Module: Keycloak::Internal

Includes:
Admin
Defined in:
lib/keycloak.rb

Class Method Summary collapse

Methods included from Admin

add_client_level_roles_to_user, count_users, create_user, delete_client_level_roles_from_user, delete_user, generic_delete, generic_get, generic_post, generic_put, get_all_roles_client, get_client_level_role_for_user_and_app, get_clients, get_effective_client_level_role_composite_user, get_role_mappings, get_roles_client_by_name, get_user, reset_password, revoke_consent_user, update_account_email, update_effective_user_roles, update_user

Class Method Details

.change_password(user_id, redirect_uri = '') ⇒ Object 



507
508
509
510
511
512
513
514
515
516
517
 
# File 'lib/keycloak.rb', line 507

def self.change_password(user_id, redirect_uri = '')
  proc = lambda {|token|
    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("users/#{user_id}/execute-actions-email"),
                             {:redirect_uri => redirect_uri, :client_id => Keycloak::Client.client_id},
                             ['UPDATE_PASSWORD'],
                             'PUT')
  }

  default_call(proc)
end

.create_starter_user(username, password, email, client_roles_names, proc = nil) ⇒ Object 



579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
 
# File 'lib/keycloak.rb', line 579

def self.create_starter_user(username, password, email, client_roles_names, proc = nil)
  begin
    user = (username, true)
    newUser = false
  rescue Keycloak::UserLoginNotFound
    newUser = true
  rescue
    raise
  end

  proc_default = lambda { |token|
    user_representation = { username: username,
                            email: email,
                            enabled: true }

    if !newUser || Keycloak.generic_request(token["access_token"],
                                            Keycloak::Admin.full_url("users/"),
                                            nil, user_representation, 'POST')

      user = (username, true) if newUser

      credential_representation = { type: "password",
                                    temporary: false,
                                    value: password }

      if Keycloak.generic_request(token["access_token"],
                                  Keycloak::Admin.full_url("users/#{user['id']}/reset-password"),
                                  nil, credential_representation, 'PUT')

        client = JSON Keycloak.generic_request(token["access_token"],
                                               Keycloak::Admin.full_url("clients/"),
                                               { clientId: Keycloak::Client.client_id }, nil, 'GET')

        roles = []
        client_roles_names.each do |r|
          if r.present?
            role = JSON Keycloak.generic_request(token["access_token"],
                                                 Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles/#{r}"),
                                                 nil, nil, 'GET')
            roles.push(role)
          end
        end

        if roles.count > 0
          Keycloak.generic_request(token["access_token"],
                                   Keycloak::Admin.full_url("users/#{user['id']}/role-mappings/clients/#{client[0]['id']}"),
                                   nil, roles, 'POST')
        end
      end

    end
  }

  if default_call(proc_default)
    proc.call user unless proc.nil?
  end
end

.forgot_password(user_login, redirect_uri = '') ⇒ Object 



519
520
521
522
 
# File 'lib/keycloak.rb', line 519

def self.forgot_password(, redirect_uri = '')
  user = (, true)
  change_password(user['id'], redirect_uri)
end

.get_client_rolesObject 



637
638
639
640
641
642
643
644
645
646
647
 
# File 'lib/keycloak.rb', line 637

def self.get_client_roles
  proc = lambda {|token|
    client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"])

    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles"),
                             nil, nil, 'GET')
  }

  default_call(proc)
end

.get_client_user_roles(user_id) ⇒ Object 



649
650
651
652
653
654
655
656
 
# File 'lib/keycloak.rb', line 649

def self.get_client_user_roles(user_id)
  proc = lambda {|token|
    client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"])
    Keycloak::Admin.get_effective_client_level_role_composite_user(user_id, client[0]['id'], token["access_token"])
  }

  default_call(proc)
end

.get_logged_user_infoObject 



524
525
526
527
528
529
530
531
532
533
 
# File 'lib/keycloak.rb', line 524

def self.
  proc = lambda {|token|
    userinfo = JSON Keycloak::Client.get_userinfo
    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("users/#{userinfo['sub']}"),
                             nil, nil, 'GET')
  }

  default_call(proc)
end

.get_user_info(user_login, whole_word = false) ⇒ Object 



535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
 
# File 'lib/keycloak.rb', line 535

def self.(, whole_word = false)
  proc = lambda { |token|
    if .index('@').nil?
      search = {:username => }
    else
      search = {:email => }
    end
    users = JSON Keycloak.generic_request(token["access_token"],
                                          Keycloak::Admin.full_url("users/"),
                                          search, nil, 'GET')
    users[0]
    if users.count.zero?
      raise Keycloak::UserLoginNotFound
    else
      efective_index = -1
      users.each_with_index do |user, i|
        if whole_word
          efective_index = i if  == user['username'] ||  == user['email']
        else
          efective_index = 0
        end
        break if efective_index >= 0
      end

      if efective_index >= 0
        if whole_word
          users[efective_index]
        else
          users
        end
      else
        raise Keycloak::UserLoginNotFound
      end
    end
  }

  default_call(proc)
end

.get_users(query_parameters = nil) ⇒ Object 



499
500
501
502
503
504
505
 
# File 'lib/keycloak.rb', line 499

def self.get_users(query_parameters = nil)
  proc = lambda {|token|
    Keycloak::Admin.get_users(query_parameters, token["access_token"])
  }

  default_call(proc)
end

.has_role?(user_id, user_role) ⇒ Boolean

Returns:

  • (Boolean) 


658
659
660
661
662
663
664
665
666
667
668
 
# File 'lib/keycloak.rb', line 658

def self.has_role?(user_id, user_role)
  roles = JSON get_client_user_roles(user_id)
  if !roles.nil?
    roles.each do |role|
      return true if role['name'].to_s == user_role.to_s
    end
    false
  else
    false
  end
end

.logged_federation_user?Boolean

Returns:

  • (Boolean) 


574
575
576
577
 
# File 'lib/keycloak.rb', line 574

def self.logged_federation_user?
  info = 
  info['federationLink'] != nil
end