Example 21 with ClientPolicyRepresentation
use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.
the class ClientPolicyManagementTest method testDeleteClient.
@Test
public void testDeleteClient() {
AuthorizationResource authorization = getClient().authorization();
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName("Update Test Client Policy");
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.addClient("Client D");
representation.addClient("Client E");
representation.addClient("Client F");
assertCreated(authorization, representation);
ClientsResource clients = getRealm().clients();
ClientRepresentation client = clients.findByClientId("Client D").get(0);
clients.get(client.getId()).remove();
representation = authorization.policies().client().findById(representation.getId()).toRepresentation();
Assert.assertEquals(2, representation.getClients().size());
Assert.assertFalse(representation.getClients().contains(client.getId()));
client = clients.findByClientId("Client E").get(0);
clients.get(client.getId()).remove();
representation = authorization.policies().client().findById(representation.getId()).toRepresentation();
Assert.assertEquals(1, representation.getClients().size());
Assert.assertFalse(representation.getClients().contains(client.getId()));
client = clients.findByClientId("Client F").get(0);
clients.get(client.getId()).remove();
try {
authorization.policies().client().findById(representation.getId()).toRepresentation();
fail("Client policy should be removed");
} catch (NotFoundException nfe) {
// ignore
}
}
Also used :
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
NotFoundException(javax.ws.rs.NotFoundException)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Example 22 with ClientPolicyRepresentation
use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.
the class ClientPolicyManagementTest method testDelete.
@Test
public void testDelete() {
AuthorizationResource authorization = getClient().authorization();
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName("Test Delete Permission");
representation.addClient("Client A");
ClientPoliciesResource policies = authorization.policies().client();
try (Response response = policies.create(representation)) {
ClientPolicyRepresentation created = response.readEntity(ClientPolicyRepresentation.class);
policies.findById(created.getId()).remove();
ClientPolicyResource removed = policies.findById(created.getId());
try {
removed.toRepresentation();
fail("Permission not removed");
} catch (NotFoundException ignore) {
}
}
}
Also used :
Response(javax.ws.rs.core.Response)
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource)
ClientPolicyResource(org.keycloak.admin.client.resource.ClientPolicyResource)
NotFoundException(javax.ws.rs.NotFoundException)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
Test(org.junit.Test)
Example 23 with ClientPolicyRepresentation
use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.
the class ClientPolicyForm method toRepresentation.
public ClientPolicyRepresentation toRepresentation() {
ClientPolicyRepresentation representation = new ClientPolicyRepresentation();
representation.setName(UIUtils.getTextInputValue(name));
representation.setDescription(UIUtils.getTextInputValue(description));
representation.setLogic(Logic.valueOf(UIUtils.getTextFromElement(logic.getFirstSelectedOption()).toUpperCase()));
representation.setClients(clientsInput.getSelected());
return representation;
}
Also used :
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
Example 24 with ClientPolicyRepresentation
use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.
the class Policies method update.
public void update(String name, AbstractPolicyRepresentation representation) {
for (WebElement row : policies().rows()) {
PolicyRepresentation actual = policies().toRepresentation(row);
if (actual.getName().equalsIgnoreCase(name)) {
clickLink(row.findElements(tagName("a")).get(0));
String type = representation.getType();
if ("role".equals(type)) {
rolePolicy.form().populate((RolePolicyRepresentation) representation, true);
} else if ("user".equals(type)) {
userPolicy.form().populate((UserPolicyRepresentation) representation, true);
} else if ("aggregate".equals(type)) {
aggregatePolicy.form().populate((AggregatePolicyRepresentation) representation, true);
} else if ("js".equals(type)) {
jsPolicy.form().populate((JSPolicyRepresentation) representation, true);
} else if ("time".equals(type)) {
timePolicy.form().populate((TimePolicyRepresentation) representation, true);
} else if ("client".equals(type)) {
clientPolicy.form().populate((ClientPolicyRepresentation) representation, true);
} else if ("group".equals(type)) {
groupPolicy.form().populate((GroupPolicyRepresentation) representation, true);
}
return;
}
}
}
Also used :
RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation)
AbstractPolicyRepresentation(org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation)
GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)
TimePolicyRepresentation(org.keycloak.representations.idm.authorization.TimePolicyRepresentation)
PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation)
UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation)
AggregatePolicyRepresentation(org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation)
JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation)
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation)
JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation)
WebElement(org.openqa.selenium.WebElement)
Example 25 with ClientPolicyRepresentation
use of org.keycloak.representations.idm.authorization.ClientPolicyRepresentation in project keycloak by keycloak.
the class AbstractServletAuthzAdapterTest method testOnlySpecificClient.
@Test
public void testOnlySpecificClient() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
assertWasNotDenied();
ClientPolicyRepresentation policy = new ClientPolicyRepresentation();
policy.setName("Only Client Policy");
policy.addClient("admin-cli");
ClientPoliciesResource policyResource = getAuthorizationResource().policies().client();
Response response = policyResource.create(policy);
response.close();
policy = policyResource.findByName(policy.getName());
updatePermissionPolicies("Protected Resource Permission", policy.getName());
login("jdoe", "jdoe");
assertWasDenied();
policy.addClient("servlet-authz-app");
policyResource.findById(policy.getId()).update(policy);
login("jdoe", "jdoe");
assertWasNotDenied();
});
}
Also used :
Response(javax.ws.rs.core.Response)
ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)
ClientPoliciesResource(org.keycloak.admin.client.resource.ClientPoliciesResource)
Test(org.junit.Test)
Aggregations
ClientPolicyRepresentation (org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)29
Policy (org.keycloak.authorization.model.Policy)12
Test (org.junit.Test)10
RealmModel (org.keycloak.models.RealmModel)10
ResourceServer (org.keycloak.authorization.model.ResourceServer)9
ClientModel (org.keycloak.models.ClientModel)9
AdminPermissionManagement (org.keycloak.services.resources.admin.permissions.AdminPermissionManagement)7
AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)5
ClientPoliciesResource (org.keycloak.admin.client.resource.ClientPoliciesResource)5
RoleModel (org.keycloak.models.RoleModel)5
Response (javax.ws.rs.core.Response)4
ClientPolicyResource (org.keycloak.admin.client.resource.ClientPolicyResource)4
UserModel (org.keycloak.models.UserModel)4
GroupPolicyRepresentation (org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)4
JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)4
RolePolicyRepresentation (org.keycloak.representations.idm.authorization.RolePolicyRepresentation)4
UserPolicyRepresentation (org.keycloak.representations.idm.authorization.UserPolicyRepresentation)4
AbstractPolicyRepresentation (org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation)3
PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)3
HashSet (java.util.HashSet)2
