Example 1 with ClaimsRepresentation
use of org.keycloak.representations.ClaimsRepresentation in project keycloak by keycloak.
the class JsonParserTest method testReadClaimsParameter.
@Test
public void testReadClaimsParameter() throws Exception {
InputStream is = getClass().getClassLoader().getResourceAsStream("sample-claims.json");
ClaimsRepresentation claimsRep = JsonSerialization.readValue(is, ClaimsRepresentation.class);
Assert.assertTrue(claimsRep.isPresent("auth_time", ClaimsRepresentation.ClaimContext.ID_TOKEN));
Assert.assertFalse(claimsRep.isPresent("auth_time", ClaimsRepresentation.ClaimContext.USERINFO));
Assert.assertFalse(claimsRep.isPresentAsNullClaim("auth_time", ClaimsRepresentation.ClaimContext.ID_TOKEN));
Assert.assertTrue(claimsRep.isPresentAsNullClaim("nickname", ClaimsRepresentation.ClaimContext.USERINFO));
Assert.assertNull(claimsRep.getClaimValue("nickname", ClaimsRepresentation.ClaimContext.USERINFO, String.class));
ClaimsRepresentation.ClaimValue<String> email = claimsRep.getClaimValue("email", ClaimsRepresentation.ClaimContext.USERINFO, String.class);
assertClaimValue(email, true, null);
ClaimsRepresentation.ClaimValue<Boolean> emailVerified = claimsRep.getClaimValue("email_verified", ClaimsRepresentation.ClaimContext.USERINFO, Boolean.class);
assertClaimValue(emailVerified, true, null);
Assert.assertTrue(emailVerified.isEssential());
emailVerified = claimsRep.getClaimValue("email_verified", ClaimsRepresentation.ClaimContext.ID_TOKEN, Boolean.class);
assertClaimValue(emailVerified, false, true);
Assert.assertFalse(emailVerified.isEssential());
ClaimsRepresentation.ClaimValue<String> sub = claimsRep.getClaimValue("sub", ClaimsRepresentation.ClaimContext.ID_TOKEN, String.class);
assertClaimValue(sub, null, "248289761001");
Assert.assertFalse(sub.isEssential());
ClaimsRepresentation.ClaimValue<String> acr = claimsRep.getClaimValue("acr", ClaimsRepresentation.ClaimContext.ID_TOKEN, String.class);
assertClaimValue(acr, null, null, "urn:mace:incommon:iap:silver", "urn:mace:incommon:iap:gold");
}
Also used :
InputStream(java.io.InputStream)
ClaimsRepresentation(org.keycloak.representations.ClaimsRepresentation)
Test(org.junit.Test)
Example 2 with ClaimsRepresentation
use of org.keycloak.representations.ClaimsRepresentation in project keycloak by keycloak.
the class JavascriptAdapterTest method testAcrInLoginOptionsShouldBeConsideredByLoginUrl.
/**
* Test for acr handling via {@code loginOptions}: <pre>{@code
* Keycloak keycloak = new Keycloak(); keycloak.login({.... acr: { values: ["foo", "bar"], essential: false}})
* }</pre>
*/
@Test
public void testAcrInLoginOptionsShouldBeConsideredByLoginUrl() {
// Test when no "acr" option given. Claims parameter won't be passed to Keycloak server
testExecutor.configure().init(defaultArguments());
JSObjectBuilder loginOptions = JSObjectBuilder.create();
testExecutor.login(loginOptions, (JavascriptStateValidator) (driver, output, events) -> {
try {
String queryString = new URL(driver.getCurrentUrl()).getQuery();
String claimsParam = UriUtils.decodeQueryString(queryString).getFirst(OIDCLoginProtocol.CLAIMS_PARAM);
Assert.assertNull(claimsParam);
} catch (IOException ioe) {
throw new AssertionError(ioe);
}
});
// Test given "acr" option will be translated into the "claims" parameter passed to Keycloak server
jsDriver.navigate().to(testAppUrl);
testExecutor.configure().init(defaultArguments());
JSObjectBuilder acr1 = JSObjectBuilder.create().add("values", new String[] { "foo", "bar" }).add("essential", false);
loginOptions = JSObjectBuilder.create().add("acr", acr1);
testExecutor.login(loginOptions, (JavascriptStateValidator) (driver, output, events) -> {
try {
String queryString = new URL(driver.getCurrentUrl()).getQuery();
String claimsParam = UriUtils.decodeQueryString(queryString).getFirst(OIDCLoginProtocol.CLAIMS_PARAM);
Assert.assertNotNull(claimsParam);
ClaimsRepresentation claimsRep = JsonSerialization.readValue(claimsParam, ClaimsRepresentation.class);
ClaimsRepresentation.ClaimValue<String> claimValue = claimsRep.getClaimValue(IDToken.ACR, ClaimsRepresentation.ClaimContext.ID_TOKEN, String.class);
Assert.assertNames(claimValue.getValues(), "foo", "bar");
Assert.assertThat(claimValue.isEssential(), is(false));
} catch (IOException ioe) {
throw new AssertionError(ioe);
}
});
}
Also used :
JavascriptBrowser(org.keycloak.testsuite.util.JavascriptBrowser)
URL(java.net.URL)
JavascriptStateValidator(org.keycloak.testsuite.util.javascript.JavascriptStateValidator)
AssertEvents(org.keycloak.testsuite.AssertEvents)
WebElement(org.openqa.selenium.WebElement)
Page(org.jboss.arquillian.graphene.page.Page)
OAuthClient(org.keycloak.testsuite.util.OAuthClient)
Assert.assertThat(org.junit.Assert.assertThat)
Map(java.util.Map)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
IsMapContaining.hasEntry(org.hamcrest.collection.IsMapContaining.hasEntry)
UriUtils(org.keycloak.common.util.UriUtils)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature)
AUTH_SERVER_HOST(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST)
UpdatePassword(org.keycloak.testsuite.auth.page.login.UpdatePassword)
IDToken(org.keycloak.representations.IDToken)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
EventRepresentation(org.keycloak.representations.idm.EventRepresentation)
XMLHttpRequest(org.keycloak.testsuite.util.javascript.XMLHttpRequest)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
List(java.util.List)
URLAssert.assertCurrentUrlStartsWith(org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith)
TimeoutException(org.openqa.selenium.TimeoutException)
Details(org.keycloak.events.Details)
OIDCLoginProtocol(org.keycloak.protocol.oidc.OIDCLoginProtocol)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
OAuth2Constants(org.keycloak.OAuth2Constants)
WaitUtils.waitUntilElement(org.keycloak.testsuite.util.WaitUtils.waitUntilElement)
CoreMatchers.anyOf(org.hamcrest.CoreMatchers.anyOf)
Profile(org.keycloak.common.Profile)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
WebDriverException(org.openqa.selenium.WebDriverException)
JavascriptTestExecutor(org.keycloak.testsuite.util.javascript.JavascriptTestExecutor)
OAuthGrant(org.keycloak.testsuite.auth.page.login.OAuthGrant)
RealmBuilder(org.keycloak.testsuite.util.RealmBuilder)
UserBuilder(org.keycloak.testsuite.util.UserBuilder)
CoreMatchers.both(org.hamcrest.CoreMatchers.both)
Matchers.lessThan(org.hamcrest.Matchers.lessThan)
URLAssert.assertCurrentUrlDoesntStartWith(org.keycloak.testsuite.util.URLAssert.assertCurrentUrlDoesntStartWith)
Assume(org.junit.Assume)
Math.toIntExact(java.lang.Math.toIntExact)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Retry(org.keycloak.common.util.Retry)
Before(org.junit.Before)
ClaimsRepresentation(org.keycloak.representations.ClaimsRepresentation)
ApiUtil(org.keycloak.testsuite.admin.ApiUtil)
SuiteContext(org.keycloak.testsuite.arquillian.SuiteContext)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Assert.assertTrue(org.junit.Assert.assertTrue)
Test(org.junit.Test)
EventType(org.keycloak.events.EventType)
IOException(java.io.IOException)
WaitUtils.waitForPageToLoad(org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad)
JsonSerialization(org.keycloak.util.JsonSerialization)
Rule(org.junit.Rule)
JSObjectBuilder(org.keycloak.testsuite.util.javascript.JSObjectBuilder)
Applications(org.keycloak.testsuite.auth.page.account.Applications)
Assert.assertEquals(org.junit.Assert.assertEquals)
ClaimsRepresentation(org.keycloak.representations.ClaimsRepresentation)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
IOException(java.io.IOException)
URL(java.net.URL)
JSObjectBuilder(org.keycloak.testsuite.util.javascript.JSObjectBuilder)
Test(org.junit.Test)
Example 3 with ClaimsRepresentation
use of org.keycloak.representations.ClaimsRepresentation in project keycloak by keycloak.
the class LevelOfAssuranceFlowTest method openLoginFormWithAcrClaim.
public static void openLoginFormWithAcrClaim(OAuthClient oauth, boolean essential, String... acrValues) {
ClaimsRepresentation.ClaimValue<String> acrClaim = new ClaimsRepresentation.ClaimValue<>();
acrClaim.setEssential(essential);
acrClaim.setValues(Arrays.asList(acrValues));
ClaimsRepresentation claims = new ClaimsRepresentation();
claims.setIdTokenClaims(Collections.singletonMap(IDToken.ACR, acrClaim));
oauth.claims(claims);
oauth.openLoginForm();
}
Also used :
ClaimsRepresentation(org.keycloak.representations.ClaimsRepresentation)
Aggregations
ClaimsRepresentation (org.keycloak.representations.ClaimsRepresentation)3
Test (org.junit.Test)2
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
Math.toIntExact (java.lang.Math.toIntExact)1
URL (java.net.URL)1
List (java.util.List)1
Map (java.util.Map)1
CoreMatchers.anyOf (org.hamcrest.CoreMatchers.anyOf)1
CoreMatchers.both (org.hamcrest.CoreMatchers.both)1
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1
Matchers.greaterThan (org.hamcrest.Matchers.greaterThan)1
Matchers.is (org.hamcrest.Matchers.is)1
Matchers.lessThan (org.hamcrest.Matchers.lessThan)1
IsMapContaining.hasEntry (org.hamcrest.collection.IsMapContaining.hasEntry)1
Page (org.jboss.arquillian.graphene.page.Page)1
Assert.assertEquals (org.junit.Assert.assertEquals)1
Assert.assertThat (org.junit.Assert.assertThat)1
Assert.assertTrue (org.junit.Assert.assertTrue)1
Assume (org.junit.Assume)1
