Search in sources :

Example 56 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class ClientModelTest method testClientScopesBinding.

@Test
@ModelTest
public void testClientScopesBinding(KeycloakSession session) {
    AtomicReference<ClientScopeModel> scope1Atomic = new AtomicReference<>();
    AtomicReference<ClientScopeModel> scope2Atomic = new AtomicReference<>();
    AtomicReference<ClientScopeModel> scope3Atomic = new AtomicReference<>();
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionClientScopeBind1) -> {
        currentSession = sessionClientScopeBind1;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        client = realm.addClient("templatized");
        client.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        ClientScopeModel scope1 = realm.addClientScope("scope1");
        scope1.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        scope1Atomic.set(scope1);
        ClientScopeModel scope2 = realm.addClientScope("scope2");
        scope2.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        scope2Atomic.set(scope2);
        ClientScopeModel scope3 = realm.addClientScope("scope3");
        scope3.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        scope3Atomic.set(scope3);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionClientScopeBind2) -> {
        currentSession = sessionClientScopeBind2;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        client = realm.getClientByClientId("templatized");
        ClientScopeModel scope1 = scope1Atomic.get();
        ClientScopeModel scope2 = scope2Atomic.get();
        ClientScopeModel scope3 = scope3Atomic.get();
        scope1 = realm.getClientScopeById(scope1.getId());
        scope2 = realm.getClientScopeById(scope2.getId());
        scope3 = realm.getClientScopeById(scope3.getId());
        client.addClientScope(scope1, true);
        client.addClientScope(scope2, false);
        client.addClientScope(scope3, false);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionClientScopeBind3) -> {
        currentSession = sessionClientScopeBind3;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        client = realm.getClientByClientId("templatized");
        ClientScopeModel scope1 = scope1Atomic.get();
        ClientScopeModel scope2 = scope2Atomic.get();
        Map<String, ClientScopeModel> clientScopes1 = client.getClientScopes(true);
        assertThat("Client Scope contains 'scope1':", clientScopes1.containsKey("scope1"), is(true));
        assertThat("Client Scope contains 'scope2':", clientScopes1.containsKey("scope2"), is(false));
        assertThat("Client Scope contains 'scope3':", clientScopes1.containsKey("scope3"), is(false));
        Map<String, ClientScopeModel> clientScopes2 = client.getClientScopes(false);
        assertThat("Client Scope contains 'scope1':", clientScopes2.containsKey("scope1"), is(false));
        assertThat("Client Scope contains 'scope2':", clientScopes2.containsKey("scope2"), is(true));
        assertThat("Client Scope contains 'scope3':", clientScopes2.containsKey("scope3"), is(true));
        // Remove some binding and check it was removed
        client.removeClientScope(scope1);
        client.removeClientScope(scope2);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionClientScopeBind3) -> {
        currentSession = sessionClientScopeBind3;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        client = realm.getClientByClientId("templatized");
        ClientScopeModel scope3 = scope3Atomic.get();
        Map<String, ClientScopeModel> clientScopes1 = client.getClientScopes(true);
        assertThat("Client Scope contains 'scope1':", clientScopes1.containsKey("scope1"), is(false));
        assertThat("Client Scope contains 'scope2':", clientScopes1.containsKey("scope2"), is(false));
        assertThat("Client Scope contains 'scope3':", clientScopes1.containsKey("scope3"), is(false));
        Map<String, ClientScopeModel> clientScopes2 = client.getClientScopes(false);
        assertThat("Client Scope contains 'scope1':", clientScopes2.containsKey("scope1"), is(false));
        assertThat("Client Scope contains 'scope2':", clientScopes2.containsKey("scope2"), is(false));
        assertThat("Client Scope contains 'scope3':", clientScopes2.containsKey("scope3"), is(true));
        currentSession.clients().removeClient(realm, client.getId());
        client.removeClientScope(scope3);
        realm.removeClientScope(scope1Atomic.get().getId());
        realm.removeClientScope(scope2Atomic.get().getId());
        realm.removeClientScope(scope3Atomic.get().getId());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) KeycloakSession(org.keycloak.models.KeycloakSession) ClientScopeModel(org.keycloak.models.ClientScopeModel) AtomicReference(java.util.concurrent.atomic.AtomicReference) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 57 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class ClientModelTest method testRealmRoleRemovalAndClientScope.

@Test
@ModelTest
public void testRealmRoleRemovalAndClientScope(KeycloakSession session) {
    // Client "from" has a role.  Assign this role to a scope to client "scoped".  Delete the role and make sure
    // cache gets cleared
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRealmRoleRemove1) -> {
        currentSession = sessionRealmRoleRemove1;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        RoleModel role = realm.addRole("clientRole");
        roleId = role.getId();
        ClientModel scoped = realm.addClient("scoped");
        scoped.setFullScopeAllowed(false);
        scoped.addScopeMapping(role);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRealmRoleRemove2) -> {
        currentSession = sessionRealmRoleRemove2;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        RoleModel role = currentSession.roles().getRoleById(realm, roleId);
        realm.removeRole(role);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRealmRoleRemove3) -> {
        currentSession = sessionRealmRoleRemove3;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        ClientModel scoped = realm.getClientByClientId("scoped");
        // used to throw an NPE
        assertThat("Scope Mappings is not 0", scoped.getScopeMappingsStream().count(), is(0L));
        currentSession.clients().removeClient(realm, scoped.getId());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) RoleModel(org.keycloak.models.RoleModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 58 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class ClientModelTest method testCircularClientScopes.

@Test
@ModelTest
public void testCircularClientScopes(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCircuilarClient1) -> {
        currentSession = sessionCircuilarClient1;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        ClientModel scoped1 = realm.addClient("scoped1");
        RoleModel role1 = scoped1.addRole("role1");
        ClientModel scoped2 = realm.addClient("scoped2");
        RoleModel role2 = scoped2.addRole("role2");
        scoped1.addScopeMapping(role2);
        scoped2.addScopeMapping(role1);
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCircuilarClient2) -> {
        currentSession = sessionCircuilarClient2;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        // this hit the circular cache and failed with a stack overflow
        ClientModel scoped1 = realm.getClientByClientId("scoped1");
        currentSession.clients().removeClient(realm, scoped1.getId());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) RoleModel(org.keycloak.models.RoleModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 59 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class ClientModelTest method persist.

@Test
@ModelTest
public void persist(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionPersist) -> {
        currentSession = sessionPersist;
        RealmModel realm = currentSession.realms().getRealmByName(realmName);
        client = setUpClient(realm);
        ClientModel actual = realm.getClientByClientId("app-name");
        assertEquals(client, actual);
        client.unregisterNode("node1");
        client.unregisterNode("10.20.30.40");
        currentSession.clients().removeClient(realm, client.getId());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 60 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class ImportTest method importWithoutRequestContext.

// KEYCLOAK-12921 NPE importing realm with no request context
@Test
public void importWithoutRequestContext() throws IOException {
    final String realmString = IOUtils.toString(getClass().getResourceAsStream("/model/realm-validation.json"), StandardCharsets.UTF_8);
    testingClient.server().run(session -> {
        RealmRepresentation testRealm = JsonSerialization.readValue(realmString, RealmRepresentation.class);
        AtomicReference<Throwable> err = new AtomicReference<>();
        // Need a new thread to not get context from thread processing request to run-on-server endpoint
        Thread t = new Thread(() -> {
            try {
                KeycloakSession ses = session.getKeycloakSessionFactory().create();
                ses.getContext().setRealm(session.getContext().getRealm());
                ses.getTransactionManager().begin();
                RealmModel realmModel = new RealmManager(ses).importRealm(testRealm);
                ses.getTransactionManager().commit();
                ses.close();
                ses = session.getKeycloakSessionFactory().create();
                ses.getTransactionManager().begin();
                session.realms().removeRealm(realmModel.getId());
                ses.getTransactionManager().commit();
                ses.close();
            } catch (Throwable th) {
                err.set(th);
            }
        });
        synchronized (t) {
            t.start();
            try {
                t.wait(10000);
            } catch (InterruptedException e) {
                throw new RunOnServerException(e);
            }
        }
        if (err.get() != null) {
            throw new RunOnServerException(err.get());
        }
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) KeycloakSession(org.keycloak.models.KeycloakSession) AtomicReference(java.util.concurrent.atomic.AtomicReference) RealmManager(org.keycloak.services.managers.RealmManager) RunOnServerException(org.keycloak.testsuite.runonserver.RunOnServerException) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

KeycloakSession (org.keycloak.models.KeycloakSession)189 RealmModel (org.keycloak.models.RealmModel)136 UserModel (org.keycloak.models.UserModel)78 Test (org.junit.Test)76 ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)61 ClientModel (org.keycloak.models.ClientModel)58 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)53 List (java.util.List)34 AtomicReference (java.util.concurrent.atomic.AtomicReference)22 Collectors (java.util.stream.Collectors)21 IOException (java.io.IOException)20 Map (java.util.Map)19 UserSessionModel (org.keycloak.models.UserSessionModel)19 ArrayList (java.util.ArrayList)18 ClientScopeModel (org.keycloak.models.ClientScopeModel)18 RoleModel (org.keycloak.models.RoleModel)18 Set (java.util.Set)16 RealmManager (org.keycloak.services.managers.RealmManager)16 HashMap (java.util.HashMap)14 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)14