Search in sources :

Example 1 with AuthenticationExecutionInfoRepresentation

use of org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation in project keycloak by keycloak.

the class AbstractKerberosTest method updateKerberosAuthExecutionRequirement.

public static AuthenticationExecutionModel.Requirement updateKerberosAuthExecutionRequirement(AuthenticationExecutionModel.Requirement requirement, RealmResource realmResource) {
    Optional<AuthenticationExecutionInfoRepresentation> kerberosAuthExecutionOpt = realmResource.flows().getExecutions(DefaultAuthenticationFlows.BROWSER_FLOW).stream().filter(e -> e.getProviderId().equals(SpnegoAuthenticatorFactory.PROVIDER_ID)).findFirst();
    Assert.assertTrue(kerberosAuthExecutionOpt.isPresent());
    AuthenticationExecutionInfoRepresentation kerberosAuthExecution = kerberosAuthExecutionOpt.get();
    String oldRequirementStr = kerberosAuthExecution.getRequirement();
    AuthenticationExecutionModel.Requirement oldRequirement = AuthenticationExecutionModel.Requirement.valueOf(oldRequirementStr);
    kerberosAuthExecution.setRequirement(requirement.name());
    realmResource.flows().updateExecutions(DefaultAuthenticationFlows.BROWSER_FLOW, kerberosAuthExecution);
    return oldRequirement;
}
Also used : DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) AbstractAdminTest.loadJson(org.keycloak.testsuite.admin.AbstractAdminTest.loadJson) AssertEvents(org.keycloak.testsuite.AssertEvents) NamingException(javax.naming.NamingException) Page(org.jboss.arquillian.graphene.page.Page) DefaultAuthenticationFlows(org.keycloak.models.utils.DefaultAuthenticationFlows) KerberosRule(org.keycloak.testsuite.util.KerberosRule) LDAPConstants(org.keycloak.models.LDAPConstants) OAuthClient(org.keycloak.testsuite.util.OAuthClient) AccessToken(org.keycloak.representations.AccessToken) Map(java.util.Map) After(org.junit.After) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel) URI(java.net.URI) GSSCredential(org.ietf.jgss.GSSCredential) RealmResource(org.keycloak.admin.client.resource.RealmResource) CommonKerberosConfig(org.keycloak.federation.kerberos.CommonKerberosConfig) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) List(java.util.List) ModelToRepresentation(org.keycloak.models.utils.ModelToRepresentation) Principal(java.security.Principal) AuthRealm(org.keycloak.testsuite.auth.page.AuthRealm) Response(javax.ws.rs.core.Response) Details(org.keycloak.events.Details) LoginPage(org.keycloak.testsuite.pages.LoginPage) Attributes(javax.naming.directory.Attributes) ResteasyClient(org.jboss.resteasy.client.jaxrs.ResteasyClient) URLEncodedUtils(org.apache.http.client.utils.URLEncodedUtils) Optional(java.util.Optional) NameValuePair(org.apache.http.NameValuePair) OAuth2Constants(org.keycloak.OAuth2Constants) Assert(org.keycloak.testsuite.Assert) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) AuthSchemes(org.apache.http.client.config.AuthSchemes) InitialDirContext(javax.naming.directory.InitialDirContext) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest) UserModel(org.keycloak.models.UserModel) AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) Credentials(org.apache.http.auth.Credentials) ApacheHttpClient4Engine(org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine) Context(javax.naming.Context) Sasl(javax.security.sasl.Sasl) AccountPasswordPage(org.keycloak.testsuite.pages.AccountPasswordPage) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) Hashtable(java.util.Hashtable) Before(org.junit.Before) ApiUtil(org.keycloak.testsuite.admin.ApiUtil) SpnegoAuthenticatorFactory(org.keycloak.authentication.authenticators.browser.SpnegoAuthenticatorFactory) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) UserStorageProvider(org.keycloak.storage.UserStorageProvider) DirContext(javax.naming.directory.DirContext) Consumer(java.util.function.Consumer) Rule(org.junit.Rule) AuthScope(org.apache.http.auth.AuthScope) HttpClientBuilder(org.keycloak.adapters.HttpClientBuilder) MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap) AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)

Example 2 with AuthenticationExecutionInfoRepresentation

use of org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation in project keycloak by keycloak.

the class KerberosLdapTest method testClientOverrideFlowUsingBrowserHttpChallenge.

@Test
public void testClientOverrideFlowUsingBrowserHttpChallenge() throws Exception {
    List<AuthenticationExecutionInfoRepresentation> executions = testRealmResource().flows().getExecutions("http challenge");
    for (AuthenticationExecutionInfoRepresentation execution : executions) {
        if ("basic-auth".equals(execution.getProviderId())) {
            execution.setRequirement("ALTERNATIVE");
            testRealmResource().flows().updateExecutions("http challenge", execution);
        }
        if ("auth-spnego".equals(execution.getProviderId())) {
            execution.setRequirement("ALTERNATIVE");
            testRealmResource().flows().updateExecutions("http challenge", execution);
        }
    }
    Map<String, String> flows = new HashMap<>();
    AuthenticationFlowRepresentation flow = testRealmResource().flows().getFlows().stream().filter(flowRep -> flowRep.getAlias().equalsIgnoreCase("http challenge")).findAny().get();
    flows.put(AuthenticationFlowBindings.BROWSER_BINDING, flow.getId());
    ClientRepresentation client = testRealmResource().clients().findByClientId("kerberos-app-challenge").get(0);
    client.setAuthenticationFlowBindingOverrides(flows);
    testRealmResource().clients().get(client.getId()).update(client);
    assertSuccessfulSpnegoLogin(client.getClientId(), "hnelson", "hnelson", "secret");
}
Also used : HashMap(java.util.HashMap) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Example 3 with AuthenticationExecutionInfoRepresentation

use of org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation in project keycloak by keycloak.

the class UserStorageRestTest method findKerberosExecution.

private AuthenticationExecutionInfoRepresentation findKerberosExecution() {
    AuthenticationExecutionInfoRepresentation kerberosExecution = null;
    List<AuthenticationExecutionInfoRepresentation> executionReps = realm.flows().getExecutions("browser");
    kerberosExecution = AbstractAuthenticationTest.findExecutionByProvider("auth-spnego", executionReps);
    Assert.assertNotNull(kerberosExecution);
    return kerberosExecution;
}
Also used : AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)

Example 4 with AuthenticationExecutionInfoRepresentation

use of org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation in project keycloak by keycloak.

the class ShiftExecutionTest method testShiftExecution.

@Test
public void testShiftExecution() {
    // copy built-in flow so we get a new editable flow
    HashMap<String, String> params = new HashMap<>();
    params.put("newName", "Copy of browser");
    Response response = authMgmtResource.copy("browser", params);
    assertAdminEvents.assertEvent(REALM_NAME, OperationType.CREATE, AdminEventPaths.authCopyFlowPath("browser"), params, ResourceType.AUTH_FLOW);
    try {
        Assert.assertEquals("Copy flow", 201, response.getStatus());
    } finally {
        response.close();
    }
    // get executions
    List<AuthenticationExecutionInfoRepresentation> executions = authMgmtResource.getExecutions("Copy of browser");
    AuthenticationExecutionInfoRepresentation last = executions.get(executions.size() - 1);
    AuthenticationExecutionInfoRepresentation oneButLast = executions.get(executions.size() - 2);
    // Not possible to raisePriority of not-existent flow
    try {
        authMgmtResource.raisePriority("not-existent");
        Assert.fail("Not expected to raise priority of not existent flow");
    } catch (NotFoundException nfe) {
    // Expected
    }
    // shift last execution up
    authMgmtResource.raisePriority(last.getId());
    assertAdminEvents.assertEvent(REALM_NAME, OperationType.UPDATE, AdminEventPaths.authRaiseExecutionPath(last.getId()), ResourceType.AUTH_EXECUTION);
    List<AuthenticationExecutionInfoRepresentation> executions2 = authMgmtResource.getExecutions("Copy of browser");
    AuthenticationExecutionInfoRepresentation last2 = executions2.get(executions.size() - 1);
    AuthenticationExecutionInfoRepresentation oneButLast2 = executions2.get(executions.size() - 2);
    Assert.assertEquals("Execution shifted up - N", last.getId(), oneButLast2.getId());
    Assert.assertEquals("Execution shifted up - N-1", oneButLast.getId(), last2.getId());
    // Not possible to lowerPriority of not-existent flow
    try {
        authMgmtResource.lowerPriority("not-existent");
        Assert.fail("Not expected to raise priority of not existent flow");
    } catch (NotFoundException nfe) {
    // Expected
    }
    // shift one before last down
    authMgmtResource.lowerPriority(oneButLast2.getId());
    assertAdminEvents.assertEvent(REALM_NAME, OperationType.UPDATE, AdminEventPaths.authLowerExecutionPath(oneButLast2.getId()), ResourceType.AUTH_EXECUTION);
    executions2 = authMgmtResource.getExecutions("Copy of browser");
    last2 = executions2.get(executions.size() - 1);
    oneButLast2 = executions2.get(executions.size() - 2);
    Assert.assertEquals("Execution shifted down - N", last.getId(), last2.getId());
    Assert.assertEquals("Execution shifted down - N-1", oneButLast.getId(), oneButLast2.getId());
}
Also used : Response(javax.ws.rs.core.Response) HashMap(java.util.HashMap) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) NotFoundException(javax.ws.rs.NotFoundException) Test(org.junit.Test)

Example 5 with AuthenticationExecutionInfoRepresentation

use of org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation in project keycloak by keycloak.

the class AbstractAuthenticationTest method addExecInfo.

void addExecInfo(List<AuthenticationExecutionInfoRepresentation> target, String displayName, String providerId, Boolean configurable, int level, int index, String requirement, Boolean authFlow, String[] choices) {
    AuthenticationExecutionInfoRepresentation exec = newExecInfo(displayName, providerId, configurable, level, index, requirement, authFlow, choices);
    target.add(exec);
}
Also used : AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)

Aggregations

AuthenticationExecutionInfoRepresentation (org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)33 Test (org.junit.Test)16 AuthenticationFlowRepresentation (org.keycloak.representations.idm.AuthenticationFlowRepresentation)10 HashMap (java.util.HashMap)9 Response (javax.ws.rs.core.Response)8 NotFoundException (javax.ws.rs.NotFoundException)5 Before (org.junit.Before)4 AuthenticatorConfigRepresentation (org.keycloak.representations.idm.AuthenticatorConfigRepresentation)4 LinkedList (java.util.LinkedList)3 BadRequestException (javax.ws.rs.BadRequestException)3 ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)3 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)3 URI (java.net.URI)2 List (java.util.List)2 RealmResource (org.keycloak.admin.client.resource.RealmResource)2 AuthenticationExecutionModel (org.keycloak.models.AuthenticationExecutionModel)2 AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)2 AuthenticationExecutionRepresentation (org.keycloak.representations.idm.AuthenticationExecutionRepresentation)2 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)2 IOException (java.io.IOException)1