Module: Verikloak::Rails::Testing::ClaimsBuilder

Included in:

Helpers

Defined in:

lib/verikloak/rails/testing/claims_builder.rb

Overview

Builds JWT-shaped claim Hashes from a user-like object for use in tests. The returned Hash uses string keys to match what ‘Verikloak::Middleware` writes to `env` after a successful token verification.

The user object is duck-typed: it must respond to ‘uid` and `email`. Optional methods used when present:

• ‘username` or `preferred_username` (for `preferred_username`)

• ‘first_name` (for `given_name`)

• ‘last_name` (for `family_name`)

Instance Method Summary

• #build_admin_claims(user, admin_group: '/admin', extra_claims: {}) ⇒ Hash{String=>Object}

  Convenience wrapper that assigns the configured admin group.

• #build_jwt_claims(user, groups: [], extra_claims: {}) ⇒ Hash{String=>Object}

  Build a baseline OIDC-style claim Hash.

• #build_user_claims(user, user_group: '/user', extra_claims: {}) ⇒ Hash{String=>Object}

  Convenience wrapper that assigns the configured user group.

Instance Method Details

#build_admin_claims(user, admin_group: '/admin', extra_claims: {}) ⇒ Hash{String=>Object}

Convenience wrapper that assigns the configured admin group.

Parameters:

• user (Object)
• admin_group (String) (defaults to: '/admin') —

  group identifier (default: “/admin”)

• extra_claims (Hash) (defaults to: {})

Returns:

• (Hash{String=>Object})

# File 'lib/verikloak/rails/testing/claims_builder.rb', line 46

def build_admin_claims(user, admin_group: '/admin', extra_claims: {})
  build_jwt_claims(user, groups: [admin_group], extra_claims: extra_claims)
end

#build_jwt_claims(user, groups: [], extra_claims: {}) ⇒ Hash{String=>Object}

Build a baseline OIDC-style claim Hash.

Parameters:

• user (Object) —

  user-like object responding to ‘uid`, `email`

• groups (Array<String>) (defaults to: []) —

  values for the ‘groups` claim

• extra_claims (Hash) (defaults to: {}) —

  additional claims to merge in (overrides any keys produced from ‘user`/`groups`)

Returns:

• (Hash{String=>Object})

# File 'lib/verikloak/rails/testing/claims_builder.rb', line 24

def build_jwt_claims(user, groups: [], extra_claims: {})
  base = {
    'sub' => user.uid,
    'email' => user.email,
    'preferred_username' => preferred_username_for(user),
    'given_name' => safe_call(user, :first_name),
    'family_name' => safe_call(user, :last_name),
    'groups' => groups,
    'realm_access' => { 'roles' => [] },
    'resource_access' => {},
    'aud' => ['account']
  }.compact

  base.merge(stringify_keys(extra_claims))
end

#build_user_claims(user, user_group: '/user', extra_claims: {}) ⇒ Hash{String=>Object}

Convenience wrapper that assigns the configured user group.

Parameters:

• user (Object)
• user_group (String) (defaults to: '/user') —

  group identifier (default: “/user”)

• extra_claims (Hash) (defaults to: {})

Returns:

• (Hash{String=>Object})

# File 'lib/verikloak/rails/testing/claims_builder.rb', line 56

def build_user_claims(user, user_group: '/user', extra_claims: {})
  build_jwt_claims(user, groups: [user_group], extra_claims: extra_claims)
end