Example 26 with IdentityProviderMapperRepresentation
use of org.keycloak.representations.idm.IdentityProviderMapperRepresentation in project keycloak by keycloak.
the class AbstractFirstBrokerLoginTest method testHardcodedUserSessionNoteIsSetAfterFirstBrokerLogin.
/**
* Refers to in old test suite: org.keycloak.testsuite.broker.AbstractFirstBrokerLoginTest#testHardcodedUserSessionNoteIsSetAfterFristBrokerLogin()
*/
@Test
public void testHardcodedUserSessionNoteIsSetAfterFirstBrokerLogin() {
updateExecutions(AbstractBrokerTest::enableUpdateProfileOnFirstLogin);
RealmResource realm = adminClient.realm(bc.consumerRealmName());
IdentityProviderResource idpResource = realm.identityProviders().get(bc.getIDPAlias());
IdentityProviderMapperRepresentation hardCodedSessionNoteMapper = new IdentityProviderMapperRepresentation();
hardCodedSessionNoteMapper.setName("static-session-note");
hardCodedSessionNoteMapper.setIdentityProviderAlias(bc.getIDPAlias());
hardCodedSessionNoteMapper.setIdentityProviderMapper(HardcodedUserSessionAttributeMapper.PROVIDER_ID);
hardCodedSessionNoteMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderSyncMode.IMPORT.toString()).put(HardcodedUserSessionAttributeMapper.ATTRIBUTE_VALUE, "sessionvalue").put(HardcodedUserSessionAttributeMapper.ATTRIBUTE, "user-session-attr").build());
Response response = idpResource.addMapper(hardCodedSessionNoteMapper);
response.close();
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
logInWithBroker(bc);
waitForPage(driver, "update account information", false);
updateAccountInformationPage.assertCurrent();
updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");
waitForAccountManagementTitle();
accountUpdateProfilePage.assertCurrent();
testingClient.server().run(assertHardCodedSessionNote());
}
Also used :
Response(javax.ws.rs.core.Response)
IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
Test(org.junit.Test)
VerifyProfileTest(org.keycloak.testsuite.forms.VerifyProfileTest)
Example 27 with IdentityProviderMapperRepresentation
use of org.keycloak.representations.idm.IdentityProviderMapperRepresentation in project keycloak by keycloak.
the class PermissionsTest method identityProviders.
@Test
public void identityProviders() {
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().findAll();
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.identityProviders().create(IdentityProviderBuilder.create().providerId("oidc").displayName("nosuch-foo").alias("foo").setAttribute("clientId", "foo").setAttribute("clientSecret", "foo").build()));
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").toRepresentation();
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").update(new IdentityProviderRepresentation());
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.identityProviders().get("nosuch").export("saml"));
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").remove();
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new InvocationWithResponse() {
public void invoke(RealmResource realm, AtomicReference<Response> response) {
response.set(realm.identityProviders().get("nosuch").addMapper(new IdentityProviderMapperRepresentation()));
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").delete("nosuch");
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").getMappers();
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").getMapperById("nosuch");
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().get("nosuch").getMapperTypes();
}
}, Resource.IDENTITY_PROVIDER, false);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().importFrom(Collections.<String, Object>emptyMap());
}
}, Resource.IDENTITY_PROVIDER, true);
invoke(new Invocation() {
public void invoke(RealmResource realm) {
realm.identityProviders().importFrom(new MultipartFormDataOutput());
}
}, Resource.IDENTITY_PROVIDER, true);
}
Also used :
Response(javax.ws.rs.core.Response)
IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
MultipartFormDataOutput(org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Example 28 with IdentityProviderMapperRepresentation
use of org.keycloak.representations.idm.IdentityProviderMapperRepresentation in project keycloak by keycloak.
the class KcSamlSpDescriptorTest method testAttributeConsumingServiceMappersInSpMetadataWithoutServiceName.
@Test
public void testAttributeConsumingServiceMappersInSpMetadataWithoutServiceName() throws IOException, ParsingException, URISyntaxException {
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_INDEX, "12").update()) {
IdentityProviderMapperRepresentation attrMapperEmail = new IdentityProviderMapperRepresentation();
attrMapperEmail.setName("attribute-mapper-email");
attrMapperEmail.setIdentityProviderMapper(UserAttributeMapper.PROVIDER_ID);
attrMapperEmail.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString()).put(UserAttributeMapper.ATTRIBUTE_NAME, "email_attr_name").put(UserAttributeMapper.ATTRIBUTE_FRIENDLY_NAME, "email_attr_friendlyname").put(UserAttributeMapper.USER_ATTRIBUTE, "email").build());
attrMapperEmail.setIdentityProviderAlias(bc.getIDPAlias());
identityProviderResource.addMapper(attrMapperEmail);
String spDescriptorString = identityProviderResource.export(null).readEntity(String.class);
SAMLParser parser = SAMLParser.getInstance();
EntityDescriptorType o = (EntityDescriptorType) parser.parse(new StringInputStream(spDescriptorString));
SPSSODescriptorType spDescriptor = o.getChoiceType().get(0).getDescriptors().get(0).getSpDescriptor();
assertThat(spDescriptor.getAttributeConsumingService(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getIndex(), is(12));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getName(), is("email_attr_name"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getFriendlyName(), is("email_attr_friendlyname"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName().get(0).getValue(), is(bc.consumerRealmName()));
}
}
Also used :
IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation)
StringInputStream(org.apache.tools.ant.filters.StringInputStream)
Closeable(java.io.Closeable)
IdentityProviderAttributeUpdater(org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater)
SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser)
EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)
SPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType)
Test(org.junit.Test)
Example 29 with IdentityProviderMapperRepresentation
use of org.keycloak.representations.idm.IdentityProviderMapperRepresentation in project keycloak by keycloak.
the class KcOidcUsernameTemplateMapperTest method createMapperInIdp.
@Override
protected void createMapperInIdp(IdentityProviderRepresentation idp, IdentityProviderMapperSyncMode syncMode) {
IdentityProviderMapperRepresentation usernameTemplateMapper = new IdentityProviderMapperRepresentation();
usernameTemplateMapper.setName("oidc-username-template-mapper");
usernameTemplateMapper.setIdentityProviderMapper(UsernameTemplateMapper.PROVIDER_ID);
usernameTemplateMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put("template", "${ALIAS}-${CLAIM.user-attribute}").build());
IdentityProviderResource idpResource = realm.identityProviders().get(idp.getAlias());
usernameTemplateMapper.setIdentityProviderAlias(bc.getIDPAlias());
idpResource.addMapper(usernameTemplateMapper).close();
}
Also used :
IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
Example 30 with IdentityProviderMapperRepresentation
use of org.keycloak.representations.idm.IdentityProviderMapperRepresentation in project keycloak by keycloak.
the class OidcMultipleClaimToRoleMappersTest method createClaimToRoleMapper.
@Override
protected void createClaimToRoleMapper(IdentityProviderRepresentation idp, String claimValue, IdentityProviderMapperSyncMode syncMode) {
// first mapper that maps attributes the user has - it should perform the mapping to the expected role.
IdentityProviderMapperRepresentation firstOidcClaimToRoleMapper = new IdentityProviderMapperRepresentation();
firstOidcClaimToRoleMapper.setName("claim-to-role-mapper");
firstOidcClaimToRoleMapper.setIdentityProviderMapper(ClaimToRoleMapper.PROVIDER_ID);
firstOidcClaimToRoleMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put(ClaimToRoleMapper.CLAIM, OidcClaimToRoleMapperTest.CLAIM).put(ClaimToRoleMapper.CLAIM_VALUE, claimValue).put(ConfigConstants.ROLE, CLIENT_ROLE_MAPPER_REPRESENTATION).build());
IdentityProviderResource idpResource = realm.identityProviders().get(idp.getAlias());
firstOidcClaimToRoleMapper.setIdentityProviderAlias(bc.getIDPAlias());
idpResource.addMapper(firstOidcClaimToRoleMapper).close();
// second mapper that maps an external role claim the test user doesn't have - it would normally end up removing the
// mapped role but it should now check if a previous mapper has already granted the same role.
IdentityProviderMapperRepresentation secondOidcClaimToRoleMapper = new IdentityProviderMapperRepresentation();
secondOidcClaimToRoleMapper.setName("external-keycloak-role-mapper");
secondOidcClaimToRoleMapper.setIdentityProviderMapper(ExternalKeycloakRoleToRoleMapper.PROVIDER_ID);
secondOidcClaimToRoleMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put("external.role", "missing-role").put("role", CLIENT_ROLE_MAPPER_REPRESENTATION).build());
secondOidcClaimToRoleMapper.setIdentityProviderAlias(bc.getIDPAlias());
idpResource.addMapper(secondOidcClaimToRoleMapper).close();
// third mapper (advanced) that maps a claim the test user doesn't have - it would normally end up removing the
// mapped role but it should now check if a previous mapper has already granted the same role.
IdentityProviderMapperRepresentation thirdOidcClaimToRoleMapper = new IdentityProviderMapperRepresentation();
thirdOidcClaimToRoleMapper.setName("advanced-claim-to-role-mapper");
thirdOidcClaimToRoleMapper.setIdentityProviderMapper(AdvancedClaimToRoleMapper.PROVIDER_ID);
thirdOidcClaimToRoleMapper.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, syncMode.toString()).put(AdvancedClaimToRoleMapper.CLAIM_PROPERTY_NAME, CLAIMS_OR_ATTRIBUTES).put(AdvancedClaimToRoleMapper.ARE_CLAIM_VALUES_REGEX_PROPERTY_NAME, Boolean.TRUE.toString()).put(ConfigConstants.ROLE, CLIENT_ROLE_MAPPER_REPRESENTATION).build());
thirdOidcClaimToRoleMapper.setIdentityProviderAlias(bc.getIDPAlias());
idpResource.addMapper(thirdOidcClaimToRoleMapper).close();
}
Also used :
IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
Aggregations
IdentityProviderMapperRepresentation (org.keycloak.representations.idm.IdentityProviderMapperRepresentation)34
IdentityProviderResource (org.keycloak.admin.client.resource.IdentityProviderResource)25
Test (org.junit.Test)9
RealmResource (org.keycloak.admin.client.resource.RealmResource)7
Response (javax.ws.rs.core.Response)6
IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)5
Closeable (java.io.Closeable)3
HashMap (java.util.HashMap)3
StringInputStream (org.apache.tools.ant.filters.StringInputStream)3
Matchers.containsString (org.hamcrest.Matchers.containsString)3
EntityDescriptorType (org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)3
SPSSODescriptorType (org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType)3
SAMLParser (org.keycloak.saml.processing.core.parsers.saml.SAMLParser)3
IdentityProviderAttributeUpdater (org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater)3
Before (org.junit.Before)2
NotFoundException (javax.ws.rs.NotFoundException)1
MultipartFormDataOutput (org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput)1
ClientsResource (org.keycloak.admin.client.resource.ClientsResource)1
AuthenticationExecutionInfoRepresentation (org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation)1
AuthenticationFlowRepresentation (org.keycloak.representations.idm.AuthenticationFlowRepresentation)1
