Search in sources :

Example 56 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerTest method createAdditionalMapperWithCustomSyncMode.

@Override
protected void createAdditionalMapperWithCustomSyncMode(IdentityProviderMapperSyncMode syncMode) {
    IdentityProviderMapperRepresentation friendlyManagerMapper = new IdentityProviderMapperRepresentation();
    friendlyManagerMapper.setName("friendly-manager-role-mapper");
    friendlyManagerMapper.setIdentityProviderMapper(ExternalKeycloakRoleToRoleMapper.PROVIDER_ID);
    friendlyManagerMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put("external.role", ROLE_FRIENDLY_MANAGER).put("role", ROLE_FRIENDLY_MANAGER).build());
    friendlyManagerMapper.setIdentityProviderAlias(bc.getIDPAlias());
    RealmResource realm = adminClient.realm(bc.consumerRealmName());
    IdentityProviderResource idpResource = realm.identityProviders().get(bc.getIDPAlias());
    idpResource.addMapper(friendlyManagerMapper).close();
}
Also used : IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) RealmResource(org.keycloak.admin.client.resource.RealmResource)

Example 57 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerTest method testReauthenticationOIDCBrokerWithOTPRequired.

/**
 * Refers to in old test suite: PostBrokerFlowTest#testBrokerReauthentication_oidcBrokerWithOTPRequired
 */
@Test
public void testReauthenticationOIDCBrokerWithOTPRequired() throws Exception {
    KcSamlBrokerConfiguration samlBrokerConfig = KcSamlBrokerConfiguration.INSTANCE;
    ClientRepresentation samlClient = samlBrokerConfig.createProviderClients().get(0);
    IdentityProviderRepresentation samlBroker = samlBrokerConfig.setUpIdentityProvider();
    RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
    try {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
        consumerRealm.identityProviders().create(samlBroker);
        driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
        logInWithBroker(samlBrokerConfig);
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
        testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
        logInWithBroker(bc);
        waitForPage(driver, "account already exists", false);
        idpConfirmLinkPage.assertCurrent();
        idpConfirmLinkPage.clickLinkAccount();
        logoutFromRealm(getProviderRoot(), bc.providerRealmName());
        driver.navigate().back();
        logInWithBroker(samlBrokerConfig);
        totpPage.assertCurrent();
        String totpSecret = totpPage.getTotpSecret();
        totpPage.configure(totp.generateTOTP(totpSecret));
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
        assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
    } finally {
        updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
        removeUserByUsername(consumerRealm, "consumer");
    }
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 58 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerTest method testReauthenticationBothBrokersWithOTPRequired.

/**
 * Refers to in old test suite: PostBrokerFlowTest#testBrokerReauthentication_bothBrokerWithOTPRequired
 */
@Test
public void testReauthenticationBothBrokersWithOTPRequired() throws Exception {
    KcSamlBrokerConfiguration samlBrokerConfig = KcSamlBrokerConfiguration.INSTANCE;
    ClientRepresentation samlClient = samlBrokerConfig.createProviderClients().get(0);
    IdentityProviderRepresentation samlBroker = samlBrokerConfig.setUpIdentityProvider();
    RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
    try {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
        consumerRealm.identityProviders().create(samlBroker);
        driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
        testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(samlBrokerConfig.getIDPAlias()));
        logInWithBroker(samlBrokerConfig);
        totpPage.assertCurrent();
        String totpSecret = totpPage.getTotpSecret();
        totpPage.configure(totp.generateTOTP(totpSecret));
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
        testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
        logInWithBroker(bc);
        waitForPage(driver, "account already exists", false);
        idpConfirmLinkPage.assertCurrent();
        idpConfirmLinkPage.clickLinkAccount();
        logoutFromRealm(getProviderRoot(), bc.providerRealmName());
        driver.navigate().back();
        logInWithBroker(samlBrokerConfig);
        loginTotpPage.assertCurrent();
        loginTotpPage.login(totp.generateTOTP(totpSecret));
        logoutFromRealm(getProviderRoot(), bc.providerRealmName());
        logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
        logInWithBroker(bc);
        loginTotpPage.assertCurrent();
        loginTotpPage.login(totp.generateTOTP(totpSecret));
        waitForAccountManagementTitle();
        accountUpdateProfilePage.assertCurrent();
        assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
    } finally {
        updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
        removeUserByUsername(consumerRealm, "consumer");
    }
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 59 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcFirstBrokerLoginDetectExistingUserTest method beforeBrokerTest.

@Override
@Before
public void beforeBrokerTest() {
    super.beforeBrokerTest();
    log.debug("creating detect existing user flow for realm " + bc.providerRealmName());
    final RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
    AuthenticationManagementResource authMgmtResource = consumerRealm.flows();
    // Creates detectExistingUserFlow
    String detectExistingFlowAlias = "detectExistingUserFlow";
    final AuthenticationFlowRepresentation authenticationFlowRepresentation = newFlow(detectExistingFlowAlias, detectExistingFlowAlias, "basic-flow", true, false);
    authMgmtResource.createFlow(authenticationFlowRepresentation);
    AuthenticationFlowRepresentation authenticationFlowRepresentation1 = getFlow(authMgmtResource, detectExistingFlowAlias);
    assertNotNull("The authentication flow must exist", authenticationFlowRepresentation1);
    // retrieves the id of the newly created flow
    String flowId = authenticationFlowRepresentation1.getId();
    // Adds executions to the flow
    addExecution(authMgmtResource, flowId, IdpDetectExistingBrokerUserAuthenticatorFactory.PROVIDER_ID, 10);
    addExecution(authMgmtResource, flowId, IdpAutoLinkAuthenticatorFactory.PROVIDER_ID, 20);
    // Updates the FirstBrokerLoginFlowAlias for the identity provider
    IdentityProviderResource identityConsumerResource = consumerRealm.identityProviders().get(bc.getIDPAlias());
    IdentityProviderRepresentation identityProviderRepresentation = consumerRealm.identityProviders().findAll().get(0);
    identityProviderRepresentation.setFirstBrokerLoginFlowAlias(detectExistingFlowAlias);
    identityProviderRepresentation.getConfig().put(IdentityProviderModel.SYNC_MODE, IdentityProviderSyncMode.FORCE.toString());
    identityConsumerResource.update(identityProviderRepresentation);
    assertEquals("Two executions must have been created", 2, getFlow(authMgmtResource, detectExistingFlowAlias).getAuthenticationExecutions().size());
}
Also used : IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) AuthenticationManagementResource(org.keycloak.admin.client.resource.AuthenticationManagementResource) RealmResource(org.keycloak.admin.client.resource.RealmResource) AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) Before(org.junit.Before)

Example 60 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class KcOidcBrokerWithConsentTest method beforeBrokerTest.

@Override
public void beforeBrokerTest() {
    super.beforeBrokerTest();
    // Require broker to show consent screen
    RealmResource brokeredRealm = adminClient.realm(bc.providerRealmName());
    List<ClientRepresentation> clients = brokeredRealm.clients().findByClientId("brokerapp");
    org.junit.Assert.assertEquals(1, clients.size());
    ClientRepresentation brokerApp = clients.get(0);
    brokerApp.setConsentRequired(true);
    brokeredRealm.clients().get(brokerApp.getId()).update(brokerApp);
    // Change timeouts on realm-with-broker to lower values
    RealmResource realmWithBroker = adminClient.realm(bc.consumerRealmName());
    RealmRepresentation realmRep = realmWithBroker.toRepresentation();
    realmRep.setAccessCodeLifespanLogin(30);
    ;
    realmRep.setAccessCodeLifespan(30);
    realmRep.setAccessCodeLifespanUserAction(30);
    realmWithBroker.update(realmRep);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)

Aggregations

RealmResource (org.keycloak.admin.client.resource.RealmResource)263 Test (org.junit.Test)190 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)67 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)58 Response (javax.ws.rs.core.Response)55 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)48 ClientResource (org.keycloak.admin.client.resource.ClientResource)39 OAuthClient (org.keycloak.testsuite.util.OAuthClient)37 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)36 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)34 Before (org.junit.Before)31 UserResource (org.keycloak.admin.client.resource.UserResource)30 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)25 List (java.util.List)19 LinkedList (java.util.LinkedList)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 VerifyProfileTest (org.keycloak.testsuite.forms.VerifyProfileTest)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)13 AccessToken (org.keycloak.representations.AccessToken)12