Examples with RoleScopeResource org.keycloak.admin.client.resource.RoleScopeResource used on opensource projects

Search in sources :

Example 1 with RoleScopeResource

use of org.keycloak.admin.client.resource.RoleScopeResource in project keycloak by keycloak.

the class SAMLServletAdapterTest method employeeSigTestUnicodeCharacters.

@Test
public // https://issues.jboss.org/browse/KEYCLOAK-3971
void employeeSigTestUnicodeCharacters() {
    final String username = "ěščřžýáíRoàåéèíñòøöùüßÅÄÖÜ";
    UserRepresentation user = UserBuilder.edit(createUserRepresentation(username, "xyz@redhat.com", "ěščřžýáí", "RoàåéèíñòøöùüßÅÄÖÜ", true)).addPassword(PASSWORD).build();
    try (Creator<UserResource> u = Creator.create(testRealmResource(), user)) {
        final RoleScopeResource realmRoleRes = u.resource().roles().realmLevel();
        List<RoleRepresentation> availableRoles = realmRoleRes.listAvailable();
        realmRoleRes.add(availableRoles.stream().filter(r -> r.getName().equalsIgnoreCase("manager")).collect(Collectors.toList()));
        UserRepresentation storedUser = u.resource().toRepresentation();
        Assert.assertThat(storedUser, notNullValue());
        Assert.assertThat("Database seems to be unable to store Unicode for username. Refer to KEYCLOAK-3439 and related issues.", storedUser.getUsername(), equalToIgnoringCase(username));
        assertSuccessfulLogin(employeeSigServletPage, user, testRealmSAMLRedirectLoginPage, "principal=" + storedUser.getUsername());
        employeeSigServletPage.logout();
        checkLoggedOut(employeeSigServletPage, testRealmSAMLRedirectLoginPage);
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RoleScopeResource(org.keycloak.admin.client.resource.RoleScopeResource) UserResource(org.keycloak.admin.client.resource.UserResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Test(org.junit.Test)

Example 2 with RoleScopeResource

use of org.keycloak.admin.client.resource.RoleScopeResource in project keycloak by keycloak.

the class SAMLServletAdapterTest method salesPostSigTestUnicodeCharacters.

@Test
public // https://issues.jboss.org/browse/KEYCLOAK-3971
void salesPostSigTestUnicodeCharacters() {
    final String username = "ěščřžýáíRoàåéèíñòøöùüßÅÄÖÜ";
    UserRepresentation user = UserBuilder.edit(createUserRepresentation(username, "xyz@redhat.com", "ěščřžýáí", "RoàåéèíñòøöùüßÅÄÖÜ", true)).addPassword(PASSWORD).build();
    try (Creator<UserResource> u = Creator.create(testRealmResource(), user)) {
        final RoleScopeResource realmRoleRes = u.resource().roles().realmLevel();
        List<RoleRepresentation> availableRoles = realmRoleRes.listAvailable();
        realmRoleRes.add(availableRoles.stream().filter(r -> r.getName().equalsIgnoreCase("manager")).collect(Collectors.toList()));
        UserRepresentation storedUser = u.resource().toRepresentation();
        Assert.assertThat(storedUser, notNullValue());
        Assert.assertThat("Database seems to be unable to store Unicode for username. Refer to KEYCLOAK-3439 and related issues.", storedUser.getUsername(), equalToIgnoringCase(username));
        assertSuccessfulLogin(salesPostSigServletPage, user, testRealmSAMLPostLoginPage, "principal=" + storedUser.getUsername());
        salesPostSigServletPage.logout();
        checkLoggedOut(salesPostSigServletPage, testRealmSAMLPostLoginPage);
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RoleScopeResource(org.keycloak.admin.client.resource.RoleScopeResource) UserResource(org.keycloak.admin.client.resource.UserResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Test(org.junit.Test)

Example 3 with RoleScopeResource

use of org.keycloak.admin.client.resource.RoleScopeResource in project keycloak by keycloak.

the class PermissionsTest method manageAccountRoleRequired.

@Test
public void manageAccountRoleRequired() throws Exception {
    // remove realm level roles (no "default-roles-test") and any roles in the account client
    testUserResource().roles().realmLevel().remove(testUserResource().roles().realmLevel().listAll());
    String accountClientId = testRealmResource().clients().findByClientId(ACCOUNT_MANAGEMENT_CLIENT_ID).get(0).getId();
    RoleScopeResource roleScopes = testUserResource().roles().clientLevel(accountClientId);
    List<RoleRepresentation> roles = roleScopes.listAll();
    if (!roles.isEmpty()) {
        roleScopes.remove(roles);
    }
    welcomeScreen.header().clickLoginBtn();
    loginToAccount();
    // no forbidden at welcome screen yet
    welcomeScreen.assertCurrent();
    welcomeScreen.clickPersonalInfoLink();
    forbiddenPage.assertCurrent();
    signingInPage.navigateToUsingSidebar();
    forbiddenPage.assertCurrent();
    // still possible to sign out
    forbiddenPage.header().clickLogoutBtn();
    welcomeScreen.assertCurrent();
    welcomeScreen.header().assertLoginBtnVisible(true);
    welcomeScreen.header().assertLogoutBtnVisible(false);
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RoleScopeResource(org.keycloak.admin.client.resource.RoleScopeResource) Test(org.junit.Test)

Example 4 with RoleScopeResource

use of org.keycloak.admin.client.resource.RoleScopeResource in project keycloak by keycloak.

the class AbstractServletAuthzAdapterTest method testRequiredRole.

@Test
public void testRequiredRole() throws Exception {
    performTests(() -> {
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasNotDenied();
        RolesResource rolesResource = getClientResource(RESOURCE_SERVER_ID).roles();
        rolesResource.create(new RoleRepresentation("required-role", "", false));
        RolePolicyRepresentation policy = new RolePolicyRepresentation();
        policy.setName("Required Role Policy");
        policy.addRole("user_premium", false);
        policy.addRole(RESOURCE_SERVER_ID + "/required-role", false);
        RolePoliciesResource rolePolicy = getAuthorizationResource().policies().role();
        rolePolicy.create(policy);
        policy = rolePolicy.findByName(policy.getName());
        updatePermissionPolicies("Premium Resource Permission", policy.getName());
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasNotDenied();
        policy.getRoles().clear();
        policy.addRole("user_premium", false);
        policy.addRole(RESOURCE_SERVER_ID + "/required-role", true);
        rolePolicy.findById(policy.getId()).update(policy);
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasDenied();
        UsersResource users = realmsResouce().realm(REALM_NAME).users();
        UserRepresentation user = users.search("jdoe").get(0);
        RoleScopeResource roleScopeResource = users.get(user.getId()).roles().clientLevel(getClientResource(RESOURCE_SERVER_ID).toRepresentation().getId());
        RoleRepresentation requiredRole = rolesResource.get("required-role").toRepresentation();
        roleScopeResource.add(Arrays.asList(requiredRole));
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasNotDenied();
        policy.getRoles().clear();
        policy.addRole("user_premium", false);
        policy.addRole(RESOURCE_SERVER_ID + "/required-role", false);
        rolePolicy.findById(policy.getId()).update(policy);
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasNotDenied();
        roleScopeResource.remove(Arrays.asList(requiredRole));
        login("jdoe", "jdoe");
        navigateToUserPremiumPage();
        assertWasNotDenied();
    });
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RoleScopeResource(org.keycloak.admin.client.resource.RoleScopeResource) UsersResource(org.keycloak.admin.client.resource.UsersResource) RolePoliciesResource(org.keycloak.admin.client.resource.RolePoliciesResource) RolesResource(org.keycloak.admin.client.resource.RolesResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)4 RoleScopeResource (org.keycloak.admin.client.resource.RoleScopeResource)4 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)4 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3 UserResource (org.keycloak.admin.client.resource.UserResource)2 AbstractSamlTest (org.keycloak.testsuite.saml.AbstractSamlTest)2 RolePoliciesResource (org.keycloak.admin.client.resource.RolePoliciesResource)1 RolesResource (org.keycloak.admin.client.resource.RolesResource)1 UsersResource (org.keycloak.admin.client.resource.UsersResource)1 RolePolicyRepresentation (org.keycloak.representations.idm.authorization.RolePolicyRepresentation)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial