use of org.keycloak.representations.idm.authorization.AuthorizationResponse in project keycloak by keycloak.
the class AuthorizationAPITest method testAccessTokenWithUmaAuthorization.
public void testAccessTokenWithUmaAuthorization(String authzConfigFile) {
AuthzClient authzClient = getAuthzClient(authzConfigFile);
PermissionRequest request = new PermissionRequest("Resource A");
String ticket = authzClient.protection().permission().create(request).getTicket();
AuthorizationResponse response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
assertNotNull(response.getToken());
}
use of org.keycloak.representations.idm.authorization.AuthorizationResponse in project keycloak by keycloak.
the class AuthzClientCredentialsTest method testNoRefreshToken.
@Test
public void testNoRefreshToken() throws Exception {
ClientsResource clients = getAdminClient().realm("authz-test-no-rt").clients();
AuthzClient authzClient = getAuthzClient("default-session-keycloak-no-rt.json");
org.keycloak.authorization.client.resource.AuthorizationResource authorization = authzClient.authorization();
AuthorizationResponse response = authorization.authorize();
AccessToken accessToken = toAccessToken(response.getToken());
assertEquals(1, accessToken.getAuthorization().getPermissions().size());
assertEquals("Default Resource", accessToken.getAuthorization().getPermissions().iterator().next().getResourceName());
ProtectionResource protection = authzClient.protection();
assertEquals(1, protection.resource().findAll().length);
try {
// force token expiration on the client side
Time.setOffset(1000);
// should refresh tokens by doing client credentials again
assertEquals(1, protection.resource().findAll().length);
} finally {
Time.setOffset(0);
}
}
use of org.keycloak.representations.idm.authorization.AuthorizationResponse in project keycloak by keycloak.
the class AuthzClientCredentialsTest method testSingleSessionPerUser.
@Test
public void testSingleSessionPerUser() throws Exception {
ClientsResource clients = getAdminClient().realm("authz-test-session").clients();
ClientRepresentation clientRepresentation = clients.findByClientId("resource-server-test").get(0);
List<UserSessionRepresentation> userSessions = clients.get(clientRepresentation.getId()).getUserSessions(-1, -1);
assertEquals(0, userSessions.size());
AuthzClient authzClient = getAuthzClient("default-session-keycloak.json");
org.keycloak.authorization.client.resource.AuthorizationResource authorization = authzClient.authorization("marta", "password");
AuthorizationResponse response = authorization.authorize();
AccessToken accessToken = toAccessToken(response.getToken());
String sessionState = accessToken.getSessionState();
assertEquals(1, accessToken.getAuthorization().getPermissions().size());
assertEquals("Default Resource", accessToken.getAuthorization().getPermissions().iterator().next().getResourceName());
userSessions = clients.get(clientRepresentation.getId()).getUserSessions(null, null);
assertEquals(1, userSessions.size());
for (int i = 0; i < 3; i++) {
response = authorization.authorize();
accessToken = toAccessToken(response.getToken());
assertEquals(sessionState, accessToken.getSessionState());
Thread.sleep(1000);
}
userSessions = clients.get(clientRepresentation.getId()).getUserSessions(null, null);
assertEquals(1, userSessions.size());
}
use of org.keycloak.representations.idm.authorization.AuthorizationResponse in project keycloak by keycloak.
the class AuthzClientCredentialsTest method testSuccessfulAuthorizationRequest.
@Test
public void testSuccessfulAuthorizationRequest() throws Exception {
AuthzClient authzClient = getAuthzClient("keycloak-with-jwt-authentication.json");
ProtectionResource protection = authzClient.protection();
PermissionRequest request = new PermissionRequest("Default Resource");
PermissionResponse ticketResponse = protection.permission().create(request);
String ticket = ticketResponse.getTicket();
AuthorizationResponse authorizationResponse = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
String rpt = authorizationResponse.getToken();
assertNotNull(rpt);
AccessToken accessToken = new JWSInput(rpt).readJsonContent(AccessToken.class);
AccessToken.Authorization authorization = accessToken.getAuthorization();
assertNotNull(authorization);
List<Permission> permissions = new ArrayList<>(authorization.getPermissions());
assertFalse(permissions.isEmpty());
assertEquals("Default Resource", permissions.get(0).getResourceName());
}
Aggregations