Search in sources :

Example 16 with ResourceRepresentation

use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.

the class PolicyEnforcerTest method testUsingSubjectToken.

@Test
public void testUsingSubjectToken() {
    ClientResource clientResource = getClientResource(RESOURCE_SERVER_CLIENT_ID);
    ResourceRepresentation resource = createResource(clientResource, "Resource Subject Token", "/api/check-subject-token");
    ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
    permission.setName(resource.getName() + " Permission");
    permission.addResource(resource.getName());
    permission.addPolicy("Only User Policy");
    PermissionsResource permissions = clientResource.authorization().permissions();
    permissions.resource().create(permission).close();
    KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(getAdapterConfiguration("enforcer-bearer-only.json"));
    PolicyEnforcer policyEnforcer = deployment.getPolicyEnforcer();
    OIDCHttpFacade httpFacade = createHttpFacade("/api/check-subject-token");
    AuthorizationContext context = policyEnforcer.enforce(httpFacade);
    assertFalse(context.isGranted());
    assertEquals(403, TestResponse.class.cast(httpFacade.getResponse()).getStatus());
    oauth.realm(REALM_NAME);
    oauth.clientId("public-client-test");
    oauth.doLogin("marta", "password");
    String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
    OAuthClient.AccessTokenResponse response = oauth.doAccessTokenRequest(code, null);
    String token = response.getAccessToken();
    httpFacade = createHttpFacade("/api/check-subject-token", token);
    context = policyEnforcer.enforce(httpFacade);
    assertTrue(context.isGranted());
}
Also used : PermissionsResource(org.keycloak.admin.client.resource.PermissionsResource) OAuthClient(org.keycloak.testsuite.util.OAuthClient) OIDCHttpFacade(org.keycloak.adapters.OIDCHttpFacade) KeycloakDeployment(org.keycloak.adapters.KeycloakDeployment) ClientResource(org.keycloak.admin.client.resource.ClientResource) PolicyEnforcer(org.keycloak.adapters.authorization.PolicyEnforcer) AuthorizationContext(org.keycloak.AuthorizationContext) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 17 with ResourceRepresentation

use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.

the class ResourceManagementTest method testCreate.

@Test
public void testCreate() {
    ResourceRepresentation newResource = createResource();
    assertEquals("Test Resource", newResource.getName());
    assertEquals("/test/*", newResource.getUri());
    assertEquals("test-resource", newResource.getType());
    assertEquals("icon-test-resource", newResource.getIconUri());
    Map<String, List<String>> attributes = newResource.getAttributes();
    assertEquals(2, attributes.size());
    assertTrue(attributes.containsKey("a"));
    assertTrue(attributes.containsKey("b"));
    assertTrue(attributes.get("a").containsAll(Arrays.asList("a1", "a2", "a3")));
    assertEquals(3, attributes.get("a").size());
    assertTrue(attributes.get("b").containsAll(Arrays.asList("b1")));
    assertEquals(1, attributes.get("b").size());
}
Also used : List(java.util.List) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Example 18 with ResourceRepresentation

use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.

the class ResourceManagementTest method testAssociateScopes.

@Test
public void testAssociateScopes() {
    ResourceRepresentation updated = createResourceWithDefaultScopes();
    assertEquals(3, updated.getScopes().size());
    assertTrue(containsScope("Scope A", updated));
    assertTrue(containsScope("Scope B", updated));
    assertTrue(containsScope("Scope C", updated));
}
Also used : ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Example 19 with ResourceRepresentation

use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.

the class ResourceManagementTest method testDelete.

@Test(expected = NotFoundException.class)
public void testDelete() {
    ResourceRepresentation resource = createResource();
    doRemoveResource(resource);
    getClientResource().authorization().resources().resource(resource.getId()).toRepresentation();
}
Also used : ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Example 20 with ResourceRepresentation

use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.

the class ResourceManagementTest method testUpdate.

@Test
public void testUpdate() {
    ResourceRepresentation resource = createResource();
    resource.setType("changed");
    resource.setIconUri("changed");
    resource.setUri("changed");
    Map<String, List<String>> attributes = resource.getAttributes();
    attributes.remove("a");
    attributes.put("c", Arrays.asList("c1", "c2"));
    attributes.put("b", Arrays.asList("changed"));
    resource = doUpdateResource(resource);
    assertEquals("changed", resource.getIconUri());
    assertEquals("changed", resource.getType());
    assertEquals("changed", resource.getUri());
    attributes = resource.getAttributes();
    assertEquals(2, attributes.size());
    assertFalse(attributes.containsKey("a"));
    assertTrue(attributes.containsKey("b"));
    assertTrue(attributes.get("b").containsAll(Arrays.asList("changed")));
    assertEquals(1, attributes.get("b").size());
    assertTrue(attributes.get("c").containsAll(Arrays.asList("c1", "c2")));
    assertEquals(2, attributes.get("c").size());
}
Also used : List(java.util.List) ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation) Test(org.junit.Test)

Aggregations

ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)154 Test (org.junit.Test)96 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)49 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)45 AuthzClient (org.keycloak.authorization.client.AuthzClient)44 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)39 ClientResource (org.keycloak.admin.client.resource.ClientResource)38 Response (javax.ws.rs.core.Response)36 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)35 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)33 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)33 Permission (org.keycloak.representations.idm.authorization.Permission)28 ScopeRepresentation (org.keycloak.representations.idm.authorization.ScopeRepresentation)26 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)23 OAuthClient (org.keycloak.testsuite.util.OAuthClient)23 PermissionRequest (org.keycloak.representations.idm.authorization.PermissionRequest)22 AccessToken (org.keycloak.representations.AccessToken)19 ArrayList (java.util.ArrayList)18 List (java.util.List)18 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)18