Search in sources :

Example 21 with ProtectionResource

use of org.keycloak.authorization.client.resource.ProtectionResource in project keycloak by keycloak.

the class AuthzClientCredentialsTest method testNoRefreshToken.

@Test
public void testNoRefreshToken() throws Exception {
    ClientsResource clients = getAdminClient().realm("authz-test-no-rt").clients();
    AuthzClient authzClient = getAuthzClient("default-session-keycloak-no-rt.json");
    org.keycloak.authorization.client.resource.AuthorizationResource authorization = authzClient.authorization();
    AuthorizationResponse response = authorization.authorize();
    AccessToken accessToken = toAccessToken(response.getToken());
    assertEquals(1, accessToken.getAuthorization().getPermissions().size());
    assertEquals("Default Resource", accessToken.getAuthorization().getPermissions().iterator().next().getResourceName());
    ProtectionResource protection = authzClient.protection();
    assertEquals(1, protection.resource().findAll().length);
    try {
        // force token expiration on the client side
        Time.setOffset(1000);
        // should refresh tokens by doing client credentials again
        assertEquals(1, protection.resource().findAll().length);
    } finally {
        Time.setOffset(0);
    }
}
Also used : ProtectionResource(org.keycloak.authorization.client.resource.ProtectionResource) AuthzClient(org.keycloak.authorization.client.AuthzClient) AccessToken(org.keycloak.representations.AccessToken) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) Test(org.junit.Test)

Example 22 with ProtectionResource

use of org.keycloak.authorization.client.resource.ProtectionResource in project keycloak by keycloak.

the class AuthzClientCredentialsTest method testSuccessfulClientSecret.

@Test
public void testSuccessfulClientSecret() {
    ProtectionResource protection = getAuthzClient("default-keycloak.json").protection();
    assertAccessProtectionAPI(protection);
}
Also used : ProtectionResource(org.keycloak.authorization.client.resource.ProtectionResource) Test(org.junit.Test)

Example 23 with ProtectionResource

use of org.keycloak.authorization.client.resource.ProtectionResource in project keycloak by keycloak.

the class AuthzClientCredentialsTest method testSuccessfulAuthorizationRequest.

@Test
public void testSuccessfulAuthorizationRequest() throws Exception {
    AuthzClient authzClient = getAuthzClient("keycloak-with-jwt-authentication.json");
    ProtectionResource protection = authzClient.protection();
    PermissionRequest request = new PermissionRequest("Default Resource");
    PermissionResponse ticketResponse = protection.permission().create(request);
    String ticket = ticketResponse.getTicket();
    AuthorizationResponse authorizationResponse = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
    String rpt = authorizationResponse.getToken();
    assertNotNull(rpt);
    AccessToken accessToken = new JWSInput(rpt).readJsonContent(AccessToken.class);
    AccessToken.Authorization authorization = accessToken.getAuthorization();
    assertNotNull(authorization);
    List<Permission> permissions = new ArrayList<>(authorization.getPermissions());
    assertFalse(permissions.isEmpty());
    assertEquals("Default Resource", permissions.get(0).getResourceName());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) ProtectionResource(org.keycloak.authorization.client.resource.ProtectionResource) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) ArrayList(java.util.ArrayList) PermissionResponse(org.keycloak.representations.idm.authorization.PermissionResponse) JWSInput(org.keycloak.jose.jws.JWSInput) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) AuthzClient(org.keycloak.authorization.client.AuthzClient) AccessToken(org.keycloak.representations.AccessToken) Permission(org.keycloak.representations.idm.authorization.Permission) Test(org.junit.Test)

Aggregations

ProtectionResource (org.keycloak.authorization.client.resource.ProtectionResource)23 Test (org.junit.Test)17 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)17 UmaPermissionRepresentation (org.keycloak.representations.idm.authorization.UmaPermissionRepresentation)15 NotFoundException (javax.ws.rs.NotFoundException)9 AuthorizationDeniedException (org.keycloak.authorization.client.AuthorizationDeniedException)9 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)9 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)7 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)7 AuthzClient (org.keycloak.authorization.client.AuthzClient)4 AccessToken (org.keycloak.representations.AccessToken)4 AuthorizationResource (org.keycloak.authorization.client.resource.AuthorizationResource)3 Permission (org.keycloak.representations.idm.authorization.Permission)3 PermissionRequest (org.keycloak.representations.idm.authorization.PermissionRequest)3 ArrayList (java.util.ArrayList)2 ClientsResource (org.keycloak.admin.client.resource.ClientsResource)2 PolicyResource (org.keycloak.authorization.client.resource.PolicyResource)2 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)2 List (java.util.List)1 PermissionResource (org.keycloak.authorization.client.resource.PermissionResource)1