Example 6 with FileConfigHandler
use of org.keycloak.client.admin.cli.config.FileConfigHandler in project keycloak by keycloak.
the class KcAdmUpdateTest method testUpdateThoroughly.
@Test
public void testUpdateThoroughly() throws IOException {
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
final String realm = "test";
loginAsUser(configFile.getFile(), serverUrl, realm, "user1", "userpass");
// create an object so we can update it
KcAdmExec exe = execute("create clients --config '" + configFile.getName() + "' -o -s clientId=my_client");
assertExitCodeAndStdErrSize(exe, 0, 0);
ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertTrue("enabled", client.isEnabled());
Assert.assertFalse("publicClient", client.isPublicClient());
Assert.assertFalse("bearerOnly", client.isBearerOnly());
Assert.assertTrue("redirectUris is empty", client.getRedirectUris().isEmpty());
// Merge update
exe = execute("update clients/" + client.getId() + " --config '" + configFile.getName() + "' -o " + " -s enabled=false -s 'redirectUris=[\"http://localhost:8980/myapp/*\"]'");
assertExitCodeAndStdErrSize(exe, 0, 0);
client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertFalse("enabled", client.isEnabled());
Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
// Another merge update - test deleting an attribute, deleting a list item and adding a list item
exe = execute("update clients/" + client.getId() + " --config '" + configFile.getName() + "' -o -d redirectUris[0] -s webOrigins+=http://localhost:8980/myapp -s webOrigins+=http://localhost:8981/myapp -d webOrigins[0]");
assertExitCodeAndStdErrSize(exe, 0, 0);
client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertTrue("redirectUris is empty", client.getRedirectUris().isEmpty());
Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8981/myapp"), client.getWebOrigins());
// Another merge update - test nested attributes and setting an attribute using json format
// TODO KEYCLOAK-3705 Updating protocolMapper config via client registration endpoint has no effect
/*
exe = execute("update my_client --config '" + configFile.getName() + "' -o -s 'protocolMappers[0].config.\"id.token.claim\"=false' " +
"-s 'protocolMappers[4].config={\"single\": \"true\", \"attribute.nameformat\": \"Basic\", \"attribute.name\": \"Role\"}'");
assertExitCodeAndStdErrSize(exe, 0, 0);
client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertEquals("protocolMapper[0].config.\"id.token.claim\"", "false", client.getProtocolMappers().get(0).getConfig().get("id.token.claim"));
Assert.assertEquals("protocolMappers[4].config.single", "true", client.getProtocolMappers().get(4).getConfig().get("single"));
Assert.assertEquals("protocolMappers[4].config.\"attribute.nameformat\"", "Basic", client.getProtocolMappers().get(4).getConfig().get("attribute.nameformat"));
Assert.assertEquals("protocolMappers[4].config.\"attribute.name\"", "Role", client.getProtocolMappers().get(4).getConfig().get("attribute.name"));
*/
// update using oidc format
// check that using an invalid attribute key is not ignored
exe = execute("update clients/" + client.getId() + " --nonexisting --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 1, 0, 2);
Assert.assertEquals("error message", "Invalid option: --nonexisting", exe.stderrLines().get(0));
Assert.assertEquals("try help", "Try '" + CMD + " help update' for more information", exe.stderrLines().get(1));
// test overwrite from file
exe = KcAdmExec.newBuilder().argsLine("update clients/" + client.getId() + " --config '" + configFile.getName() + "' -o -s clientId=my_client -s 'redirectUris=[\"http://localhost:8980/myapp/*\"]' -f -").stdin(new ByteArrayInputStream("{ \"enabled\": false }".getBytes())).execute();
assertExitCodeAndStdErrSize(exe, 0, 0);
client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
// web origin is not sent to the server, thus it retains the current value
Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8981/myapp"), client.getWebOrigins());
Assert.assertFalse("enabled is false", client.isEnabled());
Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
// test using merge with file
exe = KcAdmExec.newBuilder().argsLine("update clients/" + client.getId() + " --config '" + configFile.getName() + "' -o -s enabled=true -m -f -").stdin(new ByteArrayInputStream("{ \"webOrigins\": [\"http://localhost:8980/myapp\"] }".getBytes())).execute();
assertExitCodeAndStdErrSize(exe, 0, 0);
client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8980/myapp"), client.getWebOrigins());
Assert.assertTrue("enabled is true", client.isEnabled());
Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
}
}
Also used :
FileConfigHandler(org.keycloak.client.admin.cli.config.FileConfigHandler)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KcAdmExec(org.keycloak.testsuite.cli.KcAdmExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 7 with FileConfigHandler
use of org.keycloak.client.admin.cli.config.FileConfigHandler in project keycloak by keycloak.
the class KcAdmCreateTest method testCreateThoroughly.
@Test
public void testCreateThoroughly() throws IOException {
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
final String realm = "test";
// authenticate as a regular user against one realm
KcAdmExec exe = KcAdmExec.execute("config credentials -x --config '" + configFile.getName() + "' --server " + serverUrl + " --realm master --user admin --password admin");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
// create configuration from file using stdin redirect ... output an object
String content = "{\n" + " \"clientId\": \"my_client\",\n" + " \"enabled\": true,\n" + " \"redirectUris\": [\"http://localhost:8980/myapp/*\"],\n" + " \"serviceAccountsEnabled\": true,\n" + " \"name\": \"My Client App\",\n" + " \"implicitFlowEnabled\": false,\n" + " \"publicClient\": true,\n" + " \"webOrigins\": [\"http://localhost:8980/myapp\"],\n" + " \"consentRequired\": false,\n" + " \"baseUrl\": \"http://localhost:8980/myapp\",\n" + " \"bearerOnly\": true,\n" + " \"standardFlowEnabled\": true\n" + "}";
try (TempFileResource tmpFile = new TempFileResource(initTempFile(".json", content))) {
exe = execute("create clients --config '" + configFile.getName() + "' -o -f - < '" + tmpFile.getName() + "'");
assertExitCodeAndStdErrSize(exe, 0, 0);
ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertNotNull("id", client.getId());
Assert.assertEquals("clientId", "my_client", client.getClientId());
Assert.assertEquals("enabled", true, client.isEnabled());
Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
Assert.assertEquals("serviceAccountsEnabled", true, client.isServiceAccountsEnabled());
Assert.assertEquals("name", "My Client App", client.getName());
Assert.assertEquals("implicitFlowEnabled", false, client.isImplicitFlowEnabled());
Assert.assertEquals("publicClient", true, client.isPublicClient());
// note there is no server-side check if protocol is supported
Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8980/myapp"), client.getWebOrigins());
Assert.assertEquals("consentRequired", false, client.isConsentRequired());
Assert.assertEquals("baseUrl", "http://localhost:8980/myapp", client.getBaseUrl());
Assert.assertEquals("bearerOnly", true, client.isStandardFlowEnabled());
Assert.assertFalse("mappers not empty", client.getProtocolMappers().isEmpty());
// create configuration from file as a template and override clientId and other attributes ... output an object
exe = execute("create clients --config '" + configFile.getName() + "' -o -f '" + tmpFile.getName() + "' -s clientId=my_client2 -s enabled=false -s 'redirectUris=[\"http://localhost:8980/myapp2/*\"]'" + " -s 'name=My Client App II' -s 'webOrigins=[\"http://localhost:8980/myapp2\"]'" + " -s baseUrl=http://localhost:8980/myapp2 -s rootUrl=http://localhost:8980/myapp2");
assertExitCodeAndStdErrSize(exe, 0, 0);
ClientRepresentation client2 = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertNotNull("id", client2.getId());
Assert.assertEquals("clientId", "my_client2", client2.getClientId());
Assert.assertEquals("enabled", false, client2.isEnabled());
Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp2/*"), client2.getRedirectUris());
Assert.assertEquals("serviceAccountsEnabled", true, client2.isServiceAccountsEnabled());
Assert.assertEquals("name", "My Client App II", client2.getName());
Assert.assertEquals("implicitFlowEnabled", false, client2.isImplicitFlowEnabled());
Assert.assertEquals("publicClient", true, client2.isPublicClient());
Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8980/myapp2"), client2.getWebOrigins());
Assert.assertEquals("consentRequired", false, client2.isConsentRequired());
Assert.assertEquals("baseUrl", "http://localhost:8980/myapp2", client2.getBaseUrl());
Assert.assertEquals("rootUrl", "http://localhost:8980/myapp2", client2.getRootUrl());
Assert.assertEquals("bearerOnly", true, client2.isStandardFlowEnabled());
Assert.assertFalse("mappers not empty", client2.getProtocolMappers().isEmpty());
}
// simple create, output an id
exe = execute("create clients --config '" + configFile.getName() + "' -i -s clientId=my_client3");
assertExitCodeAndStreamSizes(exe, 0, 1, 0);
// simple create, default output
exe = execute("create clients --config '" + configFile.getName() + "' -s clientId=my_client4");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
Assert.assertTrue("only id returned", exe.stderrLines().get(0).startsWith("Created new client with id '"));
}
}
Also used :
FileConfigHandler(org.keycloak.client.admin.cli.config.FileConfigHandler)
KcAdmExec(org.keycloak.testsuite.cli.KcAdmExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 8 with FileConfigHandler
use of org.keycloak.client.admin.cli.config.FileConfigHandler in project keycloak by keycloak.
the class KcAdmCreateTest method testCreateWithRealmOverride.
@Test
public void testCreateWithRealmOverride() throws IOException {
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
// authenticate as a regular user against one realm
KcAdmExec exe = execute("config credentials -x --config '" + configFile.getName() + "' --server " + serverUrl + " --realm master --user admin --password admin");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
exe = execute("create clients --config '" + configFile.getName() + "' --server " + serverUrl + " -r test -s clientId=my_first_client");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
}
}
Also used :
FileConfigHandler(org.keycloak.client.admin.cli.config.FileConfigHandler)
KcAdmExec(org.keycloak.testsuite.cli.KcAdmExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
Test(org.junit.Test)
Example 9 with FileConfigHandler
use of org.keycloak.client.admin.cli.config.FileConfigHandler in project keycloak by keycloak.
the class KcAdmTest method testCustomConfigLoginCreateDelete.
@Test
public void testCustomConfigLoginCreateDelete() throws IOException {
/*
* Test user login, create, delete session using a custom config file
*/
// prepare for loading a config file
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
KcAdmExec exe = KcAdmExec.execute("config credentials --server " + serverUrl + " --realm master --user admin --password admin --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
// remember the state of config file
ConfigData config1 = handler.loadConfig();
exe = KcAdmExec.execute("create --config '" + configFile.getName() + "' clients -s clientId=test-client -o");
assertExitCodeAndStdErrSize(exe, 0, 0);
// check changes to config file
ConfigData config2 = handler.loadConfig();
assertFieldsEqualWithExclusions(config1, config2);
ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertEquals("clientId", "test-client", client.getClientId());
exe = KcAdmExec.execute("delete clients/" + client.getId() + " --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 0);
// check changes to config file
ConfigData config3 = handler.loadConfig();
assertFieldsEqualWithExclusions(config2, config3);
}
}
Also used :
FileConfigHandler(org.keycloak.client.admin.cli.config.FileConfigHandler)
RealmConfigData(org.keycloak.client.admin.cli.config.RealmConfigData)
ConfigData(org.keycloak.client.admin.cli.config.ConfigData)
KcAdmExec(org.keycloak.testsuite.cli.KcAdmExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 10 with FileConfigHandler
use of org.keycloak.client.admin.cli.config.FileConfigHandler in project keycloak by keycloak.
the class KcAdmTest method testUserLoginWithCustomConfig.
@Test
public void testUserLoginWithCustomConfig() {
/*
* Test user login using a custom config file
*/
FileConfigHandler handler = initCustomConfigFile();
File configFile = new File(handler.getConfigFile());
try {
KcAdmExec exe = KcAdmExec.execute("config credentials --server " + serverUrl + " --realm master" + " --user admin --password admin --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
Assert.assertEquals("stderr first line", "Logging into " + serverUrl + " as user admin of realm master", exe.stderrLines().get(0));
// make sure the config file exists, and has the right content
ConfigData config = handler.loadConfig();
Assert.assertEquals("serverUrl", serverUrl, config.getServerUrl());
Assert.assertEquals("realm", "master", config.getRealm());
RealmConfigData realmcfg = config.sessionRealmConfigData();
Assert.assertNotNull("realm config data no null", realmcfg);
Assert.assertEquals("realm cfg serverUrl", serverUrl, realmcfg.serverUrl());
Assert.assertEquals("realm cfg realm", "master", realmcfg.realm());
Assert.assertEquals("client id", "admin-cli", realmcfg.getClientId());
Assert.assertNotNull("token not null", realmcfg.getToken());
Assert.assertNotNull("refresh token not null", realmcfg.getRefreshToken());
Assert.assertNotNull("token expires not null", realmcfg.getExpiresAt());
Assert.assertNotNull("token expires in future", realmcfg.getExpiresAt() > System.currentTimeMillis());
Assert.assertNotNull("refresh token expires not null", realmcfg.getRefreshExpiresAt());
Assert.assertNotNull("refresh token expires in future", realmcfg.getRefreshExpiresAt() > System.currentTimeMillis());
} finally {
configFile.delete();
}
}
Also used :
RealmConfigData(org.keycloak.client.admin.cli.config.RealmConfigData)
FileConfigHandler(org.keycloak.client.admin.cli.config.FileConfigHandler)
RealmConfigData(org.keycloak.client.admin.cli.config.RealmConfigData)
ConfigData(org.keycloak.client.admin.cli.config.ConfigData)
KcAdmExec(org.keycloak.testsuite.cli.KcAdmExec)
File(java.io.File)
Test(org.junit.Test)
Aggregations
FileConfigHandler (org.keycloak.client.admin.cli.config.FileConfigHandler)12
Test (org.junit.Test)10
KcAdmExec (org.keycloak.testsuite.cli.KcAdmExec)10
TempFileResource (org.keycloak.testsuite.util.TempFileResource)9
File (java.io.File)5
ConfigData (org.keycloak.client.admin.cli.config.ConfigData)4
RealmConfigData (org.keycloak.client.admin.cli.config.RealmConfigData)3
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)3
RealmResource (org.keycloak.admin.client.resource.RealmResource)2
TypeReference (com.fasterxml.jackson.core.type.TypeReference)1
ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
Closeable (java.io.Closeable)1
IOException (java.io.IOException)1
Arrays (java.util.Arrays)1
List (java.util.List)1
Collectors (java.util.stream.Collectors)1
StreamSupport (java.util.stream.StreamSupport)1
Matchers.equalTo (org.hamcrest.Matchers.equalTo)1
Assert (org.junit.Assert)1
