omniauth-keycloak 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -3
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/keycloak/version.rb +5 -0
- data/lib/omniauth/strategies/keycloak-openid.rb +77 -0
- data/lib/omniauth-keycloak.rb +2 -0
- data/omniauth-keycloak.gemspec +4 -2
- metadata +8 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ee24a3af9bf792c089adf90c7cb4d283b9bf2c390828ff022344b5588dcddef2
|
|
4
|
+
data.tar.gz: 8e4404c638641547591ca1ec38b499efa03198cfd04aad7734d78bba144ed5c2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e66fd26b40742d97daf9cd28a2469fdb6349b7ccd94178ba6c06a2973fa368048e1a9a78200115f821b92e72324b5b492482a5b6ab6262413a2fec1e1bef97e5
|
|
7
|
+
data.tar.gz: b314bd271ccc280d1d244237300e482c7c58a059c742c9f4baff1517031fcfdff0f7c85aca6fcc1e0c4325977cb2c64e2f0aa1863240222a4cedf9a4809f2e30
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
omniauth-keycloak (1.0.
|
|
4
|
+
omniauth-keycloak (1.0.1)
|
|
5
5
|
json-jwt (~> 1.9.4)
|
|
6
6
|
omniauth (~> 1.8.1)
|
|
7
7
|
omniauth-oauth2 (~> 1.5.0)
|
|
@@ -18,7 +18,7 @@ GEM
|
|
|
18
18
|
public_suffix (>= 2.0.2, < 4.0)
|
|
19
19
|
aes_key_wrap (1.0.1)
|
|
20
20
|
bindata (2.4.4)
|
|
21
|
-
concurrent-ruby (1.
|
|
21
|
+
concurrent-ruby (1.1.3)
|
|
22
22
|
crack (0.4.3)
|
|
23
23
|
safe_yaml (~> 1.0.0)
|
|
24
24
|
diff-lcs (1.3)
|
|
@@ -52,7 +52,7 @@ GEM
|
|
|
52
52
|
oauth2 (~> 1.1)
|
|
53
53
|
omniauth (~> 1.2)
|
|
54
54
|
public_suffix (3.0.3)
|
|
55
|
-
rack (2.0.
|
|
55
|
+
rack (2.0.6)
|
|
56
56
|
rake (10.5.0)
|
|
57
57
|
rspec (3.8.0)
|
|
58
58
|
rspec-core (~> 3.8.0)
|
data/bin/console
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require "bundler/setup"
|
|
4
|
+
require "omniauth/omniauth-keycloak"
|
|
5
|
+
|
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
|
8
|
+
|
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
|
10
|
+
# require "pry"
|
|
11
|
+
# Pry.start
|
|
12
|
+
|
|
13
|
+
require "irb"
|
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
require 'omniauth'
|
|
2
|
+
require 'omniauth-oauth2'
|
|
3
|
+
require 'json/jwt'
|
|
4
|
+
|
|
5
|
+
module OmniAuth
|
|
6
|
+
module Strategies
|
|
7
|
+
class KeycloakOpenId < OmniAuth::Strategies::OAuth2
|
|
8
|
+
attr_reader :authorize_url
|
|
9
|
+
attr_reader :token_url
|
|
10
|
+
attr_reader :cert
|
|
11
|
+
|
|
12
|
+
def setup_phase
|
|
13
|
+
if @authorize_url.nil? || @token_url.nil?
|
|
14
|
+
realm = options.client_options[:realm].nil? ? options.client_id : options.client_options[:realm]
|
|
15
|
+
site = options.client_options[:site]
|
|
16
|
+
response = Faraday.get "#{options.client_options[:site]}/auth/realms/#{realm}/.well-known/openid-configuration"
|
|
17
|
+
if (response.status == 200)
|
|
18
|
+
json = MultiJson.load(response.body)
|
|
19
|
+
@certs_endpoint = json["jwks_uri"]
|
|
20
|
+
@userinfo_endpoint = json["userinfo_endpoint"]
|
|
21
|
+
@authorize_url = json["authorization_endpoint"].gsub(site, "")
|
|
22
|
+
@token_url = json["token_endpoint"].gsub(site, "")
|
|
23
|
+
options.client_options.merge!({
|
|
24
|
+
authorize_url: @authorize_url,
|
|
25
|
+
token_url: @token_url
|
|
26
|
+
})
|
|
27
|
+
certs = Faraday.get @certs_endpoint
|
|
28
|
+
if (certs.status == 200)
|
|
29
|
+
json = MultiJson.load(certs.body)
|
|
30
|
+
@cert = json["keys"][0]
|
|
31
|
+
else
|
|
32
|
+
#TODO: Throw Error
|
|
33
|
+
puts "Couldn't get Cert"
|
|
34
|
+
end
|
|
35
|
+
else
|
|
36
|
+
#TODO: Throw Error
|
|
37
|
+
puts response.status
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def build_access_token
|
|
43
|
+
verifier = request.params["code"]
|
|
44
|
+
client.auth_code.get_token(verifier,
|
|
45
|
+
{:redirect_uri => callback_url.gsub(/\?.+\Z/, "")}
|
|
46
|
+
.merge(token_params.to_hash(:symbolize_keys => true)),
|
|
47
|
+
deep_symbolize(options.auth_token_params))
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
uid{ raw_info['sub'] }
|
|
51
|
+
|
|
52
|
+
info do
|
|
53
|
+
{
|
|
54
|
+
:name => raw_info['name'],
|
|
55
|
+
:email => raw_info['email'],
|
|
56
|
+
:first_name => raw_info['given_name'],
|
|
57
|
+
:last_name => raw_info['family_name']
|
|
58
|
+
}
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
extra do
|
|
62
|
+
{
|
|
63
|
+
'raw_info' => raw_info
|
|
64
|
+
}
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def raw_info
|
|
68
|
+
id_token_string = access_token.token
|
|
69
|
+
jwk = JSON::JWK.new(@cert)
|
|
70
|
+
id_token = JSON::JWT.decode id_token_string, jwk
|
|
71
|
+
id_token
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
OmniAuth.config.add_camelization('keycloak_openid', 'KeycloakOpenId')
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
data/omniauth-keycloak.gemspec
CHANGED
|
@@ -9,13 +9,15 @@ Gem::Specification.new do |spec|
|
|
|
9
9
|
spec.summary = spec.description
|
|
10
10
|
spec.homepage = "https://github.com/ccrockett/omniauth-keycloak"
|
|
11
11
|
spec.license = "MIT"
|
|
12
|
+
spec.required_rubygems_version = '>= 1.3.5'
|
|
13
|
+
spec.required_ruby_version = '>= 2.2'
|
|
12
14
|
|
|
13
15
|
# Specify which files should be added to the gem when it is released.
|
|
14
16
|
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
15
17
|
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
|
16
|
-
`git ls-files -z`.split("\x0")
|
|
18
|
+
`git ls-files -z`.split("\x0")
|
|
17
19
|
end
|
|
18
|
-
|
|
20
|
+
|
|
19
21
|
spec.bindir = "exe"
|
|
20
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
21
23
|
spec.require_paths = ["lib"]
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-keycloak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cameron Crockett
|
|
@@ -139,6 +139,11 @@ files:
|
|
|
139
139
|
- LICENSE.txt
|
|
140
140
|
- README.md
|
|
141
141
|
- Rakefile
|
|
142
|
+
- bin/console
|
|
143
|
+
- bin/setup
|
|
144
|
+
- lib/keycloak/version.rb
|
|
145
|
+
- lib/omniauth-keycloak.rb
|
|
146
|
+
- lib/omniauth/strategies/keycloak-openid.rb
|
|
142
147
|
- omniauth-keycloak.gemspec
|
|
143
148
|
- spec/omniauth/strategies/keycloak_spec.rb
|
|
144
149
|
- spec/spec_helper.rb
|
|
@@ -154,12 +159,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
154
159
|
requirements:
|
|
155
160
|
- - ">="
|
|
156
161
|
- !ruby/object:Gem::Version
|
|
157
|
-
version: '
|
|
162
|
+
version: '2.2'
|
|
158
163
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
159
164
|
requirements:
|
|
160
165
|
- - ">="
|
|
161
166
|
- !ruby/object:Gem::Version
|
|
162
|
-
version:
|
|
167
|
+
version: 1.3.5
|
|
163
168
|
requirements: []
|
|
164
169
|
rubyforge_project:
|
|
165
170
|
rubygems_version: 2.7.4
|