simpleokta 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +14 -0
- data/.rspec +3 -0
- data/.travis.yml +6 -0
- data/CODE_OF_CONDUCT.md +74 -0
- data/Gemfile +18 -0
- data/Gemfile.lock +136 -0
- data/LICENSE.txt +21 -0
- data/README.md +51 -0
- data/Rakefile +11 -0
- data/bin/console +15 -0
- data/bin/setup +8 -0
- data/lib/simpleokta.rb +12 -0
- data/lib/simpleokta/apps.rb +96 -0
- data/lib/simpleokta/auth_servers.rb +489 -0
- data/lib/simpleokta/client.rb +44 -0
- data/lib/simpleokta/constants.rb +15 -0
- data/lib/simpleokta/groups.rb +113 -0
- data/lib/simpleokta/users.rb +173 -0
- data/lib/simpleokta/version.rb +5 -0
- data/simpleokta.gemspec +33 -0
- data/solargraph +29 -0
- metadata +82 -0
@@ -0,0 +1,489 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Simpleokta
|
4
|
+
class Client
|
5
|
+
module AuthServers
|
6
|
+
# AUTH SERVER METHODS
|
7
|
+
|
8
|
+
# Get an Authorization Server in the okta instance.
|
9
|
+
# @param auth_server_id [String] The unique id of the authorization server
|
10
|
+
# @return [Hash<Authorization Server Object>]
|
11
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object Authorization Server Object
|
12
|
+
def auth_server(auth_server_id)
|
13
|
+
response = call_with_token(
|
14
|
+
'get',
|
15
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}"
|
16
|
+
)
|
17
|
+
JSON.parse(response.body)
|
18
|
+
end
|
19
|
+
|
20
|
+
# Return all Authorization Servers in the okta instance.
|
21
|
+
# @return [Array<Authorization Server Object>]
|
22
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object Authorization Server Object
|
23
|
+
def auth_servers
|
24
|
+
response = call_with_token(
|
25
|
+
'get',
|
26
|
+
Constants::AUTH_SERVER_API_BASE_PATH
|
27
|
+
)
|
28
|
+
JSON.parse(response.body)
|
29
|
+
end
|
30
|
+
|
31
|
+
# Create an Authorization Server in the okta instance.
|
32
|
+
# @param auth_server_data [Hash] The Authorization Server Object you want to create
|
33
|
+
# @return [Hash<Authorization Server Object>]
|
34
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#create-authorization-server Create Authorization Server
|
35
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object Authorization Server Object
|
36
|
+
def create_auth_server(auth_server_data)
|
37
|
+
response = call_with_token(
|
38
|
+
'post',
|
39
|
+
Constants::AUTH_SERVER_API_BASE_PATH,
|
40
|
+
auth_server_data
|
41
|
+
)
|
42
|
+
JSON.parse(response.body)
|
43
|
+
end
|
44
|
+
|
45
|
+
# Update an Authorization Server in the okta instance.
|
46
|
+
# @param auth_server_id [String] The unique id of the authorization server
|
47
|
+
# @param auth_server_data [Hash] The Authorization Server Object you want to update
|
48
|
+
# @return [Hash<Authorization Server Object>]
|
49
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#update-authorization-server Update Authorization Server
|
50
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object Authorization Server Object
|
51
|
+
def update_auth_server(auth_server_id, auth_server_data)
|
52
|
+
response = call_with_token(
|
53
|
+
'put',
|
54
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}",
|
55
|
+
auth_server_data
|
56
|
+
)
|
57
|
+
JSON.parse(response.body)
|
58
|
+
end
|
59
|
+
|
60
|
+
# Delete an Authorization Server in the okta instance.
|
61
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
62
|
+
# @return 204 No Content
|
63
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#delete-authorization-server Delete Authorization Server
|
64
|
+
def delete_auth_server(auth_server_id)
|
65
|
+
call_with_token(
|
66
|
+
'delete',
|
67
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}"
|
68
|
+
)
|
69
|
+
end
|
70
|
+
|
71
|
+
# Activate an Authorization Server in the okta instance.
|
72
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
73
|
+
# @return 204 No Content
|
74
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#activate-authorization-server Activate Authorization Server
|
75
|
+
def activate_auth_server(auth_server_id)
|
76
|
+
call_with_token(
|
77
|
+
'post',
|
78
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/lifecycle/activate"
|
79
|
+
)
|
80
|
+
end
|
81
|
+
|
82
|
+
# Deactivate an Authorization Server in the okta instance.
|
83
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
84
|
+
# @return 204 No Content
|
85
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#activate-authorization-server Deactivate Authorization Server
|
86
|
+
def deactivate_auth_server(auth_server_id)
|
87
|
+
call_with_token(
|
88
|
+
'post',
|
89
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/lifecycle/deactivate"
|
90
|
+
)
|
91
|
+
end
|
92
|
+
|
93
|
+
# POLICY METHODS
|
94
|
+
|
95
|
+
# Return all Policies attached to a given Authorization Server in the okta instance.
|
96
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
97
|
+
# @return [Array<Policy Object>]
|
98
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#policy-object Policy Object
|
99
|
+
def policies(auth_server_id)
|
100
|
+
response = call_with_token(
|
101
|
+
'get',
|
102
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies"
|
103
|
+
)
|
104
|
+
JSON.parse(response.body)
|
105
|
+
end
|
106
|
+
|
107
|
+
# Return a specific Policy for a given Authorization Server in the okta instance.
|
108
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
109
|
+
# @param policy_id [String] the unique id of the policy
|
110
|
+
# @return [Hash<Policy Object>]
|
111
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#policy-object Policy Object
|
112
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-a-policy Get Policy
|
113
|
+
def policy(auth_server_id, _policy_id)
|
114
|
+
response = call_with_token(
|
115
|
+
'get',
|
116
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies"
|
117
|
+
)
|
118
|
+
JSON.parse(response.body)
|
119
|
+
end
|
120
|
+
|
121
|
+
# Create a Policy for a given Authorization Server
|
122
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
123
|
+
# @param policy_data [Hash<Policy Object>] the data for the expected Policy
|
124
|
+
# @return [Hash<Policy Object>]
|
125
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#policy-object Policy Object
|
126
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#create-a-policy Create Policy
|
127
|
+
def create_policy(auth_server_id, policy_data)
|
128
|
+
response = call_with_token(
|
129
|
+
'post',
|
130
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies",
|
131
|
+
policy_data
|
132
|
+
)
|
133
|
+
JSON.parse(response.body)
|
134
|
+
end
|
135
|
+
|
136
|
+
# Update a Policy for a given Authorization Server
|
137
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
138
|
+
# @param policy_id [String] the unique id of the policy
|
139
|
+
# @param policy_data [Hash<Policy Object>] the new data for the Policy
|
140
|
+
# @return [Hash<Policy Object>]
|
141
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#policy-object Policy Object
|
142
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#update-a-policy Update Policy
|
143
|
+
def update_policy(auth_server_id, policy_id, policy_data)
|
144
|
+
response = call_with_token(
|
145
|
+
'put',
|
146
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}",
|
147
|
+
policy_data
|
148
|
+
)
|
149
|
+
JSON.parse(response.body)
|
150
|
+
end
|
151
|
+
|
152
|
+
# Delete a Policy for a given Authorization Server
|
153
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
154
|
+
# @param policy_id [String] the unique id of the policy
|
155
|
+
# @return 204 No Content
|
156
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#policy-object Policy Object
|
157
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#delete-a-policy Delete Policy
|
158
|
+
def delete_policy(auth_server_id, policy_id)
|
159
|
+
call_with_token(
|
160
|
+
'delete',
|
161
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}"
|
162
|
+
)
|
163
|
+
end
|
164
|
+
end
|
165
|
+
|
166
|
+
# POLICY RULE METHODS
|
167
|
+
|
168
|
+
# Get all Policy Rules for a given Policy on a given Authorization Server
|
169
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
170
|
+
# @param policy_id [String] the unique id of the policy
|
171
|
+
# @return [Array<Rule Object>]
|
172
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#rule-object Rule object
|
173
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-all-policy-rules Get All Policy Rules
|
174
|
+
def rules(auth_server_id, policy_id)
|
175
|
+
response = call_with_token(
|
176
|
+
'get',
|
177
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules"
|
178
|
+
)
|
179
|
+
JSON.parse(response.body)
|
180
|
+
end
|
181
|
+
|
182
|
+
# Get a specific Policy Rule for a given Policy on a given Authorization Server
|
183
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
184
|
+
# @param policy_id [String] the unique id of the policy
|
185
|
+
# @param rule_id [String] the unique id of the rule
|
186
|
+
# @return [Hash<Rule Object>]
|
187
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#rule-object Rule object
|
188
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-a-policy-rule Get Policy Rule
|
189
|
+
def rule(auth_server_id, policy_id, rule_id)
|
190
|
+
response = call_with_token(
|
191
|
+
'get',
|
192
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}"
|
193
|
+
)
|
194
|
+
JSON.parse(response.body)
|
195
|
+
end
|
196
|
+
|
197
|
+
# Create a Policy Rule for a given Policy on a given Authorization Server
|
198
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
199
|
+
# @param policy_id [String] the unique id of the policy
|
200
|
+
# @param rule_data [Hash] the rule object you want to create
|
201
|
+
# @return [Hash<Rule Object>]
|
202
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#rule-object Rule object
|
203
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#create-a-policy-rule Create Policy Rule
|
204
|
+
def create_rule(auth_server_id, policy_id, rule_data)
|
205
|
+
response = call_with_token(
|
206
|
+
'post',
|
207
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules",
|
208
|
+
rule_data
|
209
|
+
)
|
210
|
+
JSON.parse(response.body)
|
211
|
+
end
|
212
|
+
|
213
|
+
# Update a Policy Rule for a given Policy on a given Authorization Server
|
214
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
215
|
+
# @param policy_id [String] the unique id of the policy
|
216
|
+
# @param rule_id [String] the unique id of the rule
|
217
|
+
# @param rule_data [Hash] the rule object you want to update
|
218
|
+
# @return [Hash<Rule Object>]
|
219
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#rule-object Rule object
|
220
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#update-a-policy-rule Update Policy Rule
|
221
|
+
def update_rule(auth_server_id, policy_id, rule_id, rule_data)
|
222
|
+
response = call_with_token(
|
223
|
+
'put',
|
224
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}",
|
225
|
+
rule_data
|
226
|
+
)
|
227
|
+
JSON.parse(response.body)
|
228
|
+
end
|
229
|
+
|
230
|
+
# Delete a Policy Rule for a given Policy on a given Authorization Server
|
231
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
232
|
+
# @param policy_id [String] the unique id of the policy
|
233
|
+
# @param rule_id [String] the unique id of the rule
|
234
|
+
# @return 204 No Content
|
235
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#rule-object Rule object
|
236
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#delete-a-policy-rule Delete Policy Rule
|
237
|
+
def delete_rule(auth_server_id, policy_id, rule_id)
|
238
|
+
call_with_token(
|
239
|
+
'delete',
|
240
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}"
|
241
|
+
)
|
242
|
+
end
|
243
|
+
|
244
|
+
# SCOPES METHODS
|
245
|
+
|
246
|
+
# Get all Scopes defined for a given Authorization Server
|
247
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
248
|
+
# @return [Array<Scope Object>]
|
249
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#scope-object Scope Object
|
250
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-all-scopes Get Scopes
|
251
|
+
def scopes(auth_server_id)
|
252
|
+
response = call_with_token(
|
253
|
+
'get',
|
254
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes"
|
255
|
+
)
|
256
|
+
JSON.parse(response.body)
|
257
|
+
end
|
258
|
+
|
259
|
+
# Get a specific Scope defined for a given Authorization Server
|
260
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
261
|
+
# @param scope_id [String] the unique id of the scope
|
262
|
+
# @return [Hash<Scope Object>]
|
263
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#scope-object Scope Object
|
264
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-a-scope Get Scopes
|
265
|
+
def scope(auth_server_id, scope_id)
|
266
|
+
response = call_with_token(
|
267
|
+
'get',
|
268
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}"
|
269
|
+
)
|
270
|
+
JSON.parse(response.body)
|
271
|
+
end
|
272
|
+
|
273
|
+
# Create a Scope for a given Authorization Server
|
274
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
275
|
+
# @param scope_data [Hash<Scope Object>] the data of the scope you wish to create
|
276
|
+
# @return [Hash<Scope Object>]
|
277
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#scope-object Scope Object
|
278
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#create-a-scope Create Scope
|
279
|
+
def create_scope(auth_server_id, scope_data)
|
280
|
+
response = call_with_token(
|
281
|
+
'post',
|
282
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes",
|
283
|
+
scope_data
|
284
|
+
)
|
285
|
+
JSON.parse(response.body)
|
286
|
+
end
|
287
|
+
|
288
|
+
# Update a Scope for a given Authorization Server
|
289
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
290
|
+
# @param scope_id [String] the unique id of the scope
|
291
|
+
# @param scope_data [Hash<Scope Object>] the data of the scope you wish to update
|
292
|
+
# @return [Hash<Scope Object>]
|
293
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#scope-object Scope Object
|
294
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#update-a-scope Create Scope
|
295
|
+
def update_scope(auth_server_id, scope_id, scope_data)
|
296
|
+
response = call_with_token(
|
297
|
+
'put',
|
298
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}",
|
299
|
+
scope_data
|
300
|
+
)
|
301
|
+
JSON.parse(response.body)
|
302
|
+
end
|
303
|
+
|
304
|
+
# Delete a Scope for a given Authorization Server
|
305
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
306
|
+
# @param scope_id [String] the unique id of the scope
|
307
|
+
# @return 204 No Content
|
308
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#scope-object Scope Object
|
309
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#delete-a-scope Delete Scope
|
310
|
+
def delete_scope(auth_server_id, scope_id)
|
311
|
+
call_with_token(
|
312
|
+
'delete',
|
313
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}"
|
314
|
+
)
|
315
|
+
end
|
316
|
+
|
317
|
+
# CLAIMS METHODS
|
318
|
+
|
319
|
+
# Get all Claims defined for a given Authorization Server
|
320
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
321
|
+
# @return [Array<Claim Object>]
|
322
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#claim-object Claim Object
|
323
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-all-claims Get Claims
|
324
|
+
def claims(auth_server_id)
|
325
|
+
response = call_with_token(
|
326
|
+
'get',
|
327
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims"
|
328
|
+
)
|
329
|
+
JSON.parse(response.body)
|
330
|
+
end
|
331
|
+
|
332
|
+
# Get a specific Claim defined for a given Authorization Server
|
333
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
334
|
+
# @param claim_id [String] the unique id of the claim
|
335
|
+
# @return [Hash<Claim Object>]
|
336
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#claim-object Claim Object
|
337
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-a-claim Get Claim
|
338
|
+
def claim(auth_server_id, claim_id)
|
339
|
+
response = call_with_token(
|
340
|
+
'get',
|
341
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}"
|
342
|
+
)
|
343
|
+
JSON.parse(response.body)
|
344
|
+
end
|
345
|
+
|
346
|
+
# Create a Claim for a given Authorization Server
|
347
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
348
|
+
# @param claim_data [Hash<Claim_Object>] the data of the claim you wish to create
|
349
|
+
# @return [Hash<Claim Object>]
|
350
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#claim-object Claim Object
|
351
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#create-a-claim Create Claim
|
352
|
+
def create_claim(auth_server_id, claim_data)
|
353
|
+
response = call_with_token(
|
354
|
+
'post',
|
355
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims",
|
356
|
+
claim_data
|
357
|
+
)
|
358
|
+
JSON.parse(response.body)
|
359
|
+
end
|
360
|
+
|
361
|
+
# Update a specific Claim defined for a given Authorization Server
|
362
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
363
|
+
# @param claim_id [String] the unique id of the claim
|
364
|
+
# @param claim_data [Hash<Claim_Object>] the data of the claim you wish to create
|
365
|
+
# @return [Hash<Claim Object>]
|
366
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#claim-object Claim Object
|
367
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#update-a-claim Update Claim
|
368
|
+
def update_claim(auth_server_id, claim_id, claim_data)
|
369
|
+
response = call_with_token(
|
370
|
+
'put',
|
371
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}",
|
372
|
+
claim_data
|
373
|
+
)
|
374
|
+
JSON.parse(response.body)
|
375
|
+
end
|
376
|
+
|
377
|
+
# Delete a specific Claim defined for a given Authorization Server
|
378
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
379
|
+
# @param claim_id [String] the unique id of the claim
|
380
|
+
# @return 204 No Content
|
381
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#claim-object Claim Object
|
382
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#delete-a-claim Delete Claim
|
383
|
+
def delete_claim(auth_server_id, claim_id)
|
384
|
+
call_with_token(
|
385
|
+
'delete',
|
386
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}"
|
387
|
+
)
|
388
|
+
end
|
389
|
+
|
390
|
+
# KEY STORE OPERATIONS
|
391
|
+
|
392
|
+
# Get all Keys associated with a given Authorization Server
|
393
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
394
|
+
# @return [Array<Credentials Object>]
|
395
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#credentials-object Credentials Object
|
396
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-all-claims Get Authorization Server Keys
|
397
|
+
def keys(auth_server_id)
|
398
|
+
response = call_with_token(
|
399
|
+
'get',
|
400
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/credentials/keys"
|
401
|
+
)
|
402
|
+
JSON.parse(response.body)
|
403
|
+
end
|
404
|
+
|
405
|
+
# Rotate the current Keys associated with a given Authorization Server
|
406
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
407
|
+
# @return [Array<Credentials Object>]
|
408
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#credentials-object Credentials Object
|
409
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-all-claims Rotate Authorization Server Keys
|
410
|
+
def rotate_keys(auth_server_id)
|
411
|
+
response = call_with_token(
|
412
|
+
'post',
|
413
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/credentials/lifecycle/keyRotate",
|
414
|
+
{ 'use': 'sig' }
|
415
|
+
)
|
416
|
+
JSON.parse(response.body)
|
417
|
+
end
|
418
|
+
|
419
|
+
# CLIENT RESOURCE OPERATIONS
|
420
|
+
|
421
|
+
# Lists all Client Resources for which the specified Authorization Server has tokens
|
422
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
423
|
+
# @return [Array<Hash>]
|
424
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#list-client-resources-for-an-authorization-server List Client Resources for an Authorization Server
|
425
|
+
def client_resources(auth_server_id)
|
426
|
+
response = call_with_token(
|
427
|
+
'get',
|
428
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients"
|
429
|
+
)
|
430
|
+
JSON.parse(response.body)
|
431
|
+
end
|
432
|
+
|
433
|
+
# OAUTH 2.0 TOKEN MGMT OPERATIONS
|
434
|
+
|
435
|
+
# Lists all Refresh Tokens issued by an Authorization Server for a specific client
|
436
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
437
|
+
# @param client_id [String] the unique id of the client
|
438
|
+
# @return [Array<Hash>]
|
439
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#list-refresh-tokens List Refresh Tokens
|
440
|
+
def refresh_tokens(auth_server_id, client_id)
|
441
|
+
response = call_with_token(
|
442
|
+
'get',
|
443
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens"
|
444
|
+
)
|
445
|
+
JSON.parse(response.body)
|
446
|
+
end
|
447
|
+
|
448
|
+
# Gets a specific Refresh Token issued by an Authorization Server for a specific client
|
449
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
450
|
+
# @param client_id [String] the unique id of the client
|
451
|
+
# @param token_id [String] the unique id of the refresh token
|
452
|
+
# @return [Array<Hash>]
|
453
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#get-refresh-token Get Refresh Tokens
|
454
|
+
def refresh_token(auth_server_id, client_id, token_id)
|
455
|
+
response = call_with_token(
|
456
|
+
'get',
|
457
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
|
458
|
+
)
|
459
|
+
JSON.parse(response.body)
|
460
|
+
end
|
461
|
+
|
462
|
+
# Revokes all Refresh Tokens issued by an Authorization Server for a specific client
|
463
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
464
|
+
# @param client_id [String] the unique id of the client
|
465
|
+
# @return 204 No Content
|
466
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#revoke-all-refresh-tokens Revoke Refresh Tokens
|
467
|
+
def revoke_refresh_tokens(auth_server_id, client_id)
|
468
|
+
response = call_with_token(
|
469
|
+
'delete',
|
470
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
|
471
|
+
)
|
472
|
+
JSON.parse(response.body)
|
473
|
+
end
|
474
|
+
|
475
|
+
# Revokes a specific Refresh Token issued by an Authorization Server for a specific client
|
476
|
+
# @param auth_server_id [String] the unique id of the authorization server
|
477
|
+
# @param client_id [String] the unique id of the client
|
478
|
+
# @param token_id [String] the unique id of the refresh token
|
479
|
+
# @return 204 No Content
|
480
|
+
# @see https://developer.okta.com/docs/reference/api/authorization-servers/#revoke-refresh-token Revoke Refresh Token
|
481
|
+
def revoke_refresh_token(auth_server_id, client_id, token_id)
|
482
|
+
response = call_with_token(
|
483
|
+
'delete',
|
484
|
+
"#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
|
485
|
+
)
|
486
|
+
JSON.parse(response.body)
|
487
|
+
end
|
488
|
+
end
|
489
|
+
end
|