reclaim-oidc 0.0.2 → 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/reclaim-oidc +18 -3
- data/lib/reclaim_oidc.rb +52 -22
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cba3f05a249dd9120160ad582c9d5fa257ee11983517159cd2528cf36fc8cc19
|
4
|
+
data.tar.gz: 678239df41432010614a9cbd771212b5e557ebbc6ff1c3e224fc78ee4e5fdd34
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: db2123585c8000c90d859ac29f1f8f5fbbf2f4fdb02fbe4d048d2577ef724fd5ded1ae8ad9d28193ec6ce31d8c059e28076aa3546cf1e420e5f3275ffc3c2f32
|
7
|
+
data.tar.gz: dbabb3e6428a7ece79ced4d392b99d91bad2dc38bf5247424adbaf4fe584105522608ed3beae734b4b795a914ed3085197eb4689764786da4f41bbcdb0d08bf2
|
data/bin/reclaim-oidc
CHANGED
@@ -5,13 +5,14 @@ require 'reclaim_oidc'
|
|
5
5
|
class OptParser
|
6
6
|
class ScriptOptions
|
7
7
|
attr_accessor :name, :add, :delete, :list, :description, :redirect_uri,
|
8
|
-
:verbose
|
8
|
+
:verbose, :jwt_secret
|
9
9
|
|
10
10
|
def initialize
|
11
11
|
self.delete = false
|
12
12
|
self.add = false
|
13
13
|
self.list = false
|
14
14
|
self.verbose = false
|
15
|
+
self.jwt_secret = false
|
15
16
|
end
|
16
17
|
|
17
18
|
def define_options(parser)
|
@@ -27,6 +28,7 @@ class OptParser
|
|
27
28
|
client_redirect_option(parser)
|
28
29
|
client_description_option(parser)
|
29
30
|
boolean_verbose_option(parser)
|
31
|
+
jwt_secret_option(parser)
|
30
32
|
|
31
33
|
parser.separator ""
|
32
34
|
parser.separator "Common options:"
|
@@ -87,6 +89,12 @@ class OptParser
|
|
87
89
|
self.verbose = v
|
88
90
|
end
|
89
91
|
end
|
92
|
+
|
93
|
+
def jwt_secret_option(parser)
|
94
|
+
parser.on("-j", "--jwt-secret [JWT-SECRET]", "Set JWT secret") do |v|
|
95
|
+
self.jwt_secret = v
|
96
|
+
end
|
97
|
+
end
|
90
98
|
end
|
91
99
|
|
92
100
|
#
|
@@ -99,7 +107,11 @@ class OptParser
|
|
99
107
|
@options = ScriptOptions.new
|
100
108
|
@args = OptionParser.new do |parser|
|
101
109
|
@options.define_options(parser)
|
102
|
-
|
110
|
+
begin
|
111
|
+
parser.parse!(args)
|
112
|
+
rescue OptionParser::InvalidOption => e
|
113
|
+
puts "ERROR: Invalid option"
|
114
|
+
end
|
103
115
|
end
|
104
116
|
@options
|
105
117
|
end
|
@@ -152,4 +164,7 @@ if (options.delete)
|
|
152
164
|
roidc.delete_client(options.name)
|
153
165
|
puts "OK"
|
154
166
|
end
|
155
|
-
|
167
|
+
if (options.jwt_secret)
|
168
|
+
roidc.set_jwt_secret(options.jwt_secret)
|
169
|
+
puts "JWT secret has been changed"
|
170
|
+
end
|
data/lib/reclaim_oidc.rb
CHANGED
@@ -1,14 +1,18 @@
|
|
1
1
|
require 'net/http'
|
2
2
|
require 'json'
|
3
3
|
|
4
|
+
$VERSION_MAJOR = 0
|
5
|
+
$VERSION_MINOR = 0
|
6
|
+
$VERSION_MICRO = 7
|
7
|
+
|
4
8
|
class ReclaimOidc
|
5
9
|
def initialize(verbose=false, url='http://localhost:7776')
|
6
10
|
@verbose = verbose
|
7
11
|
@url = url
|
8
12
|
@client_secret = get_client_secret()
|
9
13
|
end
|
10
|
-
def self.
|
11
|
-
|
14
|
+
def self.version
|
15
|
+
return "#{$VERSION_MAJOR}.#{$VERSION_MINOR}.#{$VERSION_MICRO}"
|
12
16
|
end
|
13
17
|
def parse_identities_from_http(body)
|
14
18
|
arr = JSON.parse(body)
|
@@ -22,8 +26,13 @@ class ReclaimOidc
|
|
22
26
|
|
23
27
|
def get_client_secret
|
24
28
|
uri = URI(@url + '/config/reclaim-rest-plugin')
|
25
|
-
|
26
|
-
|
29
|
+
begin
|
30
|
+
resp = JSON.parse Net::HTTP.get(uri)
|
31
|
+
return resp["OIDC_CLIENT_SECRET"]
|
32
|
+
rescue Errno::ECONNREFUSED => e
|
33
|
+
puts "ERROR: REST service is not running"
|
34
|
+
exit
|
35
|
+
end
|
27
36
|
end
|
28
37
|
|
29
38
|
def get_clients
|
@@ -41,21 +50,32 @@ class ReclaimOidc
|
|
41
50
|
def add_client(name,redirect_uri,description)
|
42
51
|
raise if redirect_uri.nil? or description.nil? or name.nil?
|
43
52
|
uri = URI(@url + '/identity')
|
44
|
-
payload = {'name' => "#{name}"}
|
45
|
-
resp = Net::HTTP.post(uri, payload)
|
53
|
+
payload = {'name' => "#{name}"}
|
54
|
+
#resp = Net::HTTP.post(uri, payload)
|
55
|
+
#req = Net::HTTP::Post.new(uri, payload.to_json)
|
56
|
+
Net::HTTP.start(uri.host, uri.port) do |http|
|
57
|
+
resp = http.post(uri.path, payload.to_json)
|
58
|
+
end
|
46
59
|
uri = URI(@url + "/namestore/#{name}")
|
47
|
-
|
60
|
+
records = {'record_name' => "@",
|
61
|
+
'data' => []}
|
62
|
+
records["data"] << {'record_type' => "RECLAIM_OIDC_CLIENT",
|
48
63
|
'value' => description,
|
49
|
-
'
|
50
|
-
'
|
51
|
-
'
|
52
|
-
|
53
|
-
|
64
|
+
'expiration_time' => "1h",
|
65
|
+
'private' => false,
|
66
|
+
'relative_expiration' => true,
|
67
|
+
'supplemental' => false,
|
68
|
+
'shadow' => false}
|
69
|
+
records["data"] << {'record_type' => "RECLAIM_OIDC_REDIRECT",
|
54
70
|
'value' => redirect_uri,
|
55
|
-
'
|
56
|
-
'
|
57
|
-
'
|
58
|
-
|
71
|
+
'expiration_time' => "1h",
|
72
|
+
'private' => false,
|
73
|
+
'relative_expiration' => true,
|
74
|
+
'supplemental' => false,
|
75
|
+
'shadow' => false}
|
76
|
+
Net::HTTP.start(uri.host, uri.port) do |http|
|
77
|
+
resp = http.post(uri.path,records.to_json)
|
78
|
+
end
|
59
79
|
end
|
60
80
|
def delete_client(name)
|
61
81
|
raise if name.nil?
|
@@ -77,8 +97,13 @@ class ReclaimOidc
|
|
77
97
|
op['userinfo_endpoint'] = host + '/openid/userinfo'
|
78
98
|
op
|
79
99
|
end
|
80
|
-
def set_jwt_secret
|
81
|
-
|
100
|
+
def set_jwt_secret(jwt_secret)
|
101
|
+
uri = URI(@url + '/config/reclaim-rest-plugin')
|
102
|
+
request = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
|
103
|
+
request.body = {"JWT_SECRET": jwt_secret}.to_json
|
104
|
+
resp = Net::HTTP.start(uri.host, uri.port) do |http|
|
105
|
+
http.request request
|
106
|
+
end
|
82
107
|
end
|
83
108
|
|
84
109
|
class Client
|
@@ -93,11 +118,16 @@ class ReclaimOidc
|
|
93
118
|
end
|
94
119
|
def parse_client_info(obj)
|
95
120
|
obj.each do |record|
|
96
|
-
if
|
97
|
-
|
121
|
+
if "@" != record["record_name"]
|
122
|
+
next
|
98
123
|
end
|
99
|
-
|
100
|
-
|
124
|
+
record["data"].each do |data|
|
125
|
+
if (data['record_type'] == 'RECLAIM_OIDC_CLIENT')
|
126
|
+
@description = data['value']
|
127
|
+
end
|
128
|
+
if (data['record_type'] == 'RECLAIM_OIDC_REDIRECT')
|
129
|
+
@redirect_uri = data['value']
|
130
|
+
end
|
101
131
|
end
|
102
132
|
end
|
103
133
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: reclaim-oidc
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Martin Schanzenbach
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-07-27 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Used to manage re:claimID OpenID Connect clients and OpenID Connect Provider
|
14
14
|
configuration(s)
|
@@ -24,7 +24,7 @@ homepage: https://gitlab.com/reclaimid/reclaim-oidc
|
|
24
24
|
licenses:
|
25
25
|
- AGPL-3.0
|
26
26
|
metadata: {}
|
27
|
-
post_install_message:
|
27
|
+
post_install_message:
|
28
28
|
rdoc_options: []
|
29
29
|
require_paths:
|
30
30
|
- lib
|
@@ -39,8 +39,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '0'
|
41
41
|
requirements: []
|
42
|
-
rubygems_version: 3.
|
43
|
-
signing_key:
|
42
|
+
rubygems_version: 3.1.2
|
43
|
+
signing_key:
|
44
44
|
specification_version: 4
|
45
45
|
summary: re:claimID OpenID Connect CLI
|
46
46
|
test_files: []
|