use of org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT in project keycloak by keycloak.
the class ImpersonationTest method impersonateServiceAccount.
private Set<Cookie> impersonateServiceAccount(Keycloak adminClient) {
BasicCookieStore cookieStore = new BasicCookieStore();
try (CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultCookieStore(cookieStore).build()) {
HttpUriRequest req = RequestBuilder.post().setUri(AUTH_SERVER_ROOT + "/admin/realms/test/users/" + impersonatedUserId + "/impersonation").addHeader(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessTokenString()).build();
HttpResponse res = httpClient.execute(req);
String resBody = EntityUtils.toString(res.getEntity());
Assert.assertNotNull(resBody);
Assert.assertTrue(resBody.contains("redirect"));
Set<Cookie> cookies = cookieStore.getCookies().stream().filter(c -> c.getName().startsWith(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE)).map(c -> new Cookie(c.getName(), c.getValue(), c.getDomain(), c.getPath(), c.getExpiryDate(), c.isSecure(), true)).collect(Collectors.toSet());
Assert.assertNotNull(cookies);
Assert.assertThat(cookies, is(not(empty())));
return cookies;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
use of org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT in project keycloak by keycloak.
the class ImpersonationTest method impersonate.
private Set<Cookie> impersonate(Keycloak adminClient, String admin, String adminRealm) {
BasicCookieStore cookieStore = new BasicCookieStore();
try (CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultCookieStore(cookieStore).build()) {
HttpUriRequest req = RequestBuilder.post().setUri(AUTH_SERVER_ROOT + "/admin/realms/test/users/" + impersonatedUserId + "/impersonation").addHeader(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessTokenString()).build();
HttpResponse res = httpClient.execute(req);
String resBody = EntityUtils.toString(res.getEntity());
Assert.assertNotNull(resBody);
Assert.assertTrue(resBody.contains("redirect"));
events.expect(EventType.IMPERSONATE).session(AssertEvents.isUUID()).user(impersonatedUserId).detail(Details.IMPERSONATOR, admin).detail(Details.IMPERSONATOR_REALM, adminRealm).client((String) null).assertEvent();
// Fetch user session notes
final String userId = impersonatedUserId;
final UserSessionNotesHolder notesHolder = testingClient.server("test").fetch(session -> {
final RealmModel realm = session.realms().getRealmByName("test");
final UserModel user = session.users().getUserById(realm, userId);
final UserSessionModel userSession = session.sessions().getUserSessionsStream(realm, user).findFirst().get();
return new UserSessionNotesHolder(userSession.getNotes());
}, UserSessionNotesHolder.class);
// Check impersonation details
final Map<String, String> notes = notesHolder.getNotes();
Assert.assertNotNull(notes.get(ImpersonationSessionNote.IMPERSONATOR_ID.toString()));
Assert.assertEquals(admin, notes.get(ImpersonationSessionNote.IMPERSONATOR_USERNAME.toString()));
Set<Cookie> cookies = cookieStore.getCookies().stream().filter(c -> c.getName().startsWith(AuthenticationManager.KEYCLOAK_IDENTITY_COOKIE)).map(c -> new Cookie(c.getName(), c.getValue(), c.getDomain(), c.getPath(), c.getExpiryDate(), c.isSecure(), true)).collect(Collectors.toSet());
Assert.assertNotNull(cookies);
Assert.assertThat(cookies, is(not(empty())));
return cookies;
} catch (IOException e) {
throw new RuntimeException(e);
}
}
Aggregations