Example 31 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupNamePolicyTest method addTestRealms.
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
ProtocolMapperRepresentation groupProtocolMapper = new ProtocolMapperRepresentation();
groupProtocolMapper.setName("groups");
groupProtocolMapper.setProtocolMapper(GroupMembershipMapper.PROVIDER_ID);
groupProtocolMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
Map<String, String> config = new HashMap<>();
config.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "groups");
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
groupProtocolMapper.setConfig(config);
testRealms.add(RealmBuilder.create().name("authz-test").roles(RolesBuilder.create().realmRole(RoleBuilder.create().name("uma_authorization").build())).group(GroupBuilder.create().name("Group A").subGroups(Arrays.asList("Group B", "Group D").stream().map(name -> {
if ("Group B".equals(name)) {
return GroupBuilder.create().name(name).subGroups(Arrays.asList("Group C", "Group E").stream().map(new Function<String, GroupRepresentation>() {
@Override
public GroupRepresentation apply(String name) {
return GroupBuilder.create().name(name).build();
}
}).collect(Collectors.toList())).build();
}
return GroupBuilder.create().name(name).build();
}).collect(Collectors.toList())).build()).group(GroupBuilder.create().name("Group E").build()).user(UserBuilder.create().username("marta").password("password").addRoles("uma_authorization").addGroups("Group A")).user(UserBuilder.create().username("alice").password("password").addRoles("uma_authorization")).user(UserBuilder.create().username("kolo").password("password").addRoles("uma_authorization")).client(ClientBuilder.create().clientId("resource-server-test").secret("secret").authorizationServicesEnabled(true).redirectUris("http://localhost/resource-server-test").defaultRoles("uma_protection").directAccessGrants().protocolMapper(groupProtocolMapper).serviceAccountsEnabled(true)).build());
}
Also used :
GroupMembershipMapper(org.keycloak.protocol.oidc.mappers.GroupMembershipMapper)
Arrays(java.util.Arrays)
ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)
HashMap(java.util.HashMap)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
AuthzClient(org.keycloak.authorization.client.AuthzClient)
Function(java.util.function.Function)
RealmBuilder(org.keycloak.testsuite.util.RealmBuilder)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
AuthorizationDeniedException(org.keycloak.authorization.client.AuthorizationDeniedException)
UserBuilder(org.keycloak.testsuite.util.UserBuilder)
Map(java.util.Map)
ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)
Assert.fail(org.junit.Assert.fail)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
Before(org.junit.Before)
OIDCAttributeMapperHelper(org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
Predicate(java.util.function.Predicate)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
RolesBuilder(org.keycloak.testsuite.util.RolesBuilder)
AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest)
Test(org.junit.Test)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse)
PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest)
RoleBuilder(org.keycloak.testsuite.util.RoleBuilder)
List(java.util.List)
ClientBuilder(org.keycloak.testsuite.util.ClientBuilder)
OIDCLoginProtocol(org.keycloak.protocol.oidc.OIDCLoginProtocol)
GroupBuilder(org.keycloak.testsuite.util.GroupBuilder)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
HashMap(java.util.HashMap)
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
Example 32 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method orderGroupsByName.
@Test
public void orderGroupsByName() throws Exception {
RealmResource realm = this.adminClient.realms().realm("test");
// Clean up all test groups
for (GroupRepresentation group : realm.groups().groups()) {
GroupResource resource = realm.groups().group(group.getId());
resource.remove();
assertAdminEvents.assertEvent("test", OperationType.DELETE, AdminEventPaths.groupPath(group.getId()), ResourceType.GROUP);
}
// Create two pages worth of groups in a random order
List<GroupRepresentation> testGroups = new ArrayList<>();
for (int i = 0; i < 40; i++) {
GroupRepresentation group = new GroupRepresentation();
group.setName("group" + i);
testGroups.add(group);
}
Collections.shuffle(testGroups);
for (GroupRepresentation group : testGroups) {
group = createGroup(realm, group);
}
// Groups should be ordered by name
Comparator<GroupRepresentation> compareByName = Comparator.comparing(GroupRepresentation::getName);
// Assert that all groups are returned in order
List<GroupRepresentation> allGroups = realm.groups().groups();
assertEquals(40, allGroups.size());
assertTrue(Comparators.isInStrictOrder(allGroups, compareByName));
// Assert that pagination results are returned in order
List<GroupRepresentation> firstPage = realm.groups().groups(0, 20);
assertEquals(20, firstPage.size());
assertTrue(Comparators.isInStrictOrder(firstPage, compareByName));
List<GroupRepresentation> secondPage = realm.groups().groups(20, 20);
assertEquals(20, secondPage.size());
assertTrue(Comparators.isInStrictOrder(secondPage, compareByName));
// Check that the ordering of groups across multiple pages is correct
// Since the individual pages are ordered it is sufficient to compare
// every group from the first page to the first group of the second page
GroupRepresentation firstGroupOnSecondPage = secondPage.get(0);
for (GroupRepresentation firstPageGroup : firstPage) {
int comparisonResult = compareByName.compare(firstPageGroup, firstGroupOnSecondPage);
assertTrue(comparisonResult < 0);
}
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
ArrayList(java.util.ArrayList)
GroupResource(org.keycloak.admin.client.resource.GroupResource)
Test(org.junit.Test)
Example 33 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method doNotAllowSameGroupNameAtTopLevel.
@Test
public void doNotAllowSameGroupNameAtTopLevel() throws Exception {
RealmResource realm = adminClient.realms().realm("test");
// creating "/test-group"
GroupRepresentation topGroup = new GroupRepresentation();
topGroup.setName("test-group");
topGroup = createGroup(realm, topGroup);
getCleanup().addGroupId(topGroup.getId());
GroupRepresentation group2 = new GroupRepresentation();
group2.setName("test-group");
try (Response response = realm.groups().add(group2)) {
assertEquals(Status.CONFLICT.getStatusCode(), response.getStatus());
}
}
Also used :
Response(javax.ws.rs.core.Response)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
Test(org.junit.Test)
Example 34 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method getGroupsWithBriefRepresentation.
@Test
public void getGroupsWithBriefRepresentation() {
RealmResource realm = adminClient.realms().realm("test");
GroupsResource groupsResource = adminClient.realms().realm("test").groups();
GroupRepresentation group = new GroupRepresentation();
group.setName("groupWithAttribute");
Map<String, List<String>> attributes = new HashMap<String, List<String>>();
attributes.put("attribute1", Arrays.asList("attribute1", "attribute2"));
group.setAttributes(attributes);
group = createGroup(realm, group);
List<GroupRepresentation> groups = groupsResource.groups("groupWithAttribute", 0, 20);
assertFalse(groups.isEmpty());
assertNull(groups.get(0).getAttributes());
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
HashMap(java.util.HashMap)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
List(java.util.List)
ArrayList(java.util.ArrayList)
LinkedList(java.util.LinkedList)
GroupsResource(org.keycloak.admin.client.resource.GroupsResource)
Test(org.junit.Test)
Example 35 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class UserStorageTest method testQuery.
@Test
public void testQuery() {
Set<UserRepresentation> queried = new HashSet<>();
int first = 0;
while (queried.size() < 8) {
List<UserRepresentation> results = testRealmResource().users().search("", first, 3);
log.debugf("first=%s, results: %s", first, results.size());
if (results.isEmpty()) {
break;
}
first += results.size();
queried.addAll(results);
}
Set<String> usernames = new HashSet<>();
for (UserRepresentation user : queried) {
usernames.add(user.getUsername());
log.info(user.getUsername());
}
Assert.assertEquals(8, queried.size());
Assert.assertTrue(usernames.contains("thor"));
Assert.assertTrue(usernames.contains("zeus"));
Assert.assertTrue(usernames.contains("apollo"));
Assert.assertTrue(usernames.contains("perseus"));
Assert.assertTrue(usernames.contains("tbrady"));
Assert.assertTrue(usernames.contains("rob"));
Assert.assertTrue(usernames.contains("jules"));
Assert.assertTrue(usernames.contains("danny"));
// test searchForUser
List<UserRepresentation> users = testRealmResource().users().search("tbrady", 0, -1);
assertThat(users, hasSize(1));
assertThat(users.get(0).getUsername(), equalTo("tbrady"));
// test getGroupMembers()
GroupRepresentation g = new GroupRepresentation();
g.setName("gods");
String gid = ApiUtil.getCreatedId(testRealmResource().groups().add(g));
UserRepresentation user = ApiUtil.findUserByUsername(testRealmResource(), "apollo");
testRealmResource().users().get(user.getId()).joinGroup(gid);
user = ApiUtil.findUserByUsername(testRealmResource(), "zeus");
testRealmResource().users().get(user.getId()).joinGroup(gid);
user = ApiUtil.findUserByUsername(testRealmResource(), "thor");
testRealmResource().users().get(user.getId()).joinGroup(gid);
queried.clear();
usernames.clear();
first = 0;
while (queried.size() < 8) {
List<UserRepresentation> results = testRealmResource().groups().group(gid).members(first, 1);
log.debugf("first=%s, results: %s", first, results.size());
if (results.isEmpty()) {
break;
}
first += results.size();
queried.addAll(results);
}
for (UserRepresentation u : queried) {
usernames.add(u.getUsername());
log.info(u.getUsername());
}
Assert.assertEquals(3, queried.size());
Assert.assertTrue(usernames.contains("apollo"));
Assert.assertTrue(usernames.contains("zeus"));
Assert.assertTrue(usernames.contains("thor"));
// search by single attribute
testingClient.server().run(session -> {
System.out.println("search by single attribute");
RealmModel realm = session.realms().getRealmByName("test");
UserModel userModel = session.users().getUserByUsername(realm, "thor");
userModel.setSingleAttribute("weapon", "hammer");
List<UserModel> userModels = session.users().searchForUserByUserAttributeStream(realm, "weapon", "hammer").peek(System.out::println).collect(Collectors.toList());
Assert.assertEquals(1, userModels.size());
Assert.assertEquals("thor", userModels.get(0).getUsername());
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
CachedUserModel(org.keycloak.models.cache.CachedUserModel)
UserModel(org.keycloak.models.UserModel)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
HashSet(java.util.HashSet)
ModelTest(org.keycloak.testsuite.arquillian.annotation.ModelTest)
AbstractAuthTest(org.keycloak.testsuite.AbstractAuthTest)
Test(org.junit.Test)
Aggregations
GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)81
Test (org.junit.Test)62
RealmResource (org.keycloak.admin.client.resource.RealmResource)36
Response (javax.ws.rs.core.Response)24
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)23
List (java.util.List)17
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)17
ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)14
UserResource (org.keycloak.admin.client.resource.UserResource)13
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)12
ArrayList (java.util.ArrayList)10
HashMap (java.util.HashMap)10
IDToken (org.keycloak.representations.IDToken)10
OAuthClient (org.keycloak.testsuite.util.OAuthClient)10
LinkedList (java.util.LinkedList)8
Before (org.junit.Before)8
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)7
Map (java.util.Map)6
NotFoundException (javax.ws.rs.NotFoundException)6
AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6
