Examples with ClientScopeRepresentation org.keycloak.representations.idm.ClientScopeRepresentation used on opensource projects

Search in sources :

Example 21 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class PermissionsTest method clientScopes.

@Test
public void clientScopes() {
    invoke((RealmResource realm) -> {
        realm.clientScopes().findAll();
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm, AtomicReference<Response> response) -> {
        ClientScopeRepresentation scope = new ClientScopeRepresentation();
        scope.setName("scope");
        response.set(realm.clientScopes().create(scope));
    }, Resource.CLIENT, true);
    ClientScopeRepresentation scope = adminClient.realms().realm(REALM_NAME).clientScopes().findAll().get(0);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).toRepresentation();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).update(scope);
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).remove();
        realm.clientScopes().create(scope);
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMappers();
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMappersPerProtocol("nosuch");
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().getMapperById("nosuch");
    }, Resource.CLIENT, false, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().update("nosuch", new ProtocolMapperRepresentation());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm, AtomicReference<Response> response) -> {
        response.set(realm.clientScopes().get(scope.getId()).getProtocolMappers().createMapper(new ProtocolMapperRepresentation()));
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().createMapper(Collections.<ProtocolMapperRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getProtocolMappers().delete("nosuch");
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().getAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listAvailable();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().listEffective();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().add(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().realmLevel().remove(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    ClientRepresentation realmAccessClient = adminClient.realms().realm(REALM_NAME).clients().findByClientId(Constants.REALM_MANAGEMENT_CLIENT_ID).get(0);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listAll();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listAvailable();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).listEffective();
    }, Resource.CLIENT, false);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).add(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    invoke((RealmResource realm) -> {
        realm.clientScopes().get(scope.getId()).getScopeMappings().clientLevel(realmAccessClient.getId()).remove(Collections.<RoleRepresentation>emptyList());
    }, Resource.CLIENT, true);
    // this should throw forbidden as "query-users" role isn't enough
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            clients.get(AdminRoles.QUERY_USERS).realm(REALM_NAME).clientScopes().findAll();
        }
    }, clients.get(AdminRoles.QUERY_USERS), false);
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) AtomicReference(java.util.concurrent.atomic.AtomicReference) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 22 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopePolicyTest method testRemovePolicyWhenRemovingScope.

@Test
public void testRemovePolicyWhenRemovingScope() {
    createClientScopePolicy("Client Scope To Remove Policy", "to-remove-a", "to-remove-b");
    ClientScopesResource clientScopes = getRealm().clientScopes();
    ClientScopeRepresentation scopeRep = clientScopes.findAll().stream().filter(r -> r.getName().equals("to-remove-a")).findAny().get();
    getClient().removeDefaultClientScope(scopeRep.getId());
    getRealm().clientScopes().get(scopeRep.getId()).remove();
    ClientScopePolicyRepresentation policyRep = getClient().authorization().policies().clientScope().findByName("Client Scope To Remove Policy");
    final String id = scopeRep.getId();
    assertFalse(policyRep.getClientScopes().stream().anyMatch(def -> def.getId().equals(id)));
    scopeRep = clientScopes.findAll().stream().filter(r -> r.getName().equals("to-remove-b")).findAny().get();
    getClient().removeDefaultClientScope(scopeRep.getId());
    getRealm().clientScopes().get(scopeRep.getId()).remove();
    assertNull(getClient().authorization().policies().clientScope().findByName("Client Scope To Remove Policy"));
}
Also used : ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) AuthzClient(org.keycloak.authorization.client.AuthzClient) RealmBuilder(org.keycloak.testsuite.util.RealmBuilder) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) AuthorizationDeniedException(org.keycloak.authorization.client.AuthorizationDeniedException) UserBuilder(org.keycloak.testsuite.util.UserBuilder) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) Assert.fail(org.junit.Assert.fail) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) ClientResource(org.keycloak.admin.client.resource.ClientResource) Before(org.junit.Before) ClientScopesResource(org.keycloak.admin.client.resource.ClientScopesResource) Assert.assertNotNull(org.junit.Assert.assertNotNull) RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) Test(org.junit.Test) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Assert.assertFalse(org.junit.Assert.assertFalse) ClientBuilder(org.keycloak.testsuite.util.ClientBuilder) ClientScopeBuilder(org.keycloak.testsuite.util.ClientScopeBuilder) ClientScopePolicyRepresentation(org.keycloak.representations.idm.authorization.ClientScopePolicyRepresentation) ClientScopePolicyRepresentation(org.keycloak.representations.idm.authorization.ClientScopePolicyRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) ClientScopesResource(org.keycloak.admin.client.resource.ClientScopesResource) Test(org.junit.Test)

Example 23 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class LoginTest method loginSuccessfulWithDynamicScope.

@Test
@EnableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void loginSuccessfulWithDynamicScope() {
    ProfileAssume.assumeFeatureEnabled(DYNAMIC_SCOPES);
    ClientScopeRepresentation clientScope = new ClientScopeRepresentation();
    clientScope.setName("dynamic");
    clientScope.setAttributes(new HashMap<String, String>() {

        {
            put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
            put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "dynamic:*");
        }
    });
    clientScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    Response response = testRealm().clientScopes().create(clientScope);
    String scopeId = ApiUtil.getCreatedId(response);
    getCleanup().addClientScopeId(scopeId);
    response.close();
    ClientResource testApp = ApiUtil.findClientByClientId(testRealm(), "test-app");
    ClientRepresentation testAppRep = testApp.toRepresentation();
    testApp.update(testAppRep);
    testApp.addOptionalClientScope(scopeId);
    oauth.scope("dynamic:scope");
    oauth.doLogin("login@test.com", "password");
    events.expectLogin().user(userId).assertEvent();
}
Also used : Response(javax.ws.rs.core.Response) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) Matchers.containsString(org.hamcrest.Matchers.containsString) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest) EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature)

Example 24 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientResource method toRepresentation.

private static ClientScopeRepresentation toRepresentation(ClientScopeModel clientScopeModel) {
    ClientScopeRepresentation rep = new ClientScopeRepresentation();
    rep.setId(clientScopeModel.getId());
    rep.setName(clientScopeModel.getName());
    return rep;
}
Also used : ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)

Example 25 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class AccountRestServiceTest method updateConsentForClient.

@Test
public void updateConsentForClient() throws IOException {
    TokenUtil token = new TokenUtil("manage-consent-access", "password");
    String appId = "security-admin-console";
    ClientScopeRepresentation clientScopeRepresentation = testRealm().clientScopes().findAll().get(0);
    ConsentScopeRepresentation consentScopeRepresentation = new ConsentScopeRepresentation();
    consentScopeRepresentation.setId(clientScopeRepresentation.getId());
    ConsentRepresentation requestedConsent = new ConsentRepresentation();
    requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
    ConsentRepresentation consentRepresentation = SimpleHttp.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient).header("Accept", "application/json").json(requestedConsent).auth(token.getToken()).asJson(ConsentRepresentation.class);
    assertTrue(consentRepresentation.getCreatedDate() > 0);
    assertTrue(consentRepresentation.getLastUpdatedDate() > 0);
    assertEquals(1, consentRepresentation.getGrantedScopes().size());
    assertEquals(consentScopeRepresentation.getId(), consentRepresentation.getGrantedScopes().get(0).getId());
    clientScopeRepresentation = testRealm().clientScopes().findAll().get(1);
    consentScopeRepresentation = new ConsentScopeRepresentation();
    consentScopeRepresentation.setId(clientScopeRepresentation.getId());
    requestedConsent = new ConsentRepresentation();
    requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
    ConsentRepresentation consentRepresentation2 = SimpleHttp.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient).header("Accept", "application/json").json(requestedConsent).auth(token.getToken()).asJson(ConsentRepresentation.class);
    assertTrue(consentRepresentation2.getCreatedDate() > 0);
    assertEquals(consentRepresentation.getCreatedDate(), consentRepresentation2.getCreatedDate());
    assertTrue(consentRepresentation2.getLastUpdatedDate() > 0);
    assertTrue(consentRepresentation2.getLastUpdatedDate() > consentRepresentation.getLastUpdatedDate());
    assertEquals(1, consentRepresentation2.getGrantedScopes().size());
    assertEquals(consentScopeRepresentation.getId(), consentRepresentation2.getGrantedScopes().get(0).getId());
}
Also used : ConsentRepresentation(org.keycloak.representations.account.ConsentRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) ConsentScopeRepresentation(org.keycloak.representations.account.ConsentScopeRepresentation) TokenUtil(org.keycloak.testsuite.util.TokenUtil) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Aggregations

ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)75 Test (org.junit.Test)62 Response (javax.ws.rs.core.Response)27 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27 ClientResource (org.keycloak.admin.client.resource.ClientResource)25 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)16 RealmResource (org.keycloak.admin.client.resource.RealmResource)15 EnableFeature (org.keycloak.testsuite.arquillian.annotation.EnableFeature)13 ConsentRepresentation (org.keycloak.representations.account.ConsentRepresentation)11 ConsentScopeRepresentation (org.keycloak.representations.account.ConsentScopeRepresentation)11 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)11 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)11 TokenUtil (org.keycloak.testsuite.util.TokenUtil)11 HashMap (java.util.HashMap)10 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)10 OAuthClient (org.keycloak.testsuite.util.OAuthClient)10 List (java.util.List)8 ClientScopeResource (org.keycloak.admin.client.resource.ClientScopeResource)6 SimpleHttp (org.keycloak.broker.provider.util.SimpleHttp)6 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial