class Keycloak::Client
Attributes
auth_server_url[R]
realm[R]
Public Class Methods
new(auth_server_url, realm)
click to toggle source
# File lib/keycloak/client.rb, line 15 def initialize(auth_server_url, realm) @auth_server_url = auth_server_url @realm = realm end
Public Instance Methods
access_token_valid?()
click to toggle source
# File lib/keycloak/client.rb, line 69 def access_token_valid? @expires_in && @expires_in > DateTime.now end
admin_realm_url()
click to toggle source
# File lib/keycloak/client.rb, line 24 def admin_realm_url "#{@auth_server_url}/admin/realms/#{@realm}" end
authenticate(username, password, grant_type, client_id, realm = @realm, auto: true)
click to toggle source
# File lib/keycloak/client.rb, line 28 def authenticate(username, password, grant_type, client_id, realm = @realm, auto: true) @authenticate_realm = realm @authenticate_client_id = client_id if auto @authenticate_username = username @authenticate_password = password @authenticate_grant_type = grant_type end now = DateTime.now url = "#{@auth_server_url}/realms/#{realm}/protocol/openid-connect/token" res = JSON.parse post(url, { username: username, password: password, grant_type: grant_type, client_id: client_id, scope: "offline_access" }, try_refresh_token: false).body @access_token = res["access_token"] @refresh_token = res["refresh_token"] @refresh_expires_in = now + res["refresh_expires_in"].seconds @expires_in = now + res["expires_in"].seconds true end
delete(url, headers: {}, payload: nil, try_refresh_token: true)
click to toggle source
# File lib/keycloak/client.rb, line 108 def delete(url, headers: {}, payload: nil, try_refresh_token: true) try_refresh_token! if try_refresh_token RestClient::Request.execute( method: :delete, url: url, payload: payload, headers: { authorization: "Bearer #{@access_token}", accept: "application/json" }.merge(headers) ) end
get(url, headers: {}, params: {}, try_refresh_token: true)
click to toggle source
# File lib/keycloak/client.rb, line 98 def get(url, headers: {}, params: {}, try_refresh_token: true) try_refresh_token! if try_refresh_token RestClient.get(url, { authorization: "Bearer #{@access_token}", accept: "application/json", params: params }.merge(headers)) end
post(url, payload, headers: {}, try_refresh_token: true)
click to toggle source
# File lib/keycloak/client.rb, line 89 def post(url, payload, headers: {}, try_refresh_token: true) try_refresh_token! if try_refresh_token RestClient.post(url, payload, { authorization: "Bearer #{@access_token}", accept: "application/json" }.merge(headers)) end
put(url, payload, headers: {}, try_refresh_token: true)
click to toggle source
# File lib/keycloak/client.rb, line 120 def put(url, payload, headers: {}, try_refresh_token: true) try_refresh_token! if try_refresh_token RestClient.put(url, payload, { authorization: "Bearer #{@access_token}", accept: "application/json" }.merge(headers)) end
realm_url()
click to toggle source
# File lib/keycloak/client.rb, line 20 def realm_url "#{@auth_server_url}/realms/#{@realm}" end
refresh_token!()
click to toggle source
# File lib/keycloak/client.rb, line 53 def refresh_token! raise "need to call `authenticate` first" unless @refresh_token url = "#{@auth_server_url}/realms/#{@authenticate_realm}/protocol/openid-connect/token" res = JSON.parse post(url, { grant_type: "refresh_token", client_id: @authenticate_client_id, refresh_token: @refresh_token }, try_refresh_token: false) @access_token = res["access_token"] @refresh_token = res["refresh_token"] now = DateTime.now @refresh_expires_in = now + res["refresh_expires_in"].seconds @expires_in = now + res["expires_in"].seconds end
refresh_token_valid?()
click to toggle source
# File lib/keycloak/client.rb, line 73 def refresh_token_valid? @refresh_expires_in && @refresh_expires_in > DateTime.now end
try_refresh_token!()
click to toggle source
# File lib/keycloak/client.rb, line 77 def try_refresh_token! return if access_token_valid? if refresh_token_valid? refresh_token! elsif @authenticate_username && @authenticate_password authenticate(@authenticate_username, @authenticate_password, @authenticate_grant_type, @authenticate_client_id, @authenticate_realm, auto: false) else raise("Refresh token expired, you should re-authenticate to obtain an access token or enable auto authentication") end end