Module: Keycloak::Internal

Includes:
Admin
Defined in:
lib/keycloak.rb

Class Method Summary collapse

Methods included from Admin

add_client_level_roles_to_user, base_url, count_users, create_user, delete_client_level_roles_from_user, delete_user, effective_access_token, full_url, generic_delete, generic_get, generic_post, generic_put, get_all_roles_client, get_client_level_role_for_user_and_app, get_clients, get_effective_client_level_role_composite_user, get_role_mappings, get_roles_client_by_name, get_user, reset_password, revoke_consent_user, update_account_email, update_effective_user_roles, update_user

Class Method Details

.change_password(user_id, redirect_uri = '') ⇒ Object 



507
508
509
510
511
512
513
514
515
516
517
 
# File 'lib/keycloak.rb', line 507

def self.change_password(user_id, redirect_uri = '')
  proc = lambda {|token|
    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("users/#{user_id}/execute-actions-email"),
                             {:redirect_uri => redirect_uri, :client_id => Keycloak::Client.client_id},
                             ['UPDATE_PASSWORD'],
                             'PUT')
  }

  default_call(proc)
end

.create_starter_user(username, password, email, client_roles_names, proc = nil) ⇒ Object 



592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
 
# File 'lib/keycloak.rb', line 592

def self.create_starter_user(username, password, email, client_roles_names, proc = nil)
  begin
    user = (username, true)
    newUser = false
  rescue Keycloak::UserLoginNotFound
    newUser = true
  rescue
    raise
  end

  proc_default = lambda { |token|
    user_representation = { username: username,
                            email: email,
                            enabled: true }

    if !newUser || Keycloak.generic_request(token["access_token"],
                                            Keycloak::Admin.full_url("users/"),
                                            nil, user_representation, 'POST')

      user = (username, true) if newUser

      credential_representation = { type: "password",
                                    temporary: false,
                                    value: password }

      if user['federationLink'] != nil || Keycloak.generic_request(token["access_token"],
                                                                   Keycloak::Admin.full_url("users/#{user['id']}/reset-password"),
                                                                   nil, credential_representation, 'PUT')

        client = JSON Keycloak.generic_request(token["access_token"],
                                               Keycloak::Admin.full_url("clients/"),
                                               { clientId: Keycloak::Client.client_id }, nil, 'GET')

        roles = []
        client_roles_names.each do |r|
          if r.present?
            role = JSON Keycloak.generic_request(token["access_token"],
                                                 Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles/#{r}"),
                                                 nil, nil, 'GET')
            roles.push(role)
          end
        end

        if roles.count > 0
          Keycloak.generic_request(token["access_token"],
                                   Keycloak::Admin.full_url("users/#{user['id']}/role-mappings/clients/#{client[0]['id']}"),
                                   nil, roles, 'POST')
        end
      end

    end
  }

  if default_call(proc_default)
    proc.call user unless proc.nil?
  end
end

.default_call(proc) ⇒ Object 



685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
 
# File 'lib/keycloak.rb', line 685

def self.default_call(proc)
  begin
    tk = nil
    resp = nil

    Keycloak::Client.get_installation

    payload = { 'client_id' => Keycloak::Client.client_id,
                'client_secret' => Keycloak::Client.secret,
                'grant_type' => 'client_credentials' }

    header = {'Content-Type' => 'application/x-www-form-urlencoded'}

    _request = -> do
      RestClient.post(Keycloak::Client.configuration['token_endpoint'], payload, header){|response, request, result|
        case response.code
        when 200..399
          tk = JSON response.body
          resp = proc.call(tk)
        else
          response.return!
        end
      }
    end

    Keycloak::Client.exec_request _request
  ensure
    if tk
      payload = { 'client_id' => Keycloak::Client.client_id,
                  'client_secret' => Keycloak::Client.secret,
                  'refresh_token' => tk["refresh_token"] }

      header = {'Content-Type' => 'application/x-www-form-urlencoded'}
      _request = -> do
        RestClient.post(Keycloak::Client.configuration['end_session_endpoint'], payload, header){|response, request, result|
          case response.code
          when 200..399
            resp if resp.nil?
          else
            response.return!
          end
        }
      end
      Keycloak::Client.exec_request _request
    end
  end
end

.exists_name_or_email(value, user_id = '') ⇒ Object 



574
575
576
577
578
579
580
581
582
583
584
585
 
# File 'lib/keycloak.rb', line 574

def self.exists_name_or_email(value, user_id = '')
  begin
    usuario = Keycloak::Internal.(value, true)
    if user_id.empty? || user_id != usuario['id']
      usuario.present?
    else
      false
    end
  rescue StandardError
    false
  end
end

.forgot_password(user_login, redirect_uri = '') ⇒ Object 



519
520
521
522
 
# File 'lib/keycloak.rb', line 519

def self.forgot_password(, redirect_uri = '')
  user = (, true)
  change_password(user['id'], redirect_uri)
end

.get_client_rolesObject 



650
651
652
653
654
655
656
657
658
659
660
 
# File 'lib/keycloak.rb', line 650

def self.get_client_roles
  proc = lambda {|token|
    client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"])

    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("clients/#{client[0]['id']}/roles"),
                             nil, nil, 'GET')
  }

  default_call(proc)
end

.get_client_user_roles(user_id) ⇒ Object 



662
663
664
665
666
667
668
669
 
# File 'lib/keycloak.rb', line 662

def self.get_client_user_roles(user_id)
  proc = lambda {|token|
    client = JSON Keycloak::Admin.get_clients({ clientId: Keycloak::Client.client_id }, token["access_token"])
    Keycloak::Admin.get_effective_client_level_role_composite_user(user_id, client[0]['id'], token["access_token"])
  }

  default_call(proc)
end

.get_logged_user_infoObject 



524
525
526
527
528
529
530
531
532
533
 
# File 'lib/keycloak.rb', line 524

def self.
  proc = lambda {|token|
    userinfo = JSON Keycloak::Client.get_userinfo
    Keycloak.generic_request(token["access_token"],
                             Keycloak::Admin.full_url("users/#{userinfo['sub']}"),
                             nil, nil, 'GET')
  }

  default_call(proc)
end

.get_user_info(user_login, whole_word = false) ⇒ Object 



535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
 
# File 'lib/keycloak.rb', line 535

def self.(, whole_word = false)
  proc = lambda { |token|
    if .index('@').nil?
      search = {:username => }
    else
      search = {:email => }
    end
    users = JSON Keycloak.generic_request(token["access_token"],
                                          Keycloak::Admin.full_url("users/"),
                                          search, nil, 'GET')
    users[0]
    if users.count.zero?
      raise Keycloak::UserLoginNotFound
    else
      efective_index = -1
      users.each_with_index do |user, i|
        if whole_word
          efective_index = i if  == user['username'] ||  == user['email']
        else
          efective_index = 0
        end
        break if efective_index >= 0
      end

      if efective_index >= 0
        if whole_word
          users[efective_index]
        else
          users
        end
      else
        raise Keycloak::UserLoginNotFound
      end
    end
  }

  default_call(proc)
end

.get_users(query_parameters = nil) ⇒ Object 



499
500
501
502
503
504
505
 
# File 'lib/keycloak.rb', line 499

def self.get_users(query_parameters = nil)
  proc = lambda {|token|
    Keycloak::Admin.get_users(query_parameters, token["access_token"])
  }

  default_call(proc)
end

.has_role?(user_id, user_role) ⇒ Boolean

Returns:

  • (Boolean) 


671
672
673
674
675
676
677
678
679
680
681
 
# File 'lib/keycloak.rb', line 671

def self.has_role?(user_id, user_role)
  roles = JSON get_client_user_roles(user_id)
  if !roles.nil?
    roles.each do |role|
      return true if role['name'].to_s == user_role.to_s
    end
    false
  else
    false
  end
end

.logged_federation_user?Boolean

Returns:

  • (Boolean) 


587
588
589
590
 
# File 'lib/keycloak.rb', line 587

def self.logged_federation_user?
  info = 
  info['federationLink'] != nil
end