Examples with GroupRepresentation org.keycloak.representations.idm.GroupRepresentation used on opensource projects

Example 61 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class UsersTest method createGroupWithPermissions.

private GroupRepresentation createGroupWithPermissions(String name) {
    GroupRepresentation grp = new GroupRepresentation();
    grp.setName(name);
    realm.groups().add(grp);
    Optional<GroupRepresentation> optional = realm.groups().groups().stream().filter(g -> g.getName().equals(name)).findFirst();
    assertThat(optional.isPresent(), is(true));
    grp = optional.get();
    String id = grp.getId();
    // enable the permissions
    realm.groups().group(id).setPermissions(new ManagementPermissionRepresentation(true));
    assertThat(realm.groups().group(id).getPermissions().isEnabled(), is(true));
    return grp;
}

Example 62 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class UserTest method createUserWithGroups.

@Test
public void createUserWithGroups() {
    String username = "user-with-groups";
    String groupToBeAdded = "test-group";
    createGroup(realm, GroupBuilder.create().name(groupToBeAdded).build());
    UserRepresentation build = UserBuilder.create().username(username).addGroups(groupToBeAdded).build();
    // when
    String userId = createUser(build);
    List<GroupRepresentation> obtainedGroups = realm.users().get(userId).groups();
    // then
    assertEquals(1, obtainedGroups.size());
    assertEquals(groupToBeAdded, obtainedGroups.get(0).getName());
}

Example 63 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class UserTest method testGetGroupsForUserFullRepresentation.

@Test
public void testGetGroupsForUserFullRepresentation() {
    RealmResource realm = adminClient.realms().realm("test");
    String userName = "averagejoe";
    String groupName = "groupWithAttribute";
    Map<String, List<String>> attributes = new HashMap<String, List<String>>();
    attributes.put("attribute1", Arrays.asList("attribute1", "attribute2"));
    UserRepresentation userRepresentation = UserBuilder.edit(createUserRepresentation(userName, "joe@average.com", "average", "joe", true)).addPassword("password").build();
    try (Creator<UserResource> u = Creator.create(realm, userRepresentation);
        Creator<GroupResource> g = Creator.create(realm, GroupBuilder.create().name(groupName).attributes(attributes).build())) {
        String groupId = g.id();
        UserResource user = u.resource();
        user.joinGroup(groupId);
        List<GroupRepresentation> userGroups = user.groups(0, 100, false);
        assertFalse(userGroups.isEmpty());
        assertTrue(userGroups.get(0).getAttributes().containsKey("attribute1"));
    }
}

Example 64 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testRoleMapperWithRoleInheritedFromMoreGroups.

// KEYCLOAK-8148 -- Test the scenario where:
// -- user is member of 2 groups
// -- both groups have same role "customer-user" assigned
// -- User login. Role will appear just once in the token (not twice)
@Test
public void testRoleMapperWithRoleInheritedFromMoreGroups() throws Exception {
    // Create client-mapper
    String clientId = "test-app";
    ProtocolMapperRepresentation clientMapper = ProtocolMapperUtil.createUserClientRoleMappingMapper(clientId, null, "Client roles mapper", "roles-custom.test-app", true, true);
    ProtocolMappersResource protocolMappers = ApiUtil.findClientResourceByClientId(adminClient.realm("test"), clientId).getProtocolMappers();
    protocolMappers.createMapper(Arrays.asList(clientMapper));
    // Add user 'level2GroupUser' to the group 'level2Group2'
    GroupRepresentation level2Group2 = adminClient.realm("test").getGroupByPath("/topGroup/level2group2");
    UserResource level2GroupUser = ApiUtil.findUserByUsernameId(adminClient.realm("test"), "level2GroupUser");
    level2GroupUser.joinGroup(level2Group2.getId());
    oauth.clientId(clientId);
    OAuthClient.AccessTokenResponse response = browserLogin("password", "level2GroupUser", "password");
    IDToken idToken = oauth.verifyIDToken(response.getIdToken());
    // Verify attribute is filled AND it is filled only once
    Map<String, Object> roleMappings = (Map<String, Object>) idToken.getOtherClaims().get("roles-custom");
    Assert.assertThat(roleMappings.keySet(), containsInAnyOrder(clientId));
    String testAppScopeMappings = (String) roleMappings.get(clientId);
    assertRolesString(testAppScopeMappings, // from assignment to level2group or level2group2. It is filled just once
    "customer-user");
    // Revert
    level2GroupUser.leaveGroup(level2Group2.getId());
    deleteMappers(protocolMappers);
}

Example 65 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class OIDCProtocolMappersTest method testGroupAttributeTwoGroupMultiValueNoAggregate.

@Test
public void testGroupAttributeTwoGroupMultiValueNoAggregate() throws Exception {
    // get the user
    UserResource userResource = findUserByUsernameId(adminClient.realm("test"), "test-user@localhost");
    // create two groups with two values (one is the same value)
    GroupRepresentation group1 = new GroupRepresentation();
    group1.setName("group1");
    group1.setAttributes(new HashMap<>());
    group1.getAttributes().put("group-value", Arrays.asList("value1", "value2"));
    adminClient.realm("test").groups().add(group1);
    group1 = adminClient.realm("test").getGroupByPath("/group1");
    userResource.joinGroup(group1.getId());
    GroupRepresentation group2 = new GroupRepresentation();
    group2.setName("group2");
    group2.setAttributes(new HashMap<>());
    group2.getAttributes().put("group-value", Arrays.asList("value2", "value3"));
    adminClient.realm("test").groups().add(group2);
    group2 = adminClient.realm("test").getGroupByPath("/group2");
    userResource.joinGroup(group2.getId());
    // create the attribute mapper
    ProtocolMappersResource protocolMappers = findClientResourceByClientId(adminClient.realm("test"), "test-app").getProtocolMappers();
    protocolMappers.createMapper(createClaimMapper("group-value", "group-value", "group-value", "String", true, true, true, false)).close();
    try {
        // test it
        OAuthClient.AccessTokenResponse response = browserLogin("password", "test-user@localhost", "password");
        IDToken idToken = oauth.verifyIDToken(response.getIdToken());
        assertNotNull(idToken.getOtherClaims());
        assertNotNull(idToken.getOtherClaims().get("group-value"));
        assertTrue(idToken.getOtherClaims().get("group-value") instanceof List);
        assertEquals(2, ((List) idToken.getOtherClaims().get("group-value")).size());
        assertTrue((((List) idToken.getOtherClaims().get("group-value")).contains("value1") && ((List) idToken.getOtherClaims().get("group-value")).contains("value2")) || (((List) idToken.getOtherClaims().get("group-value")).contains("value2") && ((List) idToken.getOtherClaims().get("group-value")).contains("value3")));
    } finally {
        // revert
        userResource.leaveGroup(group1.getId());
        adminClient.realm("test").groups().group(group1.getId()).remove();
        userResource.leaveGroup(group2.getId());
        adminClient.realm("test").groups().group(group2.getId()).remove();
        deleteMappers(protocolMappers);
    }
}