Examples with ClientPolicyRepresentation org.keycloak.representations.idm.ClientPolicyRepresentation used on opensource projects

Search in sources :

Example 6 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPoliciesLoadUpdateTest method testDuplicatedPolicies.

@Test
public void testDuplicatedPolicies() throws Exception {
    String beforeUpdatePoliciesJson = ClientPoliciesUtil.convertClientPoliciesRepresentationToJson(getPolicies());
    // load policies
    ClientPolicyRepresentation duplicatedPoliciesRep = (new ClientPolicyBuilder()).createPolicy("builtin-duplicated-new-policy", "builtin duplicated new policy is ignored.", Boolean.TRUE).addCondition(ClientRolesConditionFactory.PROVIDER_ID, createClientRolesConditionConfig(Arrays.asList(SAMPLE_CLIENT_ROLE))).addProfile(FAPI1_BASELINE_PROFILE_NAME).toRepresentation();
    ClientPolicyRepresentation loadedPolicyRep = (new ClientPolicyBuilder()).createPolicy("new-policy", "duplicated profiles are ignored.", Boolean.TRUE).addCondition(ClientAccessTypeConditionFactory.PROVIDER_ID, createClientAccessTypeConditionConfig(Arrays.asList(ClientAccessTypeConditionFactory.TYPE_PUBLIC, ClientAccessTypeConditionFactory.TYPE_BEARERONLY))).addProfile("lack-of-builtin-field-test-profile").addProfile("ordinal-test-profile").toRepresentation();
    String json = (new ClientPoliciesBuilder()).addPolicy(duplicatedPoliciesRep).addPolicy(loadedPolicyRep).addPolicy(duplicatedPoliciesRep).toString();
    try {
        updatePolicies(json);
    } catch (ClientPolicyException cpe) {
        assertEquals("Bad Request", cpe.getErrorDetail());
        String afterFailedUpdatePoliciesJson = ClientPoliciesUtil.convertClientPoliciesRepresentationToJson(getPolicies());
        assertEquals(beforeUpdatePoliciesJson, afterFailedUpdatePoliciesJson);
        return;
    }
    fail();
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPoliciesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder) ClientPolicyBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException) Test(org.junit.Test)

Example 7 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPoliciesLoadUpdateTest method testUpdateValidProfilesAndPolicies.

@Test
public void testUpdateValidProfilesAndPolicies() throws Exception {
    setupValidProfilesAndPolicies();
    assertExpectedLoadedProfiles((ClientProfilesRepresentation reps) -> {
        ClientProfileRepresentation rep = getProfileRepresentation(reps, "ordinal-test-profile", false);
        assertExpectedProfile(rep, "ordinal-test-profile", "The profile that can be loaded.");
    });
    assertExpectedLoadedPolicies((ClientPoliciesRepresentation reps) -> {
        ClientPolicyRepresentation rep = getPolicyRepresentation(reps, "new-policy");
        assertExpectedPolicy("new-policy", "duplicated profiles are ignored.", true, Arrays.asList("ordinal-test-profile", "lack-of-builtin-field-test-profile"), rep);
    });
    // update existing profiles
    String modifiedProfileDescription = "The profile has been updated.";
    ClientProfilesRepresentation actualProfilesRep = getProfilesWithoutGlobals();
    ClientProfilesBuilder profilesBuilder = new ClientProfilesBuilder();
    actualProfilesRep.getProfiles().stream().forEach(i -> {
        if (i.getName().equals("ordinal-test-profile")) {
            i.setDescription(modifiedProfileDescription);
        }
        profilesBuilder.addProfile(i);
    });
    updateProfiles(profilesBuilder.toString());
    assertExpectedLoadedProfiles((ClientProfilesRepresentation reps) -> {
        ClientProfileRepresentation rep = getProfileRepresentation(reps, "ordinal-test-profile", false);
        assertExpectedProfile(rep, "ordinal-test-profile", modifiedProfileDescription);
    });
    // update existing policies
    String modifiedPolicyDescription = "The policy has also been updated.";
    ClientPoliciesRepresentation actualPoliciesRep = getPolicies();
    ClientPoliciesBuilder policiesBuilder = new ClientPoliciesBuilder();
    actualPoliciesRep.getPolicies().stream().forEach(i -> {
        if (i.getName().equals("new-policy")) {
            i.setDescription(modifiedPolicyDescription);
            i.setEnabled(null);
        }
        policiesBuilder.addPolicy(i);
    });
    updatePolicies(policiesBuilder.toString());
    assertExpectedLoadedPolicies((ClientPoliciesRepresentation reps) -> {
        ClientPolicyRepresentation rep = getPolicyRepresentation(reps, "new-policy");
        assertExpectedPolicy("new-policy", modifiedPolicyDescription, false, Arrays.asList("ordinal-test-profile", "lack-of-builtin-field-test-profile"), rep);
    });
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder) ClientPoliciesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Test(org.junit.Test)

Example 8 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.ClientPolicyRepresentation in project keycloak by keycloak.

the class AbstractClientPoliciesTest method setupValidProfilesAndPolicies.

protected void setupValidProfilesAndPolicies() throws Exception {
    // load profiles
    ClientProfileRepresentation loadedProfileRep = (new ClientProfileBuilder()).createProfile("ordinal-test-profile", "The profile that can be loaded.").addExecutor(SecureClientAuthenticatorExecutorFactory.PROVIDER_ID, createSecureClientAuthenticatorExecutorConfig(Arrays.asList(JWTClientAuthenticator.PROVIDER_ID), JWTClientAuthenticator.PROVIDER_ID)).toRepresentation();
    ClientProfileRepresentation loadedProfileRepWithoutBuiltinField = (new ClientProfileBuilder()).createProfile("lack-of-builtin-field-test-profile", "Without builtin field that is treated as builtin=false.").addExecutor(SecureClientAuthenticatorExecutorFactory.PROVIDER_ID, createSecureClientAuthenticatorExecutorConfig(Arrays.asList(JWTClientAuthenticator.PROVIDER_ID), JWTClientAuthenticator.PROVIDER_ID)).addExecutor(HolderOfKeyEnforcerExecutorFactory.PROVIDER_ID, createHolderOfKeyEnforceExecutorConfig(Boolean.TRUE)).addExecutor(SecureClientUrisExecutorFactory.PROVIDER_ID, null).addExecutor(SecureRequestObjectExecutorFactory.PROVIDER_ID, null).addExecutor(SecureResponseTypeExecutorFactory.PROVIDER_ID, null).addExecutor(SecureSessionEnforceExecutorFactory.PROVIDER_ID, null).addExecutor(SecureSigningAlgorithmExecutorFactory.PROVIDER_ID, null).addExecutor(SecureSigningAlgorithmForSignedJwtExecutorFactory.PROVIDER_ID, null).toRepresentation();
    String json = (new ClientProfilesBuilder()).addProfile(loadedProfileRep).addProfile(loadedProfileRepWithoutBuiltinField).toString();
    updateProfiles(json);
    // load policies
    ClientPolicyRepresentation loadedPolicyRepNotExistAndDuplicatedProfile = (new ClientPolicyBuilder()).createPolicy("new-policy", "duplicated profiles are ignored.", Boolean.TRUE).addCondition(ClientAccessTypeConditionFactory.PROVIDER_ID, createClientAccessTypeConditionConfig(Arrays.asList(ClientAccessTypeConditionFactory.TYPE_PUBLIC, ClientAccessTypeConditionFactory.TYPE_BEARERONLY))).addCondition(ClientRolesConditionFactory.PROVIDER_ID, createClientRolesConditionConfig(Arrays.asList(SAMPLE_CLIENT_ROLE))).addCondition(ClientScopesConditionFactory.PROVIDER_ID, createClientScopesConditionConfig(ClientScopesConditionFactory.OPTIONAL, Arrays.asList(SAMPLE_CLIENT_ROLE))).addProfile("ordinal-test-profile").addProfile("lack-of-builtin-field-test-profile").addProfile("ordinal-test-profile").toRepresentation();
    ClientPolicyRepresentation loadedPolicyRepWithoutBuiltinField = (new ClientPolicyBuilder()).createPolicy("lack-of-builtin-field-test-policy", "Without builtin field that is treated as builtin=false.", null).addCondition(ClientUpdaterContextConditionFactory.PROVIDER_ID, createClientUpdateContextConditionConfig(Arrays.asList(ClientUpdaterContextConditionFactory.BY_AUTHENTICATED_USER))).addCondition(ClientUpdaterSourceGroupsConditionFactory.PROVIDER_ID, createClientUpdateSourceGroupsConditionConfig(Arrays.asList("topGroup"))).addCondition(ClientUpdaterSourceHostsConditionFactory.PROVIDER_ID, createClientUpdateSourceHostsConditionConfig(Arrays.asList("localhost", "127.0.0.1"))).addCondition(ClientUpdaterSourceRolesConditionFactory.PROVIDER_ID, createClientUpdateSourceRolesConditionConfig(Arrays.asList(AdminRoles.CREATE_CLIENT))).addProfile("lack-of-builtin-field-test-profile").toRepresentation();
    json = (new ClientPoliciesBuilder()).addPolicy(loadedPolicyRepNotExistAndDuplicatedProfile).addPolicy(loadedPolicyRepWithoutBuiltinField).toString();
    updatePolicies(json);
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientProfileBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfileBuilder) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientProfilesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder) ClientPoliciesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder) ClientPolicyBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder)

Example 9 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.ClientPolicyRepresentation in project keycloak by keycloak.

the class AbstractClientPoliciesTest method updatePolicy.

protected void updatePolicy(ClientPolicyRepresentation policyRep) throws ClientPolicyException {
    if (policyRep == null || policyRep.getName() == null)
        return;
    String policyName = policyRep.getName();
    ClientPoliciesRepresentation reps = getPolicies();
    if (reps.getPolicies().stream().anyMatch(i -> policyName.equals(i.getName()))) {
        ClientPolicyRepresentation rep = reps.getPolicies().stream().filter(i -> policyName.equals(i.getName())).collect(Collectors.toList()).get(0);
        reps.getPolicies().remove(rep);
        reps.getPolicies().add(policyRep);
        updatePolicies(convertToPoliciesJson(reps));
    } else {
        return;
    }
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation)

Example 10 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getEnabledClientPolicies.

/**
 * Gets existing enabled client policies in a realm.
 * not return null.
 */
static List<ClientPolicy> getEnabledClientPolicies(KeycloakSession session, RealmModel realm) {
    // get existing profiles as json
    String policiesJson = getClientPoliciesJsonString(realm);
    if (policiesJson == null) {
        return Collections.emptyList();
    }
    // deserialize existing policies (json -> representation)
    ClientPoliciesRepresentation policiesRep = null;
    try {
        policiesRep = convertClientPoliciesJsonToRepresentation(policiesJson);
    } catch (ClientPolicyException e) {
        logger.warnv("Failed to serialize client policies json string. err={0}, errDetail={1}", e.getError(), e.getErrorDetail());
        return Collections.emptyList();
    }
    if (policiesRep == null || policiesRep.getPolicies() == null) {
        return Collections.emptyList();
    }
    // constructing existing policies (representation -> model)
    List<ClientPolicy> policyList = new ArrayList<>();
    for (ClientPolicyRepresentation policyRep : policiesRep.getPolicies()) {
        // ignore policy without name
        if (policyRep.getName() == null) {
            logger.warnf("Ignored client policy without name in the realm %s", realm.getName());
            continue;
        }
        // pick up only enabled policy
        if (policyRep.isEnabled() == null || policyRep.isEnabled() == false) {
            continue;
        }
        ClientPolicy policyModel = new ClientPolicy();
        policyModel.setName(policyRep.getName());
        policyModel.setDescription(policyRep.getDescription());
        policyModel.setEnable(true);
        List<ClientPolicyConditionProvider> conditions = new ArrayList<>();
        if (policyRep.getConditions() != null) {
            for (ClientPolicyConditionRepresentation conditionRep : policyRep.getConditions()) {
                ClientPolicyConditionProvider provider = getConditionProvider(session, realm, conditionRep.getConditionProviderId(), conditionRep.getConfiguration());
                conditions.add(provider);
            }
        }
        policyModel.setConditions(conditions);
        if (policyRep.getProfiles() != null) {
            policyModel.setProfiles(policyRep.getProfiles().stream().collect(Collectors.toList()));
        }
        policyList.add(policyModel);
    }
    return policyList;
}
Also used : ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ArrayList(java.util.ArrayList) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation)

Aggregations

ClientPolicyRepresentation (org.keycloak.representations.idm.ClientPolicyRepresentation)11 ClientPoliciesRepresentation (org.keycloak.representations.idm.ClientPoliciesRepresentation)9 ClientProfileRepresentation (org.keycloak.representations.idm.ClientProfileRepresentation)5 Test (org.junit.Test)4 ClientProfilesRepresentation (org.keycloak.representations.idm.ClientProfilesRepresentation)4 ClientPolicyConditionRepresentation (org.keycloak.representations.idm.ClientPolicyConditionRepresentation)3 ClientPoliciesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder)3 InputStream (java.io.InputStream)2 ArrayList (java.util.ArrayList)2 ClientPolicyConditionConfigurationRepresentation (org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation)2 ClientPolicyConditionProvider (org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider)2 ClientPolicyBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder)2 ClientProfilesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 IOException (java.io.IOException)1 Collections (java.util.Collections)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1 Set (java.util.Set)1 Collectors (java.util.stream.Collectors)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial