Class: Hydra::Keycloak::Client

Inherits:

Object

• Object
• Hydra::Keycloak::Client

Extended by:

Mixin

Defined in:

lib/hydra/keycloak/client.rb

Instance Method Summary

• #access_token(session_state) ⇒ Object
• #access_token_jti(session_state) ⇒ Object
• #auth_url ⇒ Object
• #authenticate!(auth_code) ⇒ Object
• #authenticate_by_password!(username, password) ⇒ Object
• #authenticated?(session_state) ⇒ Boolean
• #authorize!(session_state) ⇒ Object
• #introspect_token(token) ⇒ Object
• #logout!(session_state) {|clear_tokens(session_state)| ... } ⇒ Object

Methods included from Mixin

args_inject, container, inject

Instance Method Details

#access_token(session_state) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 178

def access_token(session_state)
  fetch_token(session_state, 'access_token')
end

#access_token_jti(session_state) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 193

def access_token_jti(session_state)
  fetch_token(session_state, 'access_token').fmap { |token| token[:jti] }
end

#auth_url ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 137

def auth_url
  code_verifier.generate
  urls.auth_url(code_verifier.code_challenge)
end

#authenticate!(auth_code) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 142

def authenticate!(auth_code)
  tokens_repo.get_tokens(auth_code, code_verifier.value).fmap do |tokens|
    access_token  = tokens[:access_token]
    id_token      = tokens[:id_token]
    refresh_token = tokens[:refresh_token]

    session_state = access_token.session_state

    save_token(session_state, 'access_token',  access_token)
    save_token(session_state, 'id_token',      id_token)
    save_token(session_state, 'refresh_token', refresh_token)

    session_state
  end
end

#authenticate_by_password!(username, password) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 158

def authenticate_by_password!(username, password)
  tokens_repo.get_tokens_by_password(username, password).fmap do |tokens|
    access_token  = tokens[:access_token]
    id_token      = tokens[:id_token]
    refresh_token = tokens[:refresh_token]

    session_state = access_token.session_state

    save_token(session_state, 'access_token',  access_token)
    save_token(session_state, 'id_token',      id_token)
    save_token(session_state, 'refresh_token', refresh_token)

    session_state
  end
end

#authenticated?(session_state) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/hydra/keycloak/client.rb', line 174

def authenticated?(session_state)
  fetch_token(session_state, 'access_token').success?
end

#authorize!(session_state) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 182

def authorize!(session_state)
  access_token = yield fetch_token(session_state, 'access_token')
  if token_expired?(access_token)
    yield refresh_tokens(session_state)

    access_token = yield fetch_token(session_state, 'access_token')
  end

  tokens_repo.introspect_token(access_token.source)
end

#introspect_token(token) ⇒ Object

# File 'lib/hydra/keycloak/client.rb', line 205

def introspect_token(token)
  tokens_repo.introspect_token(token)
end

#logout!(session_state) {|clear_tokens(session_state)| ... } ⇒ Object

Yields:

• (clear_tokens(session_state))

# File 'lib/hydra/keycloak/client.rb', line 197

def logout!(session_state)
  id_token = yield fetch_token(session_state, 'id_token')

  yield clear_tokens(session_state)

  Success(urls.end_session_url(id_token.source))
end