Examples with IdentityProviderRepresentation org.keycloak.representations.idm.IdentityProviderRepresentation used on opensource projects

Search in sources :

Example 81 with IdentityProviderRepresentation

use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.

the class BrokerTest method testNoNameIDAndPrincipalFromAttribute.

@Test
public void testNoNameIDAndPrincipalFromAttribute() throws IOException {
    final String userName = "newUser-" + UUID.randomUUID();
    final RealmResource realm = adminClient.realm(REALM_NAME);
    final IdentityProviderRepresentation rep = addIdentityProvider("https://saml.idp/");
    rep.getConfig().put(SAMLIdentityProviderConfig.NAME_ID_POLICY_FORMAT, "undefined");
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_TYPE, SamlPrincipalType.ATTRIBUTE.toString());
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_ATTRIBUTE, "user");
    try (IdentityProviderCreator idp = new IdentityProviderCreator(realm, rep)) {
        new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, POST).build().login().idp(SAML_BROKER_ALIAS).build().processSamlResponse(REDIRECT).transformObject(this::createAuthnResponse).transformObject(resp -> {
            final ResponseType rt = (ResponseType) resp;
            final AssertionType assertion = rt.getAssertions().get(0).getAssertion();
            // Remove NameID from subject
            assertion.getSubject().setSubType(null);
            // Add attribute to get principal from
            AttributeStatementType attrStatement = new AttributeStatementType();
            AttributeType attribute = new AttributeType("user");
            attribute.addAttributeValue(userName);
            attrStatement.addAttribute(new ASTChoiceType(attribute));
            rt.getAssertions().get(0).getAssertion().addStatement(attrStatement);
            return rt;
        }).targetAttributeSamlResponse().targetUri(getSamlBrokerUrl(REALM_NAME)).build().followOneRedirect().updateProfile().username(userName).firstName("someFirstName").lastName("someLastName").email("some@email.com").build().followOneRedirect().assertResponse(org.keycloak.testsuite.util.Matchers.statusCodeIsHC(200)).execute();
    }
    final UserRepresentation userRepresentation = realm.users().search(userName).stream().findFirst().get();
    final List<UserSessionRepresentation> userSessions = realm.users().get(userRepresentation.getId()).getUserSessions();
    assertThat(userSessions, hasSize(1));
}
Also used : XMLTimeUtil(org.keycloak.saml.processing.core.saml.v2.util.XMLTimeUtil) KeyPair(java.security.KeyPair) ASTChoiceType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType) POST(org.keycloak.testsuite.util.SamlClient.Binding.POST) Header(org.apache.http.Header) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig) SAMLIdentityProviderFactory(org.keycloak.broker.saml.SAMLIdentityProviderFactory) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) ConditionsType(org.keycloak.dom.saml.v2.assertion.ConditionsType) Document(org.w3c.dom.Document) Requirement(org.keycloak.models.AuthenticationExecutionModel.Requirement) NameIDPolicyType(org.keycloak.dom.saml.v2.protocol.NameIDPolicyType) HasQName(org.keycloak.saml.processing.core.parsers.util.HasQName) URI(java.net.URI) HttpHeaders(org.apache.http.HttpHeaders) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderBuilder(org.keycloak.testsuite.util.IdentityProviderBuilder) UUID(java.util.UUID) Objects(java.util.Objects) List(java.util.List) Matchers.isSamlStatusResponse(org.keycloak.testsuite.util.Matchers.isSamlStatusResponse) Matchers.is(org.hamcrest.Matchers.is) SAML_CLIENT_ID_SALES_POST(org.keycloak.testsuite.saml.AbstractSamlTest.SAML_CLIENT_ID_SALES_POST) QName(javax.xml.namespace.QName) SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType) XmlDSigQNames(org.keycloak.saml.processing.core.parsers.saml.xmldsig.XmlDSigQNames) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) AtomicReference(java.util.concurrent.atomic.AtomicReference) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) RSA_SHA1(org.keycloak.saml.SignatureAlgorithm.RSA_SHA1) REDIRECT(org.keycloak.testsuite.util.SamlClient.Binding.REDIRECT) SAML2LoginResponseBuilder(org.keycloak.saml.SAML2LoginResponseBuilder) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) DOMException(org.w3c.dom.DOMException) Matchers.hasSize(org.hamcrest.Matchers.hasSize) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) UserResource(org.keycloak.admin.client.resource.UserResource) Status(javax.ws.rs.core.Response.Status) ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) NodeList(org.w3c.dom.NodeList) AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) REALM_NAME(org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME) Matchers(org.hamcrest.Matchers) IOException(java.io.IOException) Test(org.junit.Test) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) SAML_ASSERTION_CONSUMER_URL_SALES_POST(org.keycloak.testsuite.saml.AbstractSamlTest.SAML_ASSERTION_CONSUMER_URL_SALES_POST) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) SubjectType(org.keycloak.dom.saml.v2.assertion.SubjectType) IdentityProviderCreator(org.keycloak.testsuite.updaters.IdentityProviderCreator) IdpReviewProfileAuthenticatorFactory(org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticatorFactory) BaseSAML2BindingBuilder(org.keycloak.saml.BaseSAML2BindingBuilder) Element(org.w3c.dom.Element) Assert(org.junit.Assert) UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) IdentityProviderCreator(org.keycloak.testsuite.updaters.IdentityProviderCreator) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) ASTChoiceType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 82 with IdentityProviderRepresentation

use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.

the class PermissionsTest method identityProviders.

@Test
public void identityProviders() {
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().findAll();
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new InvocationWithResponse() {

        public void invoke(RealmResource realm, AtomicReference<Response> response) {
            response.set(realm.identityProviders().create(IdentityProviderBuilder.create().providerId("oidc").displayName("nosuch-foo").alias("foo").setAttribute("clientId", "foo").setAttribute("clientSecret", "foo").build()));
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").toRepresentation();
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").update(new IdentityProviderRepresentation());
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new InvocationWithResponse() {

        public void invoke(RealmResource realm, AtomicReference<Response> response) {
            response.set(realm.identityProviders().get("nosuch").export("saml"));
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").remove();
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new InvocationWithResponse() {

        public void invoke(RealmResource realm, AtomicReference<Response> response) {
            response.set(realm.identityProviders().get("nosuch").addMapper(new IdentityProviderMapperRepresentation()));
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").delete("nosuch");
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").getMappers();
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").getMapperById("nosuch");
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().get("nosuch").getMapperTypes();
        }
    }, Resource.IDENTITY_PROVIDER, false);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().importFrom(Collections.<String, Object>emptyMap());
        }
    }, Resource.IDENTITY_PROVIDER, true);
    invoke(new Invocation() {

        public void invoke(RealmResource realm) {
            realm.identityProviders().importFrom(new MultipartFormDataOutput());
        }
    }, Resource.IDENTITY_PROVIDER, true);
}
Also used : Response(javax.ws.rs.core.Response) IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) MultipartFormDataOutput(org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 83 with IdentityProviderRepresentation

use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.

the class IdentityProviderTest method createRep.

private IdentityProviderRepresentation createRep(String id, String providerId, boolean enabled, Map<String, String> config) {
    IdentityProviderRepresentation idp = new IdentityProviderRepresentation();
    idp.setAlias(id);
    idp.setDisplayName(id);
    idp.setProviderId(providerId);
    idp.setEnabled(enabled);
    if (config != null) {
        idp.setConfig(config);
    }
    return idp;
}
Also used : IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)

Example 84 with IdentityProviderRepresentation

use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.

the class IdentityProviderTest method testUpdate.

@Test
public void testUpdate() {
    IdentityProviderRepresentation newIdentityProvider = createRep("update-identity-provider", "oidc");
    newIdentityProvider.getConfig().put(IdentityProviderModel.SYNC_MODE, "IMPORT");
    newIdentityProvider.getConfig().put("clientId", "clientId");
    newIdentityProvider.getConfig().put("clientSecret", "some secret value");
    create(newIdentityProvider);
    IdentityProviderResource identityProviderResource = realm.identityProviders().get("update-identity-provider");
    assertNotNull(identityProviderResource);
    IdentityProviderRepresentation representation = identityProviderResource.toRepresentation();
    assertNotNull(representation);
    assertEquals("update-identity-provider", representation.getAlias());
    representation.setAlias("changed-alias");
    representation.setEnabled(false);
    representation.setStoreToken(true);
    representation.getConfig().put("clientId", "changedClientId");
    identityProviderResource.update(representation);
    AdminEventRepresentation event = assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.identityProviderPath("update-identity-provider"), representation, ResourceType.IDENTITY_PROVIDER);
    assertFalse(event.getRepresentation().contains("some secret value"));
    assertTrue(event.getRepresentation().contains(ComponentRepresentation.SECRET_VALUE));
    identityProviderResource = realm.identityProviders().get(representation.getInternalId());
    assertNotNull(identityProviderResource);
    representation = identityProviderResource.toRepresentation();
    assertFalse(representation.isEnabled());
    assertTrue(representation.isStoreToken());
    assertEquals("changedClientId", representation.getConfig().get("clientId"));
    assertEquals("some secret value", testingClient.testing("admin-client-test").getIdentityProviderConfig("changed-alias").get("clientSecret"));
    representation.getConfig().put("clientSecret", "${vault.key}");
    identityProviderResource.update(representation);
    event = assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.identityProviderPath(representation.getInternalId()), representation, ResourceType.IDENTITY_PROVIDER);
    assertThat(event.getRepresentation(), containsString("${vault.key}"));
    assertThat(event.getRepresentation(), not(containsString(ComponentRepresentation.SECRET_VALUE)));
    assertThat(identityProviderResource.toRepresentation().getConfig(), hasEntry("clientSecret", "${vault.key}"));
    assertEquals("${vault.key}", testingClient.testing("admin-client-test").getIdentityProviderConfig("changed-alias").get("clientSecret"));
}
Also used : IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) AdminEventRepresentation(org.keycloak.representations.idm.AdminEventRepresentation) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) Test(org.junit.Test)

Example 85 with IdentityProviderRepresentation

use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.

the class IdentityProviderTest method testCreateWithReservedCharacterForAlias.

@Test
public void testCreateWithReservedCharacterForAlias() {
    IdentityProviderRepresentation newIdentityProvider = createRep("ne$&w-identity-provider", "oidc");
    newIdentityProvider.getConfig().put("clientId", "clientId");
    newIdentityProvider.getConfig().put("clientSecret", "some secret value");
    Response response = realm.identityProviders().create(newIdentityProvider);
    Assert.assertEquals(400, response.getStatus());
}
Also used : Response(javax.ws.rs.core.Response) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) Test(org.junit.Test)

Aggregations

IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)91 Test (org.junit.Test)45 IdentityProviderResource (org.keycloak.admin.client.resource.IdentityProviderResource)23 RealmResource (org.keycloak.admin.client.resource.RealmResource)22 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)17 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)16 Response (javax.ws.rs.core.Response)15 Matchers.containsString (org.hamcrest.Matchers.containsString)10 List (java.util.List)9 MultipartFormDataOutput (org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput)8 URL (java.net.URL)7 IdentityProviderMapperRepresentation (org.keycloak.representations.idm.IdentityProviderMapperRepresentation)7 OAuthClient (org.keycloak.testsuite.util.OAuthClient)7 IOException (java.io.IOException)6 URI (java.net.URI)6 Map (java.util.Map)6 Matchers.hasSize (org.hamcrest.Matchers.hasSize)6 Matchers.is (org.hamcrest.Matchers.is)6 SAMLIdentityProviderConfig (org.keycloak.broker.saml.SAMLIdentityProviderConfig)6 AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial