|
-
def response_to(request, message:
|
54
|
+
def response_to(request, message: '', status: :ok)
|
55
55
|
{ response: request.body && request.body != '' ? JSON.parse(request.body) : {}, message: message, status: status }
|
56
56
|
end
|
57
57
|
end
|
data/lib/keycloak_rails/user.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: keycloak_rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.pre.beta
|
4
|
+
version: 1.0.0.pre.beta.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Omar Luqman
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-12-
|
11
|
+
date: 2022-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dry-configurable
|
@@ -66,6 +66,62 @@ dependencies:
|
|
66
66
|
- - ">="
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: 6.0.3
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: fasterer
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: overcommit
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rubocop
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: rubocop-gitlab-security
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
69
125
|
description: A rails wrapper for open source SSO project Keycloak.
|
70
126
|
email:
|
71
127
|
- oluqman@nucleushealthcare.com
|
@@ -108,7 +164,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
108
164
|
requirements:
|
109
165
|
- - ">="
|
110
166
|
- !ruby/object:Gem::Version
|
111
|
-
version:
|
167
|
+
version: 2.6.0
|
112
168
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
113
169
|
requirements:
|
114
170
|
- - ">"
|