use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.
the class UserModelTest method webOriginSetTest.
@Test
@ModelTest
public void webOriginSetTest(KeycloakSession session) {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesWebOrigin) -> {
KeycloakSession currentSession = sesWebOrigin;
RealmModel realm = currentSession.realms().getRealmByName("original");
ClientModel client = realm.addClient("user");
Assert.assertThat(client.getWebOrigins(), empty());
client.addWebOrigin("origin-1");
Assert.assertThat(client.getWebOrigins(), hasSize(1));
client.addWebOrigin("origin-2");
Assert.assertThat(client.getWebOrigins(), hasSize(2));
client.removeWebOrigin("origin-2");
Assert.assertThat(client.getWebOrigins(), hasSize(1));
client.removeWebOrigin("origin-1");
Assert.assertThat(client.getWebOrigins(), empty());
client = realm.addClient("oauthclient2");
Assert.assertThat(client.getWebOrigins(), empty());
client.addWebOrigin("origin-1");
Assert.assertThat(client.getWebOrigins(), hasSize(1));
client.addWebOrigin("origin-2");
Assert.assertThat(client.getWebOrigins(), hasSize(2));
client.removeWebOrigin("origin-2");
Assert.assertThat(client.getWebOrigins(), hasSize(1));
client.removeWebOrigin("origin-1");
Assert.assertThat(client.getWebOrigins(), empty());
});
}
use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.
the class UserModelTest method testUpdateUserSingleAttribute.
// KEYCLOAK-3608
@Test
@ModelTest
public void testUpdateUserSingleAttribute(KeycloakSession session) {
AtomicReference<Map<String, List<String>>> expectedAtomic = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesUpdateUserSingleAtr) -> {
KeycloakSession currentSession = sesUpdateUserSingleAtr;
RealmModel realm = currentSession.realms().getRealmByName("original");
Map<String, List<String>> expected = new HashMap<>();
expected.put("key1", Collections.singletonList("value3"));
expected.put("key2", Collections.singletonList("value2"));
expected.put(UserModel.FIRST_NAME, Collections.singletonList(null));
expected.put(UserModel.LAST_NAME, Collections.singletonList(null));
expected.put(UserModel.EMAIL, Collections.singletonList(null));
expected.put(UserModel.USERNAME, Collections.singletonList("user"));
UserModel user = currentSession.users().addUser(realm, "user");
user.setSingleAttribute("key1", "value1");
user.setSingleAttribute("key2", "value2");
// KEYCLOAK-7014
user.setSingleAttribute("key3", null);
// Overwrite the first attribute
user.setSingleAttribute("key1", "value3");
Assert.assertThat(user.getAttributes(), equalTo(expected));
expectedAtomic.set(expected);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesUpdateUserSingleAtr2) -> {
KeycloakSession currentSession = sesUpdateUserSingleAtr2;
RealmModel realm = currentSession.realms().getRealmByName("original");
Map<String, List<String>> expected = expectedAtomic.get();
Assert.assertThat(currentSession.users().getUserByUsername(realm, "user").getAttributes(), equalTo(expected));
});
}
use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.
the class UserModelTest method testGrantToAll.
@Test
@ModelTest
public void testGrantToAll(KeycloakSession session) throws Exception {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll1) -> {
KeycloakSession currentSession = sesGrantToAll1;
RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
realm1.addRole("role1");
currentSession.users().addUser(realm1, "user1");
currentSession.users().addUser(realm1, "user2");
RealmModel realm2 = currentSession.realms().getRealmByName("realm2");
currentSession.users().addUser(realm2, "user1");
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll2) -> {
KeycloakSession currentSession = sesGrantToAll2;
RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
RoleModel role1 = realm1.getRole("role1");
currentSession.users().grantToAllUsers(realm1, role1);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesGrantToAll2) -> {
KeycloakSession currentSession = sesGrantToAll2;
RealmModel realm1 = currentSession.realms().getRealmByName("realm1");
RoleModel role1 = realm1.getRole("role1");
UserModel user1 = currentSession.users().getUserByUsername(realm1, "user1");
UserModel user2 = currentSession.users().getUserByUsername(realm1, "user2");
Assert.assertTrue(user1.hasRole(role1));
Assert.assertTrue(user2.hasRole(role1));
RealmModel realm2 = currentSession.realms().getRealmByName("realm2");
UserModel realm2User1 = currentSession.users().getUserByUsername(realm2, "user1");
Assert.assertFalse(realm2User1.hasRole(role1));
currentSession.realms().removeRealm(realm1.getId());
currentSession.realms().removeRealm(realm2.getId());
});
}
use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.
the class CompositeRolesModelTest method testComposites.
@Test
@ModelTest
public void testComposites(KeycloakSession session) {
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session5) -> {
RealmModel realm = session5.realms().getRealm("TestComposites");
Set<RoleModel> requestedRoles = getRequestedRoles(realm.getClientByClientId("APP_COMPOSITE_APPLICATION"), session.users().getUserByUsername(realm, "APP_COMPOSITE_USER"));
Assert.assertEquals(5, requestedRoles.size());
assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_COMPOSITE_ROLE", requestedRoles);
assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_COMPOSITE_CHILD", requestedRoles);
assertContains(realm, "APP_COMPOSITE_APPLICATION", "APP_ROLE_2", requestedRoles);
assertContains(realm, "APP_ROLE_APPLICATION", "APP_ROLE_1", requestedRoles);
assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
Set<RoleModel> requestedRoles2 = getRequestedRoles(realm.getClientByClientId("APP_COMPOSITE_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_APP_COMPOSITE_USER"));
Assert.assertEquals(4, requestedRoles2.size());
assertContains(realm, "APP_ROLE_APPLICATION", "APP_ROLE_1", requestedRoles2);
requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
Assert.assertEquals(1, requestedRoles.size());
assertContains(realm, "realm", "REALM_COMPOSITE_1", requestedRoles);
requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_2_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
Assert.assertEquals(3, requestedRoles.size());
assertContains(realm, "realm", "REALM_COMPOSITE_1", requestedRoles);
assertContains(realm, "realm", "REALM_COMPOSITE_CHILD", requestedRoles);
assertContains(realm, "realm", "REALM_ROLE_4", requestedRoles);
requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_ROLE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_COMPOSITE_1_USER"));
Assert.assertEquals(1, requestedRoles.size());
assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
requestedRoles = getRequestedRoles(realm.getClientByClientId("REALM_COMPOSITE_1_APPLICATION"), session5.users().getUserByUsername(realm, "REALM_ROLE_1_USER"));
Assert.assertEquals(1, requestedRoles.size());
assertContains(realm, "realm", "REALM_ROLE_1", requestedRoles);
});
}
use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.
the class CredentialModelTest method testCredentialCRUD.
@Test
@ModelTest
public void testCredentialCRUD(KeycloakSession session) throws Exception {
AtomicReference<String> passwordId = new AtomicReference<>();
AtomicReference<String> otp1Id = new AtomicReference<>();
AtomicReference<String> otp2Id = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
Assert.assertEquals(1, list.size());
passwordId.set(list.get(0).getId());
// Create 2 OTP credentials (password was already created)
CredentialModel otp1 = OTPCredentialModel.createFromPolicy(realm, "secret1");
CredentialModel otp2 = OTPCredentialModel.createFromPolicy(realm, "secret2");
otp1 = currentSession.userCredentialManager().createCredential(realm, user, otp1);
otp2 = currentSession.userCredentialManager().createCredential(realm, user, otp2);
otp1Id.set(otp1.getId());
otp2Id.set(otp2.getId());
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: password, otp1, otp2
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, passwordId.get(), otp1Id.get(), otp2Id.get());
// Assert can't move password when newPreviousCredential not found
Assert.assertFalse(currentSession.userCredentialManager().moveCredentialTo(realm, user, passwordId.get(), "not-known"));
// Assert can't move credential when not found
Assert.assertFalse(currentSession.userCredentialManager().moveCredentialTo(realm, user, "not-known", otp2Id.get()));
// Move otp2 up 1 position
Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), passwordId.get()));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: password, otp2, otp1
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, passwordId.get(), otp2Id.get(), otp1Id.get());
// Move otp2 to the top
Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), null));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: otp2, password, otp1
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, otp2Id.get(), passwordId.get(), otp1Id.get());
// Move password down
Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, passwordId.get(), otp1Id.get()));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: otp2, otp1, password
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, otp2Id.get(), otp1Id.get(), passwordId.get());
// Remove otp2 down two positions
Assert.assertTrue(currentSession.userCredentialManager().moveCredentialTo(realm, user, otp2Id.get(), passwordId.get()));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: otp2, otp1, password
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, otp1Id.get(), passwordId.get(), otp2Id.get());
// Remove password
Assert.assertTrue(currentSession.userCredentialManager().removeStoredCredential(realm, user, passwordId.get()));
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
RealmModel realm = currentSession.realms().getRealmByName("test");
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
// Assert priorities: otp2, password
List<CredentialModel> list = currentSession.userCredentialManager().getStoredCredentialsStream(realm, user).collect(Collectors.toList());
assertOrder(list, otp1Id.get(), otp2Id.get());
});
}
Aggregations