Search in sources :

Example 6 with ProtocolMappersResource

use of org.keycloak.admin.client.resource.ProtocolMappersResource in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeOneGroupMultiValueNoAggregate.

@Test
public void testGroupAttributeOneGroupMultiValueNoAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    // create a group1 with two values
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, true, false)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof List);
        assertEquals(2, ((List) idToken.getOtherClaims().get("group-value")).size());
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("value1"));
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("value2"));
    } finally {
        // revert
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        deleteMappers(protocolMappers);
    }
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) OAuthClient(org.keycloak.testsuite.util.OAuthClient) UserResource(org.keycloak.admin.client.resource.UserResource) IDToken(org.keycloak.representations.IDToken) List(java.util.List) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 7 with ProtocolMappersResource

use of org.keycloak.admin.client.resource.ProtocolMappersResource in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeOneGroupNoMultivalueNoAggregate.

@Test
public void testGroupAttributeOneGroupNoMultivalueNoAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    // create a group1 with two values
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, false, false)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof String);
        assertTrue("value1".equals(idToken.getOtherClaims().get("group-value")) || "value2".equals(idToken.getOtherClaims().get("group-value")));
    } finally {
        // revert
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        deleteMappers(protocolMappers);
    }
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) OAuthClient(org.keycloak.testsuite.util.OAuthClient) UserResource(org.keycloak.admin.client.resource.UserResource) IDToken(org.keycloak.representations.IDToken) Matchers.isEmptyOrNullString(org.hamcrest.Matchers.isEmptyOrNullString) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 8 with ProtocolMappersResource

use of org.keycloak.admin.client.resource.ProtocolMappersResource in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeTwoGroupNoMultivalueNoAggregate.

@Test
public void testGroupAttributeTwoGroupNoMultivalueNoAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    // create two groups with two values (one is the same value)
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    GroupRepresentation group2 = new GroupRepresentation();
    group2.setName("group2");
    group2.setAttributes(new HashMap<>());
    group2.getAttributes().put("group-value", Arrays.asList("value2", "value3"));
    adminClient.realm("test").groups().add(group2);
    group2 = adminClient.realm("test").getGroupByPath("/group2");
    userResource.joinGroup(group2.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, false, false)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof String);
        assertTrue("value1".equals(idToken.getOtherClaims().get("group-value")) || "value2".equals(idToken.getOtherClaims().get("group-value")) || "value3".equals(idToken.getOtherClaims().get("group-value")));
    } finally {
        // revert
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        userResource.leaveGroup(group2.getId());
        adminClient.realm("test").groups().group(group2.getId()).remove();
        deleteMappers(protocolMappers);
    }
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) OAuthClient(org.keycloak.testsuite.util.OAuthClient) UserResource(org.keycloak.admin.client.resource.UserResource) IDToken(org.keycloak.representations.IDToken) Matchers.isEmptyOrNullString(org.hamcrest.Matchers.isEmptyOrNullString) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 9 with ProtocolMappersResource

use of org.keycloak.admin.client.resource.ProtocolMappersResource in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeUserOneGroupMultivalueNoAggregate.

@Test
public void testGroupAttributeUserOneGroupMultivalueNoAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    UserRepresentation user = userResource.toRepresentation();
    user.setAttributes(new HashMap<>());
    user.getAttributes().put("group-value", Arrays.asList("user-value1", "user-value2"));
    userResource.update(user);
    // create a group1 with two values
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, true, false)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof List);
        assertEquals(2, ((List) idToken.getOtherClaims().get("group-value")).size());
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("user-value1"));
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("user-value2"));
    } finally {
        // revert
        user.getAttributes().remove("group-value");
        userResource.update(user);
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        deleteMappers(protocolMappers);
    }
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) OAuthClient(org.keycloak.testsuite.util.OAuthClient) UserResource(org.keycloak.admin.client.resource.UserResource) IDToken(org.keycloak.representations.IDToken) List(java.util.List) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 10 with ProtocolMappersResource

use of org.keycloak.admin.client.resource.ProtocolMappersResource in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeOneGroupMultiValueAggregate.

@Test
public void testGroupAttributeOneGroupMultiValueAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    // create a group1 with two values
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, true, true)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof List);
        assertEquals(2, ((List) idToken.getOtherClaims().get("group-value")).size());
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("value1"));
        assertTrue(((List) idToken.getOtherClaims().get("group-value")).contains("value2"));
    } finally {
        // revert
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        deleteMappers(protocolMappers);
    }
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) OAuthClient(org.keycloak.testsuite.util.OAuthClient) UserResource(org.keycloak.admin.client.resource.UserResource) IDToken(org.keycloak.representations.IDToken) List(java.util.List) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Aggregations

ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)27 Test (org.junit.Test)25 IDToken (org.keycloak.representations.IDToken)18 OAuthClient (org.keycloak.testsuite.util.OAuthClient)18 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)17 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)12 HashMap (java.util.HashMap)11 Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)11 UserResource (org.keycloak.admin.client.resource.UserResource)10 List (java.util.List)8 Map (java.util.Map)8 ClientResource (org.keycloak.admin.client.resource.ClientResource)7 LinkedHashMap (java.util.LinkedHashMap)5 AbstractSamlTest (org.keycloak.testsuite.saml.AbstractSamlTest)5 Response (javax.ws.rs.core.Response)3 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)3 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)2 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)2