Examples with ClientPolicyRepresentation org.keycloak.representations.idm.authorization.ClientPolicyRepresentation used on opensource projects

Example 6 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPolicyManagementTest method assertRepresentation.

private void assertRepresentation(ClientPolicyRepresentation representation, ClientPolicyResource permission) {
    ClientPolicyRepresentation actual = permission.toRepresentation();
    assertRepresentation(representation, actual, () -> permission.resources(), () -> Collections.emptyList(), () -> permission.associatedPolicies());
    assertEquals(representation.getClients().size(), actual.getClients().size());
    assertEquals(0, actual.getClients().stream().filter(clientId -> !representation.getClients().stream().filter(userName -> getClientName(clientId).equalsIgnoreCase(userName)).findFirst().isPresent()).count());
}

Example 7 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPolicyManagementTest method testCreate.

@Test
public void testCreate() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Realm Client Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addClient("Client A");
    representation.addClient("Client B");
    assertCreated(authorization, representation);
}

Example 8 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPolicyManagementTest method assertCreated.

private void assertCreated(AuthorizationResource authorization, ClientPolicyRepresentation representation) {
    ClientPoliciesResource permissions = authorization.policies().client();
    try (Response response = permissions.create(representation)) {
        ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
        ClientPolicyResource permission = permissions.findById(created.getId());
        assertRepresentation(representation, permission);
    }
}

Example 9 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.

the class ClientPolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
    representation.setName("Update Test Client Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.addClient("Client A");
    representation.addClient("Client B");
    representation.addClient("Client C");
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client A")).collect(Collectors.toSet()));
    ClientPoliciesResource policies = authorization.policies().client();
    ClientPolicyResource permission = policies.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
    representation.setClients(representation.getClients().stream().filter(userName -> !userName.equals("Client C")).collect(Collectors.toSet()));
    permission.update(representation);
    assertRepresentation(representation, permission);
}

Example 10 with ClientPolicyRepresentation

use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.

the class FineGrainAdminUnitTest method setupTokenExchange.

private static void setupTokenExchange(KeycloakSession session) {
    RealmModel realm = session.realms().getRealmByName("master");
    ClientModel client = session.clients().getClientByClientId(realm, "tokenexclient");
    if (client != null) {
        return;
    }
    ClientModel tokenexclient = realm.addClient("tokenexclient");
    tokenexclient.setEnabled(true);
    tokenexclient.addRedirectUri("http://localhost:*");
    tokenexclient.setPublicClient(false);
    tokenexclient.setSecret("password");
    tokenexclient.setDirectAccessGrantsEnabled(true);
    // permission for client to client exchange to "target" client
    ClientModel adminCli = realm.getClientByClientId(ConfigUtil.DEFAULT_CLIENT);
    AdminPermissionManagement management = AdminPermissions.management(session, realm);
    management.clients().setPermissionsEnabled(adminCli, true);
    ClientPolicyRepresentation clientRep = new ClientPolicyRepresentation();
    clientRep.setName("to");
    clientRep.addClient(tokenexclient.getId());
    ResourceServer server = management.realmResourceServer();
    Policy clientPolicy = management.authz().getStoreFactory().getPolicyStore().create(clientRep, server);
    management.clients().exchangeToPermission(adminCli).addAssociatedPolicy(clientPolicy);
}