Examples with OIDCClientRepresentation org.keycloak.representations.oidc.OIDCClientRepresentation used on opensource projects

Example 6 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class ClientPoliciesTest method testCreateDeletePolicyRuntime.

@Test
public void testCreateDeletePolicyRuntime() throws Exception {
    String clientId = createClientDynamically(generateSuffixedName(CLIENT_NAME), (OIDCClientRepresentation clientRep) -> {
    });
    OIDCClientRepresentation clientRep = getClientDynamically(clientId);
    assertEquals(OIDCLoginProtocol.CLIENT_SECRET_BASIC, clientRep.getTokenEndpointAuthMethod());
    events.expect(EventType.CLIENT_REGISTER).client(clientId).user(Matchers.isEmptyOrNullString()).assertEvent();
    events.expect(EventType.CLIENT_INFO).client(clientId).user(Matchers.isEmptyOrNullString()).assertEvent();
    adminClient.realm(REALM_NAME).clients().get(clientId).roles().create(RoleBuilder.create().name(SAMPLE_CLIENT_ROLE).build());
    successfulLoginAndLogout(clientId, clientRep.getClientSecret());
    setupPolicyAuthzCodeFlowUnderMultiPhasePolicy(POLICY_NAME);
    failLoginByNotFollowingPKCE(clientId);
    deletePolicy(POLICY_NAME);
    logger.info("... Deleted Policy : " + POLICY_NAME);
    successfulLoginAndLogout(clientId, clientRep.getClientSecret());
}

Example 7 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class ClientRegistrationPoliciesTest method testRedirectUriWithDomain.

@Test
public void testRedirectUriWithDomain() throws Exception {
    // Change the policy to avoid checking hosts
    ComponentRepresentation trustedHostPolicyRep = findPolicyByProviderAndAuth(TrustedHostClientRegistrationPolicyFactory.PROVIDER_ID, getPolicyAnon());
    trustedHostPolicyRep.getConfig().putSingle(TrustedHostClientRegistrationPolicyFactory.HOST_SENDING_REGISTRATION_REQUEST_MUST_MATCH, "false");
    // Configure some trusted host and domain
    trustedHostPolicyRep.getConfig().put(TrustedHostClientRegistrationPolicyFactory.TRUSTED_HOSTS, Arrays.asList("www.host.com", "*.example.com"));
    realmResource().components().component(trustedHostPolicyRep.getId()).update(trustedHostPolicyRep);
    // Verify client can be created with the redirectUri from trusted host and domain
    OIDCClientRepresentation oidcClientRep = createRepOidc("http://www.host.com", "http://www.example.com");
    reg.oidc().create(oidcClientRep);
    // Remove domain from the config
    trustedHostPolicyRep.getConfig().put(TrustedHostClientRegistrationPolicyFactory.TRUSTED_HOSTS, Arrays.asList("www.host.com", "www1.example.com"));
    realmResource().components().component(trustedHostPolicyRep.getId()).update(trustedHostPolicyRep);
    // Check new client can't be created anymore
    oidcClientRep = createRepOidc("http://www.host.com", "http://www.example.com");
    assertOidcFail(ClientRegOp.CREATE, oidcClientRep, 403, "URL doesn't match");
}

Example 8 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class ClientRegistrationPoliciesTest method create.

public OIDCClientRepresentation create() throws ClientRegistrationException {
    OIDCClientRepresentation client = createRepOidc();
    OIDCClientRepresentation response = reg.oidc().create(client);
    reg.auth(Auth.token(response));
    return response;
}

Example 9 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class ClientPoliciesTest method testClientUpdateSourceGroupsCondition.

@Test
public void testClientUpdateSourceGroupsCondition() throws Exception {
    // register profiles
    String json = (new ClientProfilesBuilder()).addProfile((new ClientProfileBuilder()).createProfile(PROFILE_NAME, "Den Forste Profil").addExecutor(SecureClientAuthenticatorExecutorFactory.PROVIDER_ID, createSecureClientAuthenticatorExecutorConfig(Arrays.asList(JWTClientAuthenticator.PROVIDER_ID), null)).toRepresentation()).toString();
    updateProfiles(json);
    // register policies
    json = (new ClientPoliciesBuilder()).addPolicy((new ClientPolicyBuilder()).createPolicy(POLICY_NAME, "Den Forste Politik", Boolean.TRUE).addCondition(ClientUpdaterSourceGroupsConditionFactory.PROVIDER_ID, createClientUpdateSourceGroupsConditionConfig(Arrays.asList("topGroup"))).addProfile(PROFILE_NAME).toRepresentation()).toString();
    updatePolicies(json);
    try {
        authCreateClients();
        createClientDynamically(generateSuffixedName(CLIENT_NAME), (OIDCClientRepresentation clientRep) -> {
        });
        fail();
    } catch (ClientRegistrationException e) {
        assertEquals(ERR_MSG_CLIENT_REG_FAIL, e.getMessage());
    }
    authManageClients();
    try {
        createClientDynamically(generateSuffixedName(CLIENT_NAME), (OIDCClientRepresentation clientRep) -> {
        });
    } catch (Exception e) {
        fail();
    }
}

Example 10 with OIDCClientRepresentation

use of org.keycloak.representations.oidc.OIDCClientRepresentation in project keycloak by keycloak.

the class ClientRegistrationPoliciesTest method createRepOidc.

private OIDCClientRepresentation createRepOidc(String clientBaseUri, String clientRedirectUri) {
    OIDCClientRepresentation client = new OIDCClientRepresentation();
    client.setClientName("RegistrationAccessTokenTest");
    client.setClientUri(clientBaseUri);
    client.setRedirectUris(Collections.singletonList(clientRedirectUri));
    return client;
}