Search in sources :

Example 1 with RealmEventsConfigRepresentation

use of org.keycloak.representations.idm.RealmEventsConfigRepresentation in project keycloak by keycloak.

the class GenericPolicyManagementAdminEventTest method afterAbstractKeycloakTestRealmImport.

@Override
protected void afterAbstractKeycloakTestRealmImport() {
    super.afterAbstractKeycloakTestRealmImport();
    RealmEventsConfigRepresentation rep = new RealmEventsConfigRepresentation();
    rep.setAdminEventsEnabled(true);
    rep.setEventsEnabled(true);
    testRealmResource().updateRealmEventsConfig(rep);
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation)

Example 2 with RealmEventsConfigRepresentation

use of org.keycloak.representations.idm.RealmEventsConfigRepresentation in project keycloak by keycloak.

the class EntitlementAPITest method testInvalidTokenSignature.

@Test
public void testInvalidTokenSignature() throws Exception {
    RealmEventsConfigRepresentation eventConfig = getRealm().getRealmEventsConfig();
    eventConfig.setEventsEnabled(true);
    eventConfig.setEnabledEventTypes(Arrays.asList(EventType.PERMISSION_TOKEN_ERROR.name()));
    getRealm().updateRealmEventsConfig(eventConfig);
    ClientResource client = getClient(getRealm(), RESOURCE_SERVER_TEST);
    AuthorizationResource authorization = client.authorization();
    JSPolicyRepresentation policy = new JSPolicyRepresentation();
    policy.setName(KeycloakModelUtils.generateId());
    policy.setCode("$evaluation.grant();");
    authorization.policies().js().create(policy).close();
    ResourceRepresentation resource = new ResourceRepresentation();
    resource.setName("Sensors");
    try (Response response = authorization.resources().create(resource)) {
        response.readEntity(ResourceRepresentation.class);
    }
    ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
    permission.setName("View Sensor");
    permission.addPolicy(policy.getName());
    authorization.permissions().resource().create(permission).close();
    String accessToken = new OAuthClient().realm("authz-test").clientId(RESOURCE_SERVER_TEST).doGrantAccessTokenRequest("secret", "marta", "password").getAccessToken();
    AuthzClient authzClient = getAuthzClient(AUTHZ_CLIENT_CONFIG);
    AuthorizationRequest request = new AuthorizationRequest();
    request.addPermission("Sensors");
    request.setSubjectToken(accessToken + "i");
    try {
        authzClient.authorization().authorize(request);
        fail("should fail, session invalidated");
    } catch (Exception e) {
        Throwable expected = e.getCause();
        assertEquals(400, HttpResponseException.class.cast(expected).getStatusCode());
        assertTrue(HttpResponseException.class.cast(expected).toString().contains("unauthorized_client"));
    }
    List<EventRepresentation> events = getRealm().getEvents(Arrays.asList(EventType.PERMISSION_TOKEN_ERROR.name()), null, null, null, null, null, null, null);
    assertEquals(1, events.size());
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) OAuthClient(org.keycloak.testsuite.util.OAuthClient) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) HttpResponseException(org.keycloak.authorization.client.util.HttpResponseException) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) HttpResponseException(org.keycloak.authorization.client.util.HttpResponseException) AuthorizationDeniedException(org.keycloak.authorization.client.AuthorizationDeniedException) ExpectedException(org.junit.rules.ExpectedException) IOException(java.io.IOException) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) AccessTokenResponse(org.keycloak.representations.AccessTokenResponse) Response(javax.ws.rs.core.Response) TokenIntrospectionResponse(org.keycloak.authorization.client.representation.TokenIntrospectionResponse) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) PermissionResponse(org.keycloak.representations.idm.authorization.PermissionResponse) AuthzClient(org.keycloak.authorization.client.AuthzClient) ClientResource(org.keycloak.admin.client.resource.ClientResource) Test(org.junit.Test)

Example 3 with RealmEventsConfigRepresentation

use of org.keycloak.representations.idm.RealmEventsConfigRepresentation in project keycloak by keycloak.

the class RealmTest method copyRealmEventsConfigRepresentation.

private RealmEventsConfigRepresentation copyRealmEventsConfigRepresentation(RealmEventsConfigRepresentation rep) {
    RealmEventsConfigRepresentation recr = new RealmEventsConfigRepresentation();
    recr.setEnabledEventTypes(rep.getEnabledEventTypes());
    recr.setEventsListeners(rep.getEventsListeners());
    recr.setEventsExpiration(rep.getEventsExpiration());
    recr.setEventsEnabled(rep.isEventsEnabled());
    recr.setAdminEventsEnabled(rep.isAdminEventsEnabled());
    recr.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled());
    return recr;
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation)

Example 4 with RealmEventsConfigRepresentation

use of org.keycloak.representations.idm.RealmEventsConfigRepresentation in project keycloak by keycloak.

the class RealmAdminResource method getRealmEventsConfig.

/**
 * Get the events provider configuration
 *
 * Returns JSON object with events provider configuration
 *
 * @return
 */
@GET
@NoCache
@Path("events/config")
@Produces(MediaType.APPLICATION_JSON)
public RealmEventsConfigRepresentation getRealmEventsConfig() {
    auth.realm().requireViewEvents();
    RealmEventsConfigRepresentation config = ModelToRepresentation.toEventsConfigReprensetation(realm);
    if (config.getEnabledEventTypes() == null || config.getEnabledEventTypes().isEmpty()) {
        List<String> eventTypes = Arrays.stream(EventType.values()).filter(EventType::isSaveByDefault).map(EventType::name).collect(Collectors.toList());
        config.setEnabledEventTypes(eventTypes);
    }
    return config;
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation) EventType(org.keycloak.events.EventType) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 5 with RealmEventsConfigRepresentation

use of org.keycloak.representations.idm.RealmEventsConfigRepresentation in project keycloak by keycloak.

the class RealmTest method updateRealmEventsConfig.

@Test
public void updateRealmEventsConfig() {
    RealmEventsConfigRepresentation rep = realm.getRealmEventsConfig();
    RealmEventsConfigRepresentation repOrig = copyRealmEventsConfigRepresentation(rep);
    // the "event-queue" listener should be enabled by default
    assertTrue("event-queue should be enabled initially", rep.getEventsListeners().contains(TestEventsListenerProviderFactory.PROVIDER_ID));
    // first modification => remove "event-queue", should be sent to the queue
    rep.setEnabledEventTypes(Arrays.asList(EventType.LOGIN.name(), EventType.LOGIN_ERROR.name()));
    rep.setEventsListeners(Arrays.asList(JBossLoggingEventListenerProviderFactory.ID));
    rep.setEventsExpiration(36000L);
    rep.setEventsEnabled(true);
    rep.setAdminEventsEnabled(true);
    rep.setAdminEventsDetailsEnabled(true);
    adminClient.realms().realm(REALM_NAME).updateRealmEventsConfig(rep);
    assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, "events/config", rep, ResourceType.REALM);
    RealmEventsConfigRepresentation actual = realm.getRealmEventsConfig();
    checkRealmEventsConfigRepresentation(rep, actual);
    // second modification => should not be sent cos event-queue was removed in the first mod
    rep.setEnabledEventTypes(Arrays.asList(EventType.LOGIN.name(), EventType.LOGIN_ERROR.name(), EventType.CLIENT_LOGIN.name()));
    adminClient.realms().realm(REALM_NAME).updateRealmEventsConfig(rep);
    assertAdminEvents.assertEmpty();
    actual = realm.getRealmEventsConfig();
    checkRealmEventsConfigRepresentation(rep, actual);
    // third modification => restore queue => should be sent and recovered
    adminClient.realms().realm(REALM_NAME).updateRealmEventsConfig(repOrig);
    assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, "events/config", repOrig, ResourceType.REALM);
    actual = realm.getRealmEventsConfig();
    checkRealmEventsConfigRepresentation(repOrig, actual);
}
Also used : RealmEventsConfigRepresentation(org.keycloak.representations.idm.RealmEventsConfigRepresentation) AbstractAdminTest(org.keycloak.testsuite.admin.AbstractAdminTest) Test(org.junit.Test)

Aggregations

RealmEventsConfigRepresentation (org.keycloak.representations.idm.RealmEventsConfigRepresentation)5 Test (org.junit.Test)2 IOException (java.io.IOException)1 GET (javax.ws.rs.GET)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1 Response (javax.ws.rs.core.Response)1 NoCache (org.jboss.resteasy.annotations.cache.NoCache)1 ExpectedException (org.junit.rules.ExpectedException)1 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)1 ClientResource (org.keycloak.admin.client.resource.ClientResource)1 AuthorizationDeniedException (org.keycloak.authorization.client.AuthorizationDeniedException)1 AuthzClient (org.keycloak.authorization.client.AuthzClient)1 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)1 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)1 EventType (org.keycloak.events.EventType)1 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)1 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)1 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)1 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)1