Examples with ProtocolMapperRepresentation org.keycloak.representations.idm.ProtocolMapperRepresentation used on opensource projects

Search in sources :

Example 56 with ProtocolMapperRepresentation

use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.

the class ClientScopeProtocolMapperTest method test05CreateOidcProtocolMapper.

@Test
public void test05CreateOidcProtocolMapper() {
    // {"protocol":"openid-connect",
    // "config":{"role":"myrole"},
    // "consentRequired":true,
    // "consentText":"My consent text",
    // "name":"oidc-hardcoded-role-mapper",
    // "protocolMapper":"oidc-hardcoded-role-mapper"}
    ProtocolMapperRepresentation rep = makeOidcMapper("oidc-hardcoded-role-mapper");
    int totalMappers = oidcMappersRsc.getMappers().size();
    int totalOidcMappers = oidcMappersRsc.getMappersPerProtocol("openid-connect").size();
    Response resp = oidcMappersRsc.createMapper(rep);
    resp.close();
    String createdId = ApiUtil.getCreatedId(resp);
    assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientScopeProtocolMapperPath(oidcClientScopeId, createdId), rep, ResourceType.PROTOCOL_MAPPER);
    assertEquals(totalMappers + 1, oidcMappersRsc.getMappers().size());
    assertEquals(totalOidcMappers + 1, oidcMappersRsc.getMappersPerProtocol("openid-connect").size());
    // findByName(samlMappersRsc, "saml-role-name-mapper");
    ProtocolMapperRepresentation created = oidcMappersRsc.getMapperById(createdId);
    assertEqualMappers(rep, created);
}
Also used : Response(javax.ws.rs.core.Response) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) Test(org.junit.Test)

Example 57 with ProtocolMapperRepresentation

use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.

the class JpaUpdate1_2_0_Beta1 method addDefaultProtocolMappers.

protected void addDefaultProtocolMappers() throws SQLException, DatabaseException {
    String protocolMapperTableName = database.correctObjectName("PROTOCOL_MAPPER", Table.class);
    String protocolMapperCfgTableName = database.correctObjectName("PROTOCOL_MAPPER_CONFIG", Table.class);
    PreparedStatement statement = jdbcConnection.prepareStatement("select ID, NAME, ALLOWED_CLAIMS_MASK from " + getTableName("CLIENT"));
    try {
        ResultSet resultSet = statement.executeQuery();
        try {
            boolean first = true;
            while (resultSet.next()) {
                if (first) {
                    confirmationMessage.append("Migrating claimsMask to protocol mappers for clients: ");
                    first = false;
                }
                Object acmObj = resultSet.getObject("ALLOWED_CLAIMS_MASK");
                long mask = (acmObj != null) ? ((Number) acmObj).longValue() : ClaimMask.ALL;
                MigrationProvider migrationProvider = this.kcSession.getProvider(MigrationProvider.class);
                List<ProtocolMapperRepresentation> protocolMappers = migrationProvider.getMappersForClaimMask(mask);
                for (ProtocolMapperRepresentation protocolMapper : protocolMappers) {
                    String mapperId = KeycloakModelUtils.generateId();
                    InsertStatement insert = new InsertStatement(null, null, protocolMapperTableName).addColumnValue("ID", mapperId).addColumnValue("PROTOCOL", protocolMapper.getProtocol()).addColumnValue("NAME", protocolMapper.getName()).addColumnValue("CONSENT_REQUIRED", false).addColumnValue("PROTOCOL_MAPPER_NAME", protocolMapper.getProtocolMapper()).addColumnValue("CLIENT_ID", resultSet.getString("ID"));
                    statements.add(insert);
                    for (Map.Entry<String, String> cfgEntry : protocolMapper.getConfig().entrySet()) {
                        InsertStatement cfgInsert = new InsertStatement(null, null, protocolMapperCfgTableName).addColumnValue("PROTOCOL_MAPPER_ID", mapperId).addColumnValue("NAME", cfgEntry.getKey()).addColumnValue("VALUE", cfgEntry.getValue());
                        statements.add(cfgInsert);
                    }
                }
                confirmationMessage.append(resultSet.getString("NAME") + ", ");
            }
            // It means that some provider where processed
            if (!first) {
                confirmationMessage.append(". ");
            }
        } finally {
            resultSet.close();
        }
    } finally {
        statement.close();
    }
}
Also used : ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ResultSet(java.sql.ResultSet) MigrationProvider(org.keycloak.migration.MigrationProvider) PreparedStatement(java.sql.PreparedStatement) Map(java.util.Map) InsertStatement(liquibase.statement.core.InsertStatement)

Example 58 with ProtocolMapperRepresentation

use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.

the class KcOidcBrokerConfiguration method createProviderClients.

@Override
public List<ClientRepresentation> createProviderClients() {
    ClientRepresentation client = new ClientRepresentation();
    client.setClientId(getIDPClientIdInProviderRealm());
    client.setName(CLIENT_ID);
    client.setSecret(CLIENT_SECRET);
    client.setRedirectUris(Collections.singletonList(getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint/*"));
    client.setAdminUrl(getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint");
    ProtocolMapperRepresentation emailMapper = new ProtocolMapperRepresentation();
    emailMapper.setName("email");
    emailMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    emailMapper.setProtocolMapper(UserPropertyMapper.PROVIDER_ID);
    Map<String, String> emailMapperConfig = emailMapper.getConfig();
    emailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "email");
    emailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "email");
    emailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
    emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
    emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    ProtocolMapperRepresentation nestedAttrMapper = new ProtocolMapperRepresentation();
    nestedAttrMapper.setName("attribute - nested claim");
    nestedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    nestedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
    Map<String, String> nestedEmailMapperConfig = nestedAttrMapper.getConfig();
    nestedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "nested.email");
    nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "nested.email");
    nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
    nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
    nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    ProtocolMapperRepresentation dottedAttrMapper = new ProtocolMapperRepresentation();
    dottedAttrMapper.setName("attribute - claim with dot in name");
    dottedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    dottedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
    Map<String, String> dottedEmailMapperConfig = dottedAttrMapper.getConfig();
    dottedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "dotted.email");
    dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "dotted\\.email");
    dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
    dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
    dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation();
    userAttrMapper.setName("attribute - name");
    userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
    Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig();
    userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME);
    userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME);
    userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
    userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
    userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    userAttrMapperConfig.put(ProtocolMapperUtils.MULTIVALUED, "true");
    ProtocolMapperRepresentation userAttrMapper2 = new ProtocolMapperRepresentation();
    userAttrMapper2.setName("attribute - name - 2");
    userAttrMapper2.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    userAttrMapper2.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
    Map<String, String> userAttrMapperConfig2 = userAttrMapper2.getConfig();
    userAttrMapperConfig2.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME_2);
    userAttrMapperConfig2.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME_2);
    userAttrMapperConfig2.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
    userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
    userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    userAttrMapperConfig2.put(ProtocolMapperUtils.MULTIVALUED, "true");
    ProtocolMapperRepresentation hardcodedJsonClaim = new ProtocolMapperRepresentation();
    hardcodedJsonClaim.setName("json-mapper");
    hardcodedJsonClaim.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    hardcodedJsonClaim.setProtocolMapper(HardcodedClaim.PROVIDER_ID);
    Map<String, String> hardcodedJsonClaimMapperConfig = hardcodedJsonClaim.getConfig();
    hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, KcOidcBrokerConfiguration.USER_INFO_CLAIM);
    hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, "JSON");
    hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    hardcodedJsonClaimMapperConfig.put(HardcodedClaim.CLAIM_VALUE, "{\"" + HARDOCDED_CLAIM + "\": \"" + HARDOCDED_VALUE + "\"}");
    client.setProtocolMappers(Arrays.asList(emailMapper, userAttrMapper, userAttrMapper2, nestedAttrMapper, dottedAttrMapper, hardcodedJsonClaim));
    return Collections.singletonList(client);
}
Also used : ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)

Example 59 with ProtocolMapperRepresentation

use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.

the class KcOidcBrokerSubMatchIntrospectionTest method getBrokerConfiguration.

@Override
protected BrokerConfiguration getBrokerConfiguration() {
    return new KcOidcBrokerConfiguration() {

        @Override
        public List<ClientRepresentation> createConsumerClients() {
            List<ClientRepresentation> clients = new ArrayList<>(super.createConsumerClients());
            clients.add(ClientBuilder.create().clientId("consumer-client").publicClient().redirectUris(getConsumerRoot() + "/auth/realms/master/app/auth/*").publicClient().build());
            return clients;
        }

        @Override
        public List<ClientRepresentation> createProviderClients() {
            List<ClientRepresentation> clients = super.createProviderClients();
            List<ProtocolMapperRepresentation> mappers = new ArrayList<>();
            ProtocolMapperRepresentation hardcodedClaim = createHardcodedClaim("sub-override", "sub", "overriden", "String", false, false);
            hardcodedClaim.getConfig().put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, Boolean.TRUE.toString());
            mappers.add(hardcodedClaim);
            clients.get(0).setProtocolMappers(mappers);
            return clients;
        }
    };
}
Also used : ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ArrayList(java.util.ArrayList) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)

Example 60 with ProtocolMapperRepresentation

use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.

the class KcOidcBrokerTest method testInvalidIssuedFor.

@Test
public void testInvalidIssuedFor() {
    loginUser();
    logoutFromRealm(getProviderRoot(), bc.providerRealmName());
    logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
    log.debug("Clicking social " + bc.getIDPAlias());
    loginPage.clickSocial(bc.getIDPAlias());
    waitForPage(driver, "sign in to", true);
    RealmResource realm = adminClient.realm(bc.providerRealmName());
    ClientRepresentation rep = realm.clients().findByClientId(BrokerTestConstants.CLIENT_ID).get(0);
    ClientResource clientResource = realm.clients().get(rep.getId());
    ProtocolMapperRepresentation hardCodedAzp = createHardcodedClaim("hard", "azp", "invalid-azp", ProviderConfigProperty.STRING_TYPE, true, true);
    clientResource.getProtocolMappers().createMapper(hardCodedAzp);
    log.debug("Logging in");
    loginPage.login(bc.getUserLogin(), bc.getUserPassword());
    errorPage.assertCurrent();
}
Also used : RealmResource(org.keycloak.admin.client.resource.RealmResource) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) ClientResource(org.keycloak.admin.client.resource.ClientResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Test(org.junit.Test)

Aggregations

ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)107 Test (org.junit.Test)68 HashMap (java.util.HashMap)30 Response (javax.ws.rs.core.Response)30 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27 Map (java.util.Map)23 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)20 ClientResource (org.keycloak.admin.client.resource.ClientResource)19 OAuthClient (org.keycloak.testsuite.util.OAuthClient)17 RealmResource (org.keycloak.admin.client.resource.RealmResource)14 List (java.util.List)13 ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)12 IDToken (org.keycloak.representations.IDToken)12 Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)11 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)11 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)10 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)8 ArrayList (java.util.ArrayList)7 LinkedList (java.util.LinkedList)7 AccessToken (org.keycloak.representations.AccessToken)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial