Search in sources :

Example 51 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AuthorizationTest method testEnableAuthorizationServices.

@Test
public void testEnableAuthorizationServices() {
    ClientResource clientResource = getClientResource();
    ClientRepresentation resourceServer = getResourceServer();
    RealmResource realm = realmsResouce().realm(getRealmId());
    UserRepresentation serviceAccount = realm.users().search(ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + resourceServer.getClientId()).get(0);
    Assert.assertNotNull(serviceAccount);
    List<RoleRepresentation> serviceAccountRoles = realm.users().get(serviceAccount.getId()).roles().clientLevel(resourceServer.getId()).listEffective();
    Assert.assertTrue(serviceAccountRoles.stream().anyMatch(roleRepresentation -> "uma_protection".equals(roleRepresentation.getName())));
    enableAuthorizationServices(false);
    enableAuthorizationServices(true);
    serviceAccount = clientResource.getServiceAccountUser();
    Assert.assertNotNull(serviceAccount);
    realm = realmsResouce().realm(getRealmId());
    serviceAccountRoles = realm.users().get(serviceAccount.getId()).roles().clientLevel(resourceServer.getId()).listEffective();
    Assert.assertTrue(serviceAccountRoles.stream().anyMatch(roleRepresentation -> "uma_protection".equals(roleRepresentation.getName())));
    JSPolicyRepresentation policy = new JSPolicyRepresentation();
    policy.setName("should be removed");
    policy.setCode("");
    clientResource.authorization().policies().js().create(policy);
    List<ResourceRepresentation> defaultResources = clientResource.authorization().resources().resources();
    assertEquals(1, defaultResources.size());
    List<PolicyRepresentation> defaultPolicies = clientResource.authorization().policies().policies();
    assertEquals(3, defaultPolicies.size());
    enableAuthorizationServices(false);
    enableAuthorizationServices(true);
    ResourceServerRepresentation settings = clientResource.authorization().getSettings();
    assertEquals(PolicyEnforcerConfig.EnforcementMode.ENFORCING.name(), settings.getPolicyEnforcementMode().name());
    assertTrue(settings.isAllowRemoteResourceManagement());
    assertEquals(resourceServer.getId(), settings.getClientId());
    defaultResources = clientResource.authorization().resources().resources();
    assertEquals(1, defaultResources.size());
    defaultPolicies = clientResource.authorization().policies().policies();
    assertEquals(2, defaultPolicies.size());
    serviceAccount = clientResource.getServiceAccountUser();
    Assert.assertNotNull(serviceAccount);
    serviceAccountRoles = realm.users().get(serviceAccount.getId()).roles().clientLevel(resourceServer.getId()).listEffective();
    Assert.assertTrue(serviceAccountRoles.stream().anyMatch(roleRepresentation -> "uma_protection".equals(roleRepresentation.getName())));
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) PolicyEnforcerConfig(org.keycloak.representations.adapters.config.PolicyEnforcerConfig) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ServiceAccountConstants(org.keycloak.common.constants.ServiceAccountConstants) ResourceServerRepresentation(org.keycloak.representations.idm.authorization.ResourceServerRepresentation) List(java.util.List) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) Assert(org.junit.Assert) ClientResource(org.keycloak.admin.client.resource.ClientResource) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) Assert.assertEquals(org.junit.Assert.assertEquals) ResourceServerRepresentation(org.keycloak.representations.idm.authorization.ResourceServerRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 52 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AbstractEventTest method saveConfig.

protected void saveConfig() {
    RealmResource testRsc = testRealmResource();
    testRsc.updateRealmEventsConfig(configRep);
    configRep = testRsc.getRealmEventsConfig();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource)

Example 53 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AbstractEventTest method setConfigRep.

@Before
public void setConfigRep() {
    RealmResource testRsc = testRealmResource();
    configRep = testRsc.getRealmEventsConfig();
    configRep.setAdminEventsDetailsEnabled(false);
    configRep.setAdminEventsEnabled(false);
    configRep.setEventsEnabled(false);
    // resets to all types
    configRep.setEnabledEventTypes(Collections.<String>emptyList());
    saveConfig();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) Before(org.junit.Before)

Example 54 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerTest method testInvalidAudience.

@Test
public void testInvalidAudience() {
    loginUser();
    logoutFromRealm(getProviderRoot(), bc.providerRealmName());
    logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
    log.debug("Clicking social " + bc.getIDPAlias());
    loginPage.clickSocial(bc.getIDPAlias());
    waitForPage(driver, "sign in to", true);
    RealmResource realm = adminClient.realm(bc.providerRealmName());
    ClientRepresentation rep = realm.clients().findByClientId(BrokerTestConstants.CLIENT_ID).get(0);
    ClientResource clientResource = realm.clients().get(rep.getId());
    ProtocolMapperRepresentation hardCodedAzp = createHardcodedClaim("hard", "aud", "invalid-aud", ProviderConfigProperty.LIST_TYPE, true, true);
    clientResource.getProtocolMappers().createMapper(hardCodedAzp);
    log.debug("Logging in");
    loginPage.login(bc.getUserLogin(), bc.getUserPassword());
    errorPage.assertCurrent();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 55 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerTest method testReauthenticationSamlBrokerWithOTPRequired.

/**
 * Refers to in old test suite: PostBrokerFlowTest#testBrokerReauthentication_samlBrokerWithOTPRequired
 */
@Test
public void testReauthenticationSamlBrokerWithOTPRequired() throws Exception {
    KcSamlBrokerConfiguration samlBrokerConfig = KcSamlBrokerConfiguration.INSTANCE;
    ClientRepresentation samlClient = samlBrokerConfig.createProviderClients().get(0);
    IdentityProviderRepresentation samlBroker = samlBrokerConfig.setUpIdentityProvider();
    RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
    try {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
        consumerRealm.identityProviders().create(samlBroker);
        driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
        testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(samlBrokerConfig.getIDPAlias()));
        logInWithBroker(samlBrokerConfig);
        totpPage.assertCurrent();
        String totpSecret = totpPage.getTotpSecret();
        totpPage.configure(totp.generateTOTP(totpSecret));
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
        logInWithBroker(bc);
        waitForPage(driver, "account already exists", false);
        idpConfirmLinkPage.assertCurrent();
        idpConfirmLinkPage.clickLinkAccount();
        loginPage.clickSocial(samlBrokerConfig.getIDPAlias());
        waitForPage(driver, "sign in to", true);
        log.debug("Logging in");
        loginTotpPage.login(totp.generateTOTP(totpSecret));
        assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
    } finally {
        updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
        removeUserByUsername(consumerRealm, "consumer");
    }
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Aggregations

RealmResource (org.keycloak.admin.client.resource.RealmResource)263 Test (org.junit.Test)190 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)67 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)58 Response (javax.ws.rs.core.Response)55 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)48 ClientResource (org.keycloak.admin.client.resource.ClientResource)39 OAuthClient (org.keycloak.testsuite.util.OAuthClient)37 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)36 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)34 Before (org.junit.Before)31 UserResource (org.keycloak.admin.client.resource.UserResource)30 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)25 List (java.util.List)19 LinkedList (java.util.LinkedList)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 VerifyProfileTest (org.keycloak.testsuite.forms.VerifyProfileTest)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)13 AccessToken (org.keycloak.representations.AccessToken)12