Search in sources :

Example 86 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AccountFormServiceTest method testReferrerLinkContents.

@Test
public void testReferrerLinkContents() {
    RealmResource testRealm = testRealm();
    List<ClientRepresentation> foundClients = testRealm.clients().findByClientId("named-test-app");
    if (foundClients.isEmpty()) {
        Assert.fail("Unable to find named-test-app");
    }
    ClientRepresentation namedClient = foundClients.get(0);
    driver.navigate().to(profilePage.getPath() + "?referrer=" + namedClient.getClientId());
    loginPage.login("test-user@localhost", "password");
    Assert.assertTrue(profilePage.isCurrent());
    // When a client has a name provided, the name should be available to the back link
    Assert.assertEquals("Back to " + namedClient.getName(), profilePage.getBackToApplicationLinkText());
    Assert.assertEquals(namedClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
    foundClients = testRealm.clients().findByClientId("var-named-test-app");
    if (foundClients.isEmpty()) {
        Assert.fail("Unable to find var-named-test-app");
    }
    namedClient = foundClients.get(0);
    driver.navigate().to(profilePage.getPath() + "?referrer=" + namedClient.getClientId());
    Assert.assertTrue(profilePage.isCurrent());
    // When a client has a name provided as a variable, the name should be resolved using a localized bundle and available to the back link
    Assert.assertEquals("Back to Test App Named - Account", profilePage.getBackToApplicationLinkText());
    Assert.assertEquals(namedClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
    foundClients = testRealm.clients().findByClientId("test-app");
    if (foundClients.isEmpty()) {
        Assert.fail("Unable to find test-app");
    }
    ClientRepresentation namelessClient = foundClients.get(0);
    driver.navigate().to(profilePage.getPath() + "?referrer=" + namelessClient.getClientId());
    Assert.assertTrue(profilePage.isCurrent());
    // When a client has no name provided, the client-id should be available to the back link
    Assert.assertEquals("Back to " + namelessClient.getClientId(), profilePage.getBackToApplicationLinkText());
    Assert.assertEquals(namelessClient.getBaseUrl(), profilePage.getBackToApplicationLinkHref());
    driver.navigate().to(profilePage.getPath() + "?referrer=test-invalid");
    Assert.assertTrue(profilePage.isCurrent());
    // When a client is invalid, the back link should not exist
    Assert.assertNull(profilePage.getBackToApplicationLinkText());
    events.clear();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 87 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AbstractPhotozExampleAdapterTest method testClientRoleRepresentingUserConsent.

@Test
public void testClientRoleRepresentingUserConsent() throws Exception {
    loginToClientPage(aliceUser);
    clientPage.createAlbum(ALICE_ALBUM_NAME);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
    RealmResource realmResource = realmsResouce().realm(REALM_NAME);
    UsersResource usersResource = realmResource.users();
    List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
    assertFalse(users.isEmpty());
    UserRepresentation userRepresentation = users.get(0);
    UserResource userResource = usersResource.get(userRepresentation.getId());
    ClientResource html5ClientApp = getClientResource("photoz-html5-client");
    ClientRepresentation clientRepresentation = html5ClientApp.toRepresentation();
    userResource.revokeConsent(clientRepresentation.getClientId());
    setManageAlbumScopeRequired();
    loginToClientPage(aliceUser);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasDenied);
    loginToClientPage(aliceUser, "manage-albums");
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) UsersResource(org.keycloak.admin.client.resource.UsersResource) UserResource(org.keycloak.admin.client.resource.UserResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 88 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class AbstractServletAuthzAdapterTest method testGrantAdministrativePermissions.

@Test
public void testGrantAdministrativePermissions() throws Exception {
    performTests(() -> {
        login("jdoe", "jdoe");
        navigateToAdminPage();
        assertWasDenied();
        RealmResource realmResource = realmsResouce().realm(REALM_NAME);
        UsersResource usersResource = realmResource.users();
        List<UserRepresentation> users = usersResource.search("jdoe", null, null, null, null, null);
        assertFalse(users.isEmpty());
        UserResource userResource = usersResource.get(users.get(0).getId());
        RoleRepresentation adminRole = realmResource.roles().get("admin").toRepresentation();
        userResource.roles().realmLevel().add(Arrays.asList(adminRole));
        login("jdoe", "jdoe");
        navigateToAdminPage();
        assertWasNotDenied();
    });
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) UsersResource(org.keycloak.admin.client.resource.UsersResource) UserResource(org.keycloak.admin.client.resource.UserResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 89 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class RequiredActionTotpSetupTest method setupTotpModifiedPolicy.

@Test
public void setupTotpModifiedPolicy() {
    RealmResource realm = testRealm();
    RealmRepresentation rep = realm.toRepresentation();
    rep.setOtpPolicyDigits(8);
    rep.setOtpPolicyType("hotp");
    rep.setOtpPolicyAlgorithm("HmacSHA256");
    realm.update(rep);
    try {
        loginPage.open();
        loginPage.clickRegister();
        registerPage.register("firstName", "lastName", "setupTotpModifiedPolicy@mail.com", "setupTotpModifiedPolicy", "password", "password");
        String pageSource = driver.getPageSource();
        assertTrue(pageSource.contains("FreeOTP"));
        assertFalse(pageSource.contains("Google Authenticator"));
        totpPage.clickManual();
        assertEquals("Type: Counter-based", driver.findElement(By.id("kc-totp-type")).getText());
        assertEquals("Algorithm: SHA256", driver.findElement(By.id("kc-totp-algorithm")).getText());
        assertEquals("Digits: 8", driver.findElement(By.id("kc-totp-digits")).getText());
        assertEquals("Counter: 0", driver.findElement(By.id("kc-totp-counter")).getText());
    } finally {
        rep.setOtpPolicyDigits(6);
        rep.setOtpPolicyType("totp");
        rep.setOtpPolicyAlgorithm("HmacSHA1");
        realm.update(rep);
    }
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 90 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupPathPolicyTest method testAllowParentAndChildren.

@Test
public void testAllowParentAndChildren() {
    AuthzClient authzClient = getAuthzClient();
    PermissionRequest request = new PermissionRequest("Resource A");
    String ticket = authzClient.protection().permission().create(request).getTicket();
    AuthorizationResponse response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
    assertNotNull(response.getToken());
    RealmResource realm = getRealm();
    GroupRepresentation group = getGroup("/Group A/Group B/Group C");
    UserRepresentation user = realm.users().search("kolo").get(0);
    realm.users().get(user.getId()).joinGroup(group.getId());
    ticket = authzClient.protection().permission().create(request).getTicket();
    response = authzClient.authorization("kolo", "password").authorize(new AuthorizationRequest(ticket));
    assertNotNull(response.getToken());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) AuthzClient(org.keycloak.authorization.client.AuthzClient) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Aggregations

RealmResource (org.keycloak.admin.client.resource.RealmResource)263 Test (org.junit.Test)190 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)67 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)58 Response (javax.ws.rs.core.Response)55 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)48 ClientResource (org.keycloak.admin.client.resource.ClientResource)39 OAuthClient (org.keycloak.testsuite.util.OAuthClient)37 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)36 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)34 Before (org.junit.Before)31 UserResource (org.keycloak.admin.client.resource.UserResource)30 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)25 List (java.util.List)19 LinkedList (java.util.LinkedList)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 VerifyProfileTest (org.keycloak.testsuite.forms.VerifyProfileTest)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)13 AccessToken (org.keycloak.representations.AccessToken)12