Examples with ClientProfilesRepresentation org.keycloak.representations.idm.ClientProfilesRepresentation used on opensource projects

Search in sources :

Example 16 with ClientProfilesRepresentation

use of org.keycloak.representations.idm.ClientProfilesRepresentation in project keycloak by keycloak.

the class ClientPoliciesTest method testPoliciesFormView.

@Test
public void testPoliciesFormView() throws Exception {
    final String profileName = "mega-profile";
    final String policyName = "mega-policy";
    final String policyName2 = "mega-policy^2";
    final String policyDesc = "mega-desc";
    clientPoliciesPage.navigateTo();
    clientPoliciesPage.assertCurrent();
    clientPoliciesPage.policiesTable().clickCreatePolicy();
    createClientPolicyPage.assertCurrent();
    // create policy
    createClientPolicyPage.form().setPolicyName(policyName);
    createClientPolicyPage.form().setDescription(policyDesc);
    assertTrue(createClientPolicyPage.form().isEnabled());
    createClientPolicyPage.form().save();
    assertAlertSuccess();
    clientPolicyPage.setPolicyName(policyName);
    clientPolicyPage.assertCurrent();
    assertEquals(policyName, clientPolicyPage.form().getPolicyName());
    clientPolicyPage.conditionsTable().clickCreateCondition();
    // create condition
    createConditionPage.setPolicyName(policyName);
    createConditionPage.assertCurrent();
    createConditionPage.form().setConditionType(ClientAccessTypeConditionFactory.PROVIDER_ID);
    assertEquals(Stream.of(ClientAccessTypeConditionFactory.TYPE_CONFIDENTIAL).collect(Collectors.toSet()), conditionPage.form().getSelect2SelectedItems());
    createConditionPage.form().selectSelect2Item(ClientAccessTypeConditionFactory.TYPE_BEARERONLY);
    createConditionPage.form().save();
    assertAlertSuccess();
    // edit condition
    clientPolicyPage.assertCurrent();
    clientPolicyPage.conditionsTable().clickEditCondition(ClientAccessTypeConditionFactory.PROVIDER_ID);
    conditionPage.setUriParameters(policyName, 0);
    conditionPage.assertCurrent();
    assertEquals(Stream.of(ClientAccessTypeConditionFactory.TYPE_CONFIDENTIAL, ClientAccessTypeConditionFactory.TYPE_BEARERONLY).collect(Collectors.toSet()), conditionPage.form().getSelect2SelectedItems());
    createConditionPage.form().selectSelect2Item(ClientAccessTypeConditionFactory.TYPE_PUBLIC);
    createConditionPage.form().save();
    // create profile via REST
    ClientProfilesRepresentation profiles = new ClientProfilesBuilder().addProfile(new ClientProfileBuilder().createProfile(profileName, "desc").addExecutor(HolderOfKeyEnforcerExecutorFactory.PROVIDER_ID, createHolderOfKeyEnforceExecutorConfig(true)).toRepresentation()).toRepresentation();
    testRealmResource().clientPoliciesProfilesResource().updateProfiles(profiles);
    refreshPageAndWaitForLoad();
    // add profile to policy
    clientPolicyPage.profilesTable().addProfile(GLOBAL_PROFILE);
    clientPolicyPage.profilesTable().addProfile(profileName);
    assertEquals(Arrays.asList(GLOBAL_PROFILE, profileName), clientPolicyPage.profilesTable().getProfiles());
    // remove profile
    clientPolicyPage.profilesTable().clickDeleteProfile(GLOBAL_PROFILE);
    assertAlertSuccess();
    // assert JSON
    ClientPoliciesRepresentation expected = new ClientPoliciesBuilder().addPolicy(new ClientPolicyBuilder().createPolicy(policyName, policyDesc, true).addCondition(ClientAccessTypeConditionFactory.PROVIDER_ID, createClientAccessTypeConditionConfig(Arrays.asList(ClientAccessTypeConditionFactory.TYPE_CONFIDENTIAL, ClientAccessTypeConditionFactory.TYPE_BEARERONLY, ClientAccessTypeConditionFactory.TYPE_PUBLIC))).addProfile(profileName).toRepresentation()).toRepresentation();
    assertClientPolicy(expected);
    // remove condition
    clientPolicyPage.navigateTo();
    clientPolicyPage.conditionsTable().clickDeleteCondition(ClientAccessTypeConditionFactory.PROVIDER_ID);
    modalDialog.confirmDeletion();
    assertAlertSuccess();
    expected.getPolicies().get(0).getConditions().remove(0);
    assertClientPolicy(expected);
    assertFalse(clientPolicyPage.conditionsTable().isRowPresent(ClientAccessTypeConditionFactory.PROVIDER_ID));
    // edit policy
    clientPolicyPage.form().setPolicyName(policyName2);
    clientPolicyPage.form().setEnabled(false);
    clientPolicyPage.form().save();
    assertAlertSuccess();
    clientPoliciesPage.navigateTo();
    assertEquals(policyDesc, clientPoliciesPage.policiesTable().getDescription(policyName2));
    assertFalse(clientPoliciesPage.policiesTable().isEnabled(policyName2));
    // remove policy
    clientPoliciesPage.policiesTable().clickDeletePolicy(policyName2);
    modalDialog.confirmDeletion();
    assertAlertSuccess();
    assertClientPolicy(new ClientPoliciesRepresentation());
    assertFalse(clientPoliciesPage.policiesTable().isRowPresent(policyName2));
}
Also used : ClientProfileBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfileBuilder) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder) ClientPoliciesBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder) ClientPolicyBuilder(org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Test(org.junit.Test)

Example 17 with ClientProfilesRepresentation

use of org.keycloak.representations.idm.ClientProfilesRepresentation in project keycloak by keycloak.

the class ClientPoliciesTest method cleanup.

@After
public void cleanup() {
    testRealmResource().clientPoliciesPoliciesResource().updatePolicies(new ClientPoliciesRepresentation());
    testRealmResource().clientPoliciesProfilesResource().updateProfiles(new ClientProfilesRepresentation());
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) After(org.junit.After)

Example 18 with ClientProfilesRepresentation

use of org.keycloak.representations.idm.ClientProfilesRepresentation in project keycloak by keycloak.

the class ClientPoliciesTest method assertClientProfile.

private void assertClientProfile(ClientProfilesRepresentation expected, boolean includeGlobalProfiles) {
    ClientProfilesRepresentation actual = testRealmResource().clientPoliciesProfilesResource().getProfiles(includeGlobalProfiles);
    assertEquals(expected, actual);
}
Also used : ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation)

Example 19 with ClientProfilesRepresentation

use of org.keycloak.representations.idm.ClientProfilesRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedClientProfilesForUpdate.

/**
 * get validated and modified client profiles as representation.
 * it can be constructed by merging proposed client profiles with existing client profiles.
 * not return null.
 */
static ClientProfilesRepresentation getValidatedClientProfilesForUpdate(KeycloakSession session, RealmModel realm, ClientProfilesRepresentation proposedProfilesRep, List<ClientProfileRepresentation> globalClientProfiles) throws ClientPolicyException {
    if (realm == null) {
        throw new ClientPolicyException("realm not specified.");
    }
    // no profile contained (it is valid)
    List<ClientProfileRepresentation> proposedProfileRepList = proposedProfilesRep.getProfiles();
    if (proposedProfileRepList == null || proposedProfileRepList.isEmpty()) {
        proposedProfileRepList = new ArrayList<>();
        proposedProfilesRep.setProfiles(new ArrayList<>());
    }
    // Profile without name not allowed
    if (proposedProfileRepList.stream().anyMatch(clientProfile -> clientProfile.getName() == null || clientProfile.getName().isEmpty())) {
        throw new ClientPolicyException("client profile without its name not allowed.");
    }
    // duplicated profile name is not allowed.
    if (proposedProfileRepList.size() != proposedProfileRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed client profile name duplicated.");
    }
    // Conflict with any global profile is not allowed
    Set<String> globalProfileNames = globalClientProfiles.stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet());
    for (ClientProfileRepresentation clientProfile : proposedProfileRepList) {
        if (globalProfileNames.contains(clientProfile.getName())) {
            throw new ClientPolicyException("Proposed profile name duplicated as the name of some global profile");
        }
    }
    // Validate executor
    for (ClientProfileRepresentation proposedProfileRep : proposedProfilesRep.getProfiles()) {
        if (proposedProfileRep.getExecutors() != null) {
            for (ClientPolicyExecutorRepresentation executorRep : proposedProfileRep.getExecutors()) {
                if (!isValidExecutor(session, executorRep.getExecutorProviderId())) {
                    throw new ClientPolicyException("proposed client profile contains the executor, which does not have valid provider, or has invalid configuration.");
                }
            }
        }
    }
    // Make sure to not save built-in inside realm attribute
    proposedProfilesRep.setGlobalProfiles(null);
    return proposedProfilesRep;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation)

Example 20 with ClientProfilesRepresentation

use of org.keycloak.representations.idm.ClientProfilesRepresentation in project keycloak by keycloak.

the class ClientPoliciesUtil method getValidatedClientPoliciesForUpdate.

/**
 * get validated and modified client policies as representation.
 * it can be constructed by merging proposed client policies with existing client policies.
 * not return null.
 *
 * @param session
 * @param realm
 * @param proposedPoliciesRep
 */
static ClientPoliciesRepresentation getValidatedClientPoliciesForUpdate(KeycloakSession session, RealmModel realm, ClientPoliciesRepresentation proposedPoliciesRep, List<ClientProfileRepresentation> existingGlobalProfiles) throws ClientPolicyException {
    if (realm == null) {
        throw new ClientPolicyException("realm not specified.");
    }
    // no policy contained (it is valid)
    List<ClientPolicyRepresentation> proposedPolicyRepList = proposedPoliciesRep.getPolicies();
    if (proposedPolicyRepList == null || proposedPolicyRepList.isEmpty()) {
        proposedPolicyRepList = new ArrayList<>();
        proposedPoliciesRep.setPolicies(new ArrayList<>());
    }
    // Policy without name not allowed
    if (proposedPolicyRepList.stream().anyMatch(clientPolicy -> clientPolicy.getName() == null || clientPolicy.getName().isEmpty())) {
        throw new ClientPolicyException("proposed client policy name missing.");
    }
    // duplicated policy name is not allowed.
    if (proposedPolicyRepList.size() != proposedPolicyRepList.stream().map(i -> i.getName()).distinct().count()) {
        throw new ClientPolicyException("proposed client policy name duplicated.");
    }
    // construct updating policies from existing policies and proposed policies
    ClientPoliciesRepresentation updatingPoliciesRep = new ClientPoliciesRepresentation();
    updatingPoliciesRep.setPolicies(new ArrayList<>());
    List<ClientPolicyRepresentation> updatingPoliciesList = updatingPoliciesRep.getPolicies();
    for (ClientPolicyRepresentation proposedPolicyRep : proposedPoliciesRep.getPolicies()) {
        // newly proposed builtin policy not allowed because builtin policy cannot added/deleted/modified.
        Boolean enabled = (proposedPolicyRep.isEnabled() != null) ? proposedPolicyRep.isEnabled() : Boolean.FALSE;
        // basically, proposed policy totally overrides existing policy except for enabled field..
        ClientPolicyRepresentation policyRep = new ClientPolicyRepresentation();
        policyRep.setName(proposedPolicyRep.getName());
        policyRep.setDescription(proposedPolicyRep.getDescription());
        policyRep.setEnabled(enabled);
        policyRep.setConditions(new ArrayList<>());
        if (proposedPolicyRep.getConditions() != null) {
            for (ClientPolicyConditionRepresentation conditionRep : proposedPolicyRep.getConditions()) {
                if (!isValidCondition(session, conditionRep.getConditionProviderId())) {
                    throw new ClientPolicyException("the proposed client policy contains the condition with its invalid configuration.");
                }
                policyRep.getConditions().add(conditionRep);
            }
        }
        Set<String> existingProfileNames = existingGlobalProfiles.stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet());
        ClientProfilesRepresentation reps = getClientProfilesRepresentation(session, realm);
        policyRep.setProfiles(new ArrayList<>());
        if (reps.getProfiles() != null) {
            existingProfileNames.addAll(reps.getProfiles().stream().map(ClientProfileRepresentation::getName).collect(Collectors.toSet()));
        }
        if (proposedPolicyRep.getProfiles() != null) {
            for (String profileName : proposedPolicyRep.getProfiles()) {
                if (!existingProfileNames.contains(profileName)) {
                    logger.warnf("Client policy %s referred not existing profile %s");
                    throw new ClientPolicyException("referring not existing client profile not allowed.");
                }
            }
            proposedPolicyRep.getProfiles().stream().distinct().forEach(profileName -> policyRep.getProfiles().add(profileName));
        }
        updatingPoliciesList.add(policyRep);
    }
    return updatingPoliciesRep;
}
Also used : ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation) Profile(org.keycloak.common.Profile) Logger(org.jboss.logging.Logger) Constants(org.keycloak.models.Constants) ArrayList(java.util.ArrayList) ComponentModel(org.keycloak.component.ComponentModel) ClientPolicyConditionConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyConditionConfigurationRepresentation) JsonNode(com.fasterxml.jackson.databind.JsonNode) LinkedList(java.util.LinkedList) ClientPolicyConditionProvider(org.keycloak.services.clientpolicy.condition.ClientPolicyConditionProvider) ClientPolicyExecutorProvider(org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorProvider) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientPolicyExecutorConfigurationRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorConfigurationRepresentation) RealmModel(org.keycloak.models.RealmModel) Set(java.util.Set) KeycloakSession(org.keycloak.models.KeycloakSession) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) JsonConfigComponentModel(org.keycloak.component.JsonConfigComponentModel) ClientPolicyExecutorRepresentation(org.keycloak.representations.idm.ClientPolicyExecutorRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) JsonSerialization(org.keycloak.util.JsonSerialization) List(java.util.List) Collections(java.util.Collections) InputStream(java.io.InputStream) ClientPolicyRepresentation(org.keycloak.representations.idm.ClientPolicyRepresentation) ClientProfileRepresentation(org.keycloak.representations.idm.ClientProfileRepresentation) ClientPoliciesRepresentation(org.keycloak.representations.idm.ClientPoliciesRepresentation) ClientPolicyConditionRepresentation(org.keycloak.representations.idm.ClientPolicyConditionRepresentation) ClientProfilesRepresentation(org.keycloak.representations.idm.ClientProfilesRepresentation)

Aggregations

ClientProfilesRepresentation (org.keycloak.representations.idm.ClientProfilesRepresentation)20 ClientPoliciesRepresentation (org.keycloak.representations.idm.ClientPoliciesRepresentation)11 ClientProfileRepresentation (org.keycloak.representations.idm.ClientProfileRepresentation)9 Test (org.junit.Test)6 ClientPolicyRepresentation (org.keycloak.representations.idm.ClientPolicyRepresentation)6 JsonNode (com.fasterxml.jackson.databind.JsonNode)4 IOException (java.io.IOException)4 InputStream (java.io.InputStream)3 ArrayList (java.util.ArrayList)3 Collections (java.util.Collections)3 LinkedList (java.util.LinkedList)3 List (java.util.List)3 Set (java.util.Set)3 Collectors (java.util.stream.Collectors)3 Logger (org.jboss.logging.Logger)3 Profile (org.keycloak.common.Profile)3 ComponentModel (org.keycloak.component.ComponentModel)3 JsonConfigComponentModel (org.keycloak.component.JsonConfigComponentModel)3 Constants (org.keycloak.models.Constants)3 KeycloakSession (org.keycloak.models.KeycloakSession)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial