Search in sources :

Example 1 with ClientPoliciesResource

use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method testGenericConfig.

@Test
public void testGenericConfig() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Test Generic Config Permission");
    representation.addClient("Client A");
    ClientPoliciesResource policies = authorization.policies().client();
    try (Response response = policies.create(representation)) {
        ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
        PolicyResource policy = authorization.policies().policy(created.getId());
        PolicyRepresentation genericConfig = policy.toRepresentation();
        assertNotNull(genericConfig.getConfig());
        assertNotNull(genericConfig.getConfig().get("clients"));
        ClientRepresentation user = getRealm().clients().findByClientId("Client A").get(0);
        assertTrue(genericConfig.getConfig().get("clients").contains(user.getId()));
    }
}
Also used : Response(javax.ws.rs.core.Response) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 2 with ClientPoliciesResource

use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method assertCreated.

private void assertCreated(AuthorizationResource authorization, ClientPolicyRepresentation representation) {
    ClientPoliciesResource permissions = authorization.policies().client();
    try (Response response = permissions.create(representation)) {
        ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
        ClientPolicyResource permission = permissions.findById(created.getId());
        assertRepresentation(representation, permission);
    }
}
Also used : Response(javax.ws.rs.core.Response) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource)

Example 3 with ClientPoliciesResource

use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Update Test Client Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addClient("Client A");
    representation.addClient("Client B");
    representation.addClient("Client C");
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client A")).collect(Collectors.toSet()));
    ClientPoliciesResource policies = authorization.policies().client();
    ClientPolicyResource permission = policies.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client C")).collect(Collectors.toSet()));
    permission.update(representation);
    assertRepresentation(representation, permission);
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 4 with ClientPoliciesResource

use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method testDelete.

@Test
public void testDelete() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Test Delete Permission");
    representation.addClient("Client A");
    ClientPoliciesResource policies = authorization.policies().client();
    try (Response response = policies.create(representation)) {
        ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
        policies.findById(created.getId()).remove();
        ClientPolicyResource removed = policies.findById(created.getId());
        try {
            removed.toRepresentation();
            fail("Permission not removed");
        } catch (NotFoundException ignore) {
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource) NotFoundException(javax.ws.rs.NotFoundException) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 5 with ClientPoliciesResource

use of org.keycloak.admin.client.resource.ClientPoliciesResource in project keycloak by keycloak.

the class AbstractServletAuthzAdapterTest method testOnlySpecificClient.

@Test
public void testOnlySpecificClient() throws Exception {
    performTests(() -> {
        login("jdoe", "jdoe");
        assertWasNotDenied();
        ClientPolicyRepresentation policy = new ClientPolicyRepresentation();
        policy.setName("Only Client Policy");
        policy.addClient("admin-cli");
        ClientPoliciesResource policyResource = getAuthorizationResource().policies().client();
        Response response = policyResource.create(policy);
        response.close();
        policy = policyResource.findByName(policy.getName());
        updatePermissionPolicies("Protected Resource Permission", policy.getName());
        login("jdoe", "jdoe");
        assertWasDenied();
        policy.addClient("servlet-authz-app");
        policyResource.findById(policy.getId()).update(policy);
        login("jdoe", "jdoe");
        assertWasNotDenied();
    });
}
Also used : Response(javax.ws.rs.core.Response) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) Test(org.junit.Test)

Aggregations

ClientPoliciesResource (org.keycloak.admin.client.resource.ClientPoliciesResource)5 ClientPolicyRepresentation (org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)5 Response (javax.ws.rs.core.Response)4 Test (org.junit.Test)4 ClientPolicyResource (org.keycloak.admin.client.resource.ClientPolicyResource)4 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)3 NotFoundException (javax.ws.rs.NotFoundException)1 PolicyResource (org.keycloak.admin.client.resource.PolicyResource)1 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)1 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)1