Examples with OIDCClientRepresentation - org.keycloak.representations.oidc.OIDCClientRepresentation

Example 91 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class OIDCClientRegistrationProvider method createOIDC.

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response createOIDC(OIDCClientRepresentation clientOIDC) {
    if (clientOIDC.getClientId() != null) {
        throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client Identifier included", Response.Status.BAD_REQUEST);
    }
    try {
        ClientRepresentation client = DescriptionConverter.toInternal(session, clientOIDC);
        List<String> grantTypes = clientOIDC.getGrantTypes();
        if (grantTypes != null && grantTypes.contains(OAuth2Constants.UMA_GRANT_TYPE)) {
            client.setAuthorizationServicesEnabled(true);
        }
        if (!(grantTypes == null || grantTypes.contains(OAuth2Constants.REFRESH_TOKEN))) {
            OIDCAdvancedConfigWrapper.fromClientRepresentation(client).setUseRefreshToken(false);
        }
        OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC);
        client = create(oidcContext);
        ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId());
        updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri());
        updateClientRepWithProtocolMappers(clientModel, client);
        validateClient(clientModel, clientOIDC, true);
        URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build();
        clientOIDC = DescriptionConverter.toExternalResponse(session, client, uri);
        clientOIDC.setClientIdIssuedAt(Time.currentTime());
        return Response.created(uri).entity(clientOIDC).build();
    } catch (ClientRegistrationException cre) {
        ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage());
        throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST);
    }
}

Also used : ClientModel(org.keycloak.models.ClientModel) ClientRegistrationException(org.keycloak.services.clientregistration.ClientRegistrationException) ErrorResponseException(org.keycloak.services.ErrorResponseException) URI(java.net.URI) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 92 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class OIDCClientRegistrationProvider method getOIDC.

@GET
@Path("{clientId}")
@Produces(MediaType.APPLICATION_JSON)
public Response getOIDC(@PathParam("clientId") String clientId) {
    ClientModel client = session.getContext().getRealm().getClientByClientId(clientId);
    ClientRepresentation clientRepresentation = get(client);
    OIDCClientRepresentation clientOIDC = DescriptionConverter.toExternalResponse(session, clientRepresentation, session.getContext().getUri().getRequestUri());
    return Response.ok(clientOIDC).build();
}

Also used : ClientModel(org.keycloak.models.ClientModel) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 93 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class OIDCClientRegistrationProvider method updateOIDC.

@PUT
@Path("{clientId}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response updateOIDC(@PathParam("clientId") String clientId, OIDCClientRepresentation clientOIDC) {
    try {
        ClientRepresentation client = DescriptionConverter.toInternal(session, clientOIDC);
        OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC);
        client = update(clientId, oidcContext);
        ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId());
        updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri());
        updateClientRepWithProtocolMappers(clientModel, client);
        validateClient(clientModel, clientOIDC, false);
        URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build();
        clientOIDC = DescriptionConverter.toExternalResponse(session, client, uri);
        return Response.ok(clientOIDC).build();
    } catch (ClientRegistrationException cre) {
        ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage());
        throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST);
    }
}

Also used : ClientModel(org.keycloak.models.ClientModel) ClientRegistrationException(org.keycloak.services.clientregistration.ClientRegistrationException) ErrorResponseException(org.keycloak.services.ErrorResponseException) URI(java.net.URI) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) PUT(javax.ws.rs.PUT)

Example 94 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class OIDCJwksClientRegistrationTest method createRep.

private OIDCClientRepresentation createRep() {
    OIDCClientRepresentation client = new OIDCClientRepresentation();
    client.setClientName("RegistrationAccessTokenTest");
    client.setClientUri(OAuthClient.APP_ROOT);
    client.setRedirectUris(Collections.singletonList(oauth.getRedirectUri()));
    return client;
}

Also used : OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation)

Example 95 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class OIDCJwksClientRegistrationTest method createClientWithJWKSURI.

@Test
public void createClientWithJWKSURI() throws Exception {
    OIDCClientRepresentation clientRep = createRep();
    clientRep.setGrantTypes(Collections.singletonList(OAuth2Constants.CLIENT_CREDENTIALS));
    clientRep.setTokenEndpointAuthMethod(OIDCLoginProtocol.PRIVATE_KEY_JWT);
    // Generate keys for client
    TestOIDCEndpointsApplicationResource oidcClientEndpointsResource = testingClient.testApp().oidcClientEndpoints();
    Map<String, String> generatedKeys = oidcClientEndpointsResource.generateKeys("RS256");
    clientRep.setJwksUri(TestApplicationResourceUrls.clientJwksUri());
    OIDCClientRepresentation response = reg.oidc().create(clientRep);
    Assert.assertEquals(OIDCLoginProtocol.PRIVATE_KEY_JWT, response.getTokenEndpointAuthMethod());
    Assert.assertNull(response.getClientSecret());
    Assert.assertNull(response.getClientSecretExpiresAt());
    Assert.assertEquals(response.getJwksUri(), TestApplicationResourceUrls.clientJwksUri());
    // Tries to authenticate client with privateKey JWT
    assertAuthenticateClientSuccess(generatedKeys, response, KEEP_GENERATED_KID);
}

Also used : TestOIDCEndpointsApplicationResource(org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource) OIDCClientRepresentation(org.keycloak.representations.oidc.OIDCClientRepresentation) Test(org.junit.Test)

Aggregations

OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)118 Test (org.junit.Test)95 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)44 AbstractClientPoliciesTest (org.keycloak.testsuite.client.AbstractClientPoliciesTest)22 ParResponse (org.keycloak.testsuite.util.OAuthClient.ParResponse)21 TestOIDCEndpointsApplicationResource (org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource)16 OAuthClient (org.keycloak.testsuite.util.OAuthClient)16 OIDCAdvancedConfigWrapper (org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper)15 ClientRegistrationException (org.keycloak.client.registration.ClientRegistrationException)11 IOException (java.io.IOException)10 ClientResource (org.keycloak.admin.client.resource.ClientResource)9 ArrayList (java.util.ArrayList)8 ClientPoliciesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPoliciesBuilder)7 ClientPolicyBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientPolicyBuilder)7 ClientProfileBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfileBuilder)7 ClientProfilesBuilder (org.keycloak.testsuite.util.ClientPoliciesUtil.ClientProfilesBuilder)7 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)6 ClientsResource (org.keycloak.admin.client.resource.ClientsResource)4 InputStream (java.io.InputStream)3 Produces (javax.ws.rs.Produces)3