use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class PermissionManagementTest method testCreatePermissionTicketWithResourceName.
@Test
public void testCreatePermissionTicketWithResourceName() throws Exception {
ResourceRepresentation resource = addResource("Resource A", "kolo", true);
AuthzClient authzClient = getAuthzClient();
PermissionResponse response = authzClient.protection("marta", "password").permission().create(new PermissionRequest(resource.getId()));
AuthorizationRequest request = new AuthorizationRequest();
request.setTicket(response.getTicket());
request.setClaimToken(authzClient.obtainAccessToken("marta", "password").getToken());
try {
authzClient.authorization().authorize(request);
} catch (Exception e) {
}
assertPersistence(response, resource);
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class AuthorizationAPITest method configureAuthorization.
private void configureAuthorization(String clientId) throws Exception {
ClientResource client = getClient(getRealm(), clientId);
AuthorizationResource authorization = client.authorization();
ResourceRepresentation resource = new ResourceRepresentation("Resource A");
Response response = authorization.resources().create(resource);
response.close();
JSPolicyRepresentation policy = new JSPolicyRepresentation();
policy.setName("Default Policy");
policy.setCode("$evaluation.grant();");
response = authorization.policies().js().create(policy);
response.close();
ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
permission.setName(resource.getName() + " Permission");
permission.addResource(resource.getName());
permission.addPolicy(policy.getName());
response = authorization.permissions().resource().create(permission);
response.close();
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class AuthzClientCredentialsTest method testFindByName.
@Test
public void testFindByName() {
AuthzClient authzClient = getAuthzClient("default-session-keycloak.json");
ProtectionResource protection = authzClient.protection();
protection.resource().create(new ResourceRepresentation("Admin Resources"));
protection.resource().create(new ResourceRepresentation("Resource"));
ResourceRepresentation resource = authzClient.protection().resource().findByName("Resource");
assertEquals("Resource", resource.getName());
ResourceRepresentation adminResource = authzClient.protection().resource().findByName("Admin Resources");
assertEquals("Admin Resources", adminResource.getName());
assertNotEquals(resource.getId(), adminResource.getId());
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class AuthzClientCredentialsTest method assertAccessProtectionAPI.
private void assertAccessProtectionAPI(ProtectionResource protection) {
ResourceRepresentation expected = new ResourceRepresentation("Resource A", Collections.emptySet());
String id = protection.resource().create(expected).getId();
ResourceRepresentation actual = protection.resource().findById(id);
assertNotNull(actual);
assertEquals(expected.getName(), actual.getName());
assertEquals(id, actual.getId());
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class AuthorizationTest method testResourceWithSameNameDifferentOwner.
@Test
public void testResourceWithSameNameDifferentOwner() throws JWSInputException {
ResourceRepresentation koloResource = createResource("Resource A", "kolo", "Scope A", "Scope B");
createResourcePermission(koloResource, "Grant Policy");
ResourceRepresentation martaResource = createResource("Resource A", "marta", "Scope A", "Scope B");
createResourcePermission(martaResource, "Grant Policy");
assertNotEquals(koloResource.getId(), martaResource.getId());
AuthorizationRequest request = new AuthorizationRequest();
request.addPermission("Resource A");
List<Permission> permissions = authorize("kolo", "password", request);
assertEquals(1, permissions.size());
Permission permission = permissions.get(0);
assertTrue(permission.getScopes().containsAll(Arrays.asList("Scope A", "Scope B")));
assertEquals(koloResource.getId(), permission.getResourceId());
permissions = authorize("marta", "password", request);
assertEquals(1, permissions.size());
permission = permissions.get(0);
assertEquals(martaResource.getId(), permission.getResourceId());
assertTrue(permission.getScopes().containsAll(Arrays.asList("Scope A", "Scope B")));
}
Aggregations