omniauth-keycloak 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -3
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/keycloak/version.rb +5 -0
- data/lib/omniauth/strategies/keycloak-openid.rb +77 -0
- data/lib/omniauth-keycloak.rb +2 -0
- data/omniauth-keycloak.gemspec +4 -2
- metadata +8 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ee24a3af9bf792c089adf90c7cb4d283b9bf2c390828ff022344b5588dcddef2
|
|
4
|
+
data.tar.gz: 8e4404c638641547591ca1ec38b499efa03198cfd04aad7734d78bba144ed5c2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e66fd26b40742d97daf9cd28a2469fdb6349b7ccd94178ba6c06a2973fa368048e1a9a78200115f821b92e72324b5b492482a5b6ab6262413a2fec1e1bef97e5
|
|
7
|
+
data.tar.gz: b314bd271ccc280d1d244237300e482c7c58a059c742c9f4baff1517031fcfdff0f7c85aca6fcc1e0c4325977cb2c64e2f0aa1863240222a4cedf9a4809f2e30
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
omniauth-keycloak (1.0.
|
|
4
|
+
omniauth-keycloak (1.0.1)
|
|
5
5
|
json-jwt (~> 1.9.4)
|
|
6
6
|
omniauth (~> 1.8.1)
|
|
7
7
|
omniauth-oauth2 (~> 1.5.0)
|
|
@@ -18,7 +18,7 @@ GEM
|
|
|
18
18
|
public_suffix (>= 2.0.2, < 4.0)
|
|
19
19
|
aes_key_wrap (1.0.1)
|
|
20
20
|
bindata (2.4.4)
|
|
21
|
-
concurrent-ruby (1.
|
|
21
|
+
concurrent-ruby (1.1.3)
|
|
22
22
|
crack (0.4.3)
|
|
23
23
|
safe_yaml (~> 1.0.0)
|
|
24
24
|
diff-lcs (1.3)
|
|
@@ -52,7 +52,7 @@ GEM
|
|
|
52
52
|
oauth2 (~> 1.1)
|
|
53
53
|
omniauth (~> 1.2)
|
|
54
54
|
public_suffix (3.0.3)
|
|
55
|
-
rack (2.0.
|
|
55
|
+
rack (2.0.6)
|
|
56
56
|
rake (10.5.0)
|
|
57
57
|
rspec (3.8.0)
|
|
58
58
|
rspec-core (~> 3.8.0)
|
data/bin/console
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require "bundler/setup"
|
|
4
|
+
require "omniauth/omniauth-keycloak"
|
|
5
|
+
|
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
|
8
|
+
|
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
|
10
|
+
# require "pry"
|
|
11
|
+
# Pry.start
|
|
12
|
+
|
|
13
|
+
require "irb"
|
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
require 'omniauth'
|
|
2
|
+
require 'omniauth-oauth2'
|
|
3
|
+
require 'json/jwt'
|
|
4
|
+
|
|
5
|
+
module OmniAuth
|
|
6
|
+
module Strategies
|
|
7
|
+
class KeycloakOpenId < OmniAuth::Strategies::OAuth2
|
|
8
|
+
attr_reader :authorize_url
|
|
9
|
+
attr_reader :token_url
|
|
10
|
+
attr_reader :cert
|
|
11
|
+
|
|
12
|
+
def setup_phase
|
|
13
|
+
if @authorize_url.nil? || @token_url.nil?
|
|
14
|
+
realm = options.client_options[:realm].nil? ? options.client_id : options.client_options[:realm]
|
|
15
|
+
site = options.client_options[:site]
|
|
16
|
+
response = Faraday.get "#{options.client_options[:site]}/auth/realms/#{realm}/.well-known/openid-configuration"
|
|
17
|
+
if (response.status == 200)
|
|
18
|
+
json = MultiJson.load(response.body)
|
|
19
|
+
@certs_endpoint = json["jwks_uri"]
|
|
20
|
+
@userinfo_endpoint = json["userinfo_endpoint"]
|
|
21
|
+
@authorize_url = json["authorization_endpoint"].gsub(site, "")
|
|
22
|
+
@token_url = json["token_endpoint"].gsub(site, "")
|
|
23
|
+
options.client_options.merge!({
|
|
24
|
+
authorize_url: @authorize_url,
|
|
25
|
+
token_url: @token_url
|
|
26
|
+
})
|
|
27
|
+
certs = Faraday.get @certs_endpoint
|
|
28
|
+
if (certs.status == 200)
|
|
29
|
+
json = MultiJson.load(certs.body)
|
|
30
|
+
@cert = json["keys"][0]
|
|
31
|
+
else
|
|
32
|
+
#TODO: Throw Error
|
|
33
|
+
puts "Couldn't get Cert"
|
|
34
|
+
end
|
|
35
|
+
else
|
|
36
|
+
#TODO: Throw Error
|
|
37
|
+
puts response.status
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def build_access_token
|
|
43
|
+
verifier = request.params["code"]
|
|
44
|
+
client.auth_code.get_token(verifier,
|
|
45
|
+
{:redirect_uri => callback_url.gsub(/\?.+\Z/, "")}
|
|
46
|
+
.merge(token_params.to_hash(:symbolize_keys => true)),
|
|
47
|
+
deep_symbolize(options.auth_token_params))
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
uid{ raw_info['sub'] }
|
|
51
|
+
|
|
52
|
+
info do
|
|
53
|
+
{
|
|
54
|
+
:name => raw_info['name'],
|
|
55
|
+
:email => raw_info['email'],
|
|
56
|
+
:first_name => raw_info['given_name'],
|
|
57
|
+
:last_name => raw_info['family_name']
|
|
58
|
+
}
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
extra do
|
|
62
|
+
{
|
|
63
|
+
'raw_info' => raw_info
|
|
64
|
+
}
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def raw_info
|
|
68
|
+
id_token_string = access_token.token
|
|
69
|
+
jwk = JSON::JWK.new(@cert)
|
|
70
|
+
id_token = JSON::JWT.decode id_token_string, jwk
|
|
71
|
+
id_token
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
OmniAuth.config.add_camelization('keycloak_openid', 'KeycloakOpenId')
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
data/omniauth-keycloak.gemspec
CHANGED
|
@@ -9,13 +9,15 @@ Gem::Specification.new do |spec|
|
|
|
9
9
|
spec.summary = spec.description
|
|
10
10
|
spec.homepage = "https://github.com/ccrockett/omniauth-keycloak"
|
|
11
11
|
spec.license = "MIT"
|
|
12
|
+
spec.required_rubygems_version = '>= 1.3.5'
|
|
13
|
+
spec.required_ruby_version = '>= 2.2'
|
|
12
14
|
|
|
13
15
|
# Specify which files should be added to the gem when it is released.
|
|
14
16
|
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
15
17
|
spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
|
|
16
|
-
`git ls-files -z`.split("\x0")
|
|
18
|
+
`git ls-files -z`.split("\x0")
|
|
17
19
|
end
|
|
18
|
-
|
|
20
|
+
|
|
19
21
|
spec.bindir = "exe"
|
|
20
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
21
23
|
spec.require_paths = ["lib"]
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-keycloak
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cameron Crockett
|
|
@@ -139,6 +139,11 @@ files:
|
|
|
139
139
|
- LICENSE.txt
|
|
140
140
|
- README.md
|
|
141
141
|
- Rakefile
|
|
142
|
+
- bin/console
|
|
143
|
+
- bin/setup
|
|
144
|
+
- lib/keycloak/version.rb
|
|
145
|
+
- lib/omniauth-keycloak.rb
|
|
146
|
+
- lib/omniauth/strategies/keycloak-openid.rb
|
|
142
147
|
- omniauth-keycloak.gemspec
|
|
143
148
|
- spec/omniauth/strategies/keycloak_spec.rb
|
|
144
149
|
- spec/spec_helper.rb
|
|
@@ -154,12 +159,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
154
159
|
requirements:
|
|
155
160
|
- - ">="
|
|
156
161
|
- !ruby/object:Gem::Version
|
|
157
|
-
version: '
|
|
162
|
+
version: '2.2'
|
|
158
163
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
159
164
|
requirements:
|
|
160
165
|
- - ">="
|
|
161
166
|
- !ruby/object:Gem::Version
|
|
162
|
-
version:
|
|
167
|
+
version: 1.3.5
|
|
163
168
|
requirements: []
|
|
164
169
|
rubyforge_project:
|
|
165
170
|
rubygems_version: 2.7.4
|