Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#setAuthorizationServicesEnabled()
The following examples show how to use
org.keycloak.representations.idm.ClientRepresentation#setAuthorizationServicesEnabled() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 6 votes |
|
private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setPublicClient(false);
client.setSecret("secret");
client.setDirectAccessGrantsEnabled(true);
client.setEnabled(true);
client.setAuthorizationServicesEnabled(true);
ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation();
authorizationSettings.setResources(new ArrayList<>());
authorizationSettings.setPolicies(new ArrayList<>());
configurePermissionResourcePermission(authorizationSettings);
configureClaimBasedPermission(authorizationSettings);
configureHttpResponseClaimBasedPermission(authorizationSettings);
configureBodyClaimBasedPermission(authorizationSettings);
configurePaths(authorizationSettings);
client.setAuthorizationSettings(authorizationSettings);
return client;
}
Example 2
| Source File: AbstractAuthorizationTest.java From keycloak with Apache License 2.0 | 6 votes |
|
protected void enableAuthorizationServices(boolean enable) {
ClientRepresentation resourceServer = getResourceServer();
resourceServer.setAuthorizationServicesEnabled(enable);
resourceServer.setServiceAccountsEnabled(true);
resourceServer.setPublicClient(false);
resourceServer.setSecret("secret");
getClientResource().update(resourceServer);
if (enable) {
AuthorizationResource authorization = getClientResource().authorization();
ResourceServerRepresentation settings = authorization.exportSettings();
settings.setAllowRemoteResourceManagement(true);
authorization.update(settings);
}
}
Example 3
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 5 votes |
|
private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setPublicClient(false);
client.setSecret("secret");
client.setDirectAccessGrantsEnabled(true);
client.setEnabled(true);
client.setAuthorizationServicesEnabled(true);
ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation();
authorizationSettings.setResources(new ArrayList<>());
authorizationSettings.setPolicies(new ArrayList<>());
configurePermissionResourcePermission(authorizationSettings);
configureClaimBasedPermission(authorizationSettings);
configureHttpResponseClaimBasedPermission(authorizationSettings);
configureBodyClaimBasedPermission(authorizationSettings);
configurePaths(authorizationSettings);
configureScopePermission(authorizationSettings);
client.setAuthorizationSettings(authorizationSettings);
return client;
}
Example 4
| Source File: AbstractClientTest.java From keycloak with Apache License 2.0 | 5 votes |
|
protected String createOidcConfidentialClientWithAuthz(String name) {
ClientRepresentation clientRep = createOidcClientRep(name);
clientRep.setBearerOnly(Boolean.FALSE);
clientRep.setPublicClient(Boolean.FALSE);
clientRep.setAuthorizationServicesEnabled(Boolean.TRUE);
clientRep.setServiceAccountsEnabled(Boolean.TRUE);
String id = createClient(clientRep);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientResourcePath(id), ResourceType.AUTHORIZATION_RESOURCE_SERVER);
return id;
}
Example 5
| Source File: PartialImportTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private void addClients(boolean withServiceAccounts) throws IOException {
List<ClientRepresentation> clients = new ArrayList<>();
List<UserRepresentation> serviceAccounts = new ArrayList<>();
for (int i = 0; i < NUM_ENTITIES; i++) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(CLIENT_PREFIX + i);
client.setName(CLIENT_PREFIX + i);
clients.add(client);
if (withServiceAccounts) {
client.setServiceAccountsEnabled(true);
client.setBearerOnly(false);
client.setPublicClient(false);
client.setAuthorizationSettings(resourceServerSampleSettings);
client.setAuthorizationServicesEnabled(true);
// create the user service account
UserRepresentation serviceAccount = new UserRepresentation();
serviceAccount.setUsername(ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + client.getClientId());
serviceAccount.setEnabled(true);
serviceAccount.setEmail(serviceAccount.getUsername() + "@placeholder.org");
serviceAccount.setServiceAccountClientId(client.getClientId());
serviceAccounts.add(serviceAccount);
}
}
if (withServiceAccounts) {
if (piRep.getUsers() == null) {
piRep.setUsers(new ArrayList<>());
}
piRep.getUsers().addAll(serviceAccounts);
}
piRep.setClients(clients);
}
Example 6
| Source File: DefaultAuthzConfigAdapterTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private void configureAuthorizationServices() {
ClientsResource clients = realmsResouce().realm(REALM_NAME).clients();
ClientRepresentation client = clients.findByClientId(RESOURCE_SERVER_ID).get(0);
client.setAuthorizationServicesEnabled(false);
// disables authorization services and remove authorization configuration from the client app
clients.get(client.getId()).update(client);
client.setAuthorizationServicesEnabled(true);
// enable authorization services in order to generate the default config and continue with tests
clients.get(client.getId()).update(client);
}
Example 7
| Source File: ResourcesRestServiceTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public void after() {
super.after();
ClientResource resourceServer = getResourceServer();
ClientRepresentation representation = resourceServer.toRepresentation();
representation.setAuthorizationServicesEnabled(false);
resourceServer.update(representation);
representation.setAuthorizationServicesEnabled(true);
resourceServer.update(representation);
}
Example 8
| Source File: AbstractAuthorizationSettingsTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private ClientRepresentation createResourceServer() {
ClientRepresentation newClient = createClientRep("oidc-confidetial", OIDC);
createClient(newClient);
newClient.setRedirectUris(TEST_REDIRECT_URIs);
newClient.setAuthorizationServicesEnabled(true);
clientSettingsPage.form().setAccessType(ClientSettingsForm.OidcAccessType.CONFIDENTIAL);
clientSettingsPage.form().setRedirectUris(TEST_REDIRECT_URIs);
clientSettingsPage.form().setAuthorizationSettingsEnabled(true);
clientSettingsPage.form().save();
assertAlertSuccess();
ClientRepresentation found = findClientByClientId(newClient.getClientId());
assertNotNull("Client " + newClient.getClientId() + " was not found.", found);
newClient.setPublicClient(false);
newClient.setServiceAccountsEnabled(true);
assertClientSettingsEqual(newClient, found);
assertTrue(clientSettingsPage.tabs().getTabs().findElement(By.linkText("Authorization")).isDisplayed());
clientSettingsPage.setId(found.getId());
clientSettingsPage.navigateTo();
authorizationPage.setId(found.getId());
clientSettingsPage.tabs().authorization();
assertTrue(authorizationPage.isCurrent());
newClient.setId(found.getId());
return newClient;
}
Example 9
| Source File: ClientResource.java From keycloak with Apache License 2.0 | 5 votes |
|
private void updateClientFromRep(ClientRepresentation rep, ClientModel client, KeycloakSession session) throws ModelDuplicateException {
UserModel serviceAccount = this.session.users().getServiceAccount(client);
if (TRUE.equals(rep.isServiceAccountsEnabled())) {
if (serviceAccount == null) {
new ClientManager(new RealmManager(session)).enableServiceAccount(client);
}
}
else {
if (serviceAccount != null) {
new UserManager(session).removeUser(realm, serviceAccount);
}
}
if (rep.getClientId() != null && !rep.getClientId().equals(client.getClientId())) {
new ClientManager(new RealmManager(session)).clientIdChanged(client, rep.getClientId());
}
if (rep.isFullScopeAllowed() != null && rep.isFullScopeAllowed() != client.isFullScopeAllowed()) {
auth.clients().requireManage(client);
}
if ((rep.isBearerOnly() != null && rep.isBearerOnly()) || (rep.isPublicClient() != null && rep.isPublicClient())) {
rep.setAuthorizationServicesEnabled(false);
}
RepresentationToModel.updateClient(rep, client);
RepresentationToModel.updateClientProtocolMappers(rep, client);
updateAuthorizationSettings(rep);
}
Example 10
| Source File: OIDCClientRegistrationProvider.java From keycloak with Apache License 2.0 | 5 votes |
|
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response createOIDC(OIDCClientRepresentation clientOIDC) {
if (clientOIDC.getClientId() != null) {
throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client Identifier included", Response.Status.BAD_REQUEST);
}
try {
ClientRepresentation client = DescriptionConverter.toInternal(session, clientOIDC);
List<String> grantTypes = clientOIDC.getGrantTypes();
if (grantTypes != null && grantTypes.contains(OAuth2Constants.UMA_GRANT_TYPE)) {
client.setAuthorizationServicesEnabled(true);
}
OIDCClientRegistrationContext oidcContext = new OIDCClientRegistrationContext(session, client, this, clientOIDC);
client = create(oidcContext);
ClientModel clientModel = session.getContext().getRealm().getClientByClientId(client.getClientId());
updatePairwiseSubMappers(clientModel, SubjectType.parse(clientOIDC.getSubjectType()), clientOIDC.getSectorIdentifierUri());
updateClientRepWithProtocolMappers(clientModel, client);
URI uri = session.getContext().getUri().getAbsolutePathBuilder().path(client.getClientId()).build();
clientOIDC = DescriptionConverter.toExternalResponse(session, client, uri);
clientOIDC.setClientIdIssuedAt(Time.currentTime());
return Response.created(uri).entity(clientOIDC).build();
} catch (ClientRegistrationException cre) {
ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage());
throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST);
}
}
Example 11
| Source File: PermissionClaimTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@After
public void removeAuthorization() throws Exception {
ClientResource client = getClient(getRealm());
ClientRepresentation representation = client.toRepresentation();
representation.setAuthorizationServicesEnabled(false);
client.update(representation);
representation.setAuthorizationServicesEnabled(true);
client.update(representation);
ResourcesResource resources = client.authorization().resources();
List<ResourceRepresentation> defaultResource = resources.findByName("Default Resource");
resources.resource(defaultResource.get(0).getId()).remove();
}
Example 12
| Source File: EntitlementAPITest.java From keycloak with Apache License 2.0 | 3 votes |
|
private void removeAuthorization(String clientId) throws Exception {
ClientResource client = getClient(getRealm(), clientId);
ClientRepresentation representation = client.toRepresentation();
representation.setAuthorizationServicesEnabled(false);
client.update(representation);
representation.setAuthorizationServicesEnabled(true);
client.update(representation);
}
