Example 66 with ProtocolMapperRepresentation
use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.
the class OIDCPairwiseClientRegistrationTest method updateToPairwiseThroughAdminRESTFailure.
@Test
public void updateToPairwiseThroughAdminRESTFailure() throws Exception {
OIDCClientRepresentation response = create();
Assert.assertEquals("public", response.getSubjectType());
Assert.assertNull(response.getSectorIdentifierUri());
// Push empty list to the sector identifier URI
TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
oidcClientEndpointsResource.setSectorIdentifierRedirectUris(new ArrayList<>());
String sectorIdentifierUri = TestApplicationResourceUrls.pairwiseSectorIdentifierUri();
// Add protocolMapper through admin REST endpoint
String clientId = response.getClientId();
ProtocolMapperRepresentation pairwiseProtMapper = SHA256PairwiseSubMapper.createPairwiseMapper(sectorIdentifierUri, null);
RealmResource realmResource = realmsResouce().realm("test");
ClientResource clientResource = ApiUtil.findClientByClientId(realmsResouce().realm("test"), clientId);
Response resp = clientResource.getProtocolMappers().createMapper(pairwiseProtMapper);
Assert.assertEquals(400, resp.getStatus());
// Assert still public
reg.auth(Auth.token(response));
OIDCClientRepresentation rep = reg.oidc().get(response.getClientId());
Assert.assertEquals("public", rep.getSubjectType());
Assert.assertNull(rep.getSectorIdentifierUri());
}
Also used :
Response(javax.ws.rs.core.Response)
TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)
OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
Test(org.junit.Test)
Example 67 with ProtocolMapperRepresentation
use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.
the class SAMLClientRegistrationTest method createClient.
@Test
public void createClient() throws ClientRegistrationException, IOException {
String entityDescriptor = IOUtils.toString(getClass().getResourceAsStream("/clientreg-test/saml-entity-descriptor.xml"));
ClientRepresentation response = reg.saml().create(entityDescriptor);
assertThat(response.getRegistrationAccessToken(), notNullValue());
assertThat(response.getClientId(), is("loadbalancer-9.siroe.com"));
assertThat(response.getRedirectUris(), containsInAnyOrder("https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp/post", "https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp/soap", "https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp/paos", "https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp/redirect", "https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp/artifact"));
assertThat(response.getAttributes().get("saml_single_logout_service_url_redirect"), is("https://LoadBalancer-9.siroe.com:3443/federation/SPSloRedirect/metaAlias/sp"));
assertThat(response.getAttributes().get(SamlConfigAttributes.SAML_ARTIFACT_BINDING_IDENTIFIER), is(ArtifactBindingUtils.computeArtifactBindingIdentifierString("loadbalancer-9.siroe.com")));
Assert.assertNotNull(response.getProtocolMappers());
Assert.assertEquals(1, response.getProtocolMappers().size());
ProtocolMapperRepresentation mapper = response.getProtocolMappers().get(0);
Assert.assertEquals("saml-user-attribute-mapper", mapper.getProtocolMapper());
Assert.assertEquals("urn:oid:2.5.4.42", mapper.getConfig().get(AttributeStatementHelper.SAML_ATTRIBUTE_NAME));
Assert.assertEquals("givenName", mapper.getConfig().get(AttributeStatementHelper.FRIENDLY_NAME));
Assert.assertEquals(AttributeStatementHelper.URI_REFERENCE, mapper.getConfig().get(AttributeStatementHelper.SAML_ATTRIBUTE_NAMEFORMAT));
}
Also used :
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 68 with ProtocolMapperRepresentation
use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.
the class ClientRegistrationTest method addProtocolMapper.
private void addProtocolMapper(ClientRepresentation client, String mapperName) {
ProtocolMapperRepresentation mapper = new ProtocolMapperRepresentation();
mapper.setName(mapperName);
mapper.setProtocol("openid-connect");
mapper.setProtocolMapper("oidc-usermodel-attribute-mapper");
mapper.getConfig().put("userinfo.token.claim", "true");
mapper.getConfig().put("user.attribute", "someAttribute");
mapper.getConfig().put("id.token.claim", "true");
mapper.getConfig().put("access.token.claim", "true");
mapper.getConfig().put("claim.name", "someClaimName");
mapper.getConfig().put("jsonType.label", "long");
client.setProtocolMappers(new ArrayList<>());
client.getProtocolMappers().add(mapper);
}
Also used :
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
Example 69 with ProtocolMapperRepresentation
use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.
the class SHA256PairwiseSubMapper method createPairwiseMapper.
public static ProtocolMapperRepresentation createPairwiseMapper(String sectorIdentifierUri, String salt) {
Map<String, String> config;
ProtocolMapperRepresentation pairwise = new ProtocolMapperRepresentation();
pairwise.setName("pairwise subject identifier");
pairwise.setProtocolMapper(new SHA256PairwiseSubMapper().getId());
pairwise.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
config = new HashMap<>();
config.put(PairwiseSubMapperHelper.SECTOR_IDENTIFIER_URI, sectorIdentifierUri);
if (salt == null) {
salt = KeycloakModelUtils.generateId();
}
config.put(PairwiseSubMapperHelper.PAIRWISE_SUB_ALGORITHM_SALT, salt);
pairwise.setConfig(config);
return pairwise;
}
Also used :
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
Example 70 with ProtocolMapperRepresentation
use of org.keycloak.representations.idm.ProtocolMapperRepresentation in project keycloak by keycloak.
the class ClientTest method protocolMappersTest.
public void protocolMappersTest(String clientDbId, ProtocolMappersResource mappersResource) {
// assert default mappers found
List<ProtocolMapperRepresentation> protocolMappers = mappersResource.getMappers();
String emailMapperId = null;
String usernameMapperId = null;
String fooMapperId = null;
for (ProtocolMapperRepresentation mapper : protocolMappers) {
if (mapper.getName().equals(OIDCLoginProtocolFactory.EMAIL)) {
emailMapperId = mapper.getId();
} else if (mapper.getName().equals(OIDCLoginProtocolFactory.USERNAME)) {
usernameMapperId = mapper.getId();
} else if (mapper.getName().equals("foo")) {
fooMapperId = mapper.getId();
}
}
// Builtin mappers are not here
assertNull(emailMapperId);
assertNull(usernameMapperId);
assertNull(fooMapperId);
// Create foo mapper
ProtocolMapperRepresentation fooMapper = new ProtocolMapperRepresentation();
fooMapper.setName("foo");
fooMapper.setProtocol("openid-connect");
fooMapper.setProtocolMapper("oidc-hardcoded-claim-mapper");
Response response = mappersResource.createMapper(fooMapper);
String location = response.getLocation().toString();
fooMapperId = location.substring(location.lastIndexOf("/") + 1);
response.close();
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientProtocolMapperPath(clientDbId, fooMapperId), fooMapper, ResourceType.PROTOCOL_MAPPER);
fooMapper = mappersResource.getMapperById(fooMapperId);
assertEquals(fooMapper.getName(), "foo");
// Update foo mapper
mappersResource.update(fooMapperId, fooMapper);
assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.clientProtocolMapperPath(clientDbId, fooMapperId), fooMapper, ResourceType.PROTOCOL_MAPPER);
fooMapper = mappersResource.getMapperById(fooMapperId);
// Remove foo mapper
mappersResource.delete(fooMapperId);
assertAdminEvents.assertEvent(realmId, OperationType.DELETE, AdminEventPaths.clientProtocolMapperPath(clientDbId, fooMapperId), ResourceType.PROTOCOL_MAPPER);
try {
mappersResource.getMapperById(fooMapperId);
fail("Not expected to find deleted mapper");
} catch (NotFoundException nfe) {
}
}
Also used :
AccessTokenResponse(org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse)
Response(javax.ws.rs.core.Response)
ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation)
NotFoundException(javax.ws.rs.NotFoundException)
Aggregations
ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)107
Test (org.junit.Test)68
HashMap (java.util.HashMap)30
Response (javax.ws.rs.core.Response)30
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)27
Map (java.util.Map)23
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)20
ClientResource (org.keycloak.admin.client.resource.ClientResource)19
OAuthClient (org.keycloak.testsuite.util.OAuthClient)17
RealmResource (org.keycloak.admin.client.resource.RealmResource)14
List (java.util.List)13
ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)12
IDToken (org.keycloak.representations.IDToken)12
Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)11
ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)11
AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)10
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)8
ArrayList (java.util.ArrayList)7
LinkedList (java.util.LinkedList)7
AccessToken (org.keycloak.representations.AccessToken)7
