Examples with AccessToken org.keycloak.representations.AccessToken used on opensource projects

Search in sources :

Example 56 with AccessToken

use of org.keycloak.representations.AccessToken in project keycloak by keycloak.

the class CompositeImportRoleTest method testAppCompositeUser.

@Test
public void testAppCompositeUser() throws Exception {
    oauth.realm("test");
    oauth.clientId("APP_COMPOSITE_APPLICATION");
    oauth.doLogin("APP_COMPOSITE_USER", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
    Assert.assertEquals(200, response.getStatusCode());
    Assert.assertEquals("Bearer", response.getTokenType());
    AccessToken token = oauth.verifyToken(response.getAccessToken());
    Assert.assertEquals(getUserId("APP_COMPOSITE_USER"), token.getSubject());
    Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
    Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
    Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
    Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
}
Also used : AccessToken(org.keycloak.representations.AccessToken) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) Test(org.junit.Test)

Example 57 with AccessToken

use of org.keycloak.representations.AccessToken in project keycloak by keycloak.

the class CompositeImportRoleTest method testRealmAppCompositeUser.

@Test
public void testRealmAppCompositeUser() throws Exception {
    oauth.realm("test");
    oauth.clientId("APP_ROLE_APPLICATION");
    oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
    Assert.assertEquals(200, response.getStatusCode());
    Assert.assertEquals("Bearer", response.getTokenType());
    AccessToken token = oauth.verifyToken(response.getAccessToken());
    Assert.assertEquals(getUserId("REALM_APP_COMPOSITE_USER"), token.getSubject());
    Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
    Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
}
Also used : AccessToken(org.keycloak.representations.AccessToken) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) Test(org.junit.Test)

Example 58 with AccessToken

use of org.keycloak.representations.AccessToken in project keycloak by keycloak.

the class CompositeImportRoleTest method testRealmOnlyWithUserCompositeAppRole.

@Test
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
    oauth.realm("test");
    oauth.clientId("REALM_ROLE_1_APPLICATION");
    oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
    Assert.assertEquals(200, response.getStatusCode());
    Assert.assertEquals("Bearer", response.getTokenType());
    AccessToken token = oauth.verifyToken(response.getAccessToken());
    Assert.assertEquals(getUserId("REALM_COMPOSITE_1_USER"), token.getSubject());
    Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
    Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
}
Also used : AccessToken(org.keycloak.representations.AccessToken) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) Test(org.junit.Test)

Example 59 with AccessToken

use of org.keycloak.representations.AccessToken in project keycloak by keycloak.

the class AbstractKerberosSingleRealmTest method credentialDelegationTest.

@Test
public void credentialDelegationTest() throws Exception {
    Assume.assumeTrue("Ignoring test as the embedded server is not started", getKerberosRule().isStartEmbeddedLdapServer());
    // Add kerberos delegation credential mapper
    ProtocolMapperModel protocolMapper = UserSessionNoteMapper.createClaimMapper(KerberosConstants.GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME, KerberosConstants.GSS_DELEGATION_CREDENTIAL, KerberosConstants.GSS_DELEGATION_CREDENTIAL, "String", true, false);
    ProtocolMapperRepresentation protocolMapperRep = ModelToRepresentation.toRepresentation(protocolMapper);
    ClientResource clientResource = findClientByClientId(testRealmResource(), "kerberos-app");
    Response response = clientResource.getProtocolMappers().createMapper(protocolMapperRep);
    String protocolMapperId = ApiUtil.getCreatedId(response);
    response.close();
    // SPNEGO login
    AccessToken token = assertSuccessfulSpnegoLogin("hnelson", "hnelson", "secret");
    // Assert kerberos ticket in the accessToken can be re-used to authenticate against other 3rd party kerberos service (ApacheDS Server in this case)
    String serializedGssCredential = (String) token.getOtherClaims().get(KerberosConstants.GSS_DELEGATION_CREDENTIAL);
    Assert.assertNotNull(serializedGssCredential);
    GSSCredential gssCredential = KerberosSerializationUtils.deserializeCredential(serializedGssCredential);
    String ldapResponse = invokeLdap(gssCredential, token.getPreferredUsername());
    Assert.assertEquals("Horatio Nelson", ldapResponse);
    // Logout
    oauth.openLogout();
    // Remove protocolMapper
    clientResource.getProtocolMappers().delete(protocolMapperId);
    // Login and assert delegated credential not anymore
    token = assertSuccessfulSpnegoLogin("hnelson", "hnelson", "secret");
    Assert.assertFalse(token.getOtherClaims().containsKey(KerberosConstants.GSS_DELEGATION_CREDENTIAL));
    events.clear();
}
Also used : Response(javax.ws.rs.core.Response) GSSCredential(org.ietf.jgss.GSSCredential) AccessToken(org.keycloak.representations.AccessToken) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) ProtocolMapperModel(org.keycloak.models.ProtocolMapperModel) Test(org.junit.Test)

Example 60 with AccessToken

use of org.keycloak.representations.AccessToken in project keycloak by keycloak.

the class CompositeRoleTest method testRealmOnlyWithUserCompositeAppRole.

@Test
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
    oauth.realm("test");
    oauth.clientId("REALM_ROLE_1_APPLICATION");
    oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
    Assert.assertEquals(200, response.getStatusCode());
    Assert.assertEquals("Bearer", response.getTokenType());
    AccessToken token = oauth.verifyToken(response.getAccessToken());
    Assert.assertEquals(getUserId("REALM_COMPOSITE_1_USER"), token.getSubject());
    Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
    Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
    AccessTokenResponse refreshResponse = oauth.doRefreshTokenRequest(response.getRefreshToken(), "password");
    Assert.assertEquals(200, refreshResponse.getStatusCode());
}
Also used : AccessToken(org.keycloak.representations.AccessToken) AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse) Test(org.junit.Test)

Aggregations

AccessToken (org.keycloak.representations.AccessToken)230 Test (org.junit.Test)129 OAuthClient (org.keycloak.testsuite.util.OAuthClient)104 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)54 RefreshToken (org.keycloak.representations.RefreshToken)45 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)37 JWSInput (org.keycloak.jose.jws.JWSInput)29 Permission (org.keycloak.representations.idm.authorization.Permission)28 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)27 Response (javax.ws.rs.core.Response)26 ClientResource (org.keycloak.admin.client.resource.ClientResource)22 VerificationException (org.keycloak.common.VerificationException)19 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)19 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)18 IDToken (org.keycloak.representations.IDToken)18 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)17 IOException (java.io.IOException)15 AuthzClient (org.keycloak.authorization.client.AuthzClient)15 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)14 ArrayList (java.util.ArrayList)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial