Examples with PolicyEnforcer org.keycloak.adapters.authorization.PolicyEnforcer used on opensource projects

Search in sources :

Example 1 with PolicyEnforcer

use of org.keycloak.adapters.authorization.PolicyEnforcer in project keycloak by keycloak.

the class ClaimInformationPointProviderTest method getClaimInformationProviderForPath.

private ClaimInformationPointProvider getClaimInformationProviderForPath(String path, String providerName) {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/authorization-test/enforcer-config-claims-provider.json"));
    deployment.setClient(HttpClients.createDefault());
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    Map<String, ClaimInformationPointProviderFactory> providers = policyEnforcer.getClaimInformationPointProviderFactories();
    PathConfig pathConfig = policyEnforcer.getPaths().get(path);
    assertNotNull(pathConfig);
    Map<String, Map<String, Object>> cipConfig = pathConfig.getClaimInformationPointConfig();
    assertNotNull(cipConfig);
    ClaimInformationPointProviderFactory factory = providers.get(providerName);
    assertNotNull(factory);
    Map<String, Object> claimsConfig = cipConfig.get(providerName);
    return factory.create(claimsConfig);
}
Also used : PathConfig(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) ClaimInformationPointProviderFactory(org.keycloak.adapters.authorization.ClaimInformationPointProviderFactory) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with PolicyEnforcer

use of org.keycloak.adapters.authorization.PolicyEnforcer in project keycloak by keycloak.

the class EnforcerConfigTest method testMultiplePathsWithSameName.

@Test
public void testMultiplePathsWithSameName() {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/authorization-test/enforcer-config-paths-same-name.json"));
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    Map<String, PolicyEnforcerConfig.PathConfig> paths = policyEnforcer.getPaths();
    assertEquals(1, paths.size());
    assertEquals(4, paths.values().iterator().next().getMethods().size());
}
Also used : PathConfig(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 3 with PolicyEnforcer

use of org.keycloak.adapters.authorization.PolicyEnforcer in project keycloak by keycloak.

the class EnforcerConfigTest method testPathConfigClaimInformationPoint.

@Test
public void testPathConfigClaimInformationPoint() {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getClass().getResourceAsStream("/authorization-test/enforcer-config-path-cip.json"));
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    Map<String, PolicyEnforcerConfig.PathConfig> paths = policyEnforcer.getPaths();
    assertEquals(1, paths.size());
    PathConfig pathConfig = paths.values().iterator().next();
    Map<String, Map<String, Object>> cipConfig = pathConfig.getClaimInformationPointConfig();
    assertEquals(1, cipConfig.size());
    Map<String, Object> claims = cipConfig.get("claims");
    assertNotNull(claims);
    assertEquals(3, claims.size());
    assertEquals("{request.parameter['a']}", claims.get("claim-a"));
    assertEquals("{request.header['b']}", claims.get("claim-b"));
    assertEquals("{request.cookie['c']}", claims.get("claim-c"));
}
Also used : PathConfig(org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) Map(java.util.Map) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 4 with PolicyEnforcer

use of org.keycloak.adapters.authorization.PolicyEnforcer in project keycloak by keycloak.

the class PolicyEnforcerTest method testOnDenyRedirectTo.

@Test
public void testOnDenyRedirectTo() {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getAdapterConfiguration("enforcer-on-deny-redirect.json"));
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    OIDCHttpFacade httpFacade = createHttpFacade("/api/resourcea");
    AuthorizationContext context = policyEnforcer.enforce(httpFacade);
    assertFalse(context.isGranted());
    TestResponse response = TestResponse.class.cast(httpFacade.getResponse());
    assertEquals(302, response.getStatus());
    List<String> location = response.getHeaders().getOrDefault("Location", Collections.emptyList());
    assertFalse(location.isEmpty());
    assertEquals("/accessDenied", location.get(0));
}
Also used : OIDCHttpFacade(org.keycloak.adapters.OIDCHttpFacade) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) AuthorizationContext(org.keycloak.AuthorizationContext) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 5 with PolicyEnforcer

use of org.keycloak.adapters.authorization.PolicyEnforcer in project keycloak by keycloak.

the class PolicyEnforcerTest method testEnforcementModeDisabled.

@Test
public void testEnforcementModeDisabled() {
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getAdapterConfiguration("enforcer-disabled-enforce-mode.json"));
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    OIDCHttpFacade httpFacade = createHttpFacade("/api/resource/public");
    policyEnforcer.enforce(httpFacade);
    TestResponse response = TestResponse.class.cast(httpFacade.getResponse());
    assertEquals(401, response.getStatus());
}
Also used : OIDCHttpFacade(org.keycloak.adapters.OIDCHttpFacade) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Aggregations

PolicyEnforcer (org.keycloak.adapters.authorization.PolicyEnforcer)22 KeycloakDeployment (org.keycloak.adapters.KeycloakDeployment)20 Test (org.junit.Test)19 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)19 AuthorizationContext (org.keycloak.AuthorizationContext)17 OIDCHttpFacade (org.keycloak.adapters.OIDCHttpFacade)11 OAuthClient (org.keycloak.testsuite.util.OAuthClient)10 HashMap (java.util.HashMap)5 ClientResource (org.keycloak.admin.client.resource.ClientResource)5 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)5 List (java.util.List)4 PermissionsResource (org.keycloak.admin.client.resource.PermissionsResource)4 AuthzClient (org.keycloak.authorization.client.AuthzClient)4 Permission (org.keycloak.representations.idm.authorization.Permission)4 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)4 PathConfig (org.keycloak.representations.adapters.config.PolicyEnforcerConfig.PathConfig)3 IOException (java.io.IOException)2 Map (java.util.Map)2 Set (java.util.Set)2 PolicyEnforcerConfig (org.keycloak.representations.adapters.config.PolicyEnforcerConfig)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial