Example 36 with IdentityProviderRepresentation
use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.
the class OidcBackchannelLogoutBrokerConfiguration method setUpConsumerIdentityProvider.
@Override
public IdentityProviderRepresentation setUpConsumerIdentityProvider() {
IdentityProviderRepresentation idp = createIdentityProvider(SUB_CONSUMER_IDP_OIDC_ALIAS, SUB_CONSUMER_IDP_OIDC_PROVIDER_ID);
Map<String, String> config = idp.getConfig();
config.put(IdentityProviderModel.SYNC_MODE, IdentityProviderSyncMode.IMPORT.toString());
config.put("clientId", CONSUMER_CLIENT_ID);
config.put("clientSecret", CONSUMER_CLIENT_SECRET);
config.put("prompt", "login");
config.put("issuer", getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME);
config.put("authorizationUrl", getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/protocol/openid-connect/auth");
config.put("tokenUrl", getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/protocol/openid-connect/token");
config.put("logoutUrl", getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/protocol/openid-connect/logout");
config.put("userInfoUrl", getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/protocol/openid-connect/userinfo");
config.put("defaultScope", "email profile");
config.put("backchannelSupported", "true");
config.put(OIDCIdentityProviderConfig.JWKS_URL, getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/protocol/openid-connect/certs");
config.put(OIDCIdentityProviderConfig.USE_JWKS_URL, "true");
config.put(OIDCIdentityProviderConfig.VALIDATE_SIGNATURE, "true");
return idp;
}
Also used :
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
Example 37 with IdentityProviderRepresentation
use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.
the class OidcBackchannelLogoutBrokerConfiguration method setUpIdentityProvider.
@Override
public IdentityProviderRepresentation setUpIdentityProvider(IdentityProviderSyncMode syncMode) {
IdentityProviderRepresentation idp = createIdentityProvider(IDP_OIDC_ALIAS, IDP_OIDC_PROVIDER_ID);
Map<String, String> config = idp.getConfig();
applyDefaultConfiguration(config, syncMode);
return idp;
}
Also used :
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
Example 38 with IdentityProviderRepresentation
use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.
the class KcOidcBrokerTest method testReauthenticationOIDCBrokerWithOTPRequired.
/**
* Refers to in old test suite: PostBrokerFlowTest#testBrokerReauthentication_oidcBrokerWithOTPRequired
*/
@Test
public void testReauthenticationOIDCBrokerWithOTPRequired() throws Exception {
KcSamlBrokerConfiguration samlBrokerConfig = KcSamlBrokerConfiguration.INSTANCE;
ClientRepresentation samlClient = samlBrokerConfig.createProviderClients().get(0);
IdentityProviderRepresentation samlBroker = samlBrokerConfig.setUpIdentityProvider();
RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
try {
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
consumerRealm.identityProviders().create(samlBroker);
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
logInWithBroker(samlBrokerConfig);
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
logInWithBroker(bc);
waitForPage(driver, "account already exists", false);
idpConfirmLinkPage.assertCurrent();
idpConfirmLinkPage.clickLinkAccount();
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
driver.navigate().back();
logInWithBroker(samlBrokerConfig);
totpPage.assertCurrent();
String totpSecret = totpPage.getTotpSecret();
totpPage.configure(totp.generateTOTP(totpSecret));
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
} finally {
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
removeUserByUsername(consumerRealm, "consumer");
}
}
Also used :
RealmResource(org.keycloak.admin.client.resource.RealmResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 39 with IdentityProviderRepresentation
use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.
the class KcOidcBrokerTest method testReauthenticationBothBrokersWithOTPRequired.
/**
* Refers to in old test suite: PostBrokerFlowTest#testBrokerReauthentication_bothBrokerWithOTPRequired
*/
@Test
public void testReauthenticationBothBrokersWithOTPRequired() throws Exception {
KcSamlBrokerConfiguration samlBrokerConfig = KcSamlBrokerConfiguration.INSTANCE;
ClientRepresentation samlClient = samlBrokerConfig.createProviderClients().get(0);
IdentityProviderRepresentation samlBroker = samlBrokerConfig.setUpIdentityProvider();
RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
try {
updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
adminClient.realm(bc.providerRealmName()).clients().create(samlClient);
consumerRealm.identityProviders().create(samlBroker);
driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(samlBrokerConfig.getIDPAlias()));
logInWithBroker(samlBrokerConfig);
totpPage.assertCurrent();
String totpSecret = totpPage.getTotpSecret();
totpPage.configure(totp.generateTOTP(totpSecret));
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
testingClient.server(bc.consumerRealmName()).run(configurePostBrokerLoginWithOTP(bc.getIDPAlias()));
logInWithBroker(bc);
waitForPage(driver, "account already exists", false);
idpConfirmLinkPage.assertCurrent();
idpConfirmLinkPage.clickLinkAccount();
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
driver.navigate().back();
logInWithBroker(samlBrokerConfig);
loginTotpPage.assertCurrent();
loginTotpPage.login(totp.generateTOTP(totpSecret));
logoutFromRealm(getProviderRoot(), bc.providerRealmName());
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
logInWithBroker(bc);
loginTotpPage.assertCurrent();
loginTotpPage.login(totp.generateTOTP(totpSecret));
waitForAccountManagementTitle();
accountUpdateProfilePage.assertCurrent();
assertNumFederatedIdentities(consumerRealm.users().search(samlBrokerConfig.getUserLogin()).get(0).getId(), 2);
} finally {
updateExecutions(AbstractBrokerTest::setUpMissingUpdateProfileOnFirstLogin);
removeUserByUsername(consumerRealm, "consumer");
}
}
Also used :
RealmResource(org.keycloak.admin.client.resource.RealmResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 40 with IdentityProviderRepresentation
use of org.keycloak.representations.idm.IdentityProviderRepresentation in project keycloak by keycloak.
the class KcOidcFirstBrokerLoginDetectExistingUserTest method beforeBrokerTest.
@Override
@Before
public void beforeBrokerTest() {
super.beforeBrokerTest();
log.debug("creating detect existing user flow for realm " + bc.providerRealmName());
final RealmResource consumerRealm = adminClient.realm(bc.consumerRealmName());
AuthenticationManagementResource authMgmtResource = consumerRealm.flows();
// Creates detectExistingUserFlow
String detectExistingFlowAlias = "detectExistingUserFlow";
final AuthenticationFlowRepresentation authenticationFlowRepresentation = newFlow(detectExistingFlowAlias, detectExistingFlowAlias, "basic-flow", true, false);
authMgmtResource.createFlow(authenticationFlowRepresentation);
AuthenticationFlowRepresentation authenticationFlowRepresentation1 = getFlow(authMgmtResource, detectExistingFlowAlias);
assertNotNull("The authentication flow must exist", authenticationFlowRepresentation1);
// retrieves the id of the newly created flow
String flowId = authenticationFlowRepresentation1.getId();
// Adds executions to the flow
addExecution(authMgmtResource, flowId, IdpDetectExistingBrokerUserAuthenticatorFactory.PROVIDER_ID, 10);
addExecution(authMgmtResource, flowId, IdpAutoLinkAuthenticatorFactory.PROVIDER_ID, 20);
// Updates the FirstBrokerLoginFlowAlias for the identity provider
IdentityProviderResource identityConsumerResource = consumerRealm.identityProviders().get(bc.getIDPAlias());
IdentityProviderRepresentation identityProviderRepresentation = consumerRealm.identityProviders().findAll().get(0);
identityProviderRepresentation.setFirstBrokerLoginFlowAlias(detectExistingFlowAlias);
identityProviderRepresentation.getConfig().put(IdentityProviderModel.SYNC_MODE, IdentityProviderSyncMode.FORCE.toString());
identityConsumerResource.update(identityProviderRepresentation);
assertEquals("Two executions must have been created", 2, getFlow(authMgmtResource, detectExistingFlowAlias).getAuthenticationExecutions().size());
}
Also used :
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
AuthenticationManagementResource(org.keycloak.admin.client.resource.AuthenticationManagementResource)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
Before(org.junit.Before)
Aggregations
IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)91
Test (org.junit.Test)45
IdentityProviderResource (org.keycloak.admin.client.resource.IdentityProviderResource)23
RealmResource (org.keycloak.admin.client.resource.RealmResource)22
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)17
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)16
Response (javax.ws.rs.core.Response)15
Matchers.containsString (org.hamcrest.Matchers.containsString)10
List (java.util.List)9
MultipartFormDataOutput (org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput)8
URL (java.net.URL)7
IdentityProviderMapperRepresentation (org.keycloak.representations.idm.IdentityProviderMapperRepresentation)7
OAuthClient (org.keycloak.testsuite.util.OAuthClient)7
IOException (java.io.IOException)6
URI (java.net.URI)6
Map (java.util.Map)6
Matchers.hasSize (org.hamcrest.Matchers.hasSize)6
Matchers.is (org.hamcrest.Matchers.is)6
SAMLIdentityProviderConfig (org.keycloak.broker.saml.SAMLIdentityProviderConfig)6
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)6
