Examples with IdentityProviderResource org.keycloak.admin.client.resource.IdentityProviderResource used on opensource projects

Search in sources :

Example 16 with IdentityProviderResource

use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.

the class IdentityProviderTest method testUpdateProtocolMappers.

// KEYCLOAK-4962
@Test
public void testUpdateProtocolMappers() {
    create(createRep("google2", "google"));
    IdentityProviderResource provider = realm.identityProviders().get("google2");
    IdentityProviderMapperRepresentation mapper = new IdentityProviderMapperRepresentation();
    mapper.setIdentityProviderAlias("google2");
    mapper.setName("my_mapper");
    mapper.setIdentityProviderMapper("oidc-hardcoded-role-idp-mapper");
    Map<String, String> config = new HashMap<>();
    config.put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString());
    config.put("role", "");
    mapper.setConfig(config);
    Response response = provider.addMapper(mapper);
    String mapperId = ApiUtil.getCreatedId(response);
    List<IdentityProviderMapperRepresentation> mappers = provider.getMappers();
    assertEquals(1, mappers.size());
    assertEquals(1, mappers.get(0).getConfig().size());
    mapper = provider.getMapperById(mapperId);
    mapper.getConfig().put("role", "offline_access");
    provider.update(mapperId, mapper);
    mappers = provider.getMappers();
    assertEquals("INHERIT", mappers.get(0).getConfig().get(IdentityProviderMapperModel.SYNC_MODE));
    assertEquals(1, mappers.size());
    assertEquals(2, mappers.get(0).getConfig().size());
    assertEquals("offline_access", mappers.get(0).getConfig().get("role"));
}
Also used : Response(javax.ws.rs.core.Response) IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) HashMap(java.util.HashMap) Matchers.containsString(org.hamcrest.Matchers.containsString) Test(org.junit.Test)

Example 17 with IdentityProviderResource

use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.

the class IdentityProviderTest method failUpdateInvalidUrl.

@Test
public void failUpdateInvalidUrl() throws Exception {
    try (RealmAttributeUpdater rau = new RealmAttributeUpdater(realm).updateWith(r -> r.setSslRequired(SslRequired.ALL.name())).update()) {
        IdentityProviderRepresentation representation = createRep(UUID.randomUUID().toString(), "oidc");
        representation.getConfig().put("clientId", "clientId");
        representation.getConfig().put("clientSecret", "some secret value");
        try (Response response = realm.identityProviders().create(representation)) {
            assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
        }
        IdentityProviderResource resource = this.realm.identityProviders().get(representation.getAlias());
        representation = resource.toRepresentation();
        OIDCIdentityProviderConfigRep oidcConfig = new OIDCIdentityProviderConfigRep(representation);
        oidcConfig.setAuthorizationUrl("invalid://test");
        try {
            resource.update(representation);
            fail("Invalid URL");
        } catch (Exception e) {
            assertTrue(e instanceof ClientErrorException);
            Response response = ClientErrorException.class.cast(e).getResponse();
            assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatus());
            ErrorRepresentation error = ((ClientErrorException) e).getResponse().readEntity(ErrorRepresentation.class);
            assertEquals("The url [authorization_url] is malformed", error.getErrorMessage());
        }
        oidcConfig.setAuthorizationUrl(null);
        oidcConfig.setTokenUrl("http://test");
        try {
            resource.update(representation);
            fail("Invalid URL");
        } catch (Exception e) {
            assertTrue(e instanceof ClientErrorException);
            Response response = ClientErrorException.class.cast(e).getResponse();
            assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatus());
            ErrorRepresentation error = ((ClientErrorException) e).getResponse().readEntity(ErrorRepresentation.class);
            assertEquals("The url [token_url] requires secure connections", error.getErrorMessage());
        }
        oidcConfig.setAuthorizationUrl(null);
        oidcConfig.setTokenUrl(null);
        oidcConfig.setJwksUrl("http://test");
        try {
            resource.update(representation);
            fail("Invalid URL");
        } catch (Exception e) {
            assertTrue(e instanceof ClientErrorException);
            Response response = ClientErrorException.class.cast(e).getResponse();
            assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatus());
            ErrorRepresentation error = ((ClientErrorException) e).getResponse().readEntity(ErrorRepresentation.class);
            assertEquals("The url [jwks_url] requires secure connections", error.getErrorMessage());
        }
        oidcConfig.setAuthorizationUrl(null);
        oidcConfig.setTokenUrl(null);
        oidcConfig.setJwksUrl(null);
        oidcConfig.setLogoutUrl("http://test");
        try {
            resource.update(representation);
            fail("Invalid URL");
        } catch (Exception e) {
            assertTrue(e instanceof ClientErrorException);
            Response response = ClientErrorException.class.cast(e).getResponse();
            assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatus());
            ErrorRepresentation error = ((ClientErrorException) e).getResponse().readEntity(ErrorRepresentation.class);
            assertEquals("The url [logout_url] requires secure connections", error.getErrorMessage());
        }
        oidcConfig.setAuthorizationUrl(null);
        oidcConfig.setTokenUrl(null);
        oidcConfig.setJwksUrl(null);
        oidcConfig.setLogoutUrl(null);
        oidcConfig.setUserInfoUrl("http://localhost");
        try {
            resource.update(representation);
            fail("Invalid URL");
        } catch (Exception e) {
            assertTrue(e instanceof ClientErrorException);
            Response response = ClientErrorException.class.cast(e).getResponse();
            assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatus());
            ErrorRepresentation error = ((ClientErrorException) e).getResponse().readEntity(ErrorRepresentation.class);
            assertEquals("The url [userinfo_url] requires secure connections", error.getErrorMessage());
        }
        rau.updateWith(r -> r.setSslRequired(SslRequired.EXTERNAL.name())).update();
        resource.update(representation);
    }
}
Also used : EndpointType(org.keycloak.dom.saml.v2.metadata.EndpointType) Arrays(java.util.Arrays) ResourceType(org.keycloak.events.admin.ResourceType) OIDCIdentityProviderConfigRep(org.keycloak.testsuite.broker.OIDCIdentityProviderConfigRep) URL(java.net.URL) URISyntaxException(java.net.URISyntaxException) Matchers.not(org.hamcrest.Matchers.not) ClientErrorException(javax.ws.rs.ClientErrorException) Assert.assertThat(org.junit.Assert.assertThat) SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig) MediaType(javax.ws.rs.core.MediaType) MultipartFormDataOutput(org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput) ByteArrayInputStream(java.io.ByteArrayInputStream) REMOTE(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE) Document(org.w3c.dom.Document) Map(java.util.Map) Assert.fail(org.junit.Assert.fail) URI(java.net.URI) AdminEventPaths(org.keycloak.testsuite.util.AdminEventPaths) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) Set(java.util.Set) IdentityProviderModel(org.keycloak.models.IdentityProviderModel) UUID(java.util.UUID) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) NotFoundException(javax.ws.rs.NotFoundException) DocumentUtil(org.keycloak.saml.common.util.DocumentUtil) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) ParsingException(org.keycloak.saml.common.exceptions.ParsingException) List(java.util.List) SslRequired(org.keycloak.common.enums.SslRequired) Response(javax.ws.rs.core.Response) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Assert.assertFalse(org.junit.Assert.assertFalse) Matchers.equalTo(org.hamcrest.Matchers.equalTo) OIDCLoginProtocol(org.keycloak.protocol.oidc.OIDCLoginProtocol) Matchers.is(org.hamcrest.Matchers.is) Matchers.containsString(org.hamcrest.Matchers.containsString) XMLSignature(javax.xml.crypto.dsig.XMLSignature) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) OperationType(org.keycloak.events.admin.OperationType) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) Assert(org.keycloak.testsuite.Assert) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) IdentityProviderMapperModel(org.keycloak.models.IdentityProviderMapperModel) HashMap(java.util.HashMap) IdentityProviderMapperTypeRepresentation(org.keycloak.representations.idm.IdentityProviderMapperTypeRepresentation) ErrorRepresentation(org.keycloak.representations.idm.ErrorRepresentation) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) HashSet(java.util.HashSet) ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) Charset(java.nio.charset.Charset) AUTH_SERVER_SSL_REQUIRED(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED) IndexedEndpointType(org.keycloak.dom.saml.v2.metadata.IndexedEndpointType) AdminEventRepresentation(org.keycloak.representations.idm.AdminEventRepresentation) IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) StripSecretsUtils(org.keycloak.models.utils.StripSecretsUtils) Matchers.hasSize(org.hamcrest.Matchers.hasSize) ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException) Matchers.hasEntry(org.hamcrest.Matchers.hasEntry) SPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType) Matchers.empty(org.hamcrest.Matchers.empty) NodeList(org.w3c.dom.NodeList) EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType) Files(java.nio.file.Files) Assert.assertNotNull(org.junit.Assert.assertNotNull) KeyTypes(org.keycloak.dom.saml.v2.metadata.KeyTypes) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) IOException(java.io.IOException) XMLDSIG_NSURI(org.keycloak.saml.common.constants.JBossSAMLURIConstants.XMLDSIG_NSURI) Element(org.w3c.dom.Element) Assert.assertNull(org.junit.Assert.assertNull) Paths(java.nio.file.Paths) KeyDescriptorType(org.keycloak.dom.saml.v2.metadata.KeyDescriptorType) IdentityProviderMapperSyncMode(org.keycloak.models.IdentityProviderMapperSyncMode) Assert.assertEquals(org.junit.Assert.assertEquals) Response(javax.ws.rs.core.Response) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) OIDCIdentityProviderConfigRep(org.keycloak.testsuite.broker.OIDCIdentityProviderConfigRep) ErrorRepresentation(org.keycloak.representations.idm.ErrorRepresentation) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) ClientErrorException(javax.ws.rs.ClientErrorException) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) URISyntaxException(java.net.URISyntaxException) ClientErrorException(javax.ws.rs.ClientErrorException) NotFoundException(javax.ws.rs.NotFoundException) ParsingException(org.keycloak.saml.common.exceptions.ParsingException) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException) IOException(java.io.IOException) Test(org.junit.Test)

Example 18 with IdentityProviderResource

use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.

the class IdentityProviderTest method testMappers.

@Test
public void testMappers() {
    create(createRep("google", "google"));
    IdentityProviderResource provider = realm.identityProviders().get("google");
    IdentityProviderMapperRepresentation mapper = new IdentityProviderMapperRepresentation();
    mapper.setIdentityProviderAlias("google");
    mapper.setName("my_mapper");
    mapper.setIdentityProviderMapper("oidc-hardcoded-role-idp-mapper");
    Map<String, String> config = new HashMap<>();
    config.put("role", "offline_access");
    config.put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString());
    mapper.setConfig(config);
    // createRep and add mapper
    Response response = provider.addMapper(mapper);
    String id = ApiUtil.getCreatedId(response);
    Assert.assertNotNull(id);
    response.close();
    assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.identityProviderMapperPath("google", id), mapper, ResourceType.IDENTITY_PROVIDER_MAPPER);
    // list mappers
    List<IdentityProviderMapperRepresentation> mappers = provider.getMappers();
    Assert.assertEquals("mappers count", 1, mappers.size());
    Assert.assertEquals("newly created mapper id", id, mappers.get(0).getId());
    // get mapper
    mapper = provider.getMapperById(id);
    Assert.assertEquals("INHERIT", mappers.get(0).getConfig().get(IdentityProviderMapperModel.SYNC_MODE));
    Assert.assertNotNull("mapperById not null", mapper);
    Assert.assertEquals("mapper id", id, mapper.getId());
    Assert.assertNotNull("mapper.config exists", mapper.getConfig());
    Assert.assertEquals("config retained", "offline_access", mapper.getConfig().get("role"));
    // add duplicate mapper
    Response error = provider.addMapper(mapper);
    Assert.assertEquals("mapper unique name", 400, error.getStatus());
    error.close();
    // update mapper
    mapper.getConfig().put("role", "master-realm.manage-realm");
    provider.update(id, mapper);
    assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.identityProviderMapperPath("google", id), mapper, ResourceType.IDENTITY_PROVIDER_MAPPER);
    mapper = provider.getMapperById(id);
    Assert.assertNotNull("mapperById not null", mapper);
    Assert.assertEquals("config changed", "master-realm.manage-realm", mapper.getConfig().get("role"));
    // delete mapper
    provider.delete(id);
    assertAdminEvents.assertEvent(realmId, OperationType.DELETE, AdminEventPaths.identityProviderMapperPath("google", id), ResourceType.IDENTITY_PROVIDER_MAPPER);
    try {
        provider.getMapperById(id);
        Assert.fail("Should fail with NotFoundException");
    } catch (NotFoundException e) {
    // Expected
    }
}
Also used : Response(javax.ws.rs.core.Response) IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) HashMap(java.util.HashMap) NotFoundException(javax.ws.rs.NotFoundException) Matchers.containsString(org.hamcrest.Matchers.containsString) Test(org.junit.Test)

Example 19 with IdentityProviderResource

use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.

the class OidcClaimToRoleMapperTest method createClaimToRoleMapper.

protected void createClaimToRoleMapper(IdentityProviderRepresentation idp, String claimValue, IdentityProviderMapperSyncMode syncMode) {
    IdentityProviderMapperRepresentation claimToRoleMapper = new IdentityProviderMapperRepresentation();
    claimToRoleMapper.setName("claim-to-role-mapper");
    claimToRoleMapper.setIdentityProviderMapper(ClaimToRoleMapper.PROVIDER_ID);
    claimToRoleMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put(ClaimToRoleMapper.CLAIM, OidcClaimToRoleMapperTest.CLAIM).put(ClaimToRoleMapper.CLAIM_VALUE, claimValue).put(ConfigConstants.ROLE, CLIENT_ROLE_MAPPER_REPRESENTATION).build());
    IdentityProviderResource idpResource = realm.identityProviders().get(idp.getAlias());
    claimToRoleMapper.setIdentityProviderAlias(bc.getIDPAlias());
    idpResource.addMapper(claimToRoleMapper).close();
}
Also used : IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)

Example 20 with IdentityProviderResource

use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.

the class AccountBrokerTest method displayEnabledIdentityProviders.

@Test
public void displayEnabledIdentityProviders() {
    identityPage.realm(KcOidcBrokerConfiguration.INSTANCE.consumerRealmName());
    identityPage.open();
    loginPage.login("accountbrokertest", "password");
    Assert.assertTrue(identityPage.isCurrent());
    List<AccountFederatedIdentityPage.FederatedIdentity> identities = identityPage.getIdentities();
    Assert.assertEquals(1, identities.size());
    // Disable the identity provider
    RealmResource realm = adminClient.realm(bc.consumerRealmName());
    IdentityProviderResource providerResource = realm.identityProviders().get(bc.getIDPAlias());
    IdentityProviderRepresentation provider = providerResource.toRepresentation();
    provider.setEnabled(false);
    providerResource.update(provider);
    // Reload federated identities page
    identityPage.open();
    Assert.assertTrue(identityPage.isCurrent());
    identities = identityPage.getIdentities();
    Assert.assertEquals(0, identities.size());
}
Also used : IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) Test(org.junit.Test) AbstractBaseBrokerTest(org.keycloak.testsuite.broker.AbstractBaseBrokerTest)

Aggregations

IdentityProviderResource (org.keycloak.admin.client.resource.IdentityProviderResource)47 IdentityProviderMapperRepresentation (org.keycloak.representations.idm.IdentityProviderMapperRepresentation)26 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)22 Test (org.junit.Test)20 Response (javax.ws.rs.core.Response)11 Matchers.containsString (org.hamcrest.Matchers.containsString)10 RealmResource (org.keycloak.admin.client.resource.RealmResource)9 Before (org.junit.Before)6 URL (java.net.URL)4 HashMap (java.util.HashMap)4 MultipartFormDataOutput (org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput)4 ClientsResource (org.keycloak.admin.client.resource.ClientsResource)4 UsersResource (org.keycloak.admin.client.resource.UsersResource)4 ByteArrayInputStream (java.io.ByteArrayInputStream)3 IOException (java.io.IOException)3 URI (java.net.URI)3 List (java.util.List)3 Map (java.util.Map)3 Set (java.util.Set)3 NotFoundException (javax.ws.rs.NotFoundException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial