Search in sources :

Example 1 with PolicyResource

use of org.keycloak.admin.client.resource.PolicyResource in project keycloak by keycloak.

the class ClientPolicyManagementTest method testGenericConfig.

@Test
public void testGenericConfig() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Test Generic Config Permission");
    representation.addClient("Client A");
    ClientPoliciesResource policies = authorization.policies().client();
    try (Response response = policies.create(representation)) {
        ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
        PolicyResource policy = authorization.policies().policy(created.getId());
        PolicyRepresentation genericConfig = policy.toRepresentation();
        assertNotNull(genericConfig.getConfig());
        assertNotNull(genericConfig.getConfig().get("clients"));
        ClientRepresentation user = getRealm().clients().findByClientId("Client A").get(0);
        assertTrue(genericConfig.getConfig().get("clients").contains(user.getId()));
    }
}
Also used : Response(javax.ws.rs.core.Response) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 2 with PolicyResource

use of org.keycloak.admin.client.resource.PolicyResource in project keycloak by keycloak.

the class GenericPolicyManagementTest method assertAssociatedPolicy.

private void assertAssociatedPolicy(String associatedPolicyName, PolicyRepresentation dependentPolicy) {
    PolicyRepresentation associatedPolicy = findPolicyByName(associatedPolicyName);
    PoliciesResource policies = getClientResource().authorization().policies();
    associatedPolicy = policies.policy(associatedPolicy.getId()).toRepresentation();
    assertNotNull(associatedPolicy);
    PolicyRepresentation finalAssociatedPolicy = associatedPolicy;
    PolicyResource policyResource = policies.policy(dependentPolicy.getId());
    List<PolicyRepresentation> associatedPolicies = policyResource.associatedPolicies();
    assertTrue(associatedPolicies.stream().filter(associated -> associated.getId().equals(finalAssociatedPolicy.getId())).findFirst().isPresent());
    List<PolicyRepresentation> dependentPolicies = policies.policy(associatedPolicy.getId()).dependentPolicies();
    assertEquals(1, dependentPolicies.size());
    assertEquals(dependentPolicy.getId(), dependentPolicies.get(0).getId());
}
Also used : PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Arrays(java.util.Arrays) ResourceResource(org.keycloak.admin.client.resource.ResourceResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) HashMap(java.util.HashMap) Function(java.util.function.Function) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ArrayList(java.util.ArrayList) ResourcesResource(org.keycloak.admin.client.resource.ResourcesResource) Logic(org.keycloak.representations.idm.authorization.Logic) Map(java.util.Map) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ResourceScopeResource(org.keycloak.admin.client.resource.ResourceScopeResource) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation) ResourceScopesResource(org.keycloak.admin.client.resource.ResourceScopesResource) Assert.assertNotNull(org.junit.Assert.assertNotNull) PolicyProviderRepresentation(org.keycloak.representations.idm.authorization.PolicyProviderRepresentation) Set(java.util.Set) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) DecisionStrategy(org.keycloak.representations.idm.authorization.DecisionStrategy) Collectors(java.util.stream.Collectors) PoliciesResource(org.keycloak.admin.client.resource.PoliciesResource) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Response(javax.ws.rs.core.Response) Assert.assertFalse(org.junit.Assert.assertFalse) Assert.assertEquals(org.junit.Assert.assertEquals) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) PoliciesResource(org.keycloak.admin.client.resource.PoliciesResource)

Example 3 with PolicyResource

use of org.keycloak.admin.client.resource.PolicyResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testGenericConfig.

@Test
public void testGenericConfig() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Test Generic Config Permission");
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A");
    GroupPoliciesResource policies = authorization.policies().group();
    try (Response response = policies.create(representation)) {
        GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
        PolicyResource policy = authorization.policies().policy(created.getId());
        PolicyRepresentation genericConfig = policy.toRepresentation();
        assertNotNull(genericConfig.getConfig());
        assertNotNull(genericConfig.getConfig().get("groups"));
        GroupRepresentation group = getRealm().groups().groups().stream().filter(groupRepresentation -> groupRepresentation.getName().equals("Group A")).findFirst().get();
        assertTrue(genericConfig.getConfig().get("groups").contains(group.getId()));
    }
}
Also used : Response(javax.ws.rs.core.Response) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 4 with PolicyResource

use of org.keycloak.admin.client.resource.PolicyResource in project keycloak by keycloak.

the class GenericPolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    PolicyResource policyResource = createTestingPolicy();
    PolicyRepresentation policy = policyResource.toRepresentation();
    policy.setName("changed");
    policy.setLogic(Logic.NEGATIVE);
    policy.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    policy.getConfig().put("configA", "changed configuration for A");
    policy.getConfig().remove("configB");
    policy.getConfig().put("configC", "changed configuration for C");
    policyResource.update(policy);
    policy = policyResource.toRepresentation();
    assertEquals("changed", policy.getName());
    assertEquals(Logic.NEGATIVE, policy.getLogic());
    assertEquals(DecisionStrategy.AFFIRMATIVE, policy.getDecisionStrategy());
    assertEquals("changed configuration for A", policy.getConfig().get("configA"));
    assertNull(policy.getConfig().get("configB"));
    assertEquals("changed configuration for C", policy.getConfig().get("configC"));
    Map<String, String> config = policy.getConfig();
    config.put("applyPolicies", buildConfigOption(findPolicyByName("Test Associated C").getId()));
    config.put("resources", buildConfigOption(findResourceByName("Test Resource B").getId()));
    config.put("scopes", buildConfigOption(findScopeByName("Test Scope A").getId()));
    policyResource.update(policy);
    policy = policyResource.toRepresentation();
    config = policy.getConfig();
    assertAssociatedPolicy("Test Associated C", policy);
    List<PolicyRepresentation> associatedPolicies = getClientResource().authorization().policies().policy(policy.getId()).associatedPolicies();
    assertFalse(associatedPolicies.stream().filter(associated -> associated.getId().equals(findPolicyByName("Test Associated A").getId())).findFirst().isPresent());
    assertFalse(associatedPolicies.stream().filter(associated -> associated.getId().equals(findPolicyByName("Test Associated B").getId())).findFirst().isPresent());
    assertAssociatedResource("Test Resource B", policy);
    List<ResourceRepresentation> resources = policyResource.resources();
    assertFalse(resources.contains(findResourceByName("Test Resource A")));
    assertFalse(resources.contains(findResourceByName("Test Resource C")));
    assertAssociatedScope("Test Scope A", policy);
    List<ScopeRepresentation> scopes = getClientResource().authorization().policies().policy(policy.getId()).scopes();
    assertFalse(scopes.contains(findScopeByName("Test Scope B").getId()));
    assertFalse(scopes.contains(findScopeByName("Test Scope C").getId()));
}
Also used : PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Arrays(java.util.Arrays) ResourceResource(org.keycloak.admin.client.resource.ResourceResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) HashMap(java.util.HashMap) Function(java.util.function.Function) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ArrayList(java.util.ArrayList) ResourcesResource(org.keycloak.admin.client.resource.ResourcesResource) Logic(org.keycloak.representations.idm.authorization.Logic) Map(java.util.Map) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ResourceScopeResource(org.keycloak.admin.client.resource.ResourceScopeResource) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation) ResourceScopesResource(org.keycloak.admin.client.resource.ResourceScopesResource) Assert.assertNotNull(org.junit.Assert.assertNotNull) PolicyProviderRepresentation(org.keycloak.representations.idm.authorization.PolicyProviderRepresentation) Set(java.util.Set) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) DecisionStrategy(org.keycloak.representations.idm.authorization.DecisionStrategy) Collectors(java.util.stream.Collectors) PoliciesResource(org.keycloak.admin.client.resource.PoliciesResource) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Response(javax.ws.rs.core.Response) Assert.assertFalse(org.junit.Assert.assertFalse) Assert.assertEquals(org.junit.Assert.assertEquals) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Example 5 with PolicyResource

use of org.keycloak.admin.client.resource.PolicyResource in project keycloak by keycloak.

the class GenericPolicyManagementTest method testQueryPolicyByIdAllFields.

@Test
public void testQueryPolicyByIdAllFields() {
    PolicyResource policy = createTestingPolicy();
    PolicyRepresentation representation = policy.toRepresentation("*");
    Set<ResourceRepresentation> resources = representation.getResourcesData();
    assertEquals(3, resources.size());
    representation = policy.toRepresentation();
    assertNull(representation.getResourcesData());
}
Also used : PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 PolicyResource (org.keycloak.admin.client.resource.PolicyResource)7 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)7 Response (javax.ws.rs.core.Response)6 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)3 ArrayList (java.util.ArrayList)2 Arrays (java.util.Arrays)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Map (java.util.Map)2 Set (java.util.Set)2 Function (java.util.function.Function)2 Collectors (java.util.stream.Collectors)2 Assert.assertEquals (org.junit.Assert.assertEquals)2 Assert.assertFalse (org.junit.Assert.assertFalse)2 Assert.assertNotNull (org.junit.Assert.assertNotNull)2 Assert.assertNull (org.junit.Assert.assertNull)2 Assert.assertTrue (org.junit.Assert.assertTrue)2 PoliciesResource (org.keycloak.admin.client.resource.PoliciesResource)2