Examples with ClientScopeRepresentation org.keycloak.representations.idm.ClientScopeRepresentation used on opensource projects

Search in sources :

Example 31 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopeTest method rolesCanBeAddedToScopeEvenWhenTheyAreAlreadyIndirectlyAssigned.

/**
 * Test for KEYCLOAK-10603.
 */
@Test
public void rolesCanBeAddedToScopeEvenWhenTheyAreAlreadyIndirectlyAssigned() {
    RealmResource realm = testRealmResource();
    ClientScopeRepresentation clientScopeRep = new ClientScopeRepresentation();
    clientScopeRep.setName("my-scope");
    String clientScopeId = createClientScope(clientScopeRep);
    createRealmRole("realm-composite");
    createRealmRole("realm-child");
    realm.roles().get("realm-composite").addComposites(Collections.singletonList(realm.roles().get("realm-child").toRepresentation()));
    Response response = realm.clients().create(ClientBuilder.create().clientId("role-container-client").build());
    String roleContainerClientUuid = ApiUtil.getCreatedId(response);
    getCleanup().addClientUuid(roleContainerClientUuid);
    response.close();
    RoleRepresentation clientCompositeRole = RoleBuilder.create().name("client-composite").build();
    realm.clients().get(roleContainerClientUuid).roles().create(clientCompositeRole);
    realm.clients().get(roleContainerClientUuid).roles().create(RoleBuilder.create().name("client-child").build());
    realm.clients().get(roleContainerClientUuid).roles().get("client-composite").addComposites(Collections.singletonList(realm.clients().get(roleContainerClientUuid).roles().get("client-child").toRepresentation()));
    // Make indirect assignments: assign composite roles
    RoleMappingResource scopesResource = realm.clientScopes().get(clientScopeId).getScopeMappings();
    scopesResource.realmLevel().add(Collections.singletonList(realm.roles().get("realm-composite").toRepresentation()));
    scopesResource.clientLevel(roleContainerClientUuid).add(Collections.singletonList(realm.clients().get(roleContainerClientUuid).roles().get("client-composite").toRepresentation()));
    // check state before making the direct assignments
    assertNames(scopesResource.realmLevel().listAll(), "realm-composite");
    assertNames(scopesResource.realmLevel().listAvailable(), "realm-child", "offline_access", Constants.AUTHZ_UMA_AUTHORIZATION, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-test");
    assertNames(scopesResource.realmLevel().listEffective(), "realm-composite", "realm-child");
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listAll(), "client-composite");
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listAvailable(), "client-child");
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listEffective(), "client-composite", "client-child");
    // Make direct assignments for roles which are already indirectly assigned
    scopesResource.realmLevel().add(Collections.singletonList(realm.roles().get("realm-child").toRepresentation()));
    scopesResource.clientLevel(roleContainerClientUuid).add(Collections.singletonList(realm.clients().get(roleContainerClientUuid).roles().get("client-child").toRepresentation()));
    // List realm roles
    assertNames(scopesResource.realmLevel().listAll(), "realm-composite", "realm-child");
    assertNames(scopesResource.realmLevel().listAvailable(), "offline_access", Constants.AUTHZ_UMA_AUTHORIZATION, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-test");
    assertNames(scopesResource.realmLevel().listEffective(), "realm-composite", "realm-child");
    // List client roles
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listAll(), "client-composite", "client-child");
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listAvailable());
    assertNames(scopesResource.clientLevel(roleContainerClientUuid).listEffective(), "client-composite", "client-child");
}
Also used : Response(javax.ws.rs.core.Response) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource) Test(org.junit.Test)

Example 32 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopeTest method testRemoveScopedRole.

// KEYCLOAK-2809
@Test
public void testRemoveScopedRole() {
    // Add realm role
    RoleRepresentation roleRep = createRealmRole("foo-role");
    // Add client scope
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("bar-scope");
    String scopeId = createClientScope(scopeRep);
    // Add realm role to scopes of clientScope
    clientScopes().get(scopeId).getScopeMappings().realmLevel().add(Collections.singletonList(roleRep));
    assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientScopeRoleMappingsRealmLevelPath(scopeId), Collections.singletonList(roleRep), ResourceType.REALM_SCOPE_MAPPING);
    List<RoleRepresentation> roleReps = clientScopes().get(scopeId).getScopeMappings().realmLevel().listAll();
    Assert.assertEquals(1, roleReps.size());
    Assert.assertEquals("foo-role", roleReps.get(0).getName());
    // Remove realm role
    testRealmResource().roles().deleteRole("foo-role");
    assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.roleResourcePath("foo-role"), ResourceType.REALM_ROLE);
    // Get scope mappings
    roleReps = clientScopes().get(scopeId).getScopeMappings().realmLevel().listAll();
    Assert.assertEquals(0, roleReps.size());
    // Cleanup
    removeClientScope(scopeId);
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) Test(org.junit.Test)

Example 33 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopeTest method testCreateNonDynamicScopeWithFeatureEnabled.

@Test
@EnableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateNonDynamicScopeWithFeatureEnabled() {
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("non-dynamic-scope-def");
    scopeRep.setProtocol("openid-connect");
    scopeRep.setAttributes(new HashMap<String, String>() {

        {
            put(ClientScopeModel.IS_DYNAMIC_SCOPE, "false");
            put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "");
        }
    });
    String scopeDefId = createClientScope(scopeRep);
    getCleanup().addClientScopeId(scopeDefId);
    // Assert updated attributes
    scopeRep = clientScopes().get(scopeDefId).toRepresentation();
    assertEquals("non-dynamic-scope-def", scopeRep.getName());
    assertEquals("false", scopeRep.getAttributes().get(ClientScopeModel.IS_DYNAMIC_SCOPE));
    assertEquals("", scopeRep.getAttributes().get(ClientScopeModel.DYNAMIC_SCOPE_REGEXP));
}
Also used : ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) Test(org.junit.Test) EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature)

Example 34 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopeTest method testAddDuplicatedClientScope.

@Test
public void testAddDuplicatedClientScope() {
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("scope1");
    String scopeId = createClientScope(scopeRep);
    scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("scope1");
    Response response = clientScopes().create(scopeRep);
    assertEquals(409, response.getStatus());
    ErrorRepresentation error = response.readEntity(ErrorRepresentation.class);
    Assert.assertEquals("Client Scope scope1 already exists", error.getErrorMessage());
    // Cleanup
    removeClientScope(scopeId);
}
Also used : Response(javax.ws.rs.core.Response) ErrorRepresentation(org.keycloak.representations.idm.ErrorRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) Test(org.junit.Test)

Example 35 with ClientScopeRepresentation

use of org.keycloak.representations.idm.ClientScopeRepresentation in project keycloak by keycloak.

the class ClientScopeTest method testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue.

@Test
@DisableFeature(value = Profile.Feature.DYNAMIC_SCOPES, skipRestart = true)
public void testCreateDynamicScopeWithFeatureDisabledAndIsDynamicScopeTrue() {
    ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
    scopeRep.setName("non-dynamic-scope-def2");
    scopeRep.setProtocol("openid-connect");
    scopeRep.setAttributes(new HashMap<String, String>() {

        {
            put(ClientScopeModel.IS_DYNAMIC_SCOPE, "true");
            put(ClientScopeModel.DYNAMIC_SCOPE_REGEXP, "");
        }
    });
    handleExpectedCreateFailure(scopeRep, 400, "Unexpected value \"true\" for attribute is.dynamic.scope in ClientScope");
}
Also used : ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) DisableFeature(org.keycloak.testsuite.arquillian.annotation.DisableFeature) Test(org.junit.Test)

Aggregations

ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)75 Test (org.junit.Test)62 Response (javax.ws.rs.core.Response)27 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27 ClientResource (org.keycloak.admin.client.resource.ClientResource)25 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)16 RealmResource (org.keycloak.admin.client.resource.RealmResource)15 EnableFeature (org.keycloak.testsuite.arquillian.annotation.EnableFeature)13 ConsentRepresentation (org.keycloak.representations.account.ConsentRepresentation)11 ConsentScopeRepresentation (org.keycloak.representations.account.ConsentScopeRepresentation)11 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)11 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)11 TokenUtil (org.keycloak.testsuite.util.TokenUtil)11 HashMap (java.util.HashMap)10 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)10 OAuthClient (org.keycloak.testsuite.util.OAuthClient)10 List (java.util.List)8 ClientScopeResource (org.keycloak.admin.client.resource.ClientScopeResource)6 SimpleHttp (org.keycloak.broker.provider.util.SimpleHttp)6 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial