Examples with LDAPStorageProvider org.keycloak.storage.ldap.LDAPStorageProvider used on opensource projects

Search in sources :

Example 51 with LDAPStorageProvider

use of org.keycloak.storage.ldap.LDAPStorageProvider in project keycloak by keycloak.

the class LDAPNoMSADTest method afterImportTestRealm.

@Override
protected void afterImportTestRealm() {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        LDAPTestUtils.addLocalUser(session, appRealm, "marykeycloak", "mary@test.com", "password-app");
        LDAPTestUtils.addZipCodeLDAPMapper(appRealm, ctx.getLdapModel());
        // Delete all LDAP users and add some new for testing
        LDAPStorageProvider ldapFedProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
        LDAPTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
        LDAPObject john = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
        LDAPTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
        LDAPObject existing = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "existing", "Existing", "Foo", "existing@email.org", null, "5678");
        appRealm.getClientByClientId("test-app").setDirectAccessGrantsEnabled(true);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject)

Example 52 with LDAPStorageProvider

use of org.keycloak.storage.ldap.LDAPStorageProvider in project keycloak by keycloak.

the class LDAPNoMSADTest method testUpdateWithUnmappedRdnAttribute.

// KEYCLOAK-4364
@Test
public void testUpdateWithUnmappedRdnAttribute() {
    ComponentRepresentation snMapperRep = findMapperRepByName("last name");
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        ComponentModel snMapper = null;
        // Create LDAP user with "sn" attribute in RDN like "sn=Doe2,ou=People,dc=domain,dc=com"
        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
        LDAPObject john2 = LDAPTestUtils.addLDAPUser(ldapProvider, appRealm, "johnkeycloak2", "John2", "Doe2", "john2@email.org", null, "4321");
        john2.setRdnAttributeName("sn");
        ldapProvider.getLdapIdentityStore().update(john2);
        // Assert DN was changed
        Assert.assertEquals("sn=Doe2", john2.getDn().getFirstRdn().toString());
        // Remove "sn" mapper
        snMapper = appRealm.getComponentsStream(ctx.getLdapModel().getId(), LDAPStorageMapper.class.getName()).filter(mapper -> Objects.equals(mapper.getName(), "last name")).findFirst().orElse(null);
        Assert.assertNotNull(snMapper);
        appRealm.removeComponent(snMapper);
    });
    // Try to update johnkeycloak2 user. It shouldn't try to update DN
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserModel johnkeycloak2 = session.users().getUserByUsername(appRealm, "johnkeycloak2");
        Assert.assertNotNull(johnkeycloak2);
        johnkeycloak2.setFirstName("foo2");
        johnkeycloak2.setLastName("foo");
    });
    // Re-create "sn" mapper back
    snMapperRep.setId(null);
    testRealm().components().add(snMapperRep);
}
Also used : ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) RealmModel(org.keycloak.models.RealmModel) MethodSorters(org.junit.runners.MethodSorters) RealmModel(org.keycloak.models.RealmModel) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) LDAPTestUtils(org.keycloak.testsuite.util.LDAPTestUtils) LDAPStorageMapper(org.keycloak.storage.ldap.mappers.LDAPStorageMapper) Test(org.junit.Test) Matchers.equalToIgnoringCase(org.hamcrest.Matchers.equalToIgnoringCase) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject) LDAPConstants(org.keycloak.models.LDAPConstants) Objects(java.util.Objects) ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) List(java.util.List) UserModel(org.keycloak.models.UserModel) LDAPRule(org.keycloak.testsuite.util.LDAPRule) ComponentModel(org.keycloak.component.ComponentModel) Assert(org.junit.Assert) ClassRule(org.junit.ClassRule) FixMethodOrder(org.junit.FixMethodOrder) UserResource(org.keycloak.admin.client.resource.UserResource) LDAPTestConfiguration(org.keycloak.testsuite.util.LDAPTestConfiguration) LDAPDn(org.keycloak.storage.ldap.idm.model.LDAPDn) UserModel(org.keycloak.models.UserModel) LDAPStorageMapper(org.keycloak.storage.ldap.mappers.LDAPStorageMapper) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject) Test(org.junit.Test)

Example 53 with LDAPStorageProvider

use of org.keycloak.storage.ldap.LDAPStorageProvider in project keycloak by keycloak.

the class LDAPProvidersFullNameMapperTest method testUpdatingAttributesWorksEvenWithEmptyAttributes.

@Test
public void testUpdatingAttributesWorksEvenWithEmptyAttributes() {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        ComponentModel ldapModel = LDAPTestUtils.getLdapProviderModel(appRealm);
        LDAPStorageProvider ldapFedProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
        LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "fullname", "James", "Dee", "fullname@email.org", null, "4578");
        LDAPTestAsserts.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578");
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserModel fullnameUser = session.users().getUserByUsername(appRealm, "fullname");
        fullnameUser.setAttribute("myAttribute", Collections.singletonList("test"));
        fullnameUser.setAttribute("myEmptyAttribute", new ArrayList<>());
        fullnameUser.setAttribute("myNullAttribute", null);
    });
    // Assert changed user available in Keycloak
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        // Assert user is successfully imported in Keycloak DB now with correct firstName and lastName
        LDAPTestAsserts.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578");
        UserModel fullnameUser = session.users().getUserByUsername(appRealm, "fullname");
        assertThat(fullnameUser.getAttributeStream("myAttribute").collect(Collectors.toList()), contains("test"));
        assertThat(fullnameUser.getAttributeStream("myEmptyAttribute").collect(Collectors.toList()), is(empty()));
        assertThat(fullnameUser.getAttributeStream("myNullAttribute").collect(Collectors.toList()), is(empty()));
        // Remove "fullnameUser" to assert he is removed from LDAP.
        session.users().removeUser(appRealm, fullnameUser);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) Test(org.junit.Test)

Example 54 with LDAPStorageProvider

use of org.keycloak.storage.ldap.LDAPStorageProvider in project keycloak by keycloak.

the class LDAPMSADFullNameTest method afterImportTestRealm.

@Override
protected void afterImportTestRealm() {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        UserStorageProviderModel ldapModel = ctx.getLdapModel();
        LDAPTestUtils.addLocalUser(session, appRealm, "marykeycloak", "mary@test.com", "password-app");
        LDAPTestUtils.addZipCodeLDAPMapper(appRealm, ldapModel);
        // Delete all LDAP users and add some new for testing
        LDAPStorageProvider ldapFedProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
        LDAPTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
        // Remove the mapper for "username-cn" and create new mapper for fullName
        ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "username-cn");
        Assert.assertNotNull(mapperModel);
        appRealm.removeComponent(mapperModel);
        mapperModel = KeycloakModelUtils.createComponentModel("fullNameWritable", ldapModel.getId(), FullNameLDAPStorageMapperFactory.PROVIDER_ID, LDAPStorageMapper.class.getName(), FullNameLDAPStorageMapper.LDAP_FULL_NAME_ATTRIBUTE, LDAPConstants.CN, FullNameLDAPStorageMapper.READ_ONLY, "false", FullNameLDAPStorageMapper.WRITE_ONLY, "true");
        appRealm.addComponentModel(mapperModel);
        appRealm.getClientByClientId("test-app").setDirectAccessGrantsEnabled(true);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)

Example 55 with LDAPStorageProvider

use of org.keycloak.storage.ldap.LDAPStorageProvider in project keycloak by keycloak.

the class UserStorageProviderResource method syncMapperData.

/**
 * Trigger sync of mapper data related to ldap mapper (roles, groups, ...)
 *
 * direction is "fedToKeycloak" or "keycloakToFed"
 *
 * @return
 */
@POST
@Path("{parentId}/mappers/{id}/sync")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public SynchronizationResult syncMapperData(@PathParam("parentId") String parentId, @PathParam("id") String mapperId, @QueryParam("direction") String direction) {
    auth.users().requireManage();
    ComponentModel parentModel = realm.getComponent(parentId);
    if (parentModel == null)
        throw new NotFoundException("Parent model not found");
    ComponentModel mapperModel = realm.getComponent(mapperId);
    if (mapperModel == null)
        throw new NotFoundException("Mapper model not found");
    LDAPStorageProvider ldapProvider = (LDAPStorageProvider) session.getProvider(UserStorageProvider.class, parentModel);
    LDAPStorageMapper mapper = session.getProvider(LDAPStorageMapper.class, mapperModel);
    ServicesLogger.LOGGER.syncingDataForMapper(mapperModel.getName(), mapperModel.getProviderId(), direction);
    SynchronizationResult syncResult;
    if ("fedToKeycloak".equals(direction)) {
        syncResult = mapper.syncDataFromFederationProviderToKeycloak(realm);
    } else if ("keycloakToFed".equals(direction)) {
        syncResult = mapper.syncDataFromKeycloakToFederationProvider(realm);
    } else {
        throw new BadRequestException("Unknown direction: " + direction);
    }
    Map<String, Object> eventRep = new HashMap<>();
    eventRep.put("action", direction);
    eventRep.put("result", syncResult);
    adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(eventRep).success();
    return syncResult;
}
Also used : LDAPStorageMapper(org.keycloak.storage.ldap.mappers.LDAPStorageMapper) UserStorageProvider(org.keycloak.storage.UserStorageProvider) HashMap(java.util.HashMap) ComponentModel(org.keycloak.component.ComponentModel) NotFoundException(javax.ws.rs.NotFoundException) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) BadRequestException(javax.ws.rs.BadRequestException) SynchronizationResult(org.keycloak.storage.user.SynchronizationResult) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Aggregations

LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)56 RealmModel (org.keycloak.models.RealmModel)46 ComponentModel (org.keycloak.component.ComponentModel)44 LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)34 Test (org.junit.Test)29 UserModel (org.keycloak.models.UserModel)17 GroupModel (org.keycloak.models.GroupModel)12 GroupLDAPStorageMapper (org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapper)12 SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)9 UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)8 GroupLDAPStorageMapperFactory (org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory)8 LDAPStorageMapper (org.keycloak.storage.ldap.mappers.LDAPStorageMapper)7 UserStorageProvider (org.keycloak.storage.UserStorageProvider)6 Path (javax.ws.rs.Path)4 KeycloakSession (org.keycloak.models.KeycloakSession)4 LDAPTestContext (org.keycloak.testsuite.federation.ldap.LDAPTestContext)4 HashMap (java.util.HashMap)3 Set (java.util.Set)3 Consumes (javax.ws.rs.Consumes)3 POST (javax.ws.rs.POST)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial