Search in sources :

Example 41 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserConsentModelTest method deleteClientScopeTest.

@Test
@ModelTest
public void deleteClientScopeTest(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionST1) -> {
        KeycloakSession currentSession = sessionST1;
        RealmModel realm = currentSession.realms().getRealm("original");
        ClientScopeModel fooScope = KeycloakModelUtils.getClientScopeByName(realm, "foo");
        realm.removeClientScope(fooScope.getId());
    });
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionST2) -> {
        KeycloakSession currentSession = sessionST2;
        RealmModel realm = currentSession.realms().getRealm("original");
        ClientModel fooClient = realm.getClientByClientId("foo-client");
        UserModel john = currentSession.users().getUserByUsername(realm, "john");
        UserConsentModel johnConsent = currentSession.users().getConsentByClient(realm, john.getId(), fooClient.getId());
        Assert.assertEquals(johnConsent.getGrantedClientScopes().size(), 0);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) ClientScopeModel(org.keycloak.models.ClientScopeModel) UserConsentModel(org.keycloak.models.UserConsentModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 42 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserConsentModelTest method setupEnv.

public static void setupEnv(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionEnv) -> {
        KeycloakSession currentSession = sessionEnv;
        RealmManager realmManager = new RealmManager(currentSession);
        RealmModel realm = realmManager.createRealm("original");
        ClientModel fooClient = realm.addClient("foo-client");
        ClientModel barClient = realm.addClient("bar-client");
        ClientScopeModel fooScope = realm.addClientScope("foo");
        fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        ClientScopeModel barScope = realm.addClientScope("bar");
        fooScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        UserModel john = currentSession.users().addUser(realm, "john");
        UserModel mary = currentSession.users().addUser(realm, "mary");
        UserConsentModel johnFooGrant = new UserConsentModel(fooClient);
        johnFooGrant.addGrantedClientScope(fooScope);
        realmManager.getSession().users().addConsent(realm, john.getId(), johnFooGrant);
        UserConsentModel johnBarGrant = new UserConsentModel(barClient);
        johnBarGrant.addGrantedClientScope(barScope);
        // Update should fail as grant doesn't yet exists
        try {
            realmManager.getSession().users().updateConsent(realm, john.getId(), johnBarGrant);
            Assert.fail("Not expected to end here");
        } catch (ModelException expected) {
        }
        realmManager.getSession().users().addConsent(realm, john.getId(), johnBarGrant);
        UserConsentModel maryFooGrant = new UserConsentModel(fooClient);
        maryFooGrant.addGrantedClientScope(fooScope);
        realmManager.getSession().users().addConsent(realm, mary.getId(), maryFooGrant);
        ClientStorageProviderModel clientStorage = new ClientStorageProviderModel();
        clientStorage.setProviderId(HardcodedClientStorageProviderFactory.PROVIDER_ID);
        clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CLIENT_ID, "hardcoded-client");
        clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.REDIRECT_URI, "http://localhost:8081/*");
        clientStorage.getConfig().putSingle(HardcodedClientStorageProviderFactory.CONSENT, "true");
        clientStorage.setParentId(realm.getId());
        clientStorageComponent = realm.addComponentModel(clientStorage);
        ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
        Assert.assertNotNull(hardcodedClient);
        UserConsentModel maryHardcodedGrant = new UserConsentModel(hardcodedClient);
        realmManager.getSession().users().addConsent(realm, mary.getId(), maryHardcodedGrant);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) ClientModel(org.keycloak.models.ClientModel) ModelException(org.keycloak.models.ModelException) KeycloakSession(org.keycloak.models.KeycloakSession) ClientScopeModel(org.keycloak.models.ClientScopeModel) RealmManager(org.keycloak.services.managers.RealmManager) ClientStorageProviderModel(org.keycloak.storage.client.ClientStorageProviderModel) UserConsentModel(org.keycloak.models.UserConsentModel)

Example 43 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserConsentModelTest method basicConsentTest.

@Test
@ModelTest
public void basicConsentTest(KeycloakSession session) {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCT) -> {
        KeycloakSession currentSession = sessionCT;
        RealmModel realm = currentSession.realms().getRealm("original");
        ClientModel fooClient = realm.getClientByClientId("foo-client");
        ClientModel barClient = realm.getClientByClientId("bar-client");
        UserModel john = currentSession.users().getUserByUsername(realm, "john");
        UserModel mary = currentSession.users().getUserByUsername(realm, "mary");
        UserConsentModel johnFooConsent = currentSession.users().getConsentByClient(realm, john.getId(), fooClient.getId());
        Assert.assertEquals(johnFooConsent.getGrantedClientScopes().size(), 1);
        Assert.assertTrue(isClientScopeGranted(realm, "foo", johnFooConsent));
        Assert.assertNotNull("Created Date should be set", johnFooConsent.getCreatedDate());
        Assert.assertNotNull("Last Updated Date should be set", johnFooConsent.getLastUpdatedDate());
        UserConsentModel johnBarConsent = currentSession.users().getConsentByClient(realm, john.getId(), barClient.getId());
        Assert.assertEquals(johnBarConsent.getGrantedClientScopes().size(), 1);
        Assert.assertTrue(isClientScopeGranted(realm, "bar", johnBarConsent));
        Assert.assertNotNull("Created Date should be set", johnBarConsent.getCreatedDate());
        Assert.assertNotNull("Last Updated Date should be set", johnBarConsent.getLastUpdatedDate());
        UserConsentModel maryConsent = currentSession.users().getConsentByClient(realm, mary.getId(), fooClient.getId());
        Assert.assertEquals(maryConsent.getGrantedClientScopes().size(), 1);
        Assert.assertTrue(isClientScopeGranted(realm, "foo", maryConsent));
        Assert.assertNotNull("Created Date should be set", maryConsent.getCreatedDate());
        Assert.assertNotNull("Last Updated Date should be set", maryConsent.getLastUpdatedDate());
        ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
        UserConsentModel maryHardcodedConsent = currentSession.users().getConsentByClient(realm, mary.getId(), hardcodedClient.getId());
        Assert.assertEquals(maryHardcodedConsent.getGrantedClientScopes().size(), 0);
        Assert.assertNotNull("Created Date should be set", maryHardcodedConsent.getCreatedDate());
        Assert.assertNotNull("Last Updated Date should be set", maryHardcodedConsent.getLastUpdatedDate());
        Assert.assertNull(currentSession.users().getConsentByClient(realm, mary.getId(), barClient.getId()));
        Assert.assertNull(currentSession.users().getConsentByClient(realm, john.getId(), hardcodedClient.getId()));
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) ClientModel(org.keycloak.models.ClientModel) KeycloakSession(org.keycloak.models.KeycloakSession) UserConsentModel(org.keycloak.models.UserConsentModel) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 44 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserConsentModelTest method deleteUserTest.

@Test
@ModelTest
public void deleteUserTest(KeycloakSession session) {
    // Validate user deleted without any referential constraint errors
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionUT) -> {
        KeycloakSession currentSession = sessionUT;
        RealmModel realm = currentSession.realms().getRealm("original");
        UserModel john = currentSession.users().getUserByUsername(realm, "john");
        currentSession.users().removeUser(realm, john);
        UserModel mary = currentSession.users().getUserByUsername(realm, "mary");
        currentSession.users().removeUser(realm, mary);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) KeycloakSession(org.keycloak.models.KeycloakSession) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 45 with KeycloakSession

use of org.keycloak.models.KeycloakSession in project keycloak by keycloak.

the class UserModelTest method testUserRequiredActions.

@Test
@ModelTest
public void testUserRequiredActions(KeycloakSession session) throws Exception {
    KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesUserReqActions) -> {
        KeycloakSession currentSession = sesUserReqActions;
        RealmModel realm = currentSession.realms().getRealmByName("original");
        UserModel user = currentSession.users().addUser(realm, "user");
        List<String> requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, empty());
        user.addRequiredAction(RequiredAction.CONFIGURE_TOTP);
        String id = realm.getId();
        realm = currentSession.realms().getRealm(id);
        user = currentSession.users().getUserByUsername(realm, "user");
        requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, hasSize(1));
        Assert.assertThat(requiredActions, contains(RequiredAction.CONFIGURE_TOTP.name()));
        user.addRequiredAction(RequiredAction.CONFIGURE_TOTP);
        user = currentSession.users().getUserByUsername(realm, "user");
        requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, hasSize(1));
        Assert.assertThat(requiredActions, contains(RequiredAction.CONFIGURE_TOTP.name()));
        user.addRequiredAction(RequiredAction.VERIFY_EMAIL.name());
        user = currentSession.users().getUserByUsername(realm, "user");
        requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, hasSize(2));
        Assert.assertThat(requiredActions, containsInAnyOrder(RequiredAction.CONFIGURE_TOTP.name(), RequiredAction.VERIFY_EMAIL.name()));
        user.removeRequiredAction(RequiredAction.CONFIGURE_TOTP.name());
        user = currentSession.users().getUserByUsername(realm, "user");
        requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, hasSize(1));
        Assert.assertThat(requiredActions, contains(RequiredAction.VERIFY_EMAIL.name()));
        user.removeRequiredAction(RequiredAction.VERIFY_EMAIL.name());
        user = currentSession.users().getUserByUsername(realm, "user");
        requiredActions = user.getRequiredActionsStream().collect(Collectors.toList());
        Assert.assertThat(requiredActions, empty());
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) KeycloakSession(org.keycloak.models.KeycloakSession) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Aggregations

KeycloakSession (org.keycloak.models.KeycloakSession)189 RealmModel (org.keycloak.models.RealmModel)136 UserModel (org.keycloak.models.UserModel)78 Test (org.junit.Test)76 ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)61 ClientModel (org.keycloak.models.ClientModel)58 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)53 List (java.util.List)34 AtomicReference (java.util.concurrent.atomic.AtomicReference)22 Collectors (java.util.stream.Collectors)21 IOException (java.io.IOException)20 Map (java.util.Map)19 UserSessionModel (org.keycloak.models.UserSessionModel)19 ArrayList (java.util.ArrayList)18 ClientScopeModel (org.keycloak.models.ClientScopeModel)18 RoleModel (org.keycloak.models.RoleModel)18 Set (java.util.Set)16 RealmManager (org.keycloak.services.managers.RealmManager)16 HashMap (java.util.HashMap)14 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)14