use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.
the class ClientPolicyManagementTest method testGenericConfig.
@Test
public void testGenericConfig() {
AuthorizationResource authorization = getClient().authorization();
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName("Test Generic Config Permission");
representation.addClient("Client A");
ClientPoliciesResource policies = authorization.policies().client();
try (Response response = policies.create(representation)) {
ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
PolicyResource policy = authorization.policies().policy(created.getId());
PolicyRepresentation genericConfig = policy.toRepresentation();
assertNotNull(genericConfig.getConfig());
assertNotNull(genericConfig.getConfig().get("clients"));
ClientRepresentation user = getRealm().clients().findByClientId("Client A").get(0);
assertTrue(genericConfig.getConfig().get("clients").contains(user.getId()));
}
}
use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.
the class ClientPolicyManagementTest method assertCreated.
private void assertCreated(AuthorizationResource authorization, ClientPolicyRepresentation representation) {
ClientPoliciesResource permissions = authorization.policies().client();
try (Response response = permissions.create(representation)) {
ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
ClientPolicyResource permission = permissions.findById(created.getId());
assertRepresentation(representation, permission);
}
}
use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.
the class ClientPolicyManagementTest method testUpdate.
@Test
public void testUpdate() {
AuthorizationResource authorization = getClient().authorization();
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName("Update Test Client Policy");
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.addClient("Client A");
representation.addClient("Client B");
representation.addClient("Client C");
assertCreated(authorization, representation);
representation.setName("changed");
representation.setDescription("changed");
representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
representation.setLogic(Logic.POSITIVE);
representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client A")).collect(Collectors.toSet()));
ClientPoliciesResource policies = authorization.policies().client();
ClientPolicyResource permission = policies.findById(representation.getId());
permission.update(representation);
assertRepresentation(representation, permission);
representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client C")).collect(Collectors.toSet()));
permission.update(representation);
assertRepresentation(representation, permission);
}
use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.
the class ClientPolicyManagementTest method testDelete.
@Test
public void testDelete() {
AuthorizationResource authorization = getClient().authorization();
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName("Test Delete Permission");
representation.addClient("Client A");
ClientPoliciesResource policies = authorization.policies().client();
try (Response response = policies.create(representation)) {
ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
policies.findById(created.getId()).remove();
ClientPolicyResource removed = policies.findById(created.getId());
try {
removed.toRepresentation();
fail("Permission not removed");
} catch (NotFoundException ignore) {
}
}
}
use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.
the class AbstractServletAuthzAdapterTest method testOnlySpecificClient.
@Test
public void testOnlySpecificClient() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
assertWasNotDenied();
ClientPolicyRepresentation policy = new ClientPolicyRepresentation();
policy.setName("Only Client Policy");
policy.addClient("admin-cli");
ClientPoliciesResource policyResource = getAuthorizationResource().policies().client();
Response response = policyResource.create(policy);
response.close();
policy = policyResource.findByName(policy.getName());
updatePermissionPolicies("Protected Resource Permission", policy.getName());
login("jdoe", "jdoe");
assertWasDenied();
policy.addClient("servlet-authz-app");
policyResource.findById(policy.getId()).update(policy);
login("jdoe", "jdoe");
assertWasNotDenied();
});
}
Aggregations