Examples with FileConfigHandler org.keycloak.client.registration.cli.config.FileConfigHandler used on opensource projects

Example 6 with FileConfigHandler

use of org.keycloak.client.registration.cli.config.FileConfigHandler in project keycloak by keycloak.

the class KcRegUpdateTest method testUpdateThoroughly.

@Test
public void testUpdateThoroughly() throws IOException {
    FileConfigHandler handler = initCustomConfigFile();
    try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
        final String realm = "test";
        loginAsUser(configFile.getFile(), serverUrl, realm, "user1", "userpass");
        // create an object so we can update it
        KcRegExec exe = execute("create --config '" + configFile.getName() + "' -o -s clientId=my_client");
        assertExitCodeAndStdErrSize(exe, 0, 0);
        ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertEquals("enabled", true, client.isEnabled());
        Assert.assertEquals("publicClient", false, client.isPublicClient());
        Assert.assertEquals("bearerOnly", false, client.isBearerOnly());
        Assert.assertTrue("redirectUris is empty", client.getRedirectUris().isEmpty());
        // Merge update
        exe = execute("update my_client --config '" + configFile.getName() + "' -o " + " -s enabled=false -s 'redirectUris=[\"http://localhost:8980/myapp/*\"]'");
        assertExitCodeAndStdErrSize(exe, 0, 0);
        client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertEquals("enabled", false, client.isEnabled());
        Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
        // Another merge update - test deleting an attribute, deleting a list item and adding a list item
        exe = execute("update my_client --config '" + configFile.getName() + "' -o -d redirectUris -s webOrigins+=http://localhost:8980/myapp -s webOrigins+=http://localhost:8981/myapp -d webOrigins[0]");
        assertExitCodeAndStdErrSize(exe, 0, 0);
        client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertTrue("redirectUris is empty", client.getRedirectUris().isEmpty());
        Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8981/myapp"), client.getWebOrigins());
        // Another merge update - test nested attributes and setting an attribute using json format
        // TODO KEYCLOAK-3705 Updating protocolMapper config via client registration endpoint has no effect
        /*
            exe = execute("update my_client --config '" + configFile.getName() + "' -o -s 'protocolMappers[0].config.\"id.token.claim\"=false' " +
                    "-s 'protocolMappers[4].config={\"single\": \"true\", \"attribute.nameformat\": \"Basic\", \"attribute.name\": \"Role\"}'");

            assertExitCodeAndStdErrSize(exe, 0, 0);

            client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
            Assert.assertEquals("protocolMapper[0].config.\"id.token.claim\"", "false", client.getProtocolMappers().get(0).getConfig().get("id.token.claim"));
            Assert.assertEquals("protocolMappers[4].config.single", "true", client.getProtocolMappers().get(4).getConfig().get("single"));
            Assert.assertEquals("protocolMappers[4].config.\"attribute.nameformat\"", "Basic", client.getProtocolMappers().get(4).getConfig().get("attribute.nameformat"));
            Assert.assertEquals("protocolMappers[4].config.\"attribute.name\"", "Role", client.getProtocolMappers().get(4).getConfig().get("attribute.name"));
            */
        // update using oidc format
        // check that using an invalid attribute key is not ignored
        exe = execute("update my_client --nonexisting --config '" + configFile.getName() + "'");
        assertExitCodeAndStreamSizes(exe, 1, 0, 2);
        Assert.assertEquals("error message", "Unsupported option: --nonexisting", exe.stderrLines().get(0));
        Assert.assertEquals("try help", "Try '" + CMD + " help update' for more information", exe.stderrLines().get(1));
        // try use incompatible endpoint
        exe = execute("update my_client --config '" + configFile.getName() + "' -o -s enabled=true -e oidc");
        assertExitCodeAndStreamSizes(exe, 1, 0, 1);
        Assert.assertEquals("error message", "Failed to set attribute 'enabled' on document type 'oidc'", exe.stderrLines().get(0));
        // test overwrite from file
        exe = KcRegExec.newBuilder().argsLine("update my_client --config '" + configFile.getName() + "' -o  -s clientId=my_client -s 'redirectUris=[\"http://localhost:8980/myapp/*\"]' -f -").stdin(new ByteArrayInputStream("{ \"enabled\": false }".getBytes())).execute();
        assertExitCodeAndStdErrSize(exe, 0, 0);
        client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        // web origin is not sent to the server, thus it retains the current value
        Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8981/myapp"), client.getWebOrigins());
        Assert.assertFalse("enabled is false", client.isEnabled());
        Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
        // test using merge with file
        exe = KcRegExec.newBuilder().argsLine("update my_client --config '" + configFile.getName() + "' -o -s enabled=true -m -f -").stdin(new ByteArrayInputStream("{ \"webOrigins\": [\"http://localhost:8980/myapp\"] }".getBytes())).execute();
        assertExitCodeAndStdErrSize(exe, 0, 0);
        client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertEquals("webOrigins", Arrays.asList("http://localhost:8980/myapp"), client.getWebOrigins());
        Assert.assertTrue("enabled is true", client.isEnabled());
        Assert.assertEquals("redirectUris", Arrays.asList("http://localhost:8980/myapp/*"), client.getRedirectUris());
        // remove registration access token
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server " + serverUrl + " --realm " + realm + " --client my_client -d");
        assertExitCodeAndStdErrSize(exe, 0, 0);
        Assert.assertNull("my_client registration token", handler.loadConfig().ensureRealmConfigData(serverUrl, realm).getClients().get("my_client"));
    }
}

Example 7 with FileConfigHandler

use of org.keycloak.client.registration.cli.config.FileConfigHandler in project keycloak by keycloak.

the class KcRegConfigTest method testRegistrationToken.

@Test
public void testRegistrationToken() throws IOException {
    FileConfigHandler handler = initCustomConfigFile();
    try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
        // without --server
        KcRegExec exe = execute("config registration-token --config '" + configFile.getName() + "' ");
        assertExitCodeAndStreamSizes(exe, 1, 0, 2);
        Assert.assertEquals("error message", "Required option not specified: --server", exe.stderrLines().get(0));
        Assert.assertEquals("try help", "Try '" + CMD + " help config registration-token' for more information", exe.stderrLines().get(1));
        // without --realm
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth");
        assertExitCodeAndStreamSizes(exe, 1, 0, 2);
        Assert.assertEquals("error message", "Required option not specified: --realm", exe.stderrLines().get(0));
        Assert.assertEquals("try help", "Try '" + CMD + " help config registration-token' for more information", exe.stderrLines().get(1));
        // without --client
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth --realm test");
        assertExitCodeAndStreamSizes(exe, 1, 0, 2);
        Assert.assertEquals("error message", "Required option not specified: --client", exe.stderrLines().get(0));
        Assert.assertEquals("try help", "Try '" + CMD + " help config registration-token' for more information", exe.stderrLines().get(1));
        // specify token on cmdline
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth --realm test --client my_client NEWTOKEN");
        assertExitCodeAndStreamSizes(exe, 0, 0, 0);
        if (runIntermittentlyFailingTests()) {
            // don't specify token - must be prompted for it
            exe = KcRegExec.newBuilder().argsLine("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth --realm test --client my_client").executeAsync();
            exe.waitForStdout("Enter Registration Access Token:");
            exe.sendToStdin("NEWTOKEN" + EOL);
            exe.waitCompletion();
            assertExitCodeAndStreamSizes(exe, 0, 1, 0);
        } else {
            System.out.println("TEST SKIPPED PARTIALLY - This test currently suffers from intermittent failures. Use -Dtest.intermittent=true to run it in full.");
        }
        // delete non-existent token
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth --realm test --client nonexistent --delete");
        assertExitCodeAndStreamSizes(exe, 0, 0, 0);
        // delete token
        exe = execute("config registration-token --config '" + configFile.getName() + "' --server http://localhost:8080/auth --realm test --client my_client --delete");
        assertExitCodeAndStreamSizes(exe, 0, 0, 0);
    }
}

Example 8 with FileConfigHandler

use of org.keycloak.client.registration.cli.config.FileConfigHandler in project keycloak by keycloak.

the class KcRegUpdateTokenTest method testUpdateToken.

@Test
public void testUpdateToken() throws IOException {
    FileConfigHandler handler = initCustomConfigFile();
    ConfigUtil.setHandler(handler);
    try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
        KcRegExec exe = execute("config credentials --config '" + configFile.getName() + "' --server " + serverUrl + " --realm master --user admin --password admin");
        assertExitCodeAndStreamSizes(exe, 0, 0, 1);
        // read current registration access token
        ConfigData data = ConfigUtil.loadConfig();
        RealmConfigData rdata = data.getRealmConfigData(serverUrl, "test");
        Assert.assertNull("realm info set", rdata);
        // update registration access token
        exe = execute("update-token --config '" + configFile.getName() + "' reg-cli-secret-direct  --server " + serverUrl + " --realm test --user user1 --password userpass");
        assertExitCodeAndStreamSizes(exe, 0, 0, 1);
        // read current registration token
        data = ConfigUtil.loadConfig();
        rdata = data.getRealmConfigData(serverUrl, "test");
        Assert.assertEquals("current session realm unchanged", "master", data.getRealm());
        Assert.assertNotNull("realm info set", rdata);
        Assert.assertNull("on the fly login was transient", rdata.getToken());
        Assert.assertNotNull("client info has registration access token", rdata.getClients().get("reg-cli-secret-direct"));
        // use --no-config and on-the-fly auth
        exe = execute("update-token reg-cli-secret-direct --no-config --server " + serverUrl + " --realm test --user user1 --password userpass");
        assertExitCodeAndStreamSizes(exe, 0, 1, 1);
        // save the token
        String token = exe.stdoutLines().get(0);
        // test that the token works
        exe = execute("get reg-cli-secret-direct --no-config --server " + serverUrl + " --realm test -t " + token);
        assertExitCodeAndStdErrSize(exe, 0, 0);
        ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertEquals("client representation returned", "reg-cli-secret-direct", client.getClientId());
    }
}

Example 9 with FileConfigHandler

use of org.keycloak.client.registration.cli.config.FileConfigHandler in project keycloak by keycloak.

the class AbstractRegCliTest method initCustomConfigFile.

FileConfigHandler initCustomConfigFile() {
    String filename = UUID.randomUUID().toString() + ".config";
    File cfgFile = new File(WORK_DIR + "/" + filename);
    FileConfigHandler handler = new FileConfigHandler();
    handler.setConfigFile(cfgFile.getAbsolutePath());
    return handler;
}

Example 10 with FileConfigHandler

use of org.keycloak.client.registration.cli.config.FileConfigHandler in project keycloak by keycloak.

the class KcRegTest method testCreateWithAllowedHostsWithoutAuthentication.

private void testCreateWithAllowedHostsWithoutAuthentication(String realm, boolean useConfig) throws IOException {
    addLocalhostToAllowedHosts(realm);
    FileConfigHandler handler = initCustomConfigFile();
    try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
        KcRegExec exe = execute("create " + (useConfig ? ("--config '" + configFile.getAbsolutePath()) + "'" : "--no-config") + " --server " + serverUrl + " --realm " + realm + " -s clientId=test-client -o");
        assertExitCodeAndStdErrSize(exe, 0, 0);
        ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
        Assert.assertEquals("clientId", "test-client", client.getClientId());
        Assert.assertNotNull("registrationAccessToken", client.getRegistrationAccessToken());
        exe = execute("delete test-client " + (useConfig ? ("--config '" + configFile.getAbsolutePath()) + "'" : "--no-config") + " --server " + serverUrl + " --realm " + realm + " -t " + client.getRegistrationAccessToken());
        assertExitCodeAndStreamSizes(exe, 0, 0, 0);
    }
}