Example 11 with ClientAttributeUpdater
use of org.keycloak.testsuite.updaters.ClientAttributeUpdater in project keycloak by keycloak.
the class AudienceProtocolMappersTest method testAudienceResolveNoFullScopeClientScopes.
@Test
public void testAudienceResolveNoFullScopeClientScopes() throws Exception {
// create the mapper using a client scope
ClientScopeRepresentation clientScope = new ClientScopeRepresentation();
clientScope.setName("audience-mapper-test-client-scope");
clientScope.setProtocol("saml");
clientScope.setProtocolMappers(Collections.singletonList(createSamlProtocolMapper(SAMLAudienceResolveProtocolMapper.PROVIDER_ID)));
Response res = adminClient.realm(REALM_NAME).clientScopes().create(clientScope);
Assert.assertEquals(Response.Status.CREATED.getStatusCode(), res.getStatus());
String clientScopeId = ApiUtil.getCreatedId(res);
try {
// add a mapping to the client scope to employee2.employee role (this way employee should be in the audience)
String employee2Id = adminClient.realm(REALM_NAME).clients().findByClientId("http://localhost:8280/employee2/").get(0).getId();
Assert.assertNotNull(employee2Id);
String employeeId = adminClient.realm(REALM_NAME).clients().findByClientId("http://localhost:8280/employee/").get(0).getId();
Assert.assertNotNull(employeeId);
List<RoleRepresentation> availables = adminClient.realm(REALM_NAME).clientScopes().get(clientScopeId).getScopeMappings().clientLevel(employeeId).listAvailable();
Assert.assertThat(availables.size(), greaterThan(0));
adminClient.realm(REALM_NAME).clientScopes().get(clientScopeId).getScopeMappings().clientLevel(employeeId).add(availables);
// remove full scope and add the client scope
try (ClientAttributeUpdater cau = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_EMPLOYEE_2).setFullScopeAllowed(false).addDefaultClientScope("audience-mapper-test-client-scope").update()) {
this.testExpectedAudiences(SAML_CLIENT_ID_EMPLOYEE_2, "http://localhost:8280/employee/");
}
} finally {
adminClient.realm(REALM_NAME).clientScopes().get(clientScopeId).remove();
}
}
Also used :
Response(javax.ws.rs.core.Response)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater)
ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation)
Test(org.junit.Test)
Example 12 with ClientAttributeUpdater
use of org.keycloak.testsuite.updaters.ClientAttributeUpdater in project keycloak by keycloak.
the class ArtifactBindingTest method testArtifactBindingIdentifierChangedWhenClientIdChanged.
@Test
public void testArtifactBindingIdentifierChangedWhenClientIdChanged() throws IOException {
ClientRepresentation clientRepresentation = adminClient.realm(REALM_NAME).clients().findByClientId(SAML_CLIENT_ID_SALES_POST).get(0);
String oldIdentifier = clientRepresentation.getAttributes().get(SamlConfigAttributes.SAML_ARTIFACT_BINDING_IDENTIFIER);
assertThat(oldIdentifier, notNullValue());
final String newClientId = "new_client_id";
try (ClientAttributeUpdater cau = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setClientId(newClientId).update()) {
clientRepresentation = adminClient.realm(REALM_NAME).clients().findByClientId(newClientId).get(0);
String identifier = clientRepresentation.getAttributes().get(SamlConfigAttributes.SAML_ARTIFACT_BINDING_IDENTIFIER);
assertThat(identifier, not(equalTo(oldIdentifier)));
assertThat(identifier, equalTo(ArtifactBindingUtils.computeArtifactBindingIdentifierString(newClientId)));
}
clientRepresentation = adminClient.realm(REALM_NAME).clients().findByClientId(SAML_CLIENT_ID_SALES_POST).get(0);
assertThat(clientRepresentation.getAttributes().get(SamlConfigAttributes.SAML_ARTIFACT_BINDING_IDENTIFIER), equalTo(oldIdentifier));
}
Also used :
ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater)
Matchers.isEmptyOrNullString(org.hamcrest.Matchers.isEmptyOrNullString)
Matchers.containsString(org.hamcrest.Matchers.containsString)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Test(org.junit.Test)
Aggregations
ClientAttributeUpdater (org.keycloak.testsuite.updaters.ClientAttributeUpdater)12
Test (org.junit.Test)11
HashMap (java.util.HashMap)4
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)4
Matchers.containsString (org.hamcrest.Matchers.containsString)3
Closeable (java.io.Closeable)2
IOException (java.io.IOException)2
Map (java.util.Map)2
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)2
Matchers (org.hamcrest.Matchers)2
Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)2
AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)2
AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)2
RoleScopeUpdater (org.keycloak.testsuite.updaters.RoleScopeUpdater)2
Document (org.w3c.dom.Document)2
MalformedURLException (java.net.MalformedURLException)1
URISyntaxException (java.net.URISyntaxException)1
URL (java.net.URL)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
Collection (java.util.Collection)1
