Search in sources :

Example 16 with TokenUtil

use of org.keycloak.testsuite.util.TokenUtil in project keycloak by keycloak.

the class AccountRestServiceTest method createConsentForClientWithPut.

@Test
public void createConsentForClientWithPut() throws IOException {
    TokenUtil token = new TokenUtil("manage-consent-access", "password");
    String appId = "security-admin-console";
    ClientScopeRepresentation clientScopeRepresentation = testRealm().clientScopes().findAll().get(0);
    ConsentScopeRepresentation consentScopeRepresentation = new ConsentScopeRepresentation();
    consentScopeRepresentation.setId(clientScopeRepresentation.getId());
    ConsentRepresentation requestedConsent = new ConsentRepresentation();
    requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
    ConsentRepresentation consentRepresentation = SimpleHttp.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient).header("Accept", "application/json").json(requestedConsent).auth(token.getToken()).asJson(ConsentRepresentation.class);
    assertTrue(consentRepresentation.getCreatedDate() > 0);
    assertTrue(consentRepresentation.getLastUpdatedDate() > 0);
    assertEquals(1, consentRepresentation.getGrantedScopes().size());
    assertEquals(consentScopeRepresentation.getId(), consentRepresentation.getGrantedScopes().get(0).getId());
}
Also used : ConsentRepresentation(org.keycloak.representations.account.ConsentRepresentation) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) ConsentScopeRepresentation(org.keycloak.representations.account.ConsentScopeRepresentation) TokenUtil(org.keycloak.testsuite.util.TokenUtil) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 17 with TokenUtil

use of org.keycloak.testsuite.util.TokenUtil in project keycloak by keycloak.

the class AccountRestServiceTest method revokeOfflineAccess.

// KEYCLOAK-14344
@Test
public void revokeOfflineAccess() throws Exception {
    oauth.scope(OAuth2Constants.OFFLINE_ACCESS);
    oauth.clientId("offline-client");
    OAuthClient.AccessTokenResponse offlineTokenResponse = oauth.doGrantAccessTokenRequest("secret1", "view-applications-access", "password");
    assertNull(offlineTokenResponse.getErrorDescription());
    TokenUtil token = new TokenUtil("view-applications-access", "password");
    SimpleHttp.Response response = SimpleHttp.doDelete(getAccountUrl("applications/offline-client/consent"), httpClient).header("Accept", "application/json").auth(token.getToken()).asResponse();
    assertEquals(204, response.getStatus());
    List<ClientRepresentation> applications = SimpleHttp.doGet(getAccountUrl("applications"), httpClient).header("Accept", "application/json").auth(token.getToken()).asJson(new TypeReference<List<ClientRepresentation>>() {
    });
    assertFalse(applications.isEmpty());
    Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
    Assert.assertThat(apps.keySet(), containsInAnyOrder("offline-client", "always-display-client", "direct-grant"));
    assertClientRep(apps.get("offline-client"), "Offline Client", null, false, true, false, null, offlineClientAppUri);
}
Also used : AssertEvents(org.keycloak.testsuite.AssertEvents) UserRepresentation(org.keycloak.representations.account.UserRepresentation) Messages(org.keycloak.services.messages.Messages) DefaultAuthenticationFlows(org.keycloak.models.utils.DefaultAuthenticationFlows) ResolveRelative(org.keycloak.services.util.ResolveRelative) OAuthClient(org.keycloak.testsuite.util.OAuthClient) Assert.assertThat(org.junit.Assert.assertThat) SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) Map(java.util.Map) AuthenticationExecutionRepresentation(org.keycloak.representations.idm.AuthenticationExecutionRepresentation) CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation) TypeReference(com.fasterxml.jackson.core.type.TypeReference) WebAuthnCredentialModel(org.keycloak.models.credential.WebAuthnCredentialModel) SessionRepresentation(org.keycloak.representations.account.SessionRepresentation) UserProfileAttributeMetadata(org.keycloak.representations.account.UserProfileAttributeMetadata) Collectors(java.util.stream.Collectors) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) AccountCredentialResource(org.keycloak.services.resources.account.AccountCredentialResource) List(java.util.List) Response(javax.ws.rs.core.Response) Details(org.keycloak.events.Details) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Assert.assertFalse(org.junit.Assert.assertFalse) ClientRepresentation(org.keycloak.representations.account.ClientRepresentation) ConsentRepresentation(org.keycloak.representations.account.ConsentRepresentation) EmailValidator(org.keycloak.validate.validators.EmailValidator) WebAuthnRegisterFactory(org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory) OAuth2Constants(org.keycloak.OAuth2Constants) Profile(org.keycloak.common.Profile) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) ConsentScopeRepresentation(org.keycloak.representations.account.ConsentScopeRepresentation) AccountRestApiVersion(org.keycloak.common.enums.AccountRestApiVersion) HashMap(java.util.HashMap) ObjectUtil(org.keycloak.common.util.ObjectUtil) ErrorRepresentation(org.keycloak.representations.idm.ErrorRepresentation) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) WebAuthnAuthenticatorFactory(org.keycloak.authentication.authenticators.browser.WebAuthnAuthenticatorFactory) UserModel(org.keycloak.models.UserModel) EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature) AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) UserBuilder(org.keycloak.testsuite.util.UserBuilder) AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation) WebAuthnPasswordlessRegisterFactory(org.keycloak.authentication.requiredactions.WebAuthnPasswordlessRegisterFactory) UserResource(org.keycloak.admin.client.resource.UserResource) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation) TokenUtil(org.keycloak.testsuite.util.TokenUtil) ApiUtil(org.keycloak.testsuite.admin.ApiUtil) Assert.assertNotNull(org.junit.Assert.assertNotNull) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) WebAuthnPasswordlessAuthenticatorFactory(org.keycloak.authentication.authenticators.browser.WebAuthnPasswordlessAuthenticatorFactory) EventType(org.keycloak.events.EventType) IOException(java.io.IOException) OTPCredentialModel(org.keycloak.models.credential.OTPCredentialModel) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest) Rule(org.junit.Rule) Assert.assertNull(org.junit.Assert.assertNull) PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) UserProfileContext(org.keycloak.userprofile.UserProfileContext) CredentialTypeMetadata(org.keycloak.credential.CredentialTypeMetadata) Assert(org.junit.Assert) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) OAuthClient(org.keycloak.testsuite.util.OAuthClient) TokenUtil(org.keycloak.testsuite.util.TokenUtil) List(java.util.List) ClientRepresentation(org.keycloak.representations.account.ClientRepresentation) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 18 with TokenUtil

use of org.keycloak.testsuite.util.TokenUtil in project keycloak by keycloak.

the class AccountRestServiceTest method listApplicationsFiltered.

@Test
public void listApplicationsFiltered() throws Exception {
    oauth.clientId("in-use-client");
    OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("secret1", "view-applications-access", "password");
    assertNull(tokenResponse.getErrorDescription());
    TokenUtil token = new TokenUtil("view-applications-access", "password");
    List<ClientRepresentation> applications = SimpleHttp.doGet(getAccountUrl("applications"), httpClient).header("Accept", "application/json").param("name", "In Use").auth(token.getToken()).asJson(new TypeReference<List<ClientRepresentation>>() {
    });
    assertFalse(applications.isEmpty());
    Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
    Assert.assertThat(apps.keySet(), containsInAnyOrder("in-use-client"));
    assertClientRep(apps.get("in-use-client"), "In Use Client", null, false, true, false, null, inUseClientAppUri);
}
Also used : AssertEvents(org.keycloak.testsuite.AssertEvents) UserRepresentation(org.keycloak.representations.account.UserRepresentation) Messages(org.keycloak.services.messages.Messages) DefaultAuthenticationFlows(org.keycloak.models.utils.DefaultAuthenticationFlows) ResolveRelative(org.keycloak.services.util.ResolveRelative) OAuthClient(org.keycloak.testsuite.util.OAuthClient) Assert.assertThat(org.junit.Assert.assertThat) SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) Map(java.util.Map) AuthenticationExecutionRepresentation(org.keycloak.representations.idm.AuthenticationExecutionRepresentation) CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation) TypeReference(com.fasterxml.jackson.core.type.TypeReference) WebAuthnCredentialModel(org.keycloak.models.credential.WebAuthnCredentialModel) SessionRepresentation(org.keycloak.representations.account.SessionRepresentation) UserProfileAttributeMetadata(org.keycloak.representations.account.UserProfileAttributeMetadata) Collectors(java.util.stream.Collectors) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) AccountCredentialResource(org.keycloak.services.resources.account.AccountCredentialResource) List(java.util.List) Response(javax.ws.rs.core.Response) Details(org.keycloak.events.Details) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Assert.assertFalse(org.junit.Assert.assertFalse) ClientRepresentation(org.keycloak.representations.account.ClientRepresentation) ConsentRepresentation(org.keycloak.representations.account.ConsentRepresentation) EmailValidator(org.keycloak.validate.validators.EmailValidator) WebAuthnRegisterFactory(org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory) OAuth2Constants(org.keycloak.OAuth2Constants) Profile(org.keycloak.common.Profile) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) ConsentScopeRepresentation(org.keycloak.representations.account.ConsentScopeRepresentation) AccountRestApiVersion(org.keycloak.common.enums.AccountRestApiVersion) HashMap(java.util.HashMap) ObjectUtil(org.keycloak.common.util.ObjectUtil) ErrorRepresentation(org.keycloak.representations.idm.ErrorRepresentation) AuthenticationExecutionInfoRepresentation(org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation) WebAuthnAuthenticatorFactory(org.keycloak.authentication.authenticators.browser.WebAuthnAuthenticatorFactory) UserModel(org.keycloak.models.UserModel) EnableFeature(org.keycloak.testsuite.arquillian.annotation.EnableFeature) AuthenticationExecutionModel(org.keycloak.models.AuthenticationExecutionModel) UserBuilder(org.keycloak.testsuite.util.UserBuilder) AuthenticationFlowRepresentation(org.keycloak.representations.idm.AuthenticationFlowRepresentation) WebAuthnPasswordlessRegisterFactory(org.keycloak.authentication.requiredactions.WebAuthnPasswordlessRegisterFactory) UserResource(org.keycloak.admin.client.resource.UserResource) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) RequiredActionProviderSimpleRepresentation(org.keycloak.representations.idm.RequiredActionProviderSimpleRepresentation) TokenUtil(org.keycloak.testsuite.util.TokenUtil) ApiUtil(org.keycloak.testsuite.admin.ApiUtil) Assert.assertNotNull(org.junit.Assert.assertNotNull) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) RequiredActionProviderRepresentation(org.keycloak.representations.idm.RequiredActionProviderRepresentation) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) WebAuthnPasswordlessAuthenticatorFactory(org.keycloak.authentication.authenticators.browser.WebAuthnPasswordlessAuthenticatorFactory) EventType(org.keycloak.events.EventType) IOException(java.io.IOException) OTPCredentialModel(org.keycloak.models.credential.OTPCredentialModel) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest) Rule(org.junit.Rule) Assert.assertNull(org.junit.Assert.assertNull) PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel) UserProfileContext(org.keycloak.userprofile.UserProfileContext) CredentialTypeMetadata(org.keycloak.credential.CredentialTypeMetadata) Assert(org.junit.Assert) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) OAuthClient(org.keycloak.testsuite.util.OAuthClient) TokenUtil(org.keycloak.testsuite.util.TokenUtil) List(java.util.List) ClientRepresentation(org.keycloak.representations.account.ClientRepresentation) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 19 with TokenUtil

use of org.keycloak.testsuite.util.TokenUtil in project keycloak by keycloak.

the class AccountRestServiceTest method getNotExistingConsentForClient.

@Test
public void getNotExistingConsentForClient() throws IOException {
    TokenUtil token = new TokenUtil("view-consent-access", "password");
    String appId = "security-admin-console";
    SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient).header("Accept", "application/json").auth(token.getToken()).asResponse();
    assertEquals(204, response.getStatus());
}
Also used : SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) TokenUtil(org.keycloak.testsuite.util.TokenUtil) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Example 20 with TokenUtil

use of org.keycloak.testsuite.util.TokenUtil in project keycloak by keycloak.

the class AccountRestServiceTest method createConsentForClientWithoutPermissionWithPut.

@Test
public void createConsentForClientWithoutPermissionWithPut() throws IOException {
    TokenUtil token = new TokenUtil("view-consent-access", "password");
    String appId = "security-admin-console";
    ClientScopeRepresentation clientScopeRepresentation = testRealm().clientScopes().findAll().get(0);
    ConsentScopeRepresentation consentScopeRepresentation = new ConsentScopeRepresentation();
    consentScopeRepresentation.setId(clientScopeRepresentation.getId());
    ConsentRepresentation requestedConsent = new ConsentRepresentation();
    requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
    SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient).header("Accept", "application/json").json(requestedConsent).auth(token.getToken()).asResponse();
    assertEquals(403, response.getStatus());
}
Also used : ConsentRepresentation(org.keycloak.representations.account.ConsentRepresentation) SimpleHttp(org.keycloak.broker.provider.util.SimpleHttp) ClientScopeRepresentation(org.keycloak.representations.idm.ClientScopeRepresentation) ConsentScopeRepresentation(org.keycloak.representations.account.ConsentScopeRepresentation) TokenUtil(org.keycloak.testsuite.util.TokenUtil) Test(org.junit.Test) AbstractAuthenticationTest(org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)

Aggregations

TokenUtil (org.keycloak.testsuite.util.TokenUtil)29 Test (org.junit.Test)28 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)25 SimpleHttp (org.keycloak.broker.provider.util.SimpleHttp)18 ConsentRepresentation (org.keycloak.representations.account.ConsentRepresentation)16 ConsentScopeRepresentation (org.keycloak.representations.account.ConsentScopeRepresentation)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 SessionRepresentation (org.keycloak.representations.account.SessionRepresentation)8 TypeReference (com.fasterxml.jackson.core.type.TypeReference)7 List (java.util.List)7 Response (javax.ws.rs.core.Response)7 IOException (java.io.IOException)6 Collections (java.util.Collections)6 HashMap (java.util.HashMap)6 Map (java.util.Map)6 Collectors (java.util.stream.Collectors)6 Matchers.containsInAnyOrder (org.hamcrest.Matchers.containsInAnyOrder)6 Assert (org.junit.Assert)6 Assert.assertEquals (org.junit.Assert.assertEquals)6 Assert.assertFalse (org.junit.Assert.assertFalse)6