Examples with PermissionRequest org.keycloak.representations.idm.authorization.PermissionRequest used on opensource projects

Search in sources :

Example 6 with PermissionRequest

use of org.keycloak.representations.idm.authorization.PermissionRequest in project keycloak by keycloak.

the class RolePolicyTest method testUserWithExpectedRole.

@Test
public void testUserWithExpectedRole() {
    AuthzClient authzClient = getAuthzClient();
    PermissionRequest request = new PermissionRequest("Resource A");
    String ticket = authzClient.protection().permission().create(request).getTicket();
    AuthorizationResponse response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
    assertNotNull(response.getToken());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) AuthzClient(org.keycloak.authorization.client.AuthzClient) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) Test(org.junit.Test)

Example 7 with PermissionRequest

use of org.keycloak.representations.idm.authorization.PermissionRequest in project keycloak by keycloak.

the class UmaGrantTypeTest method testRefreshRpt.

@Test
public void testRefreshRpt() {
    AccessTokenResponse accessTokenResponse = getAuthzClient().obtainAccessToken("marta", "password");
    AuthorizationResponse response = authorize(null, null, null, null, accessTokenResponse.getToken(), null, null, new PermissionRequest("Resource A", "ScopeA", "ScopeB"));
    String rpt = response.getToken();
    assertNotNull(rpt);
    AccessToken accessToken = toAccessToken(rpt);
    AccessToken.Authorization authorization = accessToken.getAuthorization();
    assertNotNull(authorization);
    Collection<Permission> permissions = authorization.getPermissions();
    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());
    String refreshToken = response.getRefreshToken();
    assertNotNull(refreshToken);
    AccessToken refreshTokenToken = toAccessToken(refreshToken);
    assertNotNull(refreshTokenToken.getAuthorization());
    Client client = AdminClientUtil.createResteasyClient();
    UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
    URI uri = OIDCLoginProtocolService.tokenUrl(builder).build(REALM_NAME);
    WebTarget target = client.target(uri);
    Form parameters = new Form();
    parameters.param("grant_type", OAuth2Constants.REFRESH_TOKEN);
    parameters.param(OAuth2Constants.REFRESH_TOKEN, refreshToken);
    AccessTokenResponse refreshTokenResponse = target.request().header(HttpHeaders.AUTHORIZATION, BasicAuthHelper.createHeader("resource-server-test", "secret")).post(Entity.form(parameters)).readEntity(AccessTokenResponse.class);
    assertNotNull(refreshTokenResponse.getToken());
    refreshToken = refreshTokenResponse.getRefreshToken();
    refreshTokenToken = toAccessToken(refreshToken);
    assertNotNull(refreshTokenToken.getAuthorization());
    AccessToken refreshedToken = toAccessToken(rpt);
    authorization = refreshedToken.getAuthorization();
    assertNotNull(authorization);
    permissions = authorization.getPermissions();
    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());
    refreshTokenResponse = target.request().header(HttpHeaders.AUTHORIZATION, BasicAuthHelper.createHeader("resource-server-test", "secret")).post(Entity.form(parameters)).readEntity(AccessTokenResponse.class);
    assertNotNull(refreshTokenResponse.getToken());
    refreshToken = refreshTokenResponse.getRefreshToken();
    refreshTokenToken = toAccessToken(refreshToken);
    assertNotNull(refreshTokenToken.getAuthorization());
    refreshedToken = toAccessToken(rpt);
    authorization = refreshedToken.getAuthorization();
    assertNotNull(authorization);
    permissions = authorization.getPermissions();
    assertNotNull(permissions);
    assertPermissions(permissions, "Resource A", "ScopeA", "ScopeB");
    assertTrue(permissions.isEmpty());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) Form(javax.ws.rs.core.Form) URI(java.net.URI) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) AccessToken(org.keycloak.representations.AccessToken) Permission(org.keycloak.representations.idm.authorization.Permission) WebTarget(javax.ws.rs.client.WebTarget) AuthzClient(org.keycloak.authorization.client.AuthzClient) OAuthClient(org.keycloak.testsuite.util.OAuthClient) Client(javax.ws.rs.client.Client) UriBuilder(javax.ws.rs.core.UriBuilder) AccessTokenResponse(org.keycloak.representations.AccessTokenResponse) Test(org.junit.Test)

Example 8 with PermissionRequest

use of org.keycloak.representations.idm.authorization.PermissionRequest in project keycloak by keycloak.

the class UmaGrantTypeTest method testObtainRptWithOwnerManagedResource.

@Test
public void testObtainRptWithOwnerManagedResource() throws Exception {
    ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
    ResourceRepresentation resourceA = addResource("Resource Marta", "marta", true, "ScopeA", "ScopeB", "ScopeC");
    permission.setName(resourceA.getName() + " Permission");
    permission.addResource(resourceA.getId());
    permission.addPolicy("Default Policy");
    getClient(getRealm()).authorization().permissions().resource().create(permission).close();
    ResourceRepresentation resourceB = addResource("Resource B", "marta", "ScopeA", "ScopeB", "ScopeC");
    permission.setName(resourceB.getName() + " Permission");
    permission.addResource(resourceB.getId());
    permission.addPolicy("Default Policy");
    getClient(getRealm()).authorization().permissions().resource().create(permission).close();
    AuthorizationResponse response = authorize("marta", "password", new PermissionRequest(resourceA.getName(), "ScopeA", "ScopeB"), new PermissionRequest(resourceB.getName(), "ScopeC"));
    String rpt = response.getToken();
    AccessToken.Authorization authorization = toAccessToken(rpt).getAuthorization();
    Collection<Permission> permissions = authorization.getPermissions();
    assertNotNull(permissions);
    assertPermissions(permissions, resourceA.getName(), "ScopeA", "ScopeB");
    assertPermissions(permissions, resourceB.getName(), "ScopeC");
    assertTrue(permissions.isEmpty());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) AccessToken(org.keycloak.representations.AccessToken) Permission(org.keycloak.representations.idm.authorization.Permission) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) Test(org.junit.Test)

Example 9 with PermissionRequest

use of org.keycloak.representations.idm.authorization.PermissionRequest in project keycloak by keycloak.

the class UmaGrantTypeTest method testNoRefreshToken.

@Test
public void testNoRefreshToken() {
    ClientResource client = getClient(getRealm());
    ClientRepresentation clientRepresentation = client.toRepresentation();
    clientRepresentation.getAttributes().put(OIDCConfigAttributes.USE_REFRESH_TOKEN, "false");
    client.update(clientRepresentation);
    AccessTokenResponse accessTokenResponse = getAuthzClient().obtainAccessToken("marta", "password");
    AuthorizationResponse response = authorize(null, null, null, null, accessTokenResponse.getToken(), null, null, new PermissionRequest("Resource A", "ScopeA", "ScopeB"));
    String rpt = response.getToken();
    String refreshToken = response.getRefreshToken();
    assertNotNull(rpt);
    assertNull(refreshToken);
    clientRepresentation.getAttributes().put(OIDCConfigAttributes.USE_REFRESH_TOKEN, "true");
    client.update(clientRepresentation);
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) ClientResource(org.keycloak.admin.client.resource.ClientResource) AccessTokenResponse(org.keycloak.representations.AccessTokenResponse) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) Test(org.junit.Test)

Example 10 with PermissionRequest

use of org.keycloak.representations.idm.authorization.PermissionRequest in project keycloak by keycloak.

the class RegexPolicyTest method testWithExpectedUserAttribute.

@Test
public void testWithExpectedUserAttribute() {
    // Access Resource A with marta.
    AuthzClient authzClient = getAuthzClient();
    PermissionRequest request = new PermissionRequest("Resource A");
    String ticket = authzClient.protection().permission().create(request).getTicket();
    AuthorizationResponse response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
    assertNotNull(response.getToken());
    // Access Resource B with marta.
    request = new PermissionRequest("Resource B");
    ticket = authzClient.protection().permission().create(request).getTicket();
    response = authzClient.authorization("marta", "password").authorize(new AuthorizationRequest(ticket));
    assertNotNull(response.getToken());
}
Also used : PermissionRequest(org.keycloak.representations.idm.authorization.PermissionRequest) AuthzClient(org.keycloak.authorization.client.AuthzClient) AuthorizationRequest(org.keycloak.representations.idm.authorization.AuthorizationRequest) AuthorizationResponse(org.keycloak.representations.idm.authorization.AuthorizationResponse) Test(org.junit.Test)

Aggregations

PermissionRequest (org.keycloak.representations.idm.authorization.PermissionRequest)45 Test (org.junit.Test)39 AuthzClient (org.keycloak.authorization.client.AuthzClient)31 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)30 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)20 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)20 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)19 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)15 ArrayList (java.util.ArrayList)12 Permission (org.keycloak.representations.idm.authorization.Permission)11 AuthorizationDeniedException (org.keycloak.authorization.client.AuthorizationDeniedException)9 AccessToken (org.keycloak.representations.AccessToken)9 List (java.util.List)6 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)6 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)6 OAuthClient (org.keycloak.testsuite.util.OAuthClient)5 ClientResource (org.keycloak.admin.client.resource.ClientResource)4 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)4 Set (java.util.Set)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial