Class: Simpleokta::Client

Inherits:

Object

• Object
• Simpleokta::Client

Includes:

Apps, AuthServers, Constants, Groups, Users

Defined in:

lib/simpleokta/apps.rb,
lib/simpleokta/users.rb,
lib/simpleokta/client.rb,
lib/simpleokta/groups.rb,
lib/simpleokta/constants.rb,
lib/simpleokta/auth_servers.rb

Defined Under Namespace

Modules: Apps, AuthServers, Constants, Groups, Users

Constant Summary

Constants included from Constants

Constants::API_BASE_PATH, Constants::APP_API_BASE_PATH, Constants::AUTH_SERVER_API_BASE_PATH, Constants::GROUP_API_BASE_PATH, Constants::ORG_API_BASE_PATH, Constants::SYSTEM_LOG_API_BASE_PATH, Constants::USER_API_BASE_PATH

Instance Attribute Summary

• #api_token ⇒ Object

  Returns the value of attribute api_token.

• #base_api_url ⇒ Object

  Returns the value of attribute base_api_url.

Instance Method Summary

• #call_with_token(action, url, body = {}) ⇒ Object

  This method will add our api_token to each authorization header to keep our code D.R.Y.

• #claim(auth_server_id, claim_id) ⇒ Hash<Claim Object>

  Get a specific Claim defined for a given Authorization Server.

• #claims(auth_server_id) ⇒ Array<Claim Object>

  Get all Claims defined for a given Authorization Server.

• #client_resources(auth_server_id) ⇒ Array<Hash>

  Lists all Client Resources for which the specified Authorization Server has tokens.

• #create_claim(auth_server_id, claim_data) ⇒ Hash<Claim Object>

  Create a Claim for a given Authorization Server.

• #create_rule(auth_server_id, policy_id, rule_data) ⇒ Hash<Rule Object>

  Create a Policy Rule for a given Policy on a given Authorization Server.

• #create_scope(auth_server_id, scope_data) ⇒ Hash<Scope Object>

  Create a Scope for a given Authorization Server.

• #delete_claim(auth_server_id, claim_id) ⇒ Object

  Delete a specific Claim defined for a given Authorization Server.

• #delete_rule(auth_server_id, policy_id, rule_id) ⇒ Object

  Delete a Policy Rule for a given Policy on a given Authorization Server.

• #delete_scope(auth_server_id, scope_id) ⇒ Object

  Delete a Scope for a given Authorization Server.

• #initialize(config) ⇒ Client constructor

  Initialize using passed in config hash.

• #keys(auth_server_id) ⇒ Array<Credentials Object>

  Get all Keys associated with a given Authorization Server.

• #refresh_token(auth_server_id, client_id, token_id) ⇒ Array<Hash>

  Gets a specific Refresh Token issued by an Authorization Server for a specific client.

• #refresh_tokens(auth_server_id, client_id) ⇒ Array<Hash>

  Lists all Refresh Tokens issued by an Authorization Server for a specific client.

• #revoke_refresh_token(auth_server_id, client_id, token_id) ⇒ Object

  Revokes a specific Refresh Token issued by an Authorization Server for a specific client.

• #revoke_refresh_tokens(auth_server_id, client_id) ⇒ Object

  Revokes all Refresh Tokens issued by an Authorization Server for a specific client.

• #rotate_keys(auth_server_id) ⇒ Array<Credentials Object>

  Rotate the current Keys associated with a given Authorization Server.

• #rule(auth_server_id, policy_id, rule_id) ⇒ Hash<Rule Object>

  Get a specific Policy Rule for a given Policy on a given Authorization Server.

• #rules(auth_server_id, policy_id) ⇒ Array<Rule Object>

  Get all Policy Rules for a given Policy on a given Authorization Server.

• #scope(auth_server_id, scope_id) ⇒ Hash<Scope Object>

  Get a specific Scope defined for a given Authorization Server.

• #scopes(auth_server_id) ⇒ Array<Scope Object>

  Get all Scopes defined for a given Authorization Server.

• #update_claim(auth_server_id, claim_id, claim_data) ⇒ Hash<Claim Object>

  Update a specific Claim defined for a given Authorization Server.

• #update_rule(auth_server_id, policy_id, rule_id, rule_data) ⇒ Hash<Rule Object>

  Update a Policy Rule for a given Policy on a given Authorization Server.

• #update_scope(auth_server_id, scope_id, scope_data) ⇒ Hash<Scope Object>

  Update a Scope for a given Authorization Server.

Methods included from Users

#activate_user, #apps_assigned_to_user, #create_and_activate_user, #create_user, #create_user_in_group, #deactivate_user, #delete_user, #reactivate_user, #suspend_user, #unlock_user, #unsuspend_user, #update_user, #user, #user_from_login, #users

Methods included from Groups

#add_user_to_group, #apps_assigned_to_group, #assign_group_to_application, #get_assigned_group_for_application, #group, #group_members, #groups, #remove_group, #remove_group_from_application, #remove_user_from_group, #update_group

Methods included from AuthServers

#activate_auth_server, #auth_server, #auth_servers, #create_auth_server, #create_policy, #deactivate_auth_server, #delete_auth_server, #delete_policy, #policies, #policy, #update_auth_server, #update_policy

Methods included from Apps

#activate_app, #app, #apps, #create_app, #deactivate_app, #delete_app, #update_app, #users_assigned_to_application

Constructor Details

#initialize(config) ⇒ Client

Initialize using passed in config hash

Parameters:

• config (Hash)

# File 'lib/simpleokta/client.rb', line 24

def initialize(config)
  @api_token = config[:api_token]
  @base_api_url = config[:base_api_url]
  @http ||= HTTP::Client.new
end

Instance Attribute Details

#api_token ⇒ Object

Returns the value of attribute api_token.

# File 'lib/simpleokta/client.rb', line 20

def api_token
  @api_token
end

#base_api_url ⇒ Object

Returns the value of attribute base_api_url.

# File 'lib/simpleokta/client.rb', line 20

def base_api_url
  @base_api_url
end

Instance Method Details

#call_with_token(action, url, body = {}) ⇒ Object

This method will add our api_token to each authorization header to keep our code D.R.Y

Parameters:

• action (String) —

  the HTTP verb we are sending our request with. IE: ‘get’, ‘post’, ‘put’, ‘delete’

• url (String) —

  the URL to send the request to.

• body (Hash) (defaults to: {}) —

  the request body, set to an empty hash by default. Each request may require a different body schema.

# File 'lib/simpleokta/client.rb', line 36

def call_with_token(action, url, body = {})
  uri = @base_api_url + url
  @http
    .headers(accept: 'application/json', content: 'application/json')
    .auth("SSWS #{@api_token}")
    .send(action, uri, { json: body })
end

#claim(auth_server_id, claim_id) ⇒ Hash<Claim Object>

Get a specific Claim defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• claim_id (String) —

  the unique id of the claim

Returns:

• (Hash<Claim Object>)

See Also:

• Claim Object
• Get Claim

# File 'lib/simpleokta/auth_servers.rb', line 338

def claim(auth_server_id, claim_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}"
  )
  JSON.parse(response.body)
end

#claims(auth_server_id) ⇒ Array<Claim Object>

Get all Claims defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

Returns:

• (Array<Claim Object>)

See Also:

• Claim Object
• Get Claims

# File 'lib/simpleokta/auth_servers.rb', line 324

def claims(auth_server_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims"
  )
  JSON.parse(response.body)
end

#client_resources(auth_server_id) ⇒ Array<Hash>

Lists all Client Resources for which the specified Authorization Server has tokens

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

Returns:

• (Array<Hash>)

See Also:

• List Client Resources for an Authorization Server

# File 'lib/simpleokta/auth_servers.rb', line 425

def client_resources(auth_server_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients"
  )
  JSON.parse(response.body)
end

#create_claim(auth_server_id, claim_data) ⇒ Hash<Claim Object>

Create a Claim for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• claim_data (Hash<Claim_Object>) —

  the data of the claim you wish to create

Returns:

• (Hash<Claim Object>)

See Also:

• Claim Object
• Create Claim

# File 'lib/simpleokta/auth_servers.rb', line 352

def create_claim(auth_server_id, claim_data)
  response = call_with_token(
    'post',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims",
    claim_data
  )
  JSON.parse(response.body)
end

#create_rule(auth_server_id, policy_id, rule_data) ⇒ Hash<Rule Object>

Create a Policy Rule for a given Policy on a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• policy_id (String) —

  the unique id of the policy

• rule_data (Hash) —

  the rule object you want to create

Returns:

• (Hash<Rule Object>)

See Also:

• Rule object
• Create Policy Rule

# File 'lib/simpleokta/auth_servers.rb', line 204

def create_rule(auth_server_id, policy_id, rule_data)
  response = call_with_token(
    'post',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules",
    rule_data
  )
  JSON.parse(response.body)
end

#create_scope(auth_server_id, scope_data) ⇒ Hash<Scope Object>

Create a Scope for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• scope_data (Hash<Scope Object>) —

  the data of the scope you wish to create

Returns:

• (Hash<Scope Object>)

See Also:

• Scope Object
• Create Scope

# File 'lib/simpleokta/auth_servers.rb', line 279

def create_scope(auth_server_id, scope_data)
  response = call_with_token(
    'post',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes",
    scope_data
  )
  JSON.parse(response.body)
end

#delete_claim(auth_server_id, claim_id) ⇒ Object

Delete a specific Claim defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• claim_id (String) —

  the unique id of the claim

Returns:

• 204 No Content

See Also:

• Claim Object
• Delete Claim

# File 'lib/simpleokta/auth_servers.rb', line 383

def delete_claim(auth_server_id, claim_id)
  call_with_token(
    'delete',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}"
  )
end

#delete_rule(auth_server_id, policy_id, rule_id) ⇒ Object

Delete a Policy Rule for a given Policy on a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• policy_id (String) —

  the unique id of the policy

• rule_id (String) —

  the unique id of the rule

Returns:

• 204 No Content

See Also:

• Rule object
• Delete Policy Rule

# File 'lib/simpleokta/auth_servers.rb', line 237

def delete_rule(auth_server_id, policy_id, rule_id)
  call_with_token(
    'delete',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}"
  )
end

#delete_scope(auth_server_id, scope_id) ⇒ Object

Delete a Scope for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• scope_id (String) —

  the unique id of the scope

Returns:

• 204 No Content

See Also:

• Scope Object
• Delete Scope

# File 'lib/simpleokta/auth_servers.rb', line 310

def delete_scope(auth_server_id, scope_id)
  call_with_token(
    'delete',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}"
  )
end

#keys(auth_server_id) ⇒ Array<Credentials Object>

Get all Keys associated with a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

Returns:

• (Array<Credentials Object>)

See Also:

• Credentials Object
• Get Authorization Server Keys

# File 'lib/simpleokta/auth_servers.rb', line 397

def keys(auth_server_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/credentials/keys"
  )
  JSON.parse(response.body)
end

#refresh_token(auth_server_id, client_id, token_id) ⇒ Array<Hash>

Gets a specific Refresh Token issued by an Authorization Server for a specific client

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• client_id (String) —

  the unique id of the client

• token_id (String) —

  the unique id of the refresh token

Returns:

• (Array<Hash>)

See Also:

• Get Refresh Tokens

# File 'lib/simpleokta/auth_servers.rb', line 454

def refresh_token(auth_server_id, client_id, token_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
  )
  JSON.parse(response.body)
end

#refresh_tokens(auth_server_id, client_id) ⇒ Array<Hash>

Lists all Refresh Tokens issued by an Authorization Server for a specific client

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• client_id (String) —

  the unique id of the client

Returns:

• (Array<Hash>)

See Also:

• List Refresh Tokens

# File 'lib/simpleokta/auth_servers.rb', line 440

def refresh_tokens(auth_server_id, client_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens"
  )
  JSON.parse(response.body)
end

#revoke_refresh_token(auth_server_id, client_id, token_id) ⇒ Object

Revokes a specific Refresh Token issued by an Authorization Server for a specific client

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• client_id (String) —

  the unique id of the client

• token_id (String) —

  the unique id of the refresh token

Returns:

• 204 No Content

See Also:

• Revoke Refresh Token

# File 'lib/simpleokta/auth_servers.rb', line 481

def revoke_refresh_token(auth_server_id, client_id, token_id)
  response = call_with_token(
    'delete',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
  )
  JSON.parse(response.body)
end

#revoke_refresh_tokens(auth_server_id, client_id) ⇒ Object

Revokes all Refresh Tokens issued by an Authorization Server for a specific client

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• client_id (String) —

  the unique id of the client

Returns:

• 204 No Content

See Also:

• Revoke Refresh Tokens

# File 'lib/simpleokta/auth_servers.rb', line 467

def revoke_refresh_tokens(auth_server_id, client_id)
  response = call_with_token(
    'delete',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/clients/#{client_id}/tokens/#{token_id}"
  )
  JSON.parse(response.body)
end

#rotate_keys(auth_server_id) ⇒ Array<Credentials Object>

Rotate the current Keys associated with a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

Returns:

• (Array<Credentials Object>)

See Also:

• Credentials Object
• Rotate Authorization Server Keys

# File 'lib/simpleokta/auth_servers.rb', line 410

def rotate_keys(auth_server_id)
  response = call_with_token(
    'post',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/credentials/lifecycle/keyRotate",
    { 'use': 'sig' }
  )
  JSON.parse(response.body)
end

#rule(auth_server_id, policy_id, rule_id) ⇒ Hash<Rule Object>

Get a specific Policy Rule for a given Policy on a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• policy_id (String) —

  the unique id of the policy

• rule_id (String) —

  the unique id of the rule

Returns:

• (Hash<Rule Object>)

See Also:

• Rule object
• Get Policy Rule

# File 'lib/simpleokta/auth_servers.rb', line 189

def rule(auth_server_id, policy_id, rule_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}"
  )
  JSON.parse(response.body)
end

#rules(auth_server_id, policy_id) ⇒ Array<Rule Object>

Get all Policy Rules for a given Policy on a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• policy_id (String) —

  the unique id of the policy

Returns:

• (Array<Rule Object>)

See Also:

• Rule object
• Get All Policy Rules

# File 'lib/simpleokta/auth_servers.rb', line 174

def rules(auth_server_id, policy_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules"
  )
  JSON.parse(response.body)
end

#scope(auth_server_id, scope_id) ⇒ Hash<Scope Object>

Get a specific Scope defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• scope_id (String) —

  the unique id of the scope

Returns:

• (Hash<Scope Object>)

See Also:

• Scope Object
• Get Scopes

# File 'lib/simpleokta/auth_servers.rb', line 265

def scope(auth_server_id, scope_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}"
  )
  JSON.parse(response.body)
end

#scopes(auth_server_id) ⇒ Array<Scope Object>

Get all Scopes defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

Returns:

• (Array<Scope Object>)

See Also:

• Scope Object
• Get Scopes

# File 'lib/simpleokta/auth_servers.rb', line 251

def scopes(auth_server_id)
  response = call_with_token(
    'get',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes"
  )
  JSON.parse(response.body)
end

#update_claim(auth_server_id, claim_id, claim_data) ⇒ Hash<Claim Object>

Update a specific Claim defined for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• claim_id (String) —

  the unique id of the claim

• claim_data (Hash<Claim_Object>) —

  the data of the claim you wish to create

Returns:

• (Hash<Claim Object>)

See Also:

• Claim Object
• Update Claim

# File 'lib/simpleokta/auth_servers.rb', line 368

def update_claim(auth_server_id, claim_id, claim_data)
  response = call_with_token(
    'put',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/claims/#{claim_id}",
    claim_data
  )
  JSON.parse(response.body)
end

#update_rule(auth_server_id, policy_id, rule_id, rule_data) ⇒ Hash<Rule Object>

Update a Policy Rule for a given Policy on a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• policy_id (String) —

  the unique id of the policy

• rule_id (String) —

  the unique id of the rule

• rule_data (Hash) —

  the rule object you want to update

Returns:

• (Hash<Rule Object>)

See Also:

• Rule object
• Update Policy Rule

# File 'lib/simpleokta/auth_servers.rb', line 221

def update_rule(auth_server_id, policy_id, rule_id, rule_data)
  response = call_with_token(
    'put',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/policies/#{policy_id}/rules/#{rule_id}",
    rule_data
  )
  JSON.parse(response.body)
end

#update_scope(auth_server_id, scope_id, scope_data) ⇒ Hash<Scope Object>

Update a Scope for a given Authorization Server

Parameters:

• auth_server_id (String) —

  the unique id of the authorization server

• scope_id (String) —

  the unique id of the scope

• scope_data (Hash<Scope Object>) —

  the data of the scope you wish to update

Returns:

• (Hash<Scope Object>)

See Also:

• Scope Object
• Create Scope

# File 'lib/simpleokta/auth_servers.rb', line 295

def update_scope(auth_server_id, scope_id, scope_data)
  response = call_with_token(
    'put',
    "#{Constants::AUTH_SERVER_API_BASE_PATH}/#{auth_server_id}/scopes/#{scope_id}",
    scope_data
  )
  JSON.parse(response.body)
end