use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.
the class HardcodedUserAttributeMapperTest method createMapperInIdp.
protected void createMapperInIdp(IdentityProviderRepresentation idp, IdentityProviderMapperSyncMode syncMode) {
IdentityProviderMapperRepresentation advancedClaimToRoleMapper = new IdentityProviderMapperRepresentation();
advancedClaimToRoleMapper.setName("hardcoded-attribute-mapper");
advancedClaimToRoleMapper.setIdentityProviderMapper(HardcodedAttributeMapper.PROVIDER_ID);
advancedClaimToRoleMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put(HardcodedAttributeMapper.ATTRIBUTE, USER_ATTRIBUTE).put(HardcodedAttributeMapper.ATTRIBUTE_VALUE, USER_ATTRIBUTE_VALUE).build());
IdentityProviderResource idpResource = realm.identityProviders().get(idp.getAlias());
advancedClaimToRoleMapper.setIdentityProviderAlias(bc.getIDPAlias());
idpResource.addMapper(advancedClaimToRoleMapper).close();
}
use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.
the class KcOidcBrokerTest method loginFetchingUserFromUserEndpoint.
@Test
public void loginFetchingUserFromUserEndpoint() {
RealmResource realm = realmsResouce().realm(bc.providerRealmName());
ClientsResource clients = realm.clients();
ClientRepresentation brokerApp = clients.findByClientId("brokerapp").get(0);
try {
IdentityProviderResource identityProviderResource = realmsResouce().realm(bc.consumerRealmName()).identityProviders().get(bc.getIDPAlias());
IdentityProviderRepresentation idp = identityProviderResource.toRepresentation();
idp.getConfig().put(OIDCIdentityProviderConfig.JWKS_URL, getProviderRoot() + "/auth/realms/" + REALM_PROV_NAME + "/protocol/openid-connect/certs");
identityProviderResource.update(idp);
brokerApp.getAttributes().put(OIDCConfigAttributes.USER_INFO_RESPONSE_SIGNATURE_ALG, Algorithm.RS256);
brokerApp.getAttributes().put("validateSignature", Boolean.TRUE.toString());
clients.get(brokerApp.getId()).update(brokerApp);
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
logInWithBroker(bc);
waitForPage(driver, "update account information", false);
updateAccountInformationPage.assertCurrent();
Assert.assertTrue("We must be on correct realm right now", driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/"));
log.debug("Updating info on updateAccount page");
updateAccountInformationPage.updateAccountInformation(bc.getUserLogin(), bc.getUserEmail(), "Firstname", "Lastname");
UsersResource consumerUsers = adminClient.realm(bc.consumerRealmName()).users();
int userCount = consumerUsers.count();
Assert.assertTrue("There must be at least one user", userCount > 0);
List<UserRepresentation> users = consumerUsers.search("", 0, userCount);
boolean isUserFound = false;
for (UserRepresentation user : users) {
if (user.getUsername().equals(bc.getUserLogin()) && user.getEmail().equals(bc.getUserEmail())) {
isUserFound = true;
break;
}
}
Assert.assertTrue("There must be user " + bc.getUserLogin() + " in realm " + bc.consumerRealmName(), isUserFound);
} finally {
brokerApp.getAttributes().put(OIDCConfigAttributes.USER_INFO_RESPONSE_SIGNATURE_ALG, null);
brokerApp.getAttributes().put("validateSignature", Boolean.FALSE.toString());
clients.get(brokerApp.getId()).update(brokerApp);
}
}
use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.
the class KcOidcBrokerTest method checkUpdatedUserAttributesIdP.
private void checkUpdatedUserAttributesIdP(boolean isForceSync) {
final String IDP_NAME = getBrokerConfiguration().getIDPAlias();
final String USERNAME = "demoUser";
final String FIRST_NAME = "John";
final String LAST_NAME = "Doe";
final String EMAIL = "mail@example.com";
final String NEW_FIRST_NAME = "Jack";
final String NEW_LAST_NAME = "Doee";
final String NEW_EMAIL = "mail123@example.com";
UsersResource providerUserResource = Optional.ofNullable(realmsResouce().realm(bc.providerRealmName()).users()).orElse(null);
assertThat("Cannot get User Resource from Provider realm", providerUserResource, Matchers.notNullValue());
String userID = createUser(bc.providerRealmName(), USERNAME, USERNAME, FIRST_NAME, LAST_NAME, EMAIL);
assertThat("Cannot create user : " + USERNAME, userID, Matchers.notNullValue());
try {
UserRepresentation user = Optional.ofNullable(providerUserResource.get(userID).toRepresentation()).orElse(null);
assertThat("Cannot get user from provider", user, Matchers.notNullValue());
IdentityProviderResource consumerIdentityResource = Optional.ofNullable(getIdentityProviderResource()).orElse(null);
assertThat("Cannot get Identity Provider resource", consumerIdentityResource, Matchers.notNullValue());
IdentityProviderRepresentation idProvider = Optional.ofNullable(consumerIdentityResource.toRepresentation()).orElse(null);
assertThat("Cannot get Identity Provider", idProvider, Matchers.notNullValue());
updateIdPSyncMode(idProvider, consumerIdentityResource, isForceSync ? IdentityProviderSyncMode.FORCE : IdentityProviderSyncMode.IMPORT);
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
WaitUtils.waitForPageToLoad();
assertThat(driver.getTitle(), Matchers.containsString("Sign in to " + bc.consumerRealmName()));
logInWithIdp(IDP_NAME, USERNAME, USERNAME);
accountUpdateProfilePage.assertCurrent();
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
driver.navigate().to(getAccountUrl(getProviderRoot(), bc.providerRealmName()));
WaitUtils.waitForPageToLoad();
assertThat(driver.getTitle(), Matchers.containsString("Sign in to " + bc.providerRealmName()));
loginPage.login(USERNAME, USERNAME);
WaitUtils.waitForPageToLoad();
accountUpdateProfilePage.assertCurrent();
accountUpdateProfilePage.updateProfile(NEW_FIRST_NAME, NEW_LAST_NAME, NEW_EMAIL);
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
WaitUtils.waitForPageToLoad();
assertThat(driver.getTitle(), Matchers.containsString("Sign in to " + bc.consumerRealmName()));
logInWithIdp(IDP_NAME, USERNAME, USERNAME);
accountUpdateProfilePage.assertCurrent();
assertThat(accountUpdateProfilePage.getEmail(), Matchers.equalTo(isForceSync ? NEW_EMAIL : EMAIL));
assertThat(accountUpdateProfilePage.getFirstName(), Matchers.equalTo(isForceSync ? NEW_FIRST_NAME : FIRST_NAME));
assertThat(accountUpdateProfilePage.getLastName(), Matchers.equalTo(isForceSync ? NEW_LAST_NAME : LAST_NAME));
} finally {
providerUserResource.delete(userID);
assertThat("User wasn't deleted", providerUserResource.search(USERNAME).size(), Matchers.is(0));
}
}
use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.
the class KcOidcBrokerTest method loginFetchingUserFromUserEndpointWithClaimMapper.
/**
* Refers to in old test suite: org.keycloak.testsuite.broker.OIDCBrokerUserPropertyTest
*/
@Test
public void loginFetchingUserFromUserEndpointWithClaimMapper() {
RealmResource realm = realmsResouce().realm(bc.providerRealmName());
ClientsResource clients = realm.clients();
ClientRepresentation brokerApp = clients.findByClientId("brokerapp").get(0);
IdentityProviderResource identityProviderResource = getIdentityProviderResource();
clients.get(brokerApp.getId()).getProtocolMappers().createMapper(createHardcodedClaim("hard-coded", "hard-coded", "hard-coded", "String", true, true)).close();
IdentityProviderMapperRepresentation hardCodedSessionNoteMapper = new IdentityProviderMapperRepresentation();
hardCodedSessionNoteMapper.setName("hard-coded");
hardCodedSessionNoteMapper.setIdentityProviderAlias(bc.getIDPAlias());
hardCodedSessionNoteMapper.setIdentityProviderMapper(UserAttributeMapper.PROVIDER_ID);
hardCodedSessionNoteMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString()).put(UserAttributeMapper.USER_ATTRIBUTE, "hard-coded").put(UserAttributeMapper.CLAIM, "hard-coded").build());
identityProviderResource.addMapper(hardCodedSessionNoteMapper).close();
loginFetchingUserFromUserEndpoint();
UserRepresentation user = getFederatedIdentity();
Assert.assertEquals(1, user.getAttributes().size());
Assert.assertEquals("hard-coded", user.getAttributes().get("hard-coded").get(0));
}
use of org.keycloak.admin.client.resource.IdentityProviderResource in project keycloak by keycloak.
the class PartialImportTest method testAddProviders.
@Test
public void testAddProviders() {
setFail();
addProviders();
PartialImportResults results = doImport();
assertEquals(IDP_ALIASES.length, results.getAdded());
for (PartialImportResult result : results.getResults()) {
String id = result.getId();
IdentityProviderResource idpRsc = testRealmResource().identityProviders().get(id);
IdentityProviderRepresentation idp = idpRsc.toRepresentation();
Map<String, String> config = idp.getConfig();
assertTrue(Arrays.asList(IDP_ALIASES).contains(config.get("clientId")));
}
}
Aggregations