Java Code Examples for org.keycloak.admin.client.Keycloak#realm()

The following examples show how to use org.keycloak.admin.client.Keycloak#realm() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ClientAttributeUpdater.java    From keycloak with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@ClientAttributeUpdater} for the given client. The client must exist.
 * @param adminClient
 * @param realm
 * @param clientId
 * @return
 */
public static ClientAttributeUpdater forClient(Keycloak adminClient, String realm, String clientId) {
    RealmResource realmRes = adminClient.realm(realm);
    ClientsResource clients = realmRes.clients();
    List<ClientRepresentation> foundClients = clients.findByClientId(clientId);
    assertThat(foundClients, hasSize(1));
    ClientResource clientRes = clients.get(foundClients.get(0).getId());
    
    return new ClientAttributeUpdater(clientRes, realmRes);
}
 
Example 2
Source File: UsersTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private RealmResource setupTestEnvironmentWithPermissions(boolean grp1ViewPermissions) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
    String testUserId = createUser(realmId, "test-user", "password", "", "", "");
    //assign 'query-users' role to test user
    ClientRepresentation clientRepresentation = realm.clients().findByClientId("realm-management").get(0);
    String realmManagementId = clientRepresentation.getId();
    RoleRepresentation roleRepresentation = realm.clients().get(realmManagementId).roles().get("query-users").toRepresentation();
    realm.users().get(testUserId).roles().clientLevel(realmManagementId).add(Collections.singletonList(roleRepresentation));

    //create test users and groups
    List<GroupRepresentation> groups = setupUsersInGroupsWithPermissions();

    if (grp1ViewPermissions) {
        AuthorizationResource authorizationResource = realm.clients().get(realmManagementId).authorization();
        //create a user policy for the test user
        UserPolicyRepresentation policy = new UserPolicyRepresentation();
        String policyName = "test-policy";
        policy.setName(policyName);
        policy.setUsers(Collections.singleton(testUserId));
        authorizationResource.policies().user().create(policy);
        PolicyRepresentation policyRepresentation = authorizationResource.policies().findByName(policyName);
        //add the policy to grp1
        Optional<GroupRepresentation> optional = groups.stream().filter(g -> g.getName().equals("grp1")).findFirst();
        assertThat(optional.isPresent(), is(true));
        GroupRepresentation grp1 = optional.get();
        ScopePermissionRepresentation scopePermissionRepresentation = authorizationResource.permissions().scope().findByName("view.members.permission.group." + grp1.getId());
        scopePermissionRepresentation.setPolicies(Collections.singleton(policyRepresentation.getId()));
        scopePermissionRepresentation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
        authorizationResource.permissions().scope().findById(scopePermissionRepresentation.getId()).update(scopePermissionRepresentation);
    }

    Keycloak testUserClient = AdminClientUtil.createAdminClient(true, realm.toRepresentation().getRealm(), "test-user", "password", "admin-cli", "");

    return testUserClient.realm(realm.toRepresentation().getRealm());
}
 
Example 3
Source File: FixedHostnameTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private void assertSamlLogin(Keycloak testAdminClient, String realm, String expectedBaseUrl) throws Exception {
    final String realmUrl = expectedBaseUrl + "/auth/realms/" + realm;
    final String baseSamlEndpointUrl = realmUrl + "/protocol/saml";
    String entityDescriptor = null;
    RealmResource realmResource = testAdminClient.realm(realm);
    ClientRepresentation clientRep = ClientBuilder.create()
      .protocol(SamlProtocol.LOGIN_PROTOCOL)
      .clientId(SAML_CLIENT_ID)
      .enabled(true)
      .attribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false")
      .redirectUris("http://foo.bar/")
      .build();
    try (Creator<ClientResource> c = Creator.create(realmResource, clientRep);
      Creator<UserResource> u = Creator.create(realmResource, UserBuilder.create().username("bicycle").password("race").enabled(true).build())) {
        SAMLDocumentHolder samlResponse = new SamlClientBuilder()
          .authnRequest(new URI(baseSamlEndpointUrl), SAML_CLIENT_ID, "http://foo.bar/", Binding.POST).build()
          .login().user("bicycle", "race").build()
          .getSamlResponse(Binding.POST);

        assertThat(samlResponse.getSamlObject(), org.keycloak.testsuite.util.Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType response = (ResponseType) samlResponse.getSamlObject();

        assertThat(response.getAssertions(), hasSize(1));
        assertThat(response.getAssertions().get(0).getAssertion().getIssuer().getValue(), is(realmUrl));
    } catch (Exception e) {
        log.errorf("Caught exception while parsing SAML descriptor %s", entityDescriptor);
    }
}
 
Example 4
Source File: Realm.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public RealmResource resource(Keycloak adminClient) {
    return adminClient.realm(getRepresentation().getRealm());
}
 
Example 5
Source File: Creator.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public static Creator<RealmResource> create(Keycloak adminClient, RealmRepresentation rep) {
    adminClient.realms().create(rep);
    final RealmResource r = adminClient.realm(rep.getRealm());
    LOG.debugf("Created realm %s", rep.getRealm());
    return new Creator(rep.getRealm(), r, r::remove);
}