Examples with RoleScopeUpdater org.keycloak.testsuite.updaters.RoleScopeUpdater used on opensource projects

Search in sources :

Example 1 with RoleScopeUpdater

use of org.keycloak.testsuite.updaters.RoleScopeUpdater in project keycloak by keycloak.

the class AccountFormServiceTest method applicationsVisibilityNoScopesNoConsent.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void applicationsVisibilityNoScopesNoConsent() throws Exception {
    try (ClientAttributeUpdater cau = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, ROOT_URL_CLIENT).setConsentRequired(false).setFullScopeAllowed(false).setDefaultClientScopes(Collections.EMPTY_LIST).setOptionalClientScopes(Collections.EMPTY_LIST).update();
        RoleScopeUpdater rsu = cau.realmRoleScope().update()) {
        applicationsPage.open();
        loginPage.login("john-doh@localhost", "password");
        applicationsPage.assertCurrent();
        Map<String, AccountApplicationsPage.AppEntry> apps = applicationsPage.getApplications();
        Assert.assertThat(apps.keySet(), containsInAnyOrder(/* "root-url-client", */
        "Account", "Account Console", "test-app", "test-app-scope", "third-party", "test-app-authz", "My Named Test App", "Test App Named - ${client_account}", "direct-grant", "custom-audience"));
        rsu.add(testRealm().roles().get("user").toRepresentation()).update();
        driver.navigate().refresh();
        apps = applicationsPage.getApplications();
        Assert.assertThat(apps.keySet(), containsInAnyOrder("root-url-client", "Account", "Account Console", "test-app", "test-app-scope", "third-party", "test-app-authz", "My Named Test App", "Test App Named - ${client_account}", "direct-grant", "custom-audience"));
    }
}
Also used : ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) Matchers.containsString(org.hamcrest.Matchers.containsString) RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 2 with RoleScopeUpdater

use of org.keycloak.testsuite.updaters.RoleScopeUpdater in project keycloak by keycloak.

the class AudienceProtocolMappersTest method testAudienceResolveNoFullScope.

@Test
public void testAudienceResolveNoFullScope() throws Exception {
    pmu.add(createSamlProtocolMapper(SAMLAudienceResolveProtocolMapper.PROVIDER_ID)).update();
    // remove full scope
    try (ClientAttributeUpdater cau = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_EMPLOYEE_2).setFullScopeAllowed(false).update()) {
        // now only the same client should be in the audience
        this.testExpectedAudiences(SAML_CLIENT_ID_EMPLOYEE_2);
        // add another client in the scope
        String employee2Id = adminClient.realm(REALM_NAME).clients().findByClientId("http://localhost:8280/employee2/").get(0).getId();
        Assert.assertNotNull(employee2Id);
        String employeeId = adminClient.realm(REALM_NAME).clients().findByClientId("http://localhost:8280/employee/").get(0).getId();
        Assert.assertNotNull(employeeId);
        List<RoleRepresentation> availables = adminClient.realm(REALM_NAME).clients().get(employee2Id).getScopeMappings().clientLevel(employeeId).listAvailable();
        Assert.assertThat(availables.size(), greaterThan(0));
        // assign scope to only employee2 (employee-role-mapping should not be there)
        try (RoleScopeUpdater ru = cau.clientRoleScope(employeeId).add(availables.get(0)).update()) {
            this.testExpectedAudiences(SAML_CLIENT_ID_EMPLOYEE_2, "http://localhost:8280/employee/");
        }
    }
}
Also used : ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) Test(org.junit.Test)

Example 3 with RoleScopeUpdater

use of org.keycloak.testsuite.updaters.RoleScopeUpdater in project keycloak by keycloak.

the class RoleMapperTest method singleRealmRoleWithDots.

@Test
public void singleRealmRoleWithDots() throws Exception {
    pmu.add(createSamlProtocolMapper(RoleListMapper.PROVIDER_ID, AttributeStatementHelper.SAML_ATTRIBUTE_NAME, ROLE_ATTRIBUTE_NAME, AttributeStatementHelper.SAML_ATTRIBUTE_NAMEFORMAT, AttributeStatementHelper.BASIC, RoleListMapper.SINGLE_ROLE_ATTRIBUTE, "true")).update();
    RoleRepresentation roleWithDots = realmsResouce().realm(REALM_NAME).roles().get("role.with.dots").toRepresentation();
    try (UserAttributeUpdater uau = UserAttributeUpdater.forUserByUsername(adminClient, REALM_NAME, bburkeUser.getUsername()).update();
        RoleScopeUpdater rsu = uau.realmRoleScope().removeByName("user").add(roleWithDots).update()) {
        testExpectedRoles(SAML_CLIENT_ID_EMPLOYEE_2, "manager", "role.with.dots", "empl.oyee", "employee");
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) UserAttributeUpdater(org.keycloak.testsuite.updaters.UserAttributeUpdater) RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) Test(org.junit.Test)

Example 4 with RoleScopeUpdater

use of org.keycloak.testsuite.updaters.RoleScopeUpdater in project keycloak by keycloak.

the class RoleMapperTest method singleRealmRoleWithDotsRemapped.

@Test
public void singleRealmRoleWithDotsRemapped() throws Exception {
    pmu.add(createSamlProtocolMapper(RoleListMapper.PROVIDER_ID, AttributeStatementHelper.SAML_ATTRIBUTE_NAME, ROLE_ATTRIBUTE_NAME, AttributeStatementHelper.SAML_ATTRIBUTE_NAMEFORMAT, AttributeStatementHelper.BASIC, RoleListMapper.SINGLE_ROLE_ATTRIBUTE, "true"), createSamlProtocolMapper(RoleNameMapper.PROVIDER_ID, RoleNameMapper.ROLE_CONFIG, "role.with.dots", RoleNameMapper.NEW_ROLE_NAME, "blahWithDots")).update();
    RoleRepresentation roleWithDots = realmsResouce().realm(REALM_NAME).roles().get("role.with.dots").toRepresentation();
    try (UserAttributeUpdater uau = UserAttributeUpdater.forUserByUsername(adminClient, REALM_NAME, bburkeUser.getUsername()).update();
        RoleScopeUpdater rsu = uau.realmRoleScope().removeByName("user").add(roleWithDots).update()) {
        testExpectedRoles(SAML_CLIENT_ID_EMPLOYEE_2, "manager", "blahWithDots", "empl.oyee", "employee");
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) UserAttributeUpdater(org.keycloak.testsuite.updaters.UserAttributeUpdater) RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) Test(org.junit.Test)

Example 5 with RoleScopeUpdater

use of org.keycloak.testsuite.updaters.RoleScopeUpdater in project keycloak by keycloak.

the class AudienceProtocolMappersTest method testAudienceResolveFullScope.

@Test
public void testAudienceResolveFullScope() throws Exception {
    pmu.add(createSamlProtocolMapper(SAMLAudienceResolveProtocolMapper.PROVIDER_ID)).update();
    // bburke in the saml realm belongs to three different SAML clients groups
    // "http://localhost:8280/employee/": [ "employee" ],
    // "http://localhost:8280/employee2/": [ "empl.oyee", "employee" ],
    // "http://localhost:8280/employee-role-mapping/": ["employee"]
    // this way it should contain the three apps by default
    this.testExpectedAudiences(SAML_CLIENT_ID_EMPLOYEE_2, "http://localhost:8280/employee/", "http://localhost:8280/employee-role-mapping/");
    // remove one of the groups (employee) and check the employee audience is removed
    String employeeId = adminClient.realm(REALM_NAME).clients().findByClientId("http://localhost:8280/employee/").get(0).getId();
    Assert.assertNotNull(employeeId);
    try (RoleScopeUpdater rsc = UserAttributeUpdater.forUserByUsername(adminClient, REALM_NAME, bburkeUser.getUsername()).clientRoleScope(employeeId).removeByName("employee").update()) {
        this.testExpectedAudiences(SAML_CLIENT_ID_EMPLOYEE_2, "http://localhost:8280/employee-role-mapping/");
    }
}
Also used : RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)5 RoleScopeUpdater (org.keycloak.testsuite.updaters.RoleScopeUpdater)5 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)3 ClientAttributeUpdater (org.keycloak.testsuite.updaters.ClientAttributeUpdater)2 UserAttributeUpdater (org.keycloak.testsuite.updaters.UserAttributeUpdater)2 Matchers.containsString (org.hamcrest.Matchers.containsString)1 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)1 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial