lib/keycloak.rb in keycloak-3.0.0 vs lib/keycloak.rb in keycloak-3.1.0
- old
+ new
@@ -51,26 +51,28 @@
payload = { 'client_id' => client_id,
'client_secret' => secret,
'username' => user,
'password' => password,
- 'grant_type' => 'password' }
+ 'grant_type' => 'password'}
mount_request_token(payload)
end
- def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '')
+ def self.get_token_by_code(code, redirect_uri, client_id = '', secret = '', client_session_state = '', client_session_host = '')
verify_setup
client_id = @client_id if isempty?(client_id)
secret = @secret if isempty?(secret)
payload = { 'client_id' => client_id,
'client_secret' => secret,
'code' => code,
'grant_type' => 'authorization_code',
- 'redirect_uri' => redirect_uri }
+ 'redirect_uri' => redirect_uri,
+ 'client_session_state' => client_session_state,
+ 'client_session_host' => client_session_host}
mount_request_token(payload)
end
def self.get_token_by_exchange(issuer, issuer_token, client_id = '', secret = '', token_endpoint = '')
@@ -78,11 +80,17 @@
client_id = @client_id if isempty?(client_id)
secret = @secret if isempty?(secret)
token_endpoint = @configuration['token_endpoint'] if isempty?(token_endpoint)
- payload = { 'client_id' => client_id, 'client_secret' => secret, 'audience' => client_id, 'grant_type' => 'urn:ietf:params:oauth:grant-type:token-exchange', 'subject_token_type' => 'urn:ietf:params:oauth:token-type:access_token', 'subject_issuer' => issuer, 'subject_token' => issuer_token }
+ payload = { 'client_id' => client_id,
+ 'client_secret' => secret,
+ 'audience' => client_id,
+ 'grant_type' => 'urn:ietf:params:oauth:grant-type:token-exchange',
+ 'subject_token_type' => 'urn:ietf:params:oauth:token-type:access_token',
+ 'subject_issuer' => issuer,
+ 'subject_token' => issuer_token}
header = { 'Content-Type' => 'application/x-www-form-urlencoded' }
_request = -> do
RestClient.post(token_endpoint, payload, header){|response, request, result|
# case response.code
# when 200
@@ -331,11 +339,11 @@
@client_id = installation["resource"]
@secret = installation["credentials"]["secret"]
@public_key = installation["realm-public-key"]
@auth_server_url = installation["auth-server-url"]
else
- raise "#{Keycloak.installation_file} and relm settings not found." if isempty?(Keycloak.realm) || isempty?(Keycloak.auth_server_url)
+ raise "#{Keycloak.installation_file} and realm settings not found." if isempty?(Keycloak.realm) || isempty?(Keycloak.auth_server_url)
@realm = Keycloak.realm
@auth_server_url = Keycloak.auth_server_url
end
openid_configuration
@@ -412,10 +420,14 @@
def self.get_users(query_parameters = nil, access_token = nil)
generic_get("users/", query_parameters, access_token)
end
+ def self.get_users_by_group(id, query_parameters = nil, access_token = nil)
+ generic_get("groups/#{id}/members", query_parameters, access_token)
+ end
+
def self.create_user(user_representation, access_token = nil)
generic_post("users/", nil, user_representation, access_token)
end
def self.count_users(access_token = nil)
@@ -450,10 +462,18 @@
def self.get_groups(query_parameters = nil, access_token = nil)
generic_get("groups/", query_parameters, access_token)
end
+ def self.get_users_by_role_name(role_name, query_parameters = nil, access_token = nil)
+ generic_get("roles/#{role_name}/users", query_parameters, access_token)
+ end
+
+ def self.get_groups_by_role_name(role_name, query_parameters = nil, access_token = nil)
+ generic_get("roles/#{role_name}/groups", query_parameters, access_token)
+ end
+
def self.get_clients(query_parameters = nil, access_token = nil)
generic_get("clients/", query_parameters, access_token)
end
def self.get_all_roles_client(id, access_token = nil)
@@ -462,10 +482,14 @@
def self.get_roles_client_by_name(id, role_name, access_token = nil)
generic_get("clients/#{id}/roles/#{role_name}", nil, access_token)
end
+ def self.get_users_client_by_role_name(id, role_name, access_token = nil)
+ generic_get("clients/#{id}/roles/#{role_name}/users", nil, access_token)
+ end
+
def self.add_client_level_roles_to_user(id, client, role_representation, access_token = nil)
generic_post("users/#{id}/role-mappings/clients/#{client}", nil, role_representation, access_token)
end
def self.delete_client_level_roles_from_user(id, client, role_representation, access_token = nil)
@@ -583,16 +607,49 @@
}
default_call(proc, client_id, secret)
end
+ def self.get_users_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
+ client_id = Keycloak::Client.client_id if isempty?(client_id)
+ secret = Keycloak::Client.secret if isempty?(secret)
+
+ proc = lambda do |token|
+ Keycloak::Admin.get_users_by_role_name(role_name, query_parameters, token['access_token'])
+ end
+
+ default_call(proc, client_id, secret)
+ end
+
def self.get_groups(query_parameters = nil, client_id = '', secret = '')
client_id = Keycloak::Client.client_id if isempty?(client_id)
secret = Keycloak::Client.secret if isempty?(secret)
proc = lambda { |token|
Keycloak::Admin.get_groups(query_parameters, token['access_token'])
}
+
+ default_call(proc, client_id, secret)
+ end
+
+ def self.get_groups_by_role_name(role_name, query_parameters = nil, client_id = '', secret = '')
+ client_id = Keycloak::Client.client_id if isempty?(client_id)
+ secret = Keycloak::Client.secret if isempty?(secret)
+
+ proc = lambda do |token|
+ Keycloak::Admin.get_groups_by_role_name(role_name, query_parameters, token['access_token'])
+ end
+
+ default_call(proc, client_id, secret)
+ end
+
+ def self.get_users_by_group(id, query_parameters = nil, client_id = '', secret = '')
+ client_id = Keycloak::Client.client_id if isempty?(client_id)
+ secret = Keycloak::Client.secret if isempty?(secret)
+
+ proc = lambda do |token|
+ Keycloak::Admin.get_users_by_group(id, query_parameters, token['access_token'])
+ end
default_call(proc, client_id, secret)
end
def self.change_password(user_id, redirect_uri = '', client_id = '', secret = '')