use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class X509BrowserCRLTest method loginFailedWithIntermediateRevocationListFromHttp.
@Test
public void loginFailedWithIntermediateRevocationListFromHttp() {
X509AuthenticatorConfigModel config = new X509AuthenticatorConfigModel().setCRLEnabled(true).setCRLRelativePath(CRLRule.CRL_RESPONDER_ORIGIN + "/" + INTERMEDIATE_CA_CRL_PATH).setConfirmationPageAllowed(true).setMappingSourceType(SUBJECTDN_EMAIL).setUserIdentityMapperType(USERNAME_EMAIL);
AuthenticatorConfigRepresentation cfg = newConfig("x509-browser-config", config.getConfig());
String cfgId = createConfig(browserExecution.getId(), cfg);
Assert.assertNotNull(cfgId);
assertLoginFailedDueRevokedCertificate();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class CustomAuthFlowOTPTest method setConditionalOTPForm.
private void setConditionalOTPForm(Map<String, String> config) {
List<AuthenticationFlowRepresentation> authFlows = getAuthMgmtResource().getFlows();
for (AuthenticationFlowRepresentation flow : authFlows) {
if ("ConditionalOTPFlow".equals(flow.getAlias())) {
// update realm browser flow
RealmRepresentation realm = testRealmResource().toRepresentation();
realm.setBrowserFlow(DefaultAuthenticationFlows.BROWSER_FLOW);
testRealmResource().update(realm);
getAuthMgmtResource().deleteFlow(flow.getId());
break;
}
}
String flowAlias = "ConditionalOTPFlow";
String provider = "auth-conditional-otp-form";
// create flow
AuthenticationFlowRepresentation flow = new AuthenticationFlowRepresentation();
flow.setAlias(flowAlias);
flow.setDescription("");
flow.setProviderId("basic-flow");
flow.setTopLevel(true);
flow.setBuiltIn(false);
Response response = getAuthMgmtResource().createFlow(flow);
assertEquals(flowAlias + " create success", 201, response.getStatus());
response.close();
// add execution - username-password form
Map<String, String> data = new HashMap<>();
data.put("provider", "auth-username-password-form");
getAuthMgmtResource().addExecution(flowAlias, data);
// set username-password requirement to required
updateRequirement(flowAlias, "auth-username-password-form", Requirement.REQUIRED);
// add execution - conditional OTP
data.clear();
data.put("provider", provider);
getAuthMgmtResource().addExecution(flowAlias, data);
// set Conditional OTP requirement to required
updateRequirement(flowAlias, provider, Requirement.REQUIRED);
// update realm browser flow
RealmRepresentation realm = testRealmResource().toRepresentation();
realm.setBrowserFlow(flowAlias);
testRealmResource().update(realm);
// get executionId
String executionId = getExecution(flowAlias, provider).getId();
// prepare auth config
AuthenticatorConfigRepresentation authConfig = new AuthenticatorConfigRepresentation();
authConfig.setAlias("Config alias");
authConfig.setConfig(config);
// add auth config to the execution
response = getAuthMgmtResource().newExecutionConfig(executionId, authConfig);
assertEquals("new execution success", 201, response.getStatus());
getCleanup().addAuthenticationConfigId(ApiUtil.getCreatedId(response));
response.close();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class PermissionsTest method flows.
@Test
public void flows() throws Exception {
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getFormProviders();
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getAuthenticatorProviders();
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getClientAuthenticatorProviders();
}
}, Resource.REALM, false, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getFormActionProviders();
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getFlows();
}
}, Resource.REALM, false, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.flows().createFlow(new AuthenticationFlowRepresentation()));
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getFlow("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().deleteFlow("nosuch");
}
}, Resource.REALM, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.flows().copy("nosuch", Collections.<String, String>emptyMap()));
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().addExecutionFlow("nosuch", Collections.<String, String>emptyMap());
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().addExecution("nosuch", Collections.<String, String>emptyMap());
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getExecutions("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().updateExecutions("nosuch", new AuthenticationExecutionInfoRepresentation());
}
}, Resource.REALM, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
AuthenticationExecutionRepresentation rep = new AuthenticationExecutionRepresentation();
rep.setAuthenticator("auth-cookie");
rep.setRequirement("CONDITIONAL");
response.set(realm.flows().addExecution(rep));
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().raisePriority("nosuch");
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().lowerPriority("nosuch");
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().removeExecution("nosuch");
}
}, Resource.REALM, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.flows().newExecutionConfig("nosuch", new AuthenticatorConfigRepresentation()));
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getAuthenticatorConfig("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getUnregisteredRequiredActions();
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().registerRequiredAction(new RequiredActionProviderSimpleRepresentation());
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getRequiredActions();
}
}, Resource.REALM, false, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getRequiredAction("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().removeRequiredAction("nosuch");
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().updateRequiredAction("nosuch", new RequiredActionProviderRepresentation());
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getAuthenticatorConfigDescription("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getPerClientConfigDescription();
}
}, Resource.REALM, false, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().getAuthenticatorConfig("nosuch");
}
}, Resource.REALM, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().removeAuthenticatorConfig("nosuch");
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.flows().updateAuthenticatorConfig("nosuch", new AuthenticatorConfigRepresentation());
}
}, Resource.REALM, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
clients.get(AdminRoles.VIEW_REALM).realm(REALM_NAME).flows().getPerClientConfigDescription();
clients.get(AdminRoles.VIEW_REALM).realm(REALM_NAME).flows().getClientAuthenticatorProviders();
clients.get(AdminRoles.VIEW_REALM).realm(REALM_NAME).flows().getRequiredActions();
}
}, adminClient, true);
// Re-create realm
adminClient.realm(REALM_NAME).remove();
recreatePermissionRealm();
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class AuthenticatorConfigTest method testCreateConfig.
@Test
public void testCreateConfig() {
AuthenticatorConfigRepresentation cfg = newConfig("foo", IdpCreateUserIfUniqueAuthenticatorFactory.REQUIRE_PASSWORD_UPDATE_AFTER_REGISTRATION, "true");
// Attempt to create config for non-existent execution
Response response = authMgmtResource.newExecutionConfig("exec-id-doesnt-exists", cfg);
Assert.assertEquals(404, response.getStatus());
response.close();
// Create config success
String cfgId = createConfig(executionId, cfg);
// Assert found
AuthenticatorConfigRepresentation cfgRep = authMgmtResource.getAuthenticatorConfig(cfgId);
assertConfig(cfgRep, cfgId, "foo", IdpCreateUserIfUniqueAuthenticatorFactory.REQUIRE_PASSWORD_UPDATE_AFTER_REGISTRATION, "true");
// Cleanup
authMgmtResource.removeAuthenticatorConfig(cfgId);
assertAdminEvents.assertEvent(REALM_NAME, OperationType.DELETE, AdminEventPaths.authExecutionConfigPath(cfgId), ResourceType.AUTHENTICATOR_CONFIG);
}
use of org.keycloak.representations.idm.AuthenticatorConfigRepresentation in project keycloak by keycloak.
the class AuthenticatorConfigTest method testCreateConfigWithReservedChar.
@Test
public void testCreateConfigWithReservedChar() {
AuthenticatorConfigRepresentation cfg = newConfig("f!oo", IdpCreateUserIfUniqueAuthenticatorFactory.REQUIRE_PASSWORD_UPDATE_AFTER_REGISTRATION, "true");
Response resp = authMgmtResource.newExecutionConfig(executionId, cfg);
Assert.assertEquals(400, resp.getStatus());
}
Aggregations