Examples with AuthorizationResource org.keycloak.admin.client.resource.AuthorizationResource used on opensource projects

Search in sources :

Example 6 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Update Test Client Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addClient("Client A");
    representation.addClient("Client B");
    representation.addClient("Client C");
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client A")).collect(Collectors.toSet()));
    ClientPoliciesResource policies = authorization.policies().client();
    ClientPolicyResource permission = policies.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client C")).collect(Collectors.toSet()));
    permission.update(representation);
    assertRepresentation(representation, permission);
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 7 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ExportAuthorizationSettingsTest method testRoleBasedPolicyWithMultipleRoles.

// KEYCLOAK-4983
@Test
public void testRoleBasedPolicyWithMultipleRoles() {
    ClientResource clientResource = getClientResource();
    AuthorizationResource authorizationResource = clientResource.authorization();
    testRealmResource().clients().create(ClientBuilder.create().clientId("test-client-1").build()).close();
    testRealmResource().clients().create(ClientBuilder.create().clientId("test-client-2").build()).close();
    ClientRepresentation client1 = getClientByClientId("test-client-1");
    ClientRepresentation client2 = getClientByClientId("test-client-2");
    testRealmResource().clients().get(client1.getId()).roles().create(RoleBuilder.create().name("client-role").build());
    testRealmResource().clients().get(client2.getId()).roles().create(RoleBuilder.create().name("client-role").build());
    RoleRepresentation role1 = testRealmResource().clients().get(client1.getId()).roles().get("client-role").toRepresentation();
    RoleRepresentation role2 = testRealmResource().clients().get(client2.getId()).roles().get("client-role").toRepresentation();
    PolicyRepresentation policy = new PolicyRepresentation();
    policy.setName("role-based-policy");
    policy.setType("role");
    Map<String, String> config = new HashMap<>();
    config.put("roles", "[{\"id\":\"" + role1.getId() + "\"},{\"id\":\"" + role2.getId() + "\"}]");
    policy.setConfig(config);
    try (Response create = authorizationResource.policies().create(policy)) {
        Assert.assertEquals(Status.CREATED, create.getStatusInfo());
    }
    // export authorization settings
    ResourceServerRepresentation exportSettings = authorizationResource.exportSettings();
    boolean found = false;
    for (PolicyRepresentation p : exportSettings.getPolicies()) {
        if (p.getName().equals("role-based-policy")) {
            found = true;
            Assert.assertTrue(p.getConfig().get("roles").contains("test-client-1/client-role") && p.getConfig().get("roles").contains("test-client-2/client-role"));
        }
    }
    if (!found) {
        Assert.fail("Policy \"role-based-policy\" was not found in exported settings.");
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) Response(javax.ws.rs.core.Response) HashMap(java.util.HashMap) ResourceServerRepresentation(org.keycloak.representations.idm.authorization.ResourceServerRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 8 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class ExportAuthorizationSettingsTest method testResourceBasedPermission.

// KEYCLOAK-4341
@Test
public void testResourceBasedPermission() throws Exception {
    String permissionName = "resource-based-permission";
    ClientResource clientResource = getClientResource();
    AuthorizationResource authorizationResource = clientResource.authorization();
    // get Default Resource
    List<ResourceRepresentation> resources = authorizationResource.resources().findByName("Default Resource");
    Assert.assertTrue(resources.size() == 1);
    ResourceRepresentation resource = resources.get(0);
    // get Default Policy
    PolicyRepresentation policy = authorizationResource.policies().findByName("Default Policy");
    // create Resource-based permission and add default policy/resource
    ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
    permission.setName(permissionName);
    permission.addPolicy(policy.getId());
    permission.addResource(resource.getId());
    Response create = authorizationResource.permissions().resource().create(permission);
    try {
        Assert.assertEquals(Status.CREATED, create.getStatusInfo());
    } finally {
        create.close();
    }
    // export authorization settings
    ResourceServerRepresentation exportSettings = authorizationResource.exportSettings();
    // check exported settings contains both resources/applyPolicies
    boolean found = false;
    for (PolicyRepresentation p : exportSettings.getPolicies()) {
        if (p.getName().equals(permissionName)) {
            found = true;
            Assert.assertEquals("[\"Default Resource\"]", p.getConfig().get("resources"));
            Assert.assertEquals("[\"Default Policy\"]", p.getConfig().get("applyPolicies"));
        }
    }
    Assert.assertTrue("Permission \"role-based-permission\" was not found.", found);
}
Also used : PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) Response(javax.ws.rs.core.Response) ResourceServerRepresentation(org.keycloak.representations.idm.authorization.ResourceServerRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) Test(org.junit.Test)

Example 9 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testDeleteGroupAndPolicy.

@Test
public void testDeleteGroupAndPolicy() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName(UUID.randomUUID().toString());
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group G", true);
    assertCreated(authorization, representation);
    GroupsResource groups = getRealm().groups();
    GroupRepresentation group = groups.groups("Group G", null, null).get(0);
    groups.group(group.getId()).remove();
    try {
        getClient().authorization().policies().group().findByName(representation.getName());
    } catch (NotFoundException e) {
    }
    representation.getGroups().clear();
    representation.addGroupPath("/Group H/Group I/Group K");
    representation.addGroupPath("/Group F");
    assertCreated(authorization, representation);
    group = groups.groups("Group K", null, null).get(0);
    groups.group(group.getId()).remove();
    GroupPolicyRepresentation policy = getClient().authorization().policies().group().findByName(representation.getName());
    assertNotNull(policy);
    assertEquals(1, policy.getGroups().size());
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) NotFoundException(javax.ws.rs.NotFoundException) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) GroupsResource(org.keycloak.admin.client.resource.GroupsResource) Test(org.junit.Test)

Example 10 with AuthorizationResource

use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testCreate.

@Test
public void testCreate() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Group Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A/Group B/Group C", true);
    representation.addGroupPath("Group F");
    assertCreated(authorization, representation);
}
Also used : GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Aggregations

AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)110 Test (org.junit.Test)87 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)46 ClientResource (org.keycloak.admin.client.resource.ClientResource)43 Response (javax.ws.rs.core.Response)41 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)30 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)28 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)28 AuthzClient (org.keycloak.authorization.client.AuthzClient)27 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)25 ScopePermissionRepresentation (org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)23 Permission (org.keycloak.representations.idm.authorization.Permission)22 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)19 OAuthClient (org.keycloak.testsuite.util.OAuthClient)19 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)16 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)16 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)16 ResourceServerRepresentation (org.keycloak.representations.idm.authorization.ResourceServerRepresentation)15 ArrayList (java.util.ArrayList)14 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial