Search in sources :

Example 1 with AUTH_SERVER_ROOT

use of org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT in project keycloak by keycloak.

the class ImpersonationTest method impersonateServiceAccount.

private Set<Cookie> impersonateServiceAccount(Keycloak adminClient) {
    BasicCookieStore cookieStore = new BasicCookieStore();
    try (CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultCookieStore(cookieStore).build()) {
        HttpUriRequest req = RequestBuilder.post().setUri(AUTH_SERVER_ROOT + "/admin/realms/test/users/" + impersonatedUserId + "/impersonation").addHeader(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessTokenString()).build();
        HttpResponse res = httpClient.execute(req);
        String resBody = EntityUtils.toString(res.getEntity());
        Assert.assertNotNull(resBody);
        Assert.assertTrue(resBody.contains("redirect"));
        Set<Cookie> cookies = cookieStore.getCookies().stream().filter(c -> c.getName().startsWith(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE)).map(c -> new Cookie(c.getName(), c.getValue(), c.getDomain(), c.getPath(), c.getExpiryDate(), c.isSecure(), true)).collect(Collectors.toSet());
        Assert.assertNotNull(cookies);
        Assert.assertThat(cookies, is(not(empty())));
        return cookies;
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
}
Also used : HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) Cookie(org.openqa.selenium.Cookie) org.keycloak.representations.idm(org.keycloak.representations.idm) URL(java.net.URL) AssertEvents(org.keycloak.testsuite.AssertEvents) Config(org.keycloak.Config) Page(org.jboss.arquillian.graphene.page.Page) ClientErrorException(javax.ws.rs.ClientErrorException) EntityUtils(org.apache.http.util.EntityUtils) AuthenticationManager(org.keycloak.services.managers.AuthenticationManager) ClientResource(org.keycloak.admin.client.resource.ClientResource) RealmModel(org.keycloak.models.RealmModel) RealmResource(org.keycloak.admin.client.resource.RealmResource) Collectors(java.util.stream.Collectors) Keycloak(org.keycloak.admin.client.Keycloak) AuthRealm(org.keycloak.testsuite.auth.page.AuthRealm) HttpHeaders(javax.ws.rs.core.HttpHeaders) Response(javax.ws.rs.core.Response) Details(org.keycloak.events.Details) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) LoginPage(org.keycloak.testsuite.pages.LoginPage) ResteasyClient(org.jboss.resteasy.client.jaxrs.ResteasyClient) OAuth2Constants(org.keycloak.OAuth2Constants) java.util(java.util) BeforeClass(org.junit.BeforeClass) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) AdminRoles(org.keycloak.models.AdminRoles) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) Constants(org.keycloak.models.Constants) ServerURLs.getAuthServerContextRoot(org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot) HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) UserModel(org.keycloak.models.UserModel) RequestBuilder(org.apache.http.client.methods.RequestBuilder) Assume(org.junit.Assume) UserResource(org.keycloak.admin.client.resource.UserResource) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) Before(org.junit.Before) AUTH_SERVER_ROOT(org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) AppPage(org.keycloak.testsuite.pages.AppPage) Matchers(org.hamcrest.Matchers) Test(org.junit.Test) EventType(org.keycloak.events.EventType) IOException(java.io.IOException) UserSessionModel(org.keycloak.models.UserSessionModel) ImpersonationSessionNote(org.keycloak.models.ImpersonationSessionNote) org.keycloak.testsuite.util(org.keycloak.testsuite.util) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore) Rule(org.junit.Rule) ImpersonationConstants(org.keycloak.models.ImpersonationConstants) Cookie(org.openqa.selenium.Cookie) HttpResponse(org.apache.http.HttpResponse) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) Assert(org.junit.Assert) KeycloakBuilder(org.keycloak.admin.client.KeycloakBuilder) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore) HttpResponse(org.apache.http.HttpResponse) IOException(java.io.IOException)

Example 2 with AUTH_SERVER_ROOT

use of org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT in project keycloak by keycloak.

the class ImpersonationTest method impersonate.

private Set<Cookie> impersonate(Keycloak adminClient, String admin, String adminRealm) {
    BasicCookieStore cookieStore = new BasicCookieStore();
    try (CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultCookieStore(cookieStore).build()) {
        HttpUriRequest req = RequestBuilder.post().setUri(AUTH_SERVER_ROOT + "/admin/realms/test/users/" + impersonatedUserId + "/impersonation").addHeader(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessTokenString()).build();
        HttpResponse res = httpClient.execute(req);
        String resBody = EntityUtils.toString(res.getEntity());
        Assert.assertNotNull(resBody);
        Assert.assertTrue(resBody.contains("redirect"));
        events.expect(EventType.IMPERSONATE).session(AssertEvents.isUUID()).user(impersonatedUserId).detail(Details.IMPERSONATOR, admin).detail(Details.IMPERSONATOR_REALM, adminRealm).client((String) null).assertEvent();
        // Fetch user session notes
        final String userId = impersonatedUserId;
        final UserSessionNotesHolder notesHolder = testingClient.server("test").fetch(session -> {
            final RealmModel realm = session.realms().getRealmByName("test");
            final UserModel user = session.users().getUserById(realm, userId);
            final UserSessionModel userSession = session.sessions().getUserSessionsStream(realm, user).findFirst().get();
            return new UserSessionNotesHolder(userSession.getNotes());
        }, UserSessionNotesHolder.class);
        // Check impersonation details
        final Map<String, String> notes = notesHolder.getNotes();
        Assert.assertNotNull(notes.get(ImpersonationSessionNote.IMPERSONATOR_ID.toString()));
        Assert.assertEquals(admin, notes.get(ImpersonationSessionNote.IMPERSONATOR_USERNAME.toString()));
        Set<Cookie> cookies = cookieStore.getCookies().stream().filter(c -> c.getName().startsWith(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE)).map(c -> new Cookie(c.getName(), c.getValue(), c.getDomain(), c.getPath(), c.getExpiryDate(), c.isSecure(), true)).collect(Collectors.toSet());
        Assert.assertNotNull(cookies);
        Assert.assertThat(cookies, is(not(empty())));
        return cookies;
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
}
Also used : HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) Cookie(org.openqa.selenium.Cookie) org.keycloak.representations.idm(org.keycloak.representations.idm) URL(java.net.URL) AssertEvents(org.keycloak.testsuite.AssertEvents) Config(org.keycloak.Config) Page(org.jboss.arquillian.graphene.page.Page) ClientErrorException(javax.ws.rs.ClientErrorException) EntityUtils(org.apache.http.util.EntityUtils) AuthenticationManager(org.keycloak.services.managers.AuthenticationManager) ClientResource(org.keycloak.admin.client.resource.ClientResource) RealmModel(org.keycloak.models.RealmModel) RealmResource(org.keycloak.admin.client.resource.RealmResource) Collectors(java.util.stream.Collectors) Keycloak(org.keycloak.admin.client.Keycloak) AuthRealm(org.keycloak.testsuite.auth.page.AuthRealm) HttpHeaders(javax.ws.rs.core.HttpHeaders) Response(javax.ws.rs.core.Response) Details(org.keycloak.events.Details) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) LoginPage(org.keycloak.testsuite.pages.LoginPage) ResteasyClient(org.jboss.resteasy.client.jaxrs.ResteasyClient) OAuth2Constants(org.keycloak.OAuth2Constants) java.util(java.util) BeforeClass(org.junit.BeforeClass) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) AdminRoles(org.keycloak.models.AdminRoles) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) Constants(org.keycloak.models.Constants) ServerURLs.getAuthServerContextRoot(org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot) HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) ResteasyClientBuilder(org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder) UserModel(org.keycloak.models.UserModel) RequestBuilder(org.apache.http.client.methods.RequestBuilder) Assume(org.junit.Assume) UserResource(org.keycloak.admin.client.resource.UserResource) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) Before(org.junit.Before) AUTH_SERVER_ROOT(org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) AppPage(org.keycloak.testsuite.pages.AppPage) Matchers(org.hamcrest.Matchers) Test(org.junit.Test) EventType(org.keycloak.events.EventType) IOException(java.io.IOException) UserSessionModel(org.keycloak.models.UserSessionModel) ImpersonationSessionNote(org.keycloak.models.ImpersonationSessionNote) org.keycloak.testsuite.util(org.keycloak.testsuite.util) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore) Rule(org.junit.Rule) ImpersonationConstants(org.keycloak.models.ImpersonationConstants) Cookie(org.openqa.selenium.Cookie) HttpResponse(org.apache.http.HttpResponse) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) Assert(org.junit.Assert) KeycloakBuilder(org.keycloak.admin.client.KeycloakBuilder) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) UserSessionModel(org.keycloak.models.UserSessionModel) HttpResponse(org.apache.http.HttpResponse) IOException(java.io.IOException) RealmModel(org.keycloak.models.RealmModel) UserModel(org.keycloak.models.UserModel) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)

Aggregations

IOException (java.io.IOException)2 URL (java.net.URL)2 java.util (java.util)2 Collectors (java.util.stream.Collectors)2 ClientErrorException (javax.ws.rs.ClientErrorException)2 HttpHeaders (javax.ws.rs.core.HttpHeaders)2 Response (javax.ws.rs.core.Response)2 HttpResponse (org.apache.http.HttpResponse)2 HttpUriRequest (org.apache.http.client.methods.HttpUriRequest)2 RequestBuilder (org.apache.http.client.methods.RequestBuilder)2 BasicCookieStore (org.apache.http.impl.client.BasicCookieStore)2 CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)2 HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)2 EntityUtils (org.apache.http.util.EntityUtils)2 Matchers (org.hamcrest.Matchers)2 Page (org.jboss.arquillian.graphene.page.Page)2 ResteasyClient (org.jboss.resteasy.client.jaxrs.ResteasyClient)2 ResteasyClientBuilder (org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder)2 Assert (org.junit.Assert)2 Assume (org.junit.Assume)2