Module: Keycloak::Internal
- Includes:
- Admin
- Defined in:
- lib/keycloak.rb
Class Method Summary collapse
- .change_password(user_id, redirect_uri = '') ⇒ Object
- .create_simple_user(username, password, email, first_name, last_name, realm_roles_names, client_roles_names, proc = nil) ⇒ Object
- .create_starter_user(username, password, email, client_roles_names, proc = nil) ⇒ Object
- .exists_name_or_email(value, user_id = '') ⇒ Object
- .forgot_password(user_login, redirect_uri = '') ⇒ Object
- .get_client_roles ⇒ Object
- .get_client_user_roles(user_id) ⇒ Object
- .get_logged_user_info ⇒ Object
- .get_user_info(user_login, whole_word = false) ⇒ Object
- .get_users(query_parameters = nil) ⇒ Object
- .has_role?(user_id, user_role) ⇒ Boolean
- .logged_federation_user? ⇒ Boolean
Methods included from Admin
add_client_level_roles_to_user, count_users, create_user, delete_client_level_roles_from_user, delete_user, generic_delete, generic_get, generic_post, generic_put, get_all_roles_client, get_client_level_role_for_user_and_app, get_clients, get_effective_client_level_role_composite_user, get_role_mappings, get_roles_client_by_name, get_user, reset_password, revoke_consent_user, update_account_email, update_effective_user_roles, update_user
Class Method Details
.change_password(user_id, redirect_uri = '') ⇒ Object
569 570 571 572 573 574 575 576 577 578 579 |
# File 'lib/keycloak.rb', line 569 def self.change_password(user_id, redirect_uri = '') proc = lambda {|token| Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/#{user_id}/execute-actions-email"), {:redirect_uri => redirect_uri, :client_id => Keycloak::Client.client_id}, ['UPDATE_PASSWORD'], 'PUT') } default_call(proc) end |
.create_simple_user(username, password, email, first_name, last_name, realm_roles_names, client_roles_names, proc = nil) ⇒ Object
654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 |
# File 'lib/keycloak.rb', line 654 def self.create_simple_user(username, password, email, first_name, last_name, realm_roles_names, client_roles_names, proc = nil) begin username.downcase! user = get_user_info(username, true) newUser = false rescue Keycloak::UserLoginNotFound newUser = true rescue raise end proc_default = lambda { |token| user_representation = { username: username, email: email, firstName: first_name, lastName: last_name, enabled: true } if !newUser || Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/"), nil, user_representation, 'POST') user = get_user_info(username, true) if newUser credential_representation = { type: "password", temporary: false, value: password } if user['federationLink'] != nil || Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/#{user['id']}/reset-password"), nil, credential_representation, 'PUT') client = JSON Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("clients/"), { clientId: Keycloak::Client.client_id }, nil, 'GET') if client_roles_names.count > 0 roles = [] client_roles_names.each do |r| if r.present? role = JSON Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles/#{r}"), nil, nil, 'GET') roles.push(role) end end if roles.count > 0 Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/#{user['id']}/role-mappings/clients/#{client[0]['id']}"), nil, roles, 'POST') end end if realm_roles_names.count > 0 roles = [] realm_roles_names.each do |r| if r.present? role = JSON Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("roles/#{r}"), nil, nil, 'GET') roles.push(role) end end if roles.count > 0 Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/#{user['id']}/role-mappings/realm"), nil, roles, 'POST') end else true end end end } if default_call(proc_default) proc.call user unless proc.nil? end end |
.create_starter_user(username, password, email, client_roles_names, proc = nil) ⇒ Object
736 737 738 |
# File 'lib/keycloak.rb', line 736 def self.create_starter_user(username, password, email, client_roles_names, proc = nil) Keycloak::Internal.create_simple_user(username, password, email, '', '', [], client_roles_names, proc) end |
.exists_name_or_email(value, user_id = '') ⇒ Object
636 637 638 639 640 641 642 643 644 645 646 647 |
# File 'lib/keycloak.rb', line 636 def self.exists_name_or_email(value, user_id = '') begin usuario = Keycloak::Internal.get_user_info(value, true) if user_id.empty? || user_id != usuario['id'] usuario.present? else false end rescue StandardError false end end |
.forgot_password(user_login, redirect_uri = '') ⇒ Object
581 582 583 584 |
# File 'lib/keycloak.rb', line 581 def self.forgot_password(user_login, redirect_uri = '') user = get_user_info(user_login, true) change_password(user['id'], redirect_uri) end |
.get_client_roles ⇒ Object
740 741 742 743 744 745 746 747 748 749 750 |
# File 'lib/keycloak.rb', line 740 def self.get_client_roles proc = lambda {|token| client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"]) Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles"), nil, nil, 'GET') } default_call(proc) end |
.get_client_user_roles(user_id) ⇒ Object
752 753 754 755 756 757 758 759 |
# File 'lib/keycloak.rb', line 752 def self.get_client_user_roles(user_id) proc = lambda {|token| client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"]) Keycloak::Admin.get_effective_client_level_role_composite_user(user_id, client[0]['id'], token["access_token"]) } default_call(proc) end |
.get_logged_user_info ⇒ Object
586 587 588 589 590 591 592 593 594 595 |
# File 'lib/keycloak.rb', line 586 def self.get_logged_user_info proc = lambda {|token| userinfo = JSON Keycloak::Client.get_userinfo Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/#{userinfo['sub']}"), nil, nil, 'GET') } default_call(proc) end |
.get_user_info(user_login, whole_word = false) ⇒ Object
597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 |
# File 'lib/keycloak.rb', line 597 def self.get_user_info(user_login, whole_word = false) proc = lambda { |token| if user_login.index('@').nil? search = {:username => user_login} else search = {:email => user_login} end users = JSON Keycloak.generic_request(token["access_token"], Keycloak::Admin.full_url("users/"), search, nil, 'GET') users[0] if users.count.zero? raise Keycloak::UserLoginNotFound else efective_index = -1 users.each_with_index do |user, i| if whole_word efective_index = i if user_login == user['username'] || user_login == user['email'] else efective_index = 0 end break if efective_index >= 0 end if efective_index >= 0 if whole_word users[efective_index] else users end else raise Keycloak::UserLoginNotFound end end } default_call(proc) end |
.get_users(query_parameters = nil) ⇒ Object
561 562 563 564 565 566 567 |
# File 'lib/keycloak.rb', line 561 def self.get_users(query_parameters = nil) proc = lambda {|token| Keycloak::Admin.get_users(query_parameters, token["access_token"]) } default_call(proc) end |
.has_role?(user_id, user_role) ⇒ Boolean
761 762 763 764 765 766 767 768 769 770 771 |
# File 'lib/keycloak.rb', line 761 def self.has_role?(user_id, user_role) roles = JSON get_client_user_roles(user_id) if !roles.nil? roles.each do |role| return true if role['name'].to_s == user_role.to_s end false else false end end |
.logged_federation_user? ⇒ Boolean
649 650 651 652 |
# File 'lib/keycloak.rb', line 649 def self.logged_federation_user? info = get_logged_user_info info['federationLink'] != nil end |