Search in sources :

Example 11 with UPConfig

use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.

the class UserProfileTest method testCustomValidationForUsername.

private static void testCustomValidationForUsername(KeycloakSession session) throws IOException {
    DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
    ComponentModel component = provider.getComponentModel();
    assertNotNull(component);
    UPConfig config = new UPConfig();
    UPAttribute attribute = new UPAttribute();
    attribute.setName(UserModel.USERNAME);
    Map<String, Object> validatorConfig = new HashMap<>();
    validatorConfig.put("min", 4);
    attribute.addValidation(LengthValidator.ID, validatorConfig);
    config.addAttribute(attribute);
    provider.setConfiguration(JsonSerialization.writeValueAsString(config));
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(UserModel.USERNAME, "us");
    UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    try {
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(UserModel.USERNAME));
        assertTrue(ve.hasError(LengthValidator.MESSAGE_INVALID_LENGTH_TOO_SHORT));
    }
    attributes.put(UserModel.USERNAME, "user");
    profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    profile.validate();
    provider.setConfiguration(null);
    attributes.put(UserModel.USERNAME, "user");
    attributes.put(UserModel.FIRST_NAME, "Joe");
    attributes.put(UserModel.LAST_NAME, "Doe");
    profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    profile.validate();
}
Also used : ComponentValidationException(org.keycloak.component.ComponentValidationException) ValidationException(org.keycloak.userprofile.ValidationException) UserProfile(org.keycloak.userprofile.UserProfile) HashMap(java.util.HashMap) DeclarativeUserProfileProvider(org.keycloak.userprofile.DeclarativeUserProfileProvider) UPConfig(org.keycloak.userprofile.config.UPConfig) ComponentModel(org.keycloak.component.ComponentModel) UPAttribute(org.keycloak.userprofile.config.UPAttribute)

Example 12 with UPConfig

use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.

the class UserProfileTest method testRequiredIfUser.

private static void testRequiredIfUser(KeycloakSession session) throws IOException {
    DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
    ComponentModel component = provider.getComponentModel();
    assertNotNull(component);
    UPConfig config = new UPConfig();
    UPAttribute attribute = new UPAttribute();
    attribute.setName(ATT_ADDRESS);
    UPAttributeRequired requirements = new UPAttributeRequired();
    requirements.setRoles(Collections.singleton(ROLE_USER));
    attribute.setRequired(requirements);
    UPAttributePermissions permissions = new UPAttributePermissions();
    permissions.setEdit(Collections.singleton(ROLE_USER));
    attribute.setPermissions(permissions);
    config.addAttribute(attribute);
    provider.setConfiguration(JsonSerialization.writeValueAsString(config));
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(UserModel.USERNAME, "user");
    // fail on common contexts
    UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    try {
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    profile = provider.create(UserProfileContext.ACCOUNT, attributes);
    try {
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
    try {
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    attributes.put(UserModel.FIRST_NAME, "Joe");
    attributes.put(UserModel.LAST_NAME, "Doe");
    // no fail on User API
    profile = provider.create(UserProfileContext.USER_API, attributes);
    profile.validate();
}
Also used : UPAttributePermissions(org.keycloak.userprofile.config.UPAttributePermissions) ComponentValidationException(org.keycloak.component.ComponentValidationException) ValidationException(org.keycloak.userprofile.ValidationException) UserProfile(org.keycloak.userprofile.UserProfile) HashMap(java.util.HashMap) DeclarativeUserProfileProvider(org.keycloak.userprofile.DeclarativeUserProfileProvider) UPConfig(org.keycloak.userprofile.config.UPConfig) ComponentModel(org.keycloak.component.ComponentModel) UPAttributeRequired(org.keycloak.userprofile.config.UPAttributeRequired) UPAttribute(org.keycloak.userprofile.config.UPAttribute)

Example 13 with UPConfig

use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.

the class LDAPAdminRestApiWithUserProfileTest method enableDynamicUserProfile.

private void enableDynamicUserProfile(RealmRepresentation realmRep) throws IOException {
    VerifyProfileTest.enableDynamicUserProfile(realmRep);
    testRealm().update(realmRep);
    UPConfig upConfig = readValue(testRealm().users().userProfile().getConfiguration(), UPConfig.class);
    UPAttribute attribute = new UPAttribute();
    attribute.setName(LDAPConstants.LDAP_ID);
    UPAttributePermissions permissions = new UPAttributePermissions();
    permissions.setView(Collections.singleton("admin"));
    attribute.setPermissions(permissions);
    upConfig.addAttribute(attribute);
    setUserProfileConfiguration(testRealm(), writeValueAsString(upConfig));
}
Also used : UPAttributePermissions(org.keycloak.userprofile.config.UPAttributePermissions) UPConfig(org.keycloak.userprofile.config.UPConfig) UPAttribute(org.keycloak.userprofile.config.UPAttribute)

Example 14 with UPConfig

use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.

the class UserProfileTest method testNoValidationsIfAdminReadOnly.

private static void testNoValidationsIfAdminReadOnly(KeycloakSession session) throws IOException {
    DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
    ComponentModel component = provider.getComponentModel();
    assertNotNull(component);
    UPConfig config = new UPConfig();
    UPAttribute attribute = new UPAttribute();
    attribute.setName(ATT_ADDRESS);
    UPAttributeRequired requirements = new UPAttributeRequired();
    attribute.setRequired(requirements);
    UPAttributePermissions permissions = new UPAttributePermissions();
    permissions.setEdit(Collections.singleton(UPConfigUtils.ROLE_USER));
    attribute.setPermissions(permissions);
    config.addAttribute(attribute);
    provider.setConfiguration(JsonSerialization.writeValueAsString(config));
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(UserModel.USERNAME, "user");
    // Fails on USER context
    UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    try {
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    // NO fail on ADMIN context - User REST API
    profile = provider.create(UserProfileContext.USER_API, attributes);
    profile.validate();
}
Also used : UPAttributePermissions(org.keycloak.userprofile.config.UPAttributePermissions) ComponentValidationException(org.keycloak.component.ComponentValidationException) ValidationException(org.keycloak.userprofile.ValidationException) UserProfile(org.keycloak.userprofile.UserProfile) HashMap(java.util.HashMap) DeclarativeUserProfileProvider(org.keycloak.userprofile.DeclarativeUserProfileProvider) UPConfig(org.keycloak.userprofile.config.UPConfig) ComponentModel(org.keycloak.component.ComponentModel) UPAttributeRequired(org.keycloak.userprofile.config.UPAttributeRequired) UPAttribute(org.keycloak.userprofile.config.UPAttribute)

Example 15 with UPConfig

use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.

the class UserProfileTest method testRequiredByClientScope.

private static void testRequiredByClientScope(KeycloakSession session) throws IOException {
    DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
    ComponentModel component = provider.getComponentModel();
    assertNotNull(component);
    UPConfig config = new UPConfig();
    UPAttribute attribute = new UPAttribute();
    attribute.setName(ATT_ADDRESS);
    UPAttributeRequired requirements = new UPAttributeRequired();
    requirements.setScopes(Collections.singleton("client-a"));
    attribute.setRequired(requirements);
    UPAttributePermissions permissions = new UPAttributePermissions();
    permissions.setEdit(Collections.singleton("user"));
    attribute.setPermissions(permissions);
    config.addAttribute(attribute);
    provider.setConfiguration(JsonSerialization.writeValueAsString(config));
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(UserModel.USERNAME, "user");
    attributes.put(UserModel.EMAIL, "user@email.test");
    // client with default scopes for which is attribute NOT configured as required
    configureAuthenticationSession(session, "client-b", null);
    // no fail on User API nor Account console as they do not have scopes
    UserProfile profile = provider.create(UserProfileContext.USER_API, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.ACCOUNT, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.ACCOUNT_OLD, attributes);
    profile.validate();
    // no fail on auth flow scopes when scope is not required
    profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.REGISTRATION_USER_CREATION, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.IDP_REVIEW, attributes);
    profile.validate();
    // client with default scope for which is attribute configured as required
    configureAuthenticationSession(session, "client-a", null);
    // no fail on User API nor Account console as they do not have scopes
    profile = provider.create(UserProfileContext.USER_API, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.ACCOUNT, attributes);
    profile.validate();
    profile = provider.create(UserProfileContext.ACCOUNT_OLD, attributes);
    profile.validate();
    // fail on auth flow scopes when scope is required
    try {
        profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    try {
        profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
    try {
        profile = provider.create(UserProfileContext.IDP_REVIEW, attributes);
        profile.validate();
        fail("Should fail validation");
    } catch (ValidationException ve) {
        assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
    }
}
Also used : UPAttributePermissions(org.keycloak.userprofile.config.UPAttributePermissions) ComponentValidationException(org.keycloak.component.ComponentValidationException) ValidationException(org.keycloak.userprofile.ValidationException) UserProfile(org.keycloak.userprofile.UserProfile) HashMap(java.util.HashMap) DeclarativeUserProfileProvider(org.keycloak.userprofile.DeclarativeUserProfileProvider) UPConfig(org.keycloak.userprofile.config.UPConfig) ComponentModel(org.keycloak.component.ComponentModel) UPAttributeRequired(org.keycloak.userprofile.config.UPAttributeRequired) UPAttribute(org.keycloak.userprofile.config.UPAttribute)

Aggregations

UPConfig (org.keycloak.userprofile.config.UPConfig)26 UPAttribute (org.keycloak.userprofile.config.UPAttribute)22 HashMap (java.util.HashMap)13 ComponentValidationException (org.keycloak.component.ComponentValidationException)13 DeclarativeUserProfileProvider (org.keycloak.userprofile.DeclarativeUserProfileProvider)12 ComponentModel (org.keycloak.component.ComponentModel)11 UserProfile (org.keycloak.userprofile.UserProfile)11 UPAttributePermissions (org.keycloak.userprofile.config.UPAttributePermissions)11 ValidationException (org.keycloak.userprofile.ValidationException)10 UPAttributeRequired (org.keycloak.userprofile.config.UPAttributeRequired)10 ByteArrayInputStream (java.io.ByteArrayInputStream)3 IOException (java.io.IOException)3 RealmModel (org.keycloak.models.RealmModel)3 UserModel (org.keycloak.models.UserModel)3 UPGroup (org.keycloak.userprofile.config.UPGroup)3 Map (java.util.Map)2 Test (org.junit.Test)2 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)2 UserProfileProvider (org.keycloak.userprofile.UserProfileProvider)2 UPAttributeSelector (org.keycloak.userprofile.config.UPAttributeSelector)2