Search in sources :

Example 71 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class ConsentsTest method createUser.

@Before
public void createUser() {
    log.debug("creating user for realm " + providerRealmName());
    UserRepresentation user = new UserRepresentation();
    user.setUsername(getUserLogin());
    user.setEmail(getUserEmail());
    user.setFirstName(getUserFirstName());
    user.setLastName(getUserLastName());
    user.setEmailVerified(true);
    user.setEnabled(true);
    RealmResource realmResource = adminClient.realm(providerRealmName());
    String userId = createUserWithAdminClient(realmResource, user);
    resetUserPassword(realmResource.users().get(userId), getUserPassword(), false);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Before(org.junit.Before)

Example 72 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class ConsentsTest method testConsentWithAdditionalClientAttributes.

@Test
public void testConsentWithAdditionalClientAttributes() {
    // setup account client to require consent
    RealmResource providerRealm = adminClient.realm(providerRealmName());
    ClientResource accountClient = findClientByClientId(providerRealm, "account");
    ClientRepresentation clientRepresentation = accountClient.toRepresentation();
    clientRepresentation.setConsentRequired(true);
    clientRepresentation.getAttributes().put(ClientModel.LOGO_URI, "https://www.keycloak.org/resources/images/keycloak_logo_480x108.png");
    clientRepresentation.getAttributes().put(ClientModel.POLICY_URI, "https://www.keycloak.org/policy");
    clientRepresentation.getAttributes().put(ClientModel.TOS_URI, "https://www.keycloak.org/tos");
    accountClient.update(clientRepresentation);
    // setup correct realm
    accountPage.setAuthRealm(providerRealmName());
    // navigate to account console and login
    accountPage.navigateTo();
    loginPage.form().login(getUserLogin(), getUserPassword());
    consentPage.assertCurrent();
    assertTrue("logoUri must be presented", driver.findElement(By.xpath("//img[@src='https://www.keycloak.org/resources/images/keycloak_logo_480x108.png']")).isDisplayed());
    assertTrue("policyUri must be presented", driver.findElement(By.xpath("//a[@href='https://www.keycloak.org/policy']")).isDisplayed());
    assertTrue("tosUri must be presented", driver.findElement(By.xpath("//a[@href='https://www.keycloak.org/tos']")).isDisplayed());
    consentPage.confirm();
    // successful login
    accountPage.assertCurrent();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 73 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class ConsentsTest method addClients.

@Before
public void addClients() {
    List<ClientRepresentation> clients = createProviderClients();
    if (clients != null) {
        RealmResource providerRealm = adminClient.realm(providerRealmName());
        for (ClientRepresentation client : clients) {
            log.debug("adding client " + client.getName() + " to realm " + providerRealmName());
            providerRealm.clients().create(client);
        }
    }
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Before(org.junit.Before)

Example 74 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class PermissionsTest method clientScopes.

@Test
public void clientScopes() {
    invoke((RealmResource realm) -> {
        realm.clientScopes().findAll();
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm, AtomicReference<Response> response) -> {
        ClientScopeRepresentation scope = new ClientScopeRepresentation();
        scope.setName("scope");
        response.set(realm.clientScopes().create(scope));
    }, Resource.CLIENT, true);
    ClientScopeRepresentation scope = adminClient.realms().realm(REALM_NAME).clientScopes().findAll().get(0);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).toRepresentation();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).update(scope);
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).remove();
        realm.clientScopes().create(scope);
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMappers();
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMappersPerProtocol("nosuch");
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMapperById("nosuch");
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().update("nosuch", new ProtocolMapperRepresentation());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm, AtomicReference<Response> response) -> {
        response.set(realm.clientScopes().get(scope.getId()).getProtocolMappers().createMapper(new ProtocolMapperRepresentation()));
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().createMapper(Collections.<ProtocolMapperRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().delete("nosuch");
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().getAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listAvailable();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listEffective();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().add(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().remove(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    ClientRepresentation realmAccessClient = adminClient.realms().realm(REALM_NAME).clients().findByClientId(Constants.REALM_MANAGEMENT_CLIENT_ID).get(0);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listAvailable();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listEffective();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).add(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).remove(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    // this should throw forbidden as "query-users" role isn't enough
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            clients.get(AdminRoles.QUERY_USERS).realm(REALM_NAME).clientScopes().findAll();
        }
    }, clients.get(AdminRoles.QUERY_USERS), false);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) AtomicReference(java.util.concurrent.atomic.AtomicReference) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 75 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class PermissionsTest method rolesById.

@Test
public void rolesById() {
    RoleRepresentation newRole = new RoleRepresentation();
    newRole.setName("role-by-id");
    adminClient.realm(REALM_NAME).roles().create(newRole);
    RoleRepresentation role = adminClient.realm(REALM_NAME).roles().get("role-by-id").toRepresentation();
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().getRole(role.getId());
        }
    }, Resource.REALM, false, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().updateRole(role.getId(), role);
        }
    }, Resource.REALM, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().deleteRole(role.getId());
            // need to recreate for other tests
            realm.roles().create(newRole);
            RoleRepresentation temp = realm.roles().get("role-by-id").toRepresentation();
            role.setId(temp.getId());
        }
    }, Resource.REALM, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().getRoleComposites(role.getId());
        }
    }, Resource.REALM, false, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().addComposites(role.getId(), Collections.<RoleRepresentation>emptyList());
        }
    }, Resource.REALM, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().deleteComposites(role.getId(), Collections.<RoleRepresentation>emptyList());
        }
    }, Resource.REALM, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().getRoleComposites(role.getId());
        }
    }, Resource.REALM, false, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().getRealmRoleComposites(role.getId());
        }
    }, Resource.REALM, false, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.rolesById().getClientRoleComposites(role.getId(), KeycloakModelUtils.generateId());
        }
    }, Resource.REALM, false, true);
    adminClient.realm(REALM_NAME).roles().deleteRole("role-by-id");
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Aggregations

RealmResource (org.keycloak.admin.client.resource.RealmResource)263 Test (org.junit.Test)190 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)67 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)58 Response (javax.ws.rs.core.Response)55 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)48 ClientResource (org.keycloak.admin.client.resource.ClientResource)39 OAuthClient (org.keycloak.testsuite.util.OAuthClient)37 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)36 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)34 Before (org.junit.Before)31 UserResource (org.keycloak.admin.client.resource.UserResource)30 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)25 List (java.util.List)19 LinkedList (java.util.LinkedList)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 VerifyProfileTest (org.keycloak.testsuite.forms.VerifyProfileTest)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)13 AccessToken (org.keycloak.representations.AccessToken)12