Search in sources :

Example 46 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserModelTest method webOriginSetTest.

@Test
@ModelTest
public void webOriginSetTest(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesWebOrigin) -> {
        KeycloakSession currentSession = sesWebOrigin;
        RealmModel realm = currentSession.realms().getRealmByName("original");
        ClientModel client = realm.addClient("user");
        Assert.assertThat(client.getWebOrigins(), empty());
        client.addWebOrigin("origin-1");
        Assert.assertThat(client.getWebOrigins(), hasSize(1));
        client.addWebOrigin("origin-2");
        Assert.assertThat(client.getWebOrigins(), hasSize(2));
        client.removeWebOrigin("origin-2");
        Assert.assertThat(client.getWebOrigins(), hasSize(1));
        client.removeWebOrigin("origin-1");
        Assert.assertThat(client.getWebOrigins(), empty());
        client = realm.addClient("oauthclient2");
        Assert.assertThat(client.getWebOrigins(), empty());
        client.addWebOrigin("origin-1");
        Assert.assertThat(client.getWebOrigins(), hasSize(1));
        client.addWebOrigin("origin-2");
        Assert.assertThat(client.getWebOrigins(), hasSize(2));
        client.removeWebOrigin("origin-2");
        Assert.assertThat(client.getWebOrigins(), hasSize(1));
        client.removeWebOrigin("origin-1");
        Assert.assertThat(client.getWebOrigins(), empty());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 47 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserModelTest method testUpdateUserSingleAttribute.

// KEYCLOAK-3608
@Test
@ModelTest
public void testUpdateUserSingleAttribute(KeycloakSession session) {
    AtomicReference<Map<String, List<String>>> expectedAtomic = new AtomicReference<>();
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesUpdateUserSingleAtr) -> {
        KeycloakSession currentSession = sesUpdateUserSingleAtr;
        RealmModel realm = currentSession.realms().getRealmByName("original");
        Map<String, List<String>> expected = new HashMap<>();
        expected.put("key1", Collections.singletonList("value3"));
        expected.put("key2", Collections.singletonList("value2"));
        expected.put(UserModel.FIRST_NAME, Collections.singletonList(null));
        expected.put(UserModel.LAST_NAME, Collections.singletonList(null));
        expected.put(UserModel.EMAIL, Collections.singletonList(null));
        expected.put(UserModel.USERNAME, Collections.singletonList("user"));
        UserModel user = currentSession.users().addUser(realm, "user");
        user.setSingleAttribute("key1", "value1");
        user.setSingleAttribute("key2", "value2");
        // KEYCLOAK-7014
        user.setSingleAttribute("key3", null);
        // Overwrite the first attribute
        user.setSingleAttribute("key1", "value3");
        Assert.assertThat(user.getAttributes(), equalTo(expected));
        expectedAtomic.set(expected);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesUpdateUserSingleAtr2) -> {
        KeycloakSession currentSession = sesUpdateUserSingleAtr2;
        RealmModel realm = currentSession.realms().getRealmByName("original");
        Map<String, List<String>> expected = expectedAtomic.get();
        Assert.assertThat(currentSession.users().getUserByUsername(realm, "user").getAttributes(), equalTo(expected));
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) HashMap(java.util.HashMap) KeycloakSession(org.keycloak.models.KeycloakSession) AtomicReference(java.util.concurrent.atomic.AtomicReference) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 48 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserModelTest method testGrantToAll.

@Test
@ModelTest
public void testGrantToAll(KeycloakSession session) throws Exception {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll1) -> {
        KeycloakSession currentSession = sesGrantToAll1;
        RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
        realm1.addRole("role1");
        currentSession.users().addUser(realm1, "user1");
        currentSession.users().addUser(realm1, "user2");
        RealmModel realm2 = currentSession.realms().getRealmByName("realm2");
        currentSession.users().addUser(realm2, "user1");
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll2) -> {
        KeycloakSession currentSession = sesGrantToAll2;
        RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
        RoleModel role1 = realm1.getRole("role1");
        currentSession.users().grantToAllUsers(realm1, role1);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll2) -> {
        KeycloakSession currentSession = sesGrantToAll2;
        RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
        RoleModel role1 = realm1.getRole("role1");
        UserModel user1 = currentSession.users().getUserByUsername(realm1, "user1");
        UserModel user2 = currentSession.users().getUserByUsername(realm1, "user2");
        Assert.assertTrue(user1.hasRole(role1));
        Assert.assertTrue(user2.hasRole(role1));
        RealmModel realm2 = currentSession.realms().getRealmByName("realm2");
        UserModel realm2User1 = currentSession.users().getUserByUsername(realm2, "user1");
        Assert.assertFalse(realm2User1.hasRole(role1));
        currentSession.realms().removeRealm(realm1.getId());
        currentSession.realms().removeRealm(realm2.getId());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) KeycloakSession(org.keycloak.models.KeycloakSession) RoleModel(org.keycloak.models.RoleModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 49 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class CompositeRolesModelTest method testComposites.

@Test
@ModelTest
public void testComposites(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session5) -> {
        RealmModel realm = session5.realms().getRealm("TestComposites");
        Set<RoleModel> requestedRoles = getRequestedRoles(realm.getClientByClientId("APP_COMPOSITE_APPLICATION"), session.users().getUserByUsername(realm, "APP_COMPOSITE_USER"));
        Assert.assertEquals(5, requestedRoles.size());
        assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_COMPOSITE_ROLE", requestedRoles);
        assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_COMPOSITE_CHILD", requestedRoles);
        assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_ROLE_2", requestedRoles);
        assertContains(realm, "APP_ROLE_APPLICATION", "APP_ROLE_1", requestedRoles);
        assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
        Set<RoleModel> requestedRoles2 = getRequestedRoles(realm.getClientByClientId("APP_COMPOSITE_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_APP_COMPOSITE_USER"));
        Assert.assertEquals(4, requestedRoles2.size());
        assertContains(realm, "APP_ROLE_APPLICATION", "APP_ROLE_1", requestedRoles2);
        requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
        Assert.assertEquals(1, requestedRoles.size());
        assertContains(realm, "realm", "REALM_COMPOSITE_1", requestedRoles);
        requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_2_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
        Assert.assertEquals(3, requestedRoles.size());
        assertContains(realm, "realm", "REALM_COMPOSITE_1", requestedRoles);
        assertContains(realm, "realm", "REALM_COMPOSITE_CHILD", requestedRoles);
        assertContains(realm, "realm", "REALM_ROLE_4", requestedRoles);
        requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_ROLE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
        Assert.assertEquals(1, requestedRoles.size());
        assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
        requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_ROLE_1_USER"));
        Assert.assertEquals(1, requestedRoles.size());
        assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) KeycloakSession(org.keycloak.models.KeycloakSession) RoleModel(org.keycloak.models.RoleModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 50 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class CredentialModelTest method testCredentialCRUD.

@Test
@ModelTest
public void testCredentialCRUD(KeycloakSession session) throws Exception {
    AtomicReference<String> passwordId = new AtomicReference<>();
    AtomicReference<String> otp1Id = new AtomicReference<>();
    AtomicReference<String> otp2Id = new AtomicReference<>();
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        Assert.assertEquals(1, list.size());
        passwordId.set(list.get(0).getId());
        // Create 2 OTP credentials (password was already created)
        CredentialModel otp1 = OTPCredentialModel.createFromPolicy(realm, "secret1");
        CredentialModel otp2 = OTPCredentialModel.createFromPolicy(realm, "secret2");
        otp1 = currentSession.userCredentialManager().createCredential(realm, user, otp1);
        otp2 = currentSession.userCredentialManager().createCredential(realm, user, otp2);
        otp1Id.set(otp1.getId());
        otp2Id.set(otp2.getId());
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: password, otp1, otp2
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, passwordId.get(), otp1Id.get(), otp2Id.get());
        // Assert can't move password when newPreviousCredential not found
        Assert.assertFalse(currentSession.userCredentialManager().moveCredentialTo(realm, user, passwordId.get(), "not-known"));
        // Assert can't move credential when not found
        Assert.assertFalse(currentSession.userCredentialManager().moveCredentialTo(realm, user, "not-known", otp2Id.get()));
        // Move otp2 up 1 position
        Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), passwordId.get()));
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: password, otp2, otp1
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, passwordId.get(), otp2Id.get(), otp1Id.get());
        // Move otp2 to the top
        Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), null));
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: otp2, password, otp1
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, otp2Id.get(), passwordId.get(), otp1Id.get());
        // Move password down
        Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, passwordId.get(), otp1Id.get()));
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: otp2, otp1, password
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, otp2Id.get(), otp1Id.get(), passwordId.get());
        // Remove otp2 down two positions
        Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), passwordId.get()));
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: otp2, otp1, password
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, otp1Id.get(), passwordId.get(), otp2Id.get());
        // Remove password
        Assert.assertTrue(currentSession.userCredentialManager().removeStoredCredential(realm, user, passwordId.get()));
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
        RealmModel realm = currentSession.realms().getRealmByName("test");
        UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
        // Assert priorities: otp2, password
        List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
        assertOrder(list, otp1Id.get(), otp2Id.get());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) CredentialModel(org.keycloak.credential.CredentialModel) OTPCredentialModel(org.keycloak.models.credential.OTPCredentialModel) KeycloakSession(org.keycloak.models.KeycloakSession) AtomicReference(java.util.concurrent.atomic.AtomicReference) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

KeycloakSession (org.keycloak.models.KeycloakSession)189 RealmModel (org.keycloak.models.RealmModel)136 UserModel (org.keycloak.models.UserModel)78 Test (org.junit.Test)76 ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)61 ClientModel (org.keycloak.models.ClientModel)58 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)53 List (java.util.List)34 AtomicReference (java.util.concurrent.atomic.AtomicReference)22 Collectors (java.util.stream.Collectors)21 IOException (java.io.IOException)20 Map (java.util.Map)19 UserSessionModel (org.keycloak.models.UserSessionModel)19 ArrayList (java.util.ArrayList)18 ClientScopeModel (org.keycloak.models.ClientScopeModel)18 RoleModel (org.keycloak.models.RoleModel)18 Set (java.util.Set)16 RealmManager (org.keycloak.services.managers.RealmManager)16 HashMap (java.util.HashMap)14 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)14