Search in sources :

Example 61 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ResourcePermissionManagementTest method testCreateResourcePermission.

@Test
public void testCreateResourcePermission() {
    AuthorizationResource authorization = getClient().authorization();
    ResourcePermissionRepresentation representation = new ResourcePermissionRepresentation();
    representation.setName("Resource A Permission");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addResource("Resource A");
    representation.addPolicy("Only Marta Policy", "Only Kolo Policy");
    assertCreated(authorization, representation);
}
Also used : AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) Test(org.junit.Test)

Example 62 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ResourcePermissionManagementTest method testDelete.

@Test
public void testDelete() {
    AuthorizationResource authorization = getClient().authorization();
    ResourcePermissionRepresentation representation = new ResourcePermissionRepresentation();
    representation.setName("Test Delete Permission");
    representation.setResourceType("test-resource");
    representation.addPolicy("Only Marta Policy");
    ResourcePermissionsResource permissions = authorization.permissions().resource();
    try (Response response = permissions.create(representation)) {
        ResourcePermissionRepresentation created = response.readEntity(ResourcePermissionRepresentation.class);
        permissions.findById(created.getId()).remove();
        ResourcePermissionResource removed = permissions.findById(created.getId());
        try {
            removed.toRepresentation();
            fail("Permission not removed");
        } catch (NotFoundException ignore) {
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) ResourcePermissionResource(org.keycloak.admin.client.resource.ResourcePermissionResource) NotFoundException(javax.ws.rs.NotFoundException) ResourcePermissionsResource(org.keycloak.admin.client.resource.ResourcePermissionsResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) Test(org.junit.Test)

Example 63 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ResourcePermissionManagementTest method failCreateWithSameName.

@Test
public void failCreateWithSameName() {
    AuthorizationResource authorization = getClient().authorization();
    ResourcePermissionRepresentation permission1 = new ResourcePermissionRepresentation();
    permission1.setName("Conflicting Name Permission");
    permission1.setResourceType("test-resource");
    permission1.addPolicy("Only Marta Policy");
    ResourcePermissionsResource permissions = authorization.permissions().resource();
    permissions.create(permission1).close();
    ResourcePermissionRepresentation permission2 = new ResourcePermissionRepresentation();
    permission2.setName(permission1.getName());
    try (Response response = permissions.create(permission2)) {
        assertEquals(Response.Status.CONFLICT.getStatusCode(), response.getStatus());
    }
}
Also used : Response(javax.ws.rs.core.Response) ResourcePermissionsResource(org.keycloak.admin.client.resource.ResourcePermissionsResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) Test(org.junit.Test)

Example 64 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class RolePolicyManagementTest method testCreateClientRolePolicy.

@Test
public void testCreateClientRolePolicy() {
    ClientResource client = getClient();
    AuthorizationResource authorization = client.authorization();
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName("Realm Client Role Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    RolesResource roles = client.roles();
    roles.create(new RoleRepresentation("Client Role A", "desc", false));
    ClientRepresentation clientRep = client.toRepresentation();
    roles.create(new RoleRepresentation("Client Role B", "desc", false));
    representation.addRole("resource-server-test/Client Role A");
    representation.addClientRole(clientRep.getClientId(), "Client Role B", true);
    assertCreated(authorization, representation);
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) RolesResource(org.keycloak.admin.client.resource.RolesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 65 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class RolePolicyManagementTest method testGenericConfig.

@Test
public void testGenericConfig() {
    AuthorizationResource authorization = getClient().authorization();
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName("Test Generic Config  Permission");
    representation.addRole("Role A", false);
    RolePoliciesResource policies = authorization.policies().role();
    try (Response response = policies.create(representation)) {
        RolePolicyRepresentation created = response.readEntity(RolePolicyRepresentation.class);
        PolicyResource policy = authorization.policies().policy(created.getId());
        PolicyRepresentation genericConfig = policy.toRepresentation();
        assertNotNull(genericConfig.getConfig());
        assertNotNull(genericConfig.getConfig().get("roles"));
        RoleRepresentation role = getRealm().roles().get("Role A").toRepresentation();
        assertTrue(genericConfig.getConfig().get("roles").contains(role.getId()));
    }
}
Also used : Response(javax.ws.rs.core.Response) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RolePolicyResource(org.keycloak.admin.client.resource.RolePolicyResource) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) RolePoliciesResource(org.keycloak.admin.client.resource.RolePoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Aggregations

AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)110 Test (org.junit.Test)87 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)46 ClientResource (org.keycloak.admin.client.resource.ClientResource)43 Response (javax.ws.rs.core.Response)41 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)30 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)28 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)28 AuthzClient (org.keycloak.authorization.client.AuthzClient)27 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)25 ScopePermissionRepresentation (org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)23 Permission (org.keycloak.representations.idm.authorization.Permission)22 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)19 OAuthClient (org.keycloak.testsuite.util.OAuthClient)19 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)16 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)16 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)16 ResourceServerRepresentation (org.keycloak.representations.idm.authorization.ResourceServerRepresentation)15 ArrayList (java.util.ArrayList)14 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)13