Example 6 with Permission
use of org.keycloak.services.resources.account.resources.AbstractResourceService.Permission in project keycloak by keycloak.
the class ResourcesRestServiceTest method testApprovePermissionRequest.
@Test
public void testApprovePermissionRequest() throws IOException {
Resource resource = getMyResources().get(0);
List<Permission> requests = doGet("/" + resource.getId() + "/permissions/requests", new TypeReference<List<Permission>>() {
});
assertTrue(requests.isEmpty());
for (String userName : userNames) {
List<String> scopes = new ArrayList<>();
if ("bob".equals(userName)) {
scopes.add("Scope D");
} else if ("alice".equals(userName)) {
scopes.add("Scope C");
} else if ("jdoe".equals(userName)) {
scopes.add("Scope C");
scopes.add("Scope D");
}
for (String scope : scopes) {
PermissionTicketRepresentation ticket = new PermissionTicketRepresentation();
ticket.setGranted(false);
ticket.setOwner("test-user@localhost");
ticket.setRequesterName(userName);
ticket.setResource(resource.getId());
ticket.setScopeName(scope);
authzClient.protection("test-user@localhost", "password").permission().create(ticket);
}
}
requests = doGet("/" + resource.getId() + "/permissions/requests", new TypeReference<List<Permission>>() {
});
assertEquals(3, requests.size());
Iterator<Permission> iterator = requests.iterator();
while (iterator.hasNext()) {
Permission permission = iterator.next();
String username = permission.getUsername();
List<String> scopes = permission.getScopes();
if ("bob".equals(username)) {
scopes.clear();
} else if ("jdoe".equals(username)) {
scopes.remove("Scope C");
}
}
SimpleHttp.doPut(getAccountUrl("resources/" + resource.getId() + "/permissions"), httpClient).auth(tokenUtil.getToken()).json(requests).asResponse();
requests = doGet("/" + resource.getId() + "/permissions/requests", new TypeReference<List<Permission>>() {
});
assertTrue(requests.isEmpty());
for (String user : Arrays.asList("alice", "jdoe")) {
AbstractResourceService.ResourcePermission sharedResource = getSharedWithMe(user).stream().filter(resource1 -> resource1.getId().equals(resource.getId())).findAny().orElse(null);
assertNotNull(sharedResource);
Set<ScopeRepresentation> scopes = sharedResource.getScopes();
if ("alice".equals(user)) {
assertEquals(1, scopes.size());
assertTrue(scopes.stream().anyMatch(scope -> "Scope C".equals(scope.getName())));
} else if ("jdoe".equals(user)) {
assertEquals(1, scopes.size());
assertTrue(scopes.stream().anyMatch(scope -> "Scope D".equals(scope.getName())));
}
}
}
Also used :
ResourceRepresentation(org.keycloak.representations.idm.authorization.ResourceRepresentation)
Arrays(java.util.Arrays)
BeforeClass(org.junit.BeforeClass)
Profile(org.keycloak.common.Profile)
Resource(org.keycloak.services.resources.account.resources.AbstractResourceService.Resource)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
HashMap(java.util.HashMap)
AuthzClient(org.keycloak.authorization.client.AuthzClient)
ArrayList(java.util.ArrayList)
Assert.assertThat(org.junit.Assert.assertThat)
Configuration(org.keycloak.authorization.client.Configuration)
SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
AccessToken(org.keycloak.representations.AccessToken)
UserBuilder(org.keycloak.testsuite.util.UserBuilder)
Map(java.util.Map)
Assert.fail(org.junit.Assert.fail)
ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation)
TypeReference(com.fasterxml.jackson.core.type.TypeReference)
LinkedList(java.util.LinkedList)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
ProfileAssume(org.keycloak.testsuite.ProfileAssume)
AbstractResourceService(org.keycloak.services.resources.account.resources.AbstractResourceService)
TokenUtil(org.keycloak.testsuite.util.TokenUtil)
OAuth2ErrorRepresentation(org.keycloak.representations.idm.OAuth2ErrorRepresentation)
JWSInput(org.keycloak.jose.jws.JWSInput)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Iterator(java.util.Iterator)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
KeycloakUriBuilder(org.keycloak.common.util.KeycloakUriBuilder)
Set(java.util.Set)
Assert.assertTrue(org.junit.Assert.assertTrue)
Test(org.junit.Test)
IOException(java.io.IOException)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
PermissionTicketRepresentation(org.keycloak.representations.idm.authorization.PermissionTicketRepresentation)
JsonSerialization(org.keycloak.util.JsonSerialization)
Consumer(java.util.function.Consumer)
List(java.util.List)
AccountRoles(org.keycloak.models.AccountRoles)
Assert.assertNull(org.junit.Assert.assertNull)
Response(javax.ws.rs.core.Response)
Permission(org.keycloak.services.resources.account.resources.AbstractResourceService.Permission)
ClientBuilder(org.keycloak.testsuite.util.ClientBuilder)
Collections(java.util.Collections)
Assert.assertEquals(org.junit.Assert.assertEquals)
Resource(org.keycloak.services.resources.account.resources.AbstractResourceService.Resource)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
ClientResource(org.keycloak.admin.client.resource.ClientResource)
ArrayList(java.util.ArrayList)
AbstractResourceService(org.keycloak.services.resources.account.resources.AbstractResourceService)
Permission(org.keycloak.services.resources.account.resources.AbstractResourceService.Permission)
PermissionTicketRepresentation(org.keycloak.representations.idm.authorization.PermissionTicketRepresentation)
ScopeRepresentation(org.keycloak.representations.idm.authorization.ScopeRepresentation)
ArrayList(java.util.ArrayList)
LinkedList(java.util.LinkedList)
List(java.util.List)
TypeReference(com.fasterxml.jackson.core.type.TypeReference)
Test(org.junit.Test)
Aggregations
Permission (org.keycloak.services.resources.account.resources.AbstractResourceService.Permission)6
TypeReference (com.fasterxml.jackson.core.type.TypeReference)5
ArrayList (java.util.ArrayList)5
LinkedList (java.util.LinkedList)5
List (java.util.List)5
Test (org.junit.Test)5
AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)5
ClientResource (org.keycloak.admin.client.resource.ClientResource)5
ClientsResource (org.keycloak.admin.client.resource.ClientsResource)5
Resource (org.keycloak.services.resources.account.resources.AbstractResourceService.Resource)5
PermissionTicketRepresentation (org.keycloak.representations.idm.authorization.PermissionTicketRepresentation)4
AbstractResourceService (org.keycloak.services.resources.account.resources.AbstractResourceService)4
IOException (java.io.IOException)3
Arrays (java.util.Arrays)3
Collections (java.util.Collections)3
HashMap (java.util.HashMap)3
Iterator (java.util.Iterator)3
Map (java.util.Map)3
Set (java.util.Set)3
Consumer (java.util.function.Consumer)3
