use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class AccountFormServiceTest method testReferrerLinkContents.
@Test
public void testReferrerLinkContents() {
RealmResource testRealm = testRealm();
List<ClientRepresentation> foundClients = testRealm.clients().findByClientId("named-test-app");
if (foundClients.isEmpty()) {
Assert.fail("Unable to find named-test-app");
}
ClientRepresentation namedClient = foundClients.get(0);
driver.navigate().to(profilePage.getPath() + "?referrer=" + namedClient.getClientId());
loginPage.login("test-user@localhost", "password");
Assert.assertTrue(profilePage.isCurrent());
// When a client has a name provided, the name should be available to the back link
Assert.assertEquals("Back to " + namedClient.getName(), profilePage.getBackToApplicationLinkText());
Assert.assertEquals(namedClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
foundClients = testRealm.clients().findByClientId("var-named-test-app");
if (foundClients.isEmpty()) {
Assert.fail("Unable to find var-named-test-app");
}
namedClient = foundClients.get(0);
driver.navigate().to(profilePage.getPath() + "?referrer=" + namedClient.getClientId());
Assert.assertTrue(profilePage.isCurrent());
// When a client has a name provided as a variable, the name should be resolved using a localized bundle and available to the back link
Assert.assertEquals("Back to Test App Named - Account", profilePage.getBackToApplicationLinkText());
Assert.assertEquals(namedClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
foundClients = testRealm.clients().findByClientId("test-app");
if (foundClients.isEmpty()) {
Assert.fail("Unable to find test-app");
}
ClientRepresentation namelessClient = foundClients.get(0);
driver.navigate().to(profilePage.getPath() + "?referrer=" + namelessClient.getClientId());
Assert.assertTrue(profilePage.isCurrent());
// When a client has no name provided, the client-id should be available to the back link
Assert.assertEquals("Back to " + namelessClient.getClientId(), profilePage.getBackToApplicationLinkText());
Assert.assertEquals(namelessClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
driver.navigate().to(profilePage.getPath() + "?referrer=test-invalid");
Assert.assertTrue(profilePage.isCurrent());
// When a client is invalid, the back link should not exist
Assert.assertNull(profilePage.getBackToApplicationLinkText());
events.clear();
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class AbstractPhotozExampleAdapterTest method testClientRoleRepresentingUserConsent.
@Test
public void testClientRoleRepresentingUserConsent() throws Exception {
loginToClientPage(aliceUser);
clientPage.createAlbum(ALICE_ALBUM_NAME);
clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
RealmResource realmResource = realmsResouce().realm(REALM_NAME);
UsersResource usersResource = realmResource.users();
List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
assertFalse(users.isEmpty());
UserRepresentation userRepresentation = users.get(0);
UserResource userResource = usersResource.get(userRepresentation.getId());
ClientResource html5ClientApp = getClientResource("photoz-html5-client");
ClientRepresentation clientRepresentation = html5ClientApp.toRepresentation();
userResource.revokeConsent(clientRepresentation.getClientId());
setManageAlbumScopeRequired();
loginToClientPage(aliceUser);
clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasDenied);
loginToClientPage(aliceUser, "manage-albums");
clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class AbstractServletAuthzAdapterTest method testGrantAdministrativePermissions.
@Test
public void testGrantAdministrativePermissions() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
navigateToAdminPage();
assertWasDenied();
RealmResource realmResource = realmsResouce().realm(REALM_NAME);
UsersResource usersResource = realmResource.users();
List<UserRepresentation> users = usersResource.search("jdoe", null, null, null, null, null);
assertFalse(users.isEmpty());
UserResource userResource = usersResource.get(users.get(0).getId());
RoleRepresentation adminRole = realmResource.roles().get("admin").toRepresentation();
userResource.roles().realmLevel().add(Arrays.asList(adminRole));
login("jdoe", "jdoe");
navigateToAdminPage();
assertWasNotDenied();
});
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class RequiredActionTotpSetupTest method setupTotpModifiedPolicy.
@Test
public void setupTotpModifiedPolicy() {
RealmResource realm = testRealm();
RealmRepresentation rep = realm.toRepresentation();
rep.setOtpPolicyDigits(8);
rep.setOtpPolicyType("hotp");
rep.setOtpPolicyAlgorithm("HmacSHA256");
realm.update(rep);
try {
loginPage.open();
loginPage.clickRegister();
registerPage.register("firstName", "lastName", "setupTotpModifiedPolicy@mail.com", "setupTotpModifiedPolicy", "password", "password");
String pageSource = driver.getPageSource();
assertTrue(pageSource.contains("FreeOTP"));
assertFalse(pageSource.contains("Google Authenticator"));
totpPage.clickManual();
assertEquals("Type: Counter-based", driver.findElement(By.id("kc-totp-type")).getText());
assertEquals("Algorithm: SHA256", driver.findElement(By.id("kc-totp-algorithm")).getText());
assertEquals("Digits: 8", driver.findElement(By.id("kc-totp-digits")).getText());
assertEquals("Counter: 0", driver.findElement(By.id("kc-totp-counter")).getText());
} finally {
rep.setOtpPolicyDigits(6);
rep.setOtpPolicyType("totp");
rep.setOtpPolicyAlgorithm("HmacSHA1");
realm.update(rep);
}
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupPathPolicyTest method testAllowParentAndChildren.
@Test
public void testAllowParentAndChildren() {
AuthzClient authzClient = getAuthzClient();
PermissionRequest request = new PermissionRequest("Resource A");
String ticket = authzClient.protection().permission().create(request).getTicket();
AuthorizationResponse response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
assertNotNull(response.getToken());
RealmResource realm = getRealm();
GroupRepresentation group = getGroup("/Group A/Group B/Group C");
UserRepresentation user = realm.users().search("kolo").get(0);
realm.users().get(user.getId()).joinGroup(group.getId());
ticket = authzClient.protection().permission().create(request).getTicket();
response = authzClient.authorization("kolo", "password").authorize(new AuthorizationRequest(ticket));
assertNotNull(response.getToken());
}
Aggregations