Search in sources :

Example 66 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class RolePolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName("Update Test Role Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addRole("Role A", false);
    representation.addRole("Role B", true);
    representation.addRole("Role C", false);
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.setRoles(representation.getRoles().stream().filter(roleDefinition -> !roleDefinition.getId().equals("Resource A")).collect(Collectors.toSet()));
    RolePoliciesResource policies = authorization.policies().role();
    RolePolicyResource permission = policies.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
    for (RolePolicyRepresentation.RoleDefinition roleDefinition : representation.getRoles()) {
        if (roleDefinition.getId().equals("Role B")) {
            roleDefinition.setRequired(false);
        }
        if (roleDefinition.getId().equals("Role C")) {
            roleDefinition.setRequired(true);
        }
    }
    permission.update(representation);
    assertRepresentation(representation, permission);
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RolePoliciesResource(org.keycloak.admin.client.resource.RolePoliciesResource) RolePolicyResource(org.keycloak.admin.client.resource.RolePolicyResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 67 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class RolePolicyManagementTest method testDelete.

@Test
public void testDelete() {
    AuthorizationResource authorization = getClient().authorization();
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName("Test Delete Permission");
    representation.addRole("Role A", false);
    RolePoliciesResource policies = authorization.policies().role();
    try (Response response = policies.create(representation)) {
        RolePolicyRepresentation created = response.readEntity(RolePolicyRepresentation.class);
        policies.findById(created.getId()).remove();
        RolePolicyResource removed = policies.findById(created.getId());
        try {
            removed.toRepresentation();
            fail("Permission not removed");
        } catch (NotFoundException ignore) {
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RolePoliciesResource(org.keycloak.admin.client.resource.RolePoliciesResource) RolePolicyResource(org.keycloak.admin.client.resource.RolePolicyResource) NotFoundException(javax.ws.rs.NotFoundException) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 68 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ScopePermissionManagementTest method testCreateResourceScopePermission.

@Test
public void testCreateResourceScopePermission() {
    AuthorizationResource authorization = getClient().authorization();
    ScopePermissionRepresentation representation = new ScopePermissionRepresentation();
    representation.setName("Resource  A Scope Permission");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addResource("Resource A");
    representation.addScope("read", "execute");
    representation.addPolicy("Only Marta Policy", "Only Kolo Policy");
    assertCreated(authorization, representation);
}
Also used : AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ScopePermissionRepresentation(org.keycloak.representations.idm.authorization.ScopePermissionRepresentation) Test(org.junit.Test)

Example 69 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ScopePermissionManagementTest method testCreateScopePermission.

@Test
public void testCreateScopePermission() {
    AuthorizationResource authorization = getClient().authorization();
    ScopePermissionRepresentation representation = new ScopePermissionRepresentation();
    representation.setName("Read Permission");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addScope("read", "write");
    representation.addPolicy("Only Marta Policy");
    assertCreated(authorization, representation);
}
Also used : AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ScopePermissionRepresentation(org.keycloak.representations.idm.authorization.ScopePermissionRepresentation) Test(org.junit.Test)

Example 70 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ScopePermissionManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    ScopePermissionRepresentation representation = new ScopePermissionRepresentation();
    representation.setName("Update Test Scope Permission");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addResource("Resource A");
    representation.addScope("read", "execute");
    representation.addPolicy("Only Marta Policy", "Only Kolo Policy");
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.getResources().remove("Resource A");
    representation.addResource("Resource B");
    representation.getScopes().remove("execute");
    representation.getPolicies().remove("Only Marta Policy");
    ScopePermissionsResource permissions = authorization.permissions().scope();
    ScopePermissionResource permission = permissions.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
}
Also used : ScopePermissionResource(org.keycloak.admin.client.resource.ScopePermissionResource) ScopePermissionsResource(org.keycloak.admin.client.resource.ScopePermissionsResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ScopePermissionRepresentation(org.keycloak.representations.idm.authorization.ScopePermissionRepresentation) Test(org.junit.Test)

Aggregations

AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)110 Test (org.junit.Test)87 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)46 ClientResource (org.keycloak.admin.client.resource.ClientResource)43 Response (javax.ws.rs.core.Response)41 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)30 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)28 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)28 AuthzClient (org.keycloak.authorization.client.AuthzClient)27 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)25 ScopePermissionRepresentation (org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)23 Permission (org.keycloak.representations.idm.authorization.Permission)22 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)19 OAuthClient (org.keycloak.testsuite.util.OAuthClient)19 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)16 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)16 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)16 ResourceServerRepresentation (org.keycloak.representations.idm.authorization.ResourceServerRepresentation)15 ArrayList (java.util.ArrayList)14 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)13