Search in sources :

Example 6 with UsersResource

use of org.keycloak.admin.client.resource.UsersResource in project keycloak by keycloak.

the class KcSamlIdPInitiatedSsoTest method assertSingleUserSession.

private void assertSingleUserSession(String realmName, String userName, String... expectedClientIds) {
    final UsersResource users = adminClient.realm(realmName).users();
    final ClientsResource clients = adminClient.realm(realmName).clients();
    UserRepresentation userRepresentation = users.search(userName).stream().findFirst().get();
    List<UserSessionRepresentation> userSessions = users.get(userRepresentation.getId()).getUserSessions();
    assertThat(userSessions, hasSize(1));
    Map<String, String> clientSessions = userSessions.get(0).getClients();
    Set<String> clientIds = clientSessions.values().stream().flatMap(c -> clients.findByClientId(c).stream()).map(ClientRepresentation::getClientId).collect(Collectors.toSet());
    assertThat(clientIds, containsInAnyOrder(expectedClientIds));
}
Also used : UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation) UsersResource(org.keycloak.admin.client.resource.UsersResource) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) Matchers.containsString(org.hamcrest.Matchers.containsString) UserRepresentation(org.keycloak.representations.idm.UserRepresentation)

Example 7 with UsersResource

use of org.keycloak.admin.client.resource.UsersResource in project keycloak by keycloak.

the class KcOidcBrokerPromptParameterTest method loginUser.

@Override
protected void loginUser() {
    driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
    driver.navigate().to(driver.getCurrentUrl() + "&" + OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_CONSENT);
    log.debug("Clicking social " + bc.getIDPAlias());
    loginPage.clickSocial(bc.getIDPAlias());
    waitForPage(driver, "sign in to", true);
    Assert.assertTrue("Driver should be on the provider realm page right now", driver.getCurrentUrl().contains("/auth/realms/" + bc.providerRealmName() + "/"));
    Assert.assertFalse(OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_LOGIN + " should not be part of the url", driver.getCurrentUrl().contains(OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_LOGIN));
    Assert.assertTrue(OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_CONSENT + " should be part of the url", driver.getCurrentUrl().contains(OIDCLoginProtocol.PROMPT_PARAM + "=" + PROMPT_CONSENT));
    log.debug("Logging in");
    loginPage.login(bc.getUserLogin(), bc.getUserPassword());
    waitForPage(driver, "update account information", false);
    updateAccountInformationPage.assertCurrent();
    Assert.assertTrue("We must be on correct realm right now", driver.getCurrentUrl().contains("/auth/realms/" + bc.consumerRealmName() + "/"));
    log.debug("Updating info on updateAccount page");
    updateAccountInformationPage.updateAccountInformation(bc.getUserLogin(), bc.getUserEmail(), "Firstname", "Lastname");
    UsersResource consumerUsers = adminClient.realm(bc.consumerRealmName()).users();
    int userCount = consumerUsers.count();
    Assert.assertTrue("There must be at least one user", userCount > 0);
    List<UserRepresentation> users = consumerUsers.search("", 0, userCount);
    boolean isUserFound = false;
    for (UserRepresentation user : users) {
        if (user.getUsername().equals(bc.getUserLogin()) && user.getEmail().equals(bc.getUserEmail())) {
            isUserFound = true;
            break;
        }
    }
    Assert.assertTrue("There must be user " + bc.getUserLogin() + " in realm " + bc.consumerRealmName(), isUserFound);
}
Also used : UsersResource(org.keycloak.admin.client.resource.UsersResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation)

Example 8 with UsersResource

use of org.keycloak.admin.client.resource.UsersResource in project keycloak by keycloak.

the class UserTest method defaultMaxResults.

@Test
public void defaultMaxResults() {
    UsersResource users = adminClient.realms().realm("test").users();
    for (int i = 0; i < 110; i++) {
        users.create(UserBuilder.create().username("test-" + i).addAttribute("aName", "aValue").build()).close();
    }
    List<UserRepresentation> result = users.search("test", null, null);
    assertEquals(100, result.size());
    for (UserRepresentation user : result) {
        assertThat(user.getAttributes(), Matchers.notNullValue());
        assertThat(user.getAttributes().keySet(), Matchers.hasSize(1));
        assertThat(user.getAttributes(), Matchers.hasEntry(is("aName"), Matchers.contains("aValue")));
    }
    assertEquals(105, users.search("test", 0, 105).size());
    assertEquals(111, users.search("test", 0, 1000).size());
}
Also used : UsersResource(org.keycloak.admin.client.resource.UsersResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 9 with UsersResource

use of org.keycloak.admin.client.resource.UsersResource in project keycloak by keycloak.

the class AbstractPhotozExampleAdapterTest method testClientRoleNotRequired.

@Test
public void testClientRoleNotRequired() throws Exception {
    loginToClientPage(aliceUser);
    clientPage.createAlbum(ALICE_ALBUM_NAME);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
    UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
    List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
    assertFalse(users.isEmpty());
    UserRepresentation userRepresentation = users.get(0);
    UserResource userResource = usersResource.get(userRepresentation.getId());
    ClientResource html5ClientApp = getClientResource("photoz-html5-client");
    userResource.revokeConsent(html5ClientApp.toRepresentation().getClientId());
    ClientResource resourceServerClient = getClientResource(RESOURCE_SERVER_ID);
    RoleResource manageAlbumRole = resourceServerClient.roles().get("manage-albums");
    RoleRepresentation roleRepresentation = manageAlbumRole.toRepresentation();
    setManageAlbumScopeRequired();
    manageAlbumRole.update(roleRepresentation);
    loginToClientPage(aliceUser);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasDenied);
    for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
        if ("Any User Policy".equals(policy.getName())) {
            List<Map<String, Object>> roles = JsonSerialization.readValue(policy.getConfig().get("roles"), List.class);
            roles.forEach(role -> {
                String roleId = (String) role.get("id");
                if (roleId.equals(manageAlbumRole.toRepresentation().getId())) {
                    role.put("required", false);
                }
            });
            policy.getConfig().put("roles", JsonSerialization.writeValueAsString(roles));
            getAuthorizationResource().policies().policy(policy.getId()).update(policy);
        }
    }
    printUpdatedPolicies();
    loginToClientPage(aliceUser);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) RoleResource(org.keycloak.admin.client.resource.RoleResource) UsersResource(org.keycloak.admin.client.resource.UsersResource) UserResource(org.keycloak.admin.client.resource.UserResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) Matchers.containsString(org.hamcrest.Matchers.containsString) HashMap(java.util.HashMap) Map(java.util.Map) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 10 with UsersResource

use of org.keycloak.admin.client.resource.UsersResource in project keycloak by keycloak.

the class AbstractPhotozExampleAdapterTest method testClientRoleRepresentingUserConsent.

@Test
public void testClientRoleRepresentingUserConsent() throws Exception {
    loginToClientPage(aliceUser);
    clientPage.createAlbum(ALICE_ALBUM_NAME);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
    RealmResource realmResource = realmsResouce().realm(REALM_NAME);
    UsersResource usersResource = realmResource.users();
    List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
    assertFalse(users.isEmpty());
    UserRepresentation userRepresentation = users.get(0);
    UserResource userResource = usersResource.get(userRepresentation.getId());
    ClientResource html5ClientApp = getClientResource("photoz-html5-client");
    ClientRepresentation clientRepresentation = html5ClientApp.toRepresentation();
    userResource.revokeConsent(clientRepresentation.getClientId());
    setManageAlbumScopeRequired();
    loginToClientPage(aliceUser);
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasDenied);
    loginToClientPage(aliceUser, "manage-albums");
    clientPage.viewAlbum(ALICE_ALBUM_NAME, this::assertWasNotDenied);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) UsersResource(org.keycloak.admin.client.resource.UsersResource) UserResource(org.keycloak.admin.client.resource.UserResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Aggregations

UsersResource (org.keycloak.admin.client.resource.UsersResource)36 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)32 Test (org.junit.Test)18 UserResource (org.keycloak.admin.client.resource.UserResource)10 RealmResource (org.keycloak.admin.client.resource.RealmResource)9 Response (javax.ws.rs.core.Response)7 ClientsResource (org.keycloak.admin.client.resource.ClientsResource)7 Map (java.util.Map)6 List (java.util.List)5 Matchers.containsString (org.hamcrest.Matchers.containsString)5 Before (org.junit.Before)5 UserSessionRepresentation (org.keycloak.representations.idm.UserSessionRepresentation)5 IdentityProviderResource (org.keycloak.admin.client.resource.IdentityProviderResource)4 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)4 HashMap (java.util.HashMap)3 Collectors (java.util.stream.Collectors)3 Matchers.hasSize (org.hamcrest.Matchers.hasSize)3 Assert.assertThat (org.junit.Assert.assertThat)3 RolesResource (org.keycloak.admin.client.resource.RolesResource)3 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)3