Example 6 with ClientScopeRepresentation
use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.
the class ClientScopeTest method updateClientWithDefaultScopeAssignedAsOptionalAndOpposite.
@Test
public void updateClientWithDefaultScopeAssignedAsOptionalAndOpposite() {
// create client
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId("bar-client");
clientRep.setProtocol("openid-connect");
String clientUuid = createClient(clientRep);
getCleanup().addClientUuid(clientUuid);
// Create 2 client scopes
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-def");
scopeRep.setProtocol("openid-connect");
String scopeDefId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeDefId);
scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-opt");
scopeRep.setProtocol("openid-connect");
String scopeOptId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeOptId);
// assign "scope-def" as optional client scope to client
testRealmResource().clients().get(clientUuid).addOptionalClientScope(scopeDefId);
// assign "scope-opt" as default client scope to client
testRealmResource().clients().get(clientUuid).addDefaultClientScope(scopeOptId);
// Add scope-def as default and scope-opt as optional client scope within the realm
testRealmResource().addDefaultDefaultClientScope(scopeDefId);
testRealmResource().addDefaultOptionalClientScope(scopeOptId);
// update client - check it passes (it used to throw ModelDuplicateException before)
clientRep.setDescription("new_description");
testRealmResource().clients().get(clientUuid).update(clientRep);
}
Also used :
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 7 with ClientScopeRepresentation
use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.
the class ClientScopeTest method testRemoveClientScopeInUse.
@Test
public void testRemoveClientScopeInUse() {
// Add client scope
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("foo-scope");
scopeRep.setProtocol("openid-connect");
String scopeId = createClientScope(scopeRep);
// Add client with the clientScope
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId("bar-client");
clientRep.setName("bar-client");
clientRep.setProtocol("openid-connect");
clientRep.setDefaultClientScopes(Collections.singletonList("foo-scope"));
String clientDbId = createClient(clientRep);
removeClientScope(scopeId);
removeClient(clientDbId);
}
Also used :
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 8 with ClientScopeRepresentation
use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.
the class ClientScopeTest method testRealmDefaultClientScopes.
@Test
public void testRealmDefaultClientScopes() {
// Create 2 client scopes
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-def");
scopeRep.setProtocol("openid-connect");
String scopeDefId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeDefId);
scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-opt");
scopeRep.setProtocol("openid-connect");
String scopeOptId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeOptId);
// Add scope-def as default and scope-opt as optional client scope
testRealmResource().addDefaultDefaultClientScope(scopeDefId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.defaultDefaultClientScopePath(scopeDefId), ResourceType.CLIENT_SCOPE);
testRealmResource().addDefaultOptionalClientScope(scopeOptId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.defaultOptionalClientScopePath(scopeOptId), ResourceType.CLIENT_SCOPE);
// Ensure defaults and optional scopes are here
List<String> realmDefaultScopes = getClientScopeNames(testRealmResource().getDefaultDefaultClientScopes());
List<String> realmOptionalScopes = getClientScopeNames(testRealmResource().getDefaultOptionalClientScopes());
assertTrue(realmDefaultScopes.contains("scope-def"));
Assert.assertFalse(realmOptionalScopes.contains("scope-def"));
Assert.assertFalse(realmDefaultScopes.contains("scope-opt"));
assertTrue(realmOptionalScopes.contains("scope-opt"));
// create client. Ensure that it has scope-def and scope-opt scopes assigned
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId("bar-client");
clientRep.setProtocol("openid-connect");
String clientUuid = createClient(clientRep);
getCleanup().addClientUuid(clientUuid);
List<String> clientDefaultScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getDefaultClientScopes());
List<String> clientOptionalScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getOptionalClientScopes());
assertTrue(clientDefaultScopes.contains("scope-def"));
Assert.assertFalse(clientOptionalScopes.contains("scope-def"));
Assert.assertFalse(clientDefaultScopes.contains("scope-opt"));
assertTrue(clientOptionalScopes.contains("scope-opt"));
// Unassign scope-def and scope-opt from realm
testRealmResource().removeDefaultDefaultClientScope(scopeDefId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.defaultDefaultClientScopePath(scopeDefId), ResourceType.CLIENT_SCOPE);
testRealmResource().removeDefaultOptionalClientScope(scopeOptId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.defaultOptionalClientScopePath(scopeOptId), ResourceType.CLIENT_SCOPE);
realmDefaultScopes = getClientScopeNames(testRealmResource().getDefaultDefaultClientScopes());
realmOptionalScopes = getClientScopeNames(testRealmResource().getDefaultOptionalClientScopes());
Assert.assertFalse(realmDefaultScopes.contains("scope-def"));
Assert.assertFalse(realmOptionalScopes.contains("scope-def"));
Assert.assertFalse(realmDefaultScopes.contains("scope-opt"));
Assert.assertFalse(realmOptionalScopes.contains("scope-opt"));
// Create another client. Check it doesn't have scope-def and scope-opt scopes assigned
clientRep = new ClientRepresentation();
clientRep.setClientId("bar-client-2");
clientRep.setProtocol("openid-connect");
clientUuid = createClient(clientRep);
getCleanup().addClientUuid(clientUuid);
clientDefaultScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getDefaultClientScopes());
clientOptionalScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getOptionalClientScopes());
Assert.assertFalse(clientDefaultScopes.contains("scope-def"));
Assert.assertFalse(clientOptionalScopes.contains("scope-def"));
Assert.assertFalse(clientDefaultScopes.contains("scope-opt"));
Assert.assertFalse(clientOptionalScopes.contains("scope-opt"));
}
Also used :
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 9 with ClientScopeRepresentation
use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.
the class ClientScopeTest method dynamicClientScopeCannotBeAssignedAsDefaultClientScope.
@Test
@EnableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void dynamicClientScopeCannotBeAssignedAsDefaultClientScope() {
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId("dyn-scope-client");
clientRep.setProtocol("openid-connect");
String clientUuid = createClient(clientRep);
getCleanup().addClientUuid(clientUuid);
ClientScopeRepresentation optionalClientScope = new ClientScopeRepresentation();
optionalClientScope.setName("optional-dynamic-client-scope");
optionalClientScope.setProtocol("openid-connect");
optionalClientScope.setAttributes(new HashMap<String, String>() {
{
put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "dynamic-scope-def:*");
}
});
String optionalClientScopeId = createClientScope(optionalClientScope);
getCleanup().addClientScopeId(optionalClientScopeId);
try {
ClientResource clientResource = testRealmResource().clients().get(clientUuid);
clientResource.addDefaultClientScope(optionalClientScopeId);
Assert.fail("A Dynamic Scope shouldn't not be assigned as a default scope to a client");
} catch (ClientErrorException ex) {
MatcherAssert.assertThat(ex.getResponse(), Matchers.statusCodeIs(Status.BAD_REQUEST));
}
}
Also used :
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
ClientErrorException(javax.ws.rs.ClientErrorException)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature)
Example 10 with ClientScopeRepresentation
use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.
the class ClientScopeTest method testCreateValidDynamicScope.
@Test
@EnableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateValidDynamicScope() {
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("dynamic-scope-def");
scopeRep.setProtocol("openid-connect");
scopeRep.setAttributes(new HashMap<String, String>() {
{
put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "dynamic-scope-def:*");
}
});
String scopeDefId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeDefId);
// Assert updated attributes
scopeRep = clientScopes().get(scopeDefId).toRepresentation();
assertEquals("dynamic-scope-def", scopeRep.getName());
assertEquals("true", scopeRep.getAttributes().get(ClientScopeModel.IS_DYNAMIC_SCOPE));
assertEquals("dynamic-scope-def:*", scopeRep.getAttributes().get(ClientScopeModel.DYNAMIC_SCOPE_REGEXP));
}
Also used :
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
Test(org.junit.Test)
EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature)
Aggregations
ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)75
Test (org.junit.Test)62
Response (javax.ws.rs.core.Response)27
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27
ClientResource (org.keycloak.admin.client.resource.ClientResource)25
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)16
RealmResource (org.keycloak.admin.client.resource.RealmResource)15
EnableFeature (org.keycloak.testsuite.arquillian.annotation.EnableFeature)13
ConsentRepresentation (org.keycloak.representations.account.ConsentRepresentation)11
ConsentScopeRepresentation (org.keycloak.representations.account.ConsentScopeRepresentation)11
ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)11
AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)11
TokenUtil (org.keycloak.testsuite.util.TokenUtil)11
HashMap (java.util.HashMap)10
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)10
OAuthClient (org.keycloak.testsuite.util.OAuthClient)10
List (java.util.List)8
ClientScopeResource (org.keycloak.admin.client.resource.ClientScopeResource)6
SimpleHttp (org.keycloak.broker.provider.util.SimpleHttp)6
AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)6
