Example 6 with GlobalRequestResult
use of org.keycloak.representations.adapters.action.GlobalRequestResult in project keycloak by keycloak.
the class RealmTest method logoutAll.
@Test
public void logoutAll() {
setupTestAppAndUser();
Response response = realm.users().create(UserBuilder.create().username("user").build());
String userId = ApiUtil.getCreatedId(response);
response.close();
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(userId), ResourceType.USER);
realm.users().get(userId).resetPassword(CredentialBuilder.create().password("password").build());
assertAdminEvents.assertEvent(realmId, OperationType.ACTION, AdminEventPaths.userResetPasswordPath(userId), ResourceType.USER);
oauth.doLogin("user", "password");
GlobalRequestResult globalRequestResult = realm.logoutAll();
assertAdminEvents.assertEvent(realmId, OperationType.ACTION, "logout-all", globalRequestResult, ResourceType.REALM);
assertEquals(1, globalRequestResult.getSuccessRequests().size());
assertEquals(oauth.AUTH_SERVER_ROOT + "/realms/master/app/admin", globalRequestResult.getSuccessRequests().get(0));
assertNull(globalRequestResult.getFailedRequests());
assertNotNull(testingClient.testApp().getAdminLogoutAction());
}
Also used :
AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)
Response(javax.ws.rs.core.Response)
GlobalRequestResult(org.keycloak.representations.adapters.action.GlobalRequestResult)
AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest)
Test(org.junit.Test)
Example 7 with GlobalRequestResult
use of org.keycloak.representations.adapters.action.GlobalRequestResult in project keycloak by keycloak.
the class RealmAdminResource method pushRevocation.
/**
* Push the realm's revocation policy to any client that has an admin url associated with it.
*/
@Path("push-revocation")
@POST
public GlobalRequestResult pushRevocation() {
auth.realm().requireManageRealm();
GlobalRequestResult result = new ResourceAdminManager(session).pushRealmRevocationPolicy(realm);
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
Also used :
ResourceAdminManager(org.keycloak.services.managers.ResourceAdminManager)
GlobalRequestResult(org.keycloak.representations.adapters.action.GlobalRequestResult)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Example 8 with GlobalRequestResult
use of org.keycloak.representations.adapters.action.GlobalRequestResult in project keycloak by keycloak.
the class RealmAdminResource method logoutAll.
/**
* Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions
* they have.
*/
@Path("logout-all")
@POST
@Produces(MediaType.APPLICATION_JSON)
public GlobalRequestResult logoutAll() {
auth.users().requireManage();
session.sessions().removeUserSessions(realm);
GlobalRequestResult result = new ResourceAdminManager(session).logoutAll(realm);
adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
Also used :
ResourceAdminManager(org.keycloak.services.managers.ResourceAdminManager)
GlobalRequestResult(org.keycloak.representations.adapters.action.GlobalRequestResult)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
Example 9 with GlobalRequestResult
use of org.keycloak.representations.adapters.action.GlobalRequestResult in project keycloak by keycloak.
the class ClientResource method testNodesAvailable.
/**
* Test if registered cluster nodes are available
*
* Tests availability by sending 'ping' request to all cluster nodes.
*
* @return
*/
@Path("test-nodes-available")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public GlobalRequestResult testNodesAvailable() {
auth.clients().requireConfigure(client);
logger.debug("Test availability of cluster nodes");
GlobalRequestResult result = new ResourceAdminManager(session).testNodesAvailability(realm, client);
adminEvent.operation(OperationType.ACTION).resource(ResourceType.CLUSTER_NODE).resourcePath(session.getContext().getUri()).representation(result).success();
return result;
}
Also used :
ResourceAdminManager(org.keycloak.services.managers.ResourceAdminManager)
GlobalRequestResult(org.keycloak.representations.adapters.action.GlobalRequestResult)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 10 with GlobalRequestResult
use of org.keycloak.representations.adapters.action.GlobalRequestResult in project keycloak by keycloak.
the class OIDCPublicKeyRotationAdapterTest method testPublicKeyCacheInvalidatedWhenPushedNotBefore.
// KEYCLOAK-3823: Test that sending notBefore policy invalidates JWKPublicKeyLocator cache
@Test
public void testPublicKeyCacheInvalidatedWhenPushedNotBefore() {
driver.manage().timeouts().pageLoadTimeout(1000, TimeUnit.SECONDS);
String customerDBUnsecuredUrl = customerDb.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
String customerDBUrlNoTrailSlash = customerDb.getUriBuilder().build().toASCIIString();
customerDBUrlNoTrailSlash = customerDBUrlNoTrailSlash.substring(0, customerDBUrlNoTrailSlash.length() - 1);
String tokenMinTTLUnsecuredUrl = tokenMinTTLPage.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
// increase accessTokenLifespan to 1200
RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
demoRealm.setAccessTokenLifespan(1200);
adminClient.realm(DEMO).update(demoRealm);
// authenticate in tokenMinTTL app
loginToTokenMinTtlApp();
String accessTokenString = tokenMinTTLPage.getAccessTokenString();
// Generate new realm public key
String oldActiveKeyProviderId = getActiveKeyProvider();
generateNewRealmKey();
// Send REST request to customer-db app. It should be successfully authenticated even that token is signed by the old key
int status = invokeRESTEndpoint(accessTokenString);
Assert.assertEquals(200, status);
// Remove the old realm key now
adminClient.realm(DEMO).components().component(oldActiveKeyProviderId).remove();
// Set some offset to ensure pushing notBefore will pass
setAdapterAndServerTimeOffset(130, customerDBUnsecuredUrl, tokenMinTTLUnsecuredUrl);
// Send notBefore policy from the realm
demoRealm.setNotBefore(Time.currentTime() - 1);
adminClient.realm(DEMO).update(demoRealm);
GlobalRequestResult result = adminClient.realm(DEMO).pushRevocation();
Assert.assertTrue(result.getSuccessRequests().contains(customerDBUrlNoTrailSlash));
// Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
status = invokeRESTEndpoint(accessTokenString);
Assert.assertEquals(401, status);
// Revert public keys change and time offset
resetKeycloakDeploymentForAdapter(customerDBUnsecuredUrl);
resetKeycloakDeploymentForAdapter(tokenMinTTLUnsecuredUrl);
}
Also used :
GlobalRequestResult(org.keycloak.representations.adapters.action.GlobalRequestResult)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
Test(org.junit.Test)
AbstractServletsAdapterTest(org.keycloak.testsuite.adapter.AbstractServletsAdapterTest)
Aggregations
GlobalRequestResult (org.keycloak.representations.adapters.action.GlobalRequestResult)13
Test (org.junit.Test)5
Path (javax.ws.rs.Path)3
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)3
ResourceAdminManager (org.keycloak.services.managers.ResourceAdminManager)3
AbstractAdminTest (org.keycloak.testsuite.admin.AbstractAdminTest)3
POST (javax.ws.rs.POST)2
Produces (javax.ws.rs.Produces)2
PushNotBeforeAction (org.keycloak.representations.adapters.action.PushNotBeforeAction)2
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
GET (javax.ws.rs.GET)1
Response (javax.ws.rs.core.Response)1
NoCache (org.jboss.resteasy.annotations.cache.NoCache)1
ModelIllegalStateException (org.keycloak.models.ModelIllegalStateException)1
TestAvailabilityAction (org.keycloak.representations.adapters.action.TestAvailabilityAction)1
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)1
AbstractServletsAdapterTest (org.keycloak.testsuite.adapter.AbstractServletsAdapterTest)1
AccessTokenResponse (org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)1
