use of org.keycloak.userprofile.UserProfileProvider in project keycloak by keycloak.
the class UserProfileTest method testValidateComplianceWithUserProfile.
private static void testValidateComplianceWithUserProfile(KeycloakSession session) throws IOException {
RealmModel realm = session.getContext().getRealm();
UserModel user = session.users().addUser(realm, "profiled-user");
UserProfileProvider provider = getDynamicUserProfileProvider(session);
UPConfig config = new UPConfig();
UPAttribute attribute = new UPAttribute();
attribute.setName("address");
UPAttributeRequired requirements = new UPAttributeRequired();
attribute.setRequired(requirements);
UPAttributePermissions permissions = new UPAttributePermissions();
permissions.setEdit(Collections.singleton(ROLE_USER));
attribute.setPermissions(permissions);
config.addAttribute(attribute);
provider.setConfiguration(JsonSerialization.writeValueAsString(config));
UserProfile profile = provider.create(UserProfileContext.ACCOUNT, user);
try {
profile.validate();
Assert.fail("Should fail validation");
} catch (ValidationException ve) {
// username is mandatory
assertTrue(ve.isAttributeOnError("address"));
}
user.setAttribute("address", Arrays.asList("fixed-address"));
profile = provider.create(UserProfileContext.ACCOUNT, user);
profile.validate();
}
use of org.keycloak.userprofile.UserProfileProvider in project keycloak by keycloak.
the class UserProfileTest method testCustomAttributeInAnyContext.
private static void testCustomAttributeInAnyContext(KeycloakSession session) {
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "profiled-user");
UserProfileProvider provider = getDynamicUserProfileProvider(session);
provider.setConfiguration("{\"attributes\": [{\"name\": \"address\", \"required\": {}, \"permissions\": {\"edit\": [\"user\"]}}]}");
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
try {
profile.validate();
Assert.fail("Should fail validation");
} catch (ValidationException ve) {
// address is mandatory
assertTrue(ve.isAttributeOnError("address"));
}
assertThat(profile.getAttributes().nameSet(), containsInAnyOrder(UserModel.USERNAME, UserModel.EMAIL, "address"));
attributes.put("address", "myaddress");
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
}
use of org.keycloak.userprofile.UserProfileProvider in project keycloak by keycloak.
the class UserProfileTest method testResolveProfile.
private static void testResolveProfile(KeycloakSession session) {
configureAuthenticationSession(session);
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "profiled-user");
UserProfileProvider provider = getDynamicUserProfileProvider(session);
provider.setConfiguration("{\"attributes\": [{\"name\": \"business.address\", \"required\": {\"scopes\": [\"customer\"]}, \"permissions\": {\"edit\": [\"user\"]}}]}");
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.getAttributes();
try {
profile.validate();
Assert.fail("Should fail validation");
} catch (ValidationException ve) {
// address is mandatory
assertTrue(ve.isAttributeOnError("business.address"));
}
attributes.put("business.address", "valid-address");
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
profile = provider.create(UserProfileContext.ACCOUNT, attributes);
profile.validate();
}
use of org.keycloak.userprofile.UserProfileProvider in project keycloak by keycloak.
the class UserProfileTest method testReadonlyUpdates.
private static void testReadonlyUpdates(KeycloakSession session) {
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, org.keycloak.models.utils.KeycloakModelUtils.generateId());
attributes.put("address", Arrays.asList("fixed-address"));
attributes.put("department", Arrays.asList("sales"));
UserProfileProvider provider = getDynamicUserProfileProvider(session);
provider.setConfiguration("{\"attributes\": [{\"name\": \"department\", \"permissions\": {\"edit\": [\"admin\"]}}]}");
UserProfile profile = provider.create(UserProfileContext.ACCOUNT, attributes);
UserModel user = profile.create();
assertThat(profile.getAttributes().nameSet(), containsInAnyOrder(UserModel.USERNAME, UserModel.EMAIL, "address", "department"));
assertNull(user.getFirstAttribute("department"));
profile = provider.create(UserProfileContext.USER_API, attributes, user);
Set<String> attributesUpdated = new HashSet<>();
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertThat(attributesUpdated, containsInAnyOrder("department"));
assertEquals("sales", user.getFirstAttribute("department"));
attributes.put("department", "cannot-change");
profile = provider.create(UserProfileContext.ACCOUNT, attributes, user);
try {
profile.update();
fail("Should fail due to read only attribute");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError("department"));
}
assertEquals("sales", user.getFirstAttribute("department"));
assertTrue(profile.getAttributes().isReadOnly("department"));
}
use of org.keycloak.userprofile.UserProfileProvider in project keycloak by keycloak.
the class UserProfileTest method testDoNotUpdateUndefinedAttributes.
private static void testDoNotUpdateUndefinedAttributes(KeycloakSession session) {
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, org.keycloak.models.utils.KeycloakModelUtils.generateId());
attributes.put("address", Arrays.asList("fixed-address"));
attributes.put("department", Arrays.asList("sales"));
attributes.put("phone", Arrays.asList("fixed-phone"));
UserProfileProvider provider = getDynamicUserProfileProvider(session);
provider.setConfiguration("{\"attributes\": [{\"name\": \"department\", \"permissions\": {\"edit\": [\"admin\"]}}," + "{\"name\": \"phone\", \"permissions\": {\"edit\": [\"admin\"]}}," + "{\"name\": \"address\", \"permissions\": {\"edit\": [\"admin\"]}}]}");
UserProfile profile = provider.create(UserProfileContext.ACCOUNT, attributes);
UserModel user = profile.create();
assertThat(profile.getAttributes().nameSet(), containsInAnyOrder(UserModel.USERNAME, UserModel.EMAIL, "address", "department", "phone"));
profile = provider.create(UserProfileContext.USER_API, attributes, user);
Set<String> attributesUpdated = new HashSet<>();
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertThat(attributesUpdated, containsInAnyOrder("department", "address", "phone"));
provider.setConfiguration("{\"attributes\": [{\"name\": \"department\", \"permissions\": {\"edit\": [\"admin\"]}}," + "{\"name\": \"phone\", \"permissions\": {\"edit\": [\"admin\"]}}]}");
attributesUpdated.clear();
attributes.remove("address");
attributes.put("department", "foo");
attributes.put("phone", "foo");
profile = provider.create(UserProfileContext.USER_API, attributes, user);
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertThat(attributesUpdated, containsInAnyOrder("department", "phone"));
assertTrue(user.getAttributes().containsKey("address"));
provider.setConfiguration("{\"attributes\": [{\"name\": \"department\", \"permissions\": {\"edit\": [\"admin\"]}}," + "{\"name\": \"phone\", \"permissions\": {\"edit\": [\"admin\"]}}," + "{\"name\": \"address\", \"permissions\": {\"edit\": [\"admin\"]}}]}");
attributes.put("department", "foo");
attributes.put("phone", "foo");
attributes.put("address", "bar");
attributesUpdated.clear();
profile = provider.create(UserProfileContext.USER_API, attributes, user);
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertThat(attributesUpdated, containsInAnyOrder("address"));
assertEquals("bar", user.getFirstAttribute("address"));
assertEquals("foo", user.getFirstAttribute("phone"));
assertEquals("foo", user.getFirstAttribute("department"));
attributes.remove("address");
attributesUpdated.clear();
profile = provider.create(UserProfileContext.USER_API, attributes, user);
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertThat(attributesUpdated, containsInAnyOrder("address"));
assertFalse(user.getAttributes().containsKey("address"));
assertTrue(user.getAttributes().containsKey("phone"));
assertTrue(user.getAttributes().containsKey("department"));
String prefixedAttributeName = Constants.USER_ATTRIBUTES_PREFIX.concat("prefixed");
attributes.put(prefixedAttributeName, "foo");
attributesUpdated.clear();
profile = provider.create(UserProfileContext.USER_API, attributes, user);
profile.update((attributeName, userModel, oldValue) -> assertTrue(attributesUpdated.add(attributeName)));
assertTrue(attributesUpdated.isEmpty());
assertFalse(user.getAttributes().containsKey("prefixedAttributeName"));
}
Aggregations