use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.
the class UserProfileTest method testCustomValidationForUsername.
private static void testCustomValidationForUsername(KeycloakSession session) throws IOException {
DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
ComponentModel component = provider.getComponentModel();
assertNotNull(component);
UPConfig config = new UPConfig();
UPAttribute attribute = new UPAttribute();
attribute.setName(UserModel.USERNAME);
Map<String, Object> validatorConfig = new HashMap<>();
validatorConfig.put("min", 4);
attribute.addValidation(LengthValidator.ID, validatorConfig);
config.addAttribute(attribute);
provider.setConfiguration(JsonSerialization.writeValueAsString(config));
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "us");
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
try {
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(UserModel.USERNAME));
assertTrue(ve.hasError(LengthValidator.MESSAGE_INVALID_LENGTH_TOO_SHORT));
}
attributes.put(UserModel.USERNAME, "user");
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
provider.setConfiguration(null);
attributes.put(UserModel.USERNAME, "user");
attributes.put(UserModel.FIRST_NAME, "Joe");
attributes.put(UserModel.LAST_NAME, "Doe");
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
}
use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.
the class UserProfileTest method testRequiredIfUser.
private static void testRequiredIfUser(KeycloakSession session) throws IOException {
DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
ComponentModel component = provider.getComponentModel();
assertNotNull(component);
UPConfig config = new UPConfig();
UPAttribute attribute = new UPAttribute();
attribute.setName(ATT_ADDRESS);
UPAttributeRequired requirements = new UPAttributeRequired();
requirements.setRoles(Collections.singleton(ROLE_USER));
attribute.setRequired(requirements);
UPAttributePermissions permissions = new UPAttributePermissions();
permissions.setEdit(Collections.singleton(ROLE_USER));
attribute.setPermissions(permissions);
config.addAttribute(attribute);
provider.setConfiguration(JsonSerialization.writeValueAsString(config));
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "user");
// fail on common contexts
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
try {
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
profile = provider.create(UserProfileContext.ACCOUNT, attributes);
try {
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
try {
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
attributes.put(UserModel.FIRST_NAME, "Joe");
attributes.put(UserModel.LAST_NAME, "Doe");
// no fail on User API
profile = provider.create(UserProfileContext.USER_API, attributes);
profile.validate();
}
use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.
the class LDAPAdminRestApiWithUserProfileTest method enableDynamicUserProfile.
private void enableDynamicUserProfile(RealmRepresentation realmRep) throws IOException {
VerifyProfileTest.enableDynamicUserProfile(realmRep);
testRealm().update(realmRep);
UPConfig upConfig = readValue(testRealm().users().userProfile().getConfiguration(), UPConfig.class);
UPAttribute attribute = new UPAttribute();
attribute.setName(LDAPConstants.LDAP_ID);
UPAttributePermissions permissions = new UPAttributePermissions();
permissions.setView(Collections.singleton("admin"));
attribute.setPermissions(permissions);
upConfig.addAttribute(attribute);
setUserProfileConfiguration(testRealm(), writeValueAsString(upConfig));
}
use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.
the class UserProfileTest method testNoValidationsIfAdminReadOnly.
private static void testNoValidationsIfAdminReadOnly(KeycloakSession session) throws IOException {
DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
ComponentModel component = provider.getComponentModel();
assertNotNull(component);
UPConfig config = new UPConfig();
UPAttribute attribute = new UPAttribute();
attribute.setName(ATT_ADDRESS);
UPAttributeRequired requirements = new UPAttributeRequired();
attribute.setRequired(requirements);
UPAttributePermissions permissions = new UPAttributePermissions();
permissions.setEdit(Collections.singleton(UPConfigUtils.ROLE_USER));
attribute.setPermissions(permissions);
config.addAttribute(attribute);
provider.setConfiguration(JsonSerialization.writeValueAsString(config));
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "user");
// Fails on USER context
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
try {
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
// NO fail on ADMIN context - User REST API
profile = provider.create(UserProfileContext.USER_API, attributes);
profile.validate();
}
use of org.keycloak.userprofile.config.UPConfig in project keycloak by keycloak.
the class UserProfileTest method testRequiredByClientScope.
private static void testRequiredByClientScope(KeycloakSession session) throws IOException {
DeclarativeUserProfileProvider provider = getDynamicUserProfileProvider(session);
ComponentModel component = provider.getComponentModel();
assertNotNull(component);
UPConfig config = new UPConfig();
UPAttribute attribute = new UPAttribute();
attribute.setName(ATT_ADDRESS);
UPAttributeRequired requirements = new UPAttributeRequired();
requirements.setScopes(Collections.singleton("client-a"));
attribute.setRequired(requirements);
UPAttributePermissions permissions = new UPAttributePermissions();
permissions.setEdit(Collections.singleton("user"));
attribute.setPermissions(permissions);
config.addAttribute(attribute);
provider.setConfiguration(JsonSerialization.writeValueAsString(config));
Map<String, Object> attributes = new HashMap<>();
attributes.put(UserModel.USERNAME, "user");
attributes.put(UserModel.EMAIL, "user@email.test");
// client with default scopes for which is attribute NOT configured as required
configureAuthenticationSession(session, "client-b", null);
// no fail on User API nor Account console as they do not have scopes
UserProfile profile = provider.create(UserProfileContext.USER_API, attributes);
profile.validate();
profile = provider.create(UserProfileContext.ACCOUNT, attributes);
profile.validate();
profile = provider.create(UserProfileContext.ACCOUNT_OLD, attributes);
profile.validate();
// no fail on auth flow scopes when scope is not required
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
profile.validate();
profile = provider.create(UserProfileContext.REGISTRATION_USER_CREATION, attributes);
profile.validate();
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
profile = provider.create(UserProfileContext.IDP_REVIEW, attributes);
profile.validate();
// client with default scope for which is attribute configured as required
configureAuthenticationSession(session, "client-a", null);
// no fail on User API nor Account console as they do not have scopes
profile = provider.create(UserProfileContext.USER_API, attributes);
profile.validate();
profile = provider.create(UserProfileContext.ACCOUNT, attributes);
profile.validate();
profile = provider.create(UserProfileContext.ACCOUNT_OLD, attributes);
profile.validate();
// fail on auth flow scopes when scope is required
try {
profile = provider.create(UserProfileContext.UPDATE_PROFILE, attributes);
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
try {
profile = provider.create(UserProfileContext.REGISTRATION_PROFILE, attributes);
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
try {
profile = provider.create(UserProfileContext.IDP_REVIEW, attributes);
profile.validate();
fail("Should fail validation");
} catch (ValidationException ve) {
assertTrue(ve.isAttributeOnError(ATT_ADDRESS));
}
}
Aggregations