Example 1 with LDAPTestContext
use of org.keycloak.testsuite.federation.ldap.LDAPTestContext in project keycloak by keycloak.
the class LDAPMultipleAttributesNoImportTest method testUserImport.
@Test
public void testUserImport() {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
session.userCache().clear();
RealmModel appRealm = ctx.getRealm();
// Test user NOT imported in local storage now. He is available just through "session.users()"
UserModel user = session.users().getUserByUsername(appRealm, "jbrown");
Assert.assertNotNull(user);
Assert.assertNull(session.userLocalStorage().getUserById(appRealm, user.getId()));
LDAPTestAsserts.assertUserImported(session.users(), appRealm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
LDAPTestContext(org.keycloak.testsuite.federation.ldap.LDAPTestContext)
LDAPMultipleAttributesTest(org.keycloak.testsuite.federation.ldap.LDAPMultipleAttributesTest)
Test(org.junit.Test)
Example 2 with LDAPTestContext
use of org.keycloak.testsuite.federation.ldap.LDAPTestContext in project keycloak by keycloak.
the class LDAPRoleMappingsNoImportTest method test01ReadMappings.
@Test
public void test01ReadMappings() {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ctx.getLdapModel(), LDAPGroupMapperMode.LDAP_ONLY);
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ctx.getLdapModel(), "realmRolesMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
LDAPObject maryLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "marykeycloak");
roleMapper.addRoleMappingInLDAP("realmRole1", maryLdap);
roleMapper.addRoleMappingInLDAP("realmRole2", maryLdap);
});
testingClient.server().run(session -> {
session.userCache().clear();
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak");
// make sure we are in no-import mode!
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "marykeycloak"));
// This role should already exists as it was imported from LDAP
RoleModel realmRole1 = appRealm.getRole("realmRole1");
// This role should already exists as it was imported from LDAP
RoleModel realmRole2 = appRealm.getRole("realmRole2");
Set<RoleModel> maryRoles = mary.getRealmRoleMappingsStream().collect(Collectors.toSet());
Assert.assertTrue(maryRoles.contains(realmRole1));
Assert.assertTrue(maryRoles.contains(realmRole2));
// Add some role mappings directly into LDAP
ComponentModel roleMapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ctx.getLdapModel(), "realmRolesMapper");
LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
RoleLDAPStorageMapper roleMapper = LDAPTestUtils.getRoleMapper(roleMapperModel, ldapProvider, appRealm);
LDAPObject maryLdap = ldapProvider.loadLDAPUserByUsername(appRealm, "marykeycloak");
deleteRoleMappingsInLDAP(roleMapper, maryLdap, "realmRole1");
deleteRoleMappingsInLDAP(roleMapper, maryLdap, "realmRole2");
});
testingClient.server().run(session -> {
session.userCache().clear();
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
UserModel mary = session.users().getUserByUsername(appRealm, "marykeycloak");
// This role should already exists as it was imported from LDAP
RoleModel realmRole1 = appRealm.getRole("realmRole1");
// This role should already exists as it was imported from LDAP
RoleModel realmRole2 = appRealm.getRole("realmRole2");
Set<RoleModel> maryRoles = mary.getRealmRoleMappingsStream().collect(Collectors.toSet());
Assert.assertFalse(maryRoles.contains(realmRole1));
Assert.assertFalse(maryRoles.contains(realmRole2));
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
ComponentModel(org.keycloak.component.ComponentModel)
LDAPTestContext(org.keycloak.testsuite.federation.ldap.LDAPTestContext)
LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider)
LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject)
RoleModel(org.keycloak.models.RoleModel)
RoleLDAPStorageMapper(org.keycloak.storage.ldap.mappers.membership.role.RoleLDAPStorageMapper)
Test(org.junit.Test)
AbstractLDAPTest(org.keycloak.testsuite.federation.ldap.AbstractLDAPTest)
Example 3 with LDAPTestContext
use of org.keycloak.testsuite.federation.ldap.LDAPTestContext in project keycloak by keycloak.
the class LDAPRoleMappingsNoImportTest method test03_newUserDefaultRolesNoImportModeTest.
@Test
public void test03_newUserDefaultRolesNoImportModeTest() throws Exception {
// Check user group memberships
testingClient.server().run(session -> {
session.userCache().clear();
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ctx.getLdapModel(), LDAPGroupMapperMode.LDAP_ONLY);
UserModel david = session.users().addUser(appRealm, "davidkeycloak");
// make sure we are in no-import mode
Assert.assertNull(session.userLocalStorage().getUserByUsername(appRealm, "davidkeycloak"));
RoleModel defaultRole = appRealm.getRole("realmRole1");
RoleModel realmRole2 = appRealm.getRole("realmRole2");
Assert.assertNotNull(defaultRole);
Assert.assertNotNull(realmRole2);
// Set a default role on the realm
appRealm.addToDefaultRoles(defaultRole);
Set<RoleModel> davidRoles = david.getRealmRoleMappingsStream().collect(Collectors.toSet());
// default role is not assigned directly
Assert.assertFalse(davidRoles.contains(defaultRole));
Assert.assertFalse(davidRoles.contains(realmRole2));
// but david should have the role as effective
Assert.assertTrue(david.hasRole(defaultRole));
Assert.assertFalse(david.hasRole(realmRole2));
// Make sure john has not received the default role
UserModel john = session.users().getUserByUsername(appRealm, "johnkeycloak");
Assert.assertFalse(john.hasRole(defaultRole));
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
LDAPTestContext(org.keycloak.testsuite.federation.ldap.LDAPTestContext)
RoleModel(org.keycloak.models.RoleModel)
Test(org.junit.Test)
AbstractLDAPTest(org.keycloak.testsuite.federation.ldap.AbstractLDAPTest)
Example 4 with LDAPTestContext
use of org.keycloak.testsuite.federation.ldap.LDAPTestContext in project keycloak by keycloak.
the class LDAPRoleMappingsNoImportTest method afterImportTestRealm.
@Override
protected void afterImportTestRealm() {
// Disable pagination
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
ctx.getLdapModel().put(LDAPConstants.PAGINATION, "false");
appRealm.updateComponent(ctx.getLdapModel());
});
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
UserStorageProviderModel ldapModel = ctx.getLdapModel();
LDAPTestUtils.addLocalUser(session, appRealm, "mary", "mary@test.com", "password-app");
// Delete all LDAP users
LDAPStorageProvider ldapFedProvider = LDAPTestUtils.getLdapProvider(session, ldapModel);
LDAPTestUtils.removeAllLDAPUsers(ldapFedProvider, appRealm);
// Add sample application
ClientModel finance = appRealm.addClient("finance");
// Delete all LDAP roles
LDAPTestUtils.addOrUpdateRoleLDAPMappers(appRealm, ldapModel, LDAPGroupMapperMode.LDAP_ONLY);
LDAPTestUtils.removeAllLDAPRoles(session, appRealm, ldapModel, "realmRolesMapper");
LDAPTestUtils.removeAllLDAPRoles(session, appRealm, ldapModel, "financeRolesMapper");
// Add some users for testing
LDAPObject john = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "johnkeycloak", "John", "Doe", "john@email.org", null, "1234");
LDAPTestUtils.updateLDAPPassword(ldapFedProvider, john, "Password1");
LDAPObject mary = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "marykeycloak", "Mary", "Kelly", "mary@email.org", null, "5678");
LDAPTestUtils.updateLDAPPassword(ldapFedProvider, mary, "Password1");
LDAPObject rob = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "robkeycloak", "Rob", "Brown", "rob@email.org", null, "8910");
LDAPTestUtils.updateLDAPPassword(ldapFedProvider, rob, "Password1");
// Add some roles for testing
LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "realmRolesMapper", "realmRole1");
LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "realmRolesMapper", "realmRole2");
LDAPTestUtils.createLDAPRole(session, appRealm, ldapModel, "financeRolesMapper", "financeRole1");
// Sync LDAP roles to Keycloak DB
LDAPTestUtils.syncRolesFromLDAP(appRealm, ldapFedProvider, ldapModel);
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
ClientModel(org.keycloak.models.ClientModel)
LDAPTestContext(org.keycloak.testsuite.federation.ldap.LDAPTestContext)
LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider)
LDAPObject(org.keycloak.storage.ldap.idm.model.LDAPObject)
UserStorageProviderModel(org.keycloak.storage.UserStorageProviderModel)
Example 5 with LDAPTestContext
use of org.keycloak.testsuite.federation.ldap.LDAPTestContext in project keycloak by keycloak.
the class LDAPProvidersIntegrationNoImportTest method testSearch.
@Test
@Override
public void testSearch() {
testingClient.server().run(session -> {
LDAPTestContext ctx = LDAPTestContext.init(session);
RealmModel appRealm = ctx.getRealm();
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username1", "John1", "Doel1", "user1@email.org", null, "121");
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username2", "John2", "Doel2", "user2@email.org", null, "122");
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username3", "John3", "Doel3", "user3@email.org", null, "123");
LDAPTestUtils.addLDAPUser(ctx.getLdapProvider(), appRealm, "username4", "John4", "Doel4", "user4@email.org", null, "124");
// search by username
UserModel user = session.users().searchForUserStream(appRealm, "username1").findFirst().get();
LDAPTestAsserts.assertLoaded(user, "username1", "John1", "Doel1", "user1@email.org", "121");
// search by email
user = session.users().searchForUserStream(appRealm, "user2@email.org").findFirst().get();
LDAPTestAsserts.assertLoaded(user, "username2", "John2", "Doel2", "user2@email.org", "122");
// search by lastName
user = session.users().searchForUserStream(appRealm, "Doel3").findFirst().get();
LDAPTestAsserts.assertLoaded(user, "username3", "John3", "Doel3", "user3@email.org", "123");
// search by firstName + lastName
user = session.users().searchForUserStream(appRealm, "John4 Doel4").findFirst().get();
LDAPTestAsserts.assertLoaded(user, "username4", "John4", "Doel4", "user4@email.org", "124");
});
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
LDAPTestContext(org.keycloak.testsuite.federation.ldap.LDAPTestContext)
LDAPProvidersIntegrationTest(org.keycloak.testsuite.federation.ldap.LDAPProvidersIntegrationTest)
Test(org.junit.Test)
Aggregations
RealmModel (org.keycloak.models.RealmModel)10
LDAPTestContext (org.keycloak.testsuite.federation.ldap.LDAPTestContext)10
Test (org.junit.Test)8
UserModel (org.keycloak.models.UserModel)7
LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)4
LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)4
RoleModel (org.keycloak.models.RoleModel)3
AbstractLDAPTest (org.keycloak.testsuite.federation.ldap.AbstractLDAPTest)3
LDAPProvidersIntegrationTest (org.keycloak.testsuite.federation.ldap.LDAPProvidersIntegrationTest)3
ComponentModel (org.keycloak.component.ComponentModel)2
ClientModel (org.keycloak.models.ClientModel)2
Response (javax.ws.rs.core.Response)1
Before (org.junit.Before)1
RealmResource (org.keycloak.admin.client.resource.RealmResource)1
ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)1
UserStorageProviderModel (org.keycloak.storage.UserStorageProviderModel)1
FullNameLDAPStorageMapper (org.keycloak.storage.ldap.mappers.FullNameLDAPStorageMapper)1
LDAPStorageMapper (org.keycloak.storage.ldap.mappers.LDAPStorageMapper)1
UserAttributeLDAPStorageMapper (org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapper)1
RoleLDAPStorageMapper (org.keycloak.storage.ldap.mappers.membership.role.RoleLDAPStorageMapper)1
