org.keycloak.representations.idm.RealmRepresentation Java Examples

The following examples show how to use org.keycloak.representations.idm.RealmRepresentation. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: PartialImportTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Test
public void testAddUsersWithDuplicateEmailsAllowed() {
    
    RealmRepresentation realmRep = testRealmResource().toRepresentation();
    realmRep.setDuplicateEmailsAllowed(true);
    testRealmResource().update(realmRep);
            
    assertAdminEvents.clear();

    setFail();
    addUsers();
    doImport();
    
    UserRepresentation user = createUserRepresentation(USER_PREFIX + 999, USER_PREFIX + 1 + "@foo.com", "foo", "bar", true);
    piRep.setUsers(Arrays.asList(user));
    
    PartialImportResults results = doImport();
    assertEquals(1, results.getAdded());
}
 
Example #2
Source File: ImportUsersIT.java    From keycloak-config-cli with Apache License 2.0 6 votes vote down vote up
@Test
@Order(0)
void shouldCreateRealmWithUser() {
    doImport("00_create_realm_with_user.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    UserRepresentation createdUser = keycloakRepository.getUser(REALM_NAME, "myuser");
    assertThat(createdUser.getUsername(), is("myuser"));
    assertThat(createdUser.getEmail(), is("myuser@mail.de"));
    assertThat(createdUser.isEnabled(), is(true));
    assertThat(createdUser.getFirstName(), is("My firstname"));
    assertThat(createdUser.getLastName(), is("My lastname"));

    Map<String, List<String>> createdUserAttributes = createdUser.getAttributes();
    assertThat(createdUserAttributes, notNullValue());
    assertThat(createdUserAttributes.get("locale"), contains("de"));
}
 
Example #3
Source File: ImportGroupsIT.java    From keycloak-config-cli with Apache License 2.0 6 votes vote down vote up
@Test
@Order(11)
void shouldUpdateRealmUpdateGroupAddClientRole() {
    doImport("11_update_realm_update_group_add_client_role.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();
    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    GroupRepresentation updatedGroup = loadGroup("/My Group");
    assertThat("name not equal", updatedGroup.getName(), is("My Group"));
    assertThat("path not equal", updatedGroup.getPath(), is("/My Group"))
    ;
    assertThat("attributes is null", updatedGroup.getAttributes(), aMapWithSize(1));
    assertThat("attributes is null", updatedGroup.getAttributes(), hasEntry(is("my added attribute"), containsInAnyOrder("my added attribute value")));

    assertThat("realm roles is null", updatedGroup.getRealmRoles(), contains("my_realm_role"));
    assertThat("client roles is null", updatedGroup.getClientRoles(), aMapWithSize(1));
    assertThat("client roles is null", updatedGroup.getClientRoles(), hasEntry(is("moped-client"), containsInAnyOrder("my_client_role")));
    assertThat("subgroups not empty", updatedGroup.getSubGroups(), hasSize(0));
}
 
Example #4
Source File: ImportComponentsIT.java    From keycloak-config-cli with Apache License 2.0 6 votes vote down vote up
@Test
@Order(1)
void shouldCreateRealmWithComponent() {
    doImport("00_create_realm_with_component.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    ComponentRepresentation rsaComponent = getComponent(
            "org.keycloak.keys.KeyProvider",
            "rsa-generated"
    );

    assertThat(rsaComponent.getName(), is("rsa-generated"));
    assertThat(rsaComponent.getProviderId(), is("rsa-generated"));
    MultivaluedHashMap<String, String> componentConfig = rsaComponent.getConfig();

    List<String> keySize = componentConfig.get("keySize");
    assertThat(keySize, hasSize(1));
    assertThat(keySize.get(0), is("4096"));
}
 
Example #5
Source File: AdminEventAuthDetailsTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    RealmBuilder realm = RealmBuilder.create().name("test").testEventListener();
    client1Uuid = KeycloakModelUtils.generateId();
    realm.client(ClientBuilder.create().id(client1Uuid).clientId("client1").publicClient().directAccessGrants());

    admin1Id =  KeycloakModelUtils.generateId();
    realm.user(UserBuilder.create().id(admin1Id).username("admin1").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.REALM_ADMIN));

    admin2Id =  KeycloakModelUtils.generateId();
    realm.user(UserBuilder.create().id(admin2Id).username("admin2").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.REALM_ADMIN));

    appUserId =  KeycloakModelUtils.generateId();
    realm.user(UserBuilder.create().id(appUserId).username("app-user").password("password"));

    testRealms.add(realm.build());
}
 
Example #6
Source File: SMTPConnectionTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testAuthEnabledAndSavedCredentials() throws Exception {
    RealmRepresentation realmRep = realm.toRepresentation();
    Map<String, String> oldSmtp = realmRep.getSmtpServer();
    try {
        realmRep.setSmtpServer(smtpMap("127.0.0.1", "3025", "auto@keycloak.org", "true", null, null,
                "admin@localhost", SMTP_PASSWORD, null, null));
        realm.update(realmRep);

        greenMailRule.credentials("admin@localhost", "admin");
        Response response = realm.testSMTPConnection(settings("127.0.0.1", "3025", "auto@keycloak.org", "true", null, null,
                "admin@localhost", SECRET_VALUE));
        assertStatus(response, 204);
    } finally {
        // Revert SMTP back
        realmRep.setSmtpServer(oldSmtp);
        realm.update(realmRep);
    }
}
 
Example #7
Source File: ImportGroupsIT.java    From keycloak-config-cli with Apache License 2.0 6 votes vote down vote up
@Test
@Order(9)
void shouldUpdateRealmUpdateGroupAddAttribute() {
    doImport("09_update_realm_update_group_add_attribute.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();
    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    GroupRepresentation updatedGroup = loadGroup("/My Group");
    assertThat("name not equal", updatedGroup.getName(), is("My Group"));
    assertThat("path not equal", updatedGroup.getPath(), is("/My Group"));

    assertThat("attributes is null", updatedGroup.getAttributes(), aMapWithSize(1));
    assertThat("attributes is null", updatedGroup.getAttributes(), hasEntry(is("my added attribute"), containsInAnyOrder("my added attribute value")));

    assertThat("realm roles is null", updatedGroup.getRealmRoles(), hasSize(0));
    assertThat("client roles is null", updatedGroup.getClientRoles(), aMapWithSize(0));
    assertThat("subgroups not empty", updatedGroup.getSubGroups(), hasSize(0));
}
 
Example #8
Source File: EmbeddedKeycloakApplication.java    From spring-security-oauth with MIT License 6 votes vote down vote up
private void createBaeldungRealm() {
    KeycloakSession session = getSessionFactory().create();

    try {
        session.getTransactionManager()
            .begin();

        RealmManager manager = new RealmManager(session);
        Resource lessonRealmImportFile = new ClassPathResource(keycloakServerProperties.getRealmImportFile());

        manager.importRealm(JsonSerialization.readValue(lessonRealmImportFile.getInputStream(), RealmRepresentation.class));

        session.getTransactionManager()
            .commit();
    } catch (Exception ex) {
        LOG.warn("Failed to import Realm json file: {}", ex.getMessage());
        session.getTransactionManager()
            .rollback();
    }

    session.close();
}
 
Example #9
Source File: ImportRolesIT.java    From keycloak-config-cli with Apache License 2.0 6 votes vote down vote up
@Test
@Order(16)
void shouldAddClientRoleWithRealmRoleComposite() {
    doImport("16_update_realm__add_client_role_with_realm_role_composite.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    RoleRepresentation realmRole = keycloakRepository.getClientRole(
            REALM_NAME,
            "moped-client",
            "my_composite_moped_client_role"
    );

    assertThat(realmRole.getName(), is("my_composite_moped_client_role"));
    assertThat(realmRole.isComposite(), is(true));
    assertThat(realmRole.getClientRole(), is(true));
    assertThat(realmRole.getDescription(), is("My composite moped-client role"));

    RoleRepresentation.Composites composites = realmRole.getComposites();
    assertThat(composites, notNullValue());
    assertThat(composites.getRealm(), contains("my_realm_role"));
    assertThat(composites.getClient(), is(nullValue()));
}
 
Example #10
Source File: MyResourcesTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    super.addTestRealms(testRealms);
    testRealm = testRealms.get(0);
    testRealm.setUserManagedAccessAllowed(true);

    testRealm.setUsers(Lists.asList("admin", userNames).stream().map(this::createUser).collect(Collectors.toList()));

    ClientRepresentation client = ClientBuilder.create()
            .clientId("my-resource-server")
            .authorizationServicesEnabled(true)
            .serviceAccountsEnabled(true)
            .secret("secret")
            .name("My Resource Server")
            .baseUrl("http://resourceserver.com")
            .directAccessGrants().build();

    testRealm.setClients(singletonList(client));
}
 
Example #11
Source File: GroupTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Test
// KEYCLOAK-2700
public void deleteRealmWithDefaultGroups() throws IOException {
    RealmRepresentation rep = new RealmRepresentation();
    rep.setRealm("foo");

    GroupRepresentation group = new GroupRepresentation();
    group.setName("default1");
    group.setPath("/default1");

    rep.setGroups(Collections.singletonList(group));
    rep.setDefaultGroups(Collections.singletonList("/default1"));

    adminClient.realms().create(rep);

    adminClient.realm(rep.getRealm()).remove();
}
 
Example #12
Source File: ImportGroupsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(24)
void shouldUpdateRealmUpdateGroupAddSecondClientRole() {
    doImport("24_update_realm_update_group_delete_add_second_client_role.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();
    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    GroupRepresentation updatedGroup = loadGroup("/My Group");
    assertThat("name not equal", updatedGroup.getName(), is("My Group"));
    assertThat("path not equal", updatedGroup.getPath(), is("/My Group"));

    assertThat("attributes roles is null", updatedGroup.getAttributes(), aMapWithSize(1));
    assertThat("attributes roles is null", updatedGroup.getAttributes(),
            hasEntry(is("my changed attribute"), containsInAnyOrder("my changed attribute value")));
    assertThat("realm roles is null", updatedGroup.getRealmRoles(), hasSize(0));

    assertThat("client roles is null", updatedGroup.getClientRoles(), aMapWithSize(1));
    assertThat("client roles is null", updatedGroup.getClientRoles(), hasEntry(is("moped-client"), containsInAnyOrder("my_client_role", "my_second_client_role")));

    List<GroupRepresentation> subGroups = updatedGroup.getSubGroups();
    assertThat("subgroups is empty", subGroups, hasSize(1));

    GroupRepresentation subGroup = subGroups.get(0);
    assertThat("subgroup is null", subGroup, notNullValue());
    assertThat("subgroup's name not equal", subGroup.getName(), is("My SubGroup"));
    assertThat("subgroup's path not equal", subGroup.getPath(), is("/My Group/My SubGroup"));
    assertThat("subgroup's attributes is null", subGroup.getAttributes(), aMapWithSize(0));
    assertThat("subgroup's realm roles is null", subGroup.getRealmRoles(), hasSize(0));
    assertThat("subgroup's client roles is null", subGroup.getClientRoles(), aMapWithSize(0));
    assertThat("subgroup's subgroups is null", subGroup.getSubGroups(), hasSize(0));
}
 
Example #13
Source File: ScopeMappingImportService.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
private void createOrUpdateScopeMappings(RealmImport realmImport) {
    List<ScopeMappingRepresentation> scopeMappingsToImport = realmImport.getScopeMappings();
    if (scopeMappingsToImport == null) return;

    String realm = realmImport.getRealm();
    RealmRepresentation existingRealm = realmRepository.partialExport(realm, true, true);
    List<ScopeMappingRepresentation> existingScopeMappings = existingRealm.getScopeMappings();

    createOrUpdateRolesInScopeMappings(realm, scopeMappingsToImport, existingScopeMappings);

    if (importConfigProperties.getManaged().getScopeMapping() == ImportManagedPropertiesValues.FULL) {
        cleanupRolesInScopeMappingsIfNecessary(realm, scopeMappingsToImport, existingScopeMappings);
    }
}
 
Example #14
Source File: RealmManager.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private boolean hasRealmRole(RealmRepresentation rep, String roleName) {
    if (rep.getRoles() == null || rep.getRoles().getRealm() == null) {
        return false;
    }

    for (RoleRepresentation role : rep.getRoles().getRealm()) {
        if (roleName.equals(role.getName())) {
            return true;
        }
    }

    return false;
}
 
Example #15
Source File: ImportAuthenticationFlowsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(15)
void shouldChangeResetCredentialsFlow() {
    doImport("10_update_realm__change_custom_reset-credentials-flow.json");

    RealmRepresentation updatedRealm = keycloakProvider.get().realm(REALM_NAME).partialExport(true, true);

    assertThat(updatedRealm.getRealm(), is(REALM_NAME));
    assertThat(updatedRealm.isEnabled(), is(true));

    assertThat(updatedRealm.getResetCredentialsFlow(), is("my reset credentials"));

    AuthenticationFlowRepresentation topLevelFlow = getAuthenticationFlow(updatedRealm, "my reset credentials");
    assertThat(topLevelFlow.getDescription(), is("My changed reset credentials for a user if they forgot their password or something"));
}
 
Example #16
Source File: LoginPageTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    super.addTestRealms(testRealms);
    RealmRepresentation testRealmRep = testRealms.get(0);
    testRealmRep.setDisplayNameHtml("Test realm <b>HTML</b>");
    testRealmRep.setRememberMe(true);
    testRealmRep.setResetPasswordAllowed(true);
    testRealmRep.setRegistrationAllowed(true);
}
 
Example #17
Source File: AbstractKeycloakTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected void removeAllRealmsDespiteMaster() {
    // remove all realms (accidentally left by other tests) except for master
    adminClient.realms().findAll().stream()
            .map(RealmRepresentation::getRealm)
            .filter(realmName -> ! realmName.equals("master"))
            .forEach(this::removeRealm);
    assertThat(adminClient.realms().findAll().size(), is(equalTo(1)));
}
 
Example #18
Source File: ImportAuthenticationFlowsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(24)
void shouldAddTopLevelFlowWithExecutionFlow() {
    doImport("19_update_realm__add-top-level-flow-with-execution-flow.json");

    RealmRepresentation updatedRealm = keycloakProvider.get().realm(REALM_NAME).partialExport(true, true);

    assertThat(updatedRealm.getRealm(), is(REALM_NAME));
    assertThat(updatedRealm.isEnabled(), is(true));

    AuthenticationFlowRepresentation topLevelFlow = getAuthenticationFlow(updatedRealm, "my auth flow with execution-flows");
    assertThat(topLevelFlow.getDescription(), is("My authentication flow with authentication executions"));
    assertThat(topLevelFlow.getProviderId(), is("basic-flow"));
    assertThat(topLevelFlow.isBuiltIn(), is(false));
    assertThat(topLevelFlow.isTopLevel(), is(true));

    AuthenticationFlowRepresentation nonTopLevelFlow = getAuthenticationFlow(updatedRealm, "my execution-flow");

    List<AuthenticationExecutionExportRepresentation> nonTopLevelFlowExecutions = nonTopLevelFlow.getAuthenticationExecutions();
    assertThat(nonTopLevelFlowExecutions, hasSize(2));

    AuthenticationExecutionExportRepresentation execution = getExecutionFromFlow(nonTopLevelFlow, "auth-username-password-form");
    assertThat(execution.getAuthenticator(), is("auth-username-password-form"));
    assertThat(execution.getRequirement(), is("REQUIRED"));
    assertThat(execution.getPriority(), is(0));
    assertThat(execution.isAutheticatorFlow(), is(false));

    execution = getExecutionFromFlow(nonTopLevelFlow, "auth-otp-form");
    assertThat(execution.getAuthenticator(), is("auth-otp-form"));
    assertThat(execution.getRequirement(), is("CONDITIONAL"));
    assertThat(execution.getPriority(), is(1));
    assertThat(execution.isAutheticatorFlow(), is(false));
}
 
Example #19
Source File: ImportSimpleRealmIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(2)
void shouldUpdateSimpleRealm() {
    doImport("1_update_login-theme_to_simple-realm.json");

    RealmRepresentation updatedRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(updatedRealm.getRealm(), is(REALM_NAME));
    assertThat(updatedRealm.isEnabled(), is(true));
    assertThat(updatedRealm.getLoginTheme(), is("moped"));
    assertThat(
            updatedRealm.getAttributes().get("de.adorsys.keycloak.config.import-checksum-default"),
            is("4ac94d3adb91122979e80816a8a355a01f9c7c90a25b6b529bf2a572e1158b1c")
    );
}
 
Example #20
Source File: PartialImportTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Before
public void initAdminEvents() {
    RealmRepresentation realmRep = RealmBuilder.edit(testRealmResource().toRepresentation()).testEventListener().build();
    realmId = realmRep.getId();
    realmRep.setDuplicateEmailsAllowed(false);
    adminClient.realm(realmRep.getRealm()).update(realmRep);

    piRep = new PartialImportRepresentation();
}
 
Example #21
Source File: ImportGroupsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(25)
void shouldUpdateRealmUpdateGroupRemoveClientRole() {
    doImport("25_update_realm_update_group_delete_remove_client_role.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();
    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));

    GroupRepresentation updatedGroup = loadGroup("/My Group");
    assertThat("name not equal", updatedGroup.getName(), is("My Group"));
    assertThat("path not equal", updatedGroup.getPath(), is("/My Group"));

    assertThat("attributes roles is null", updatedGroup.getAttributes(), aMapWithSize(1));
    assertThat("attributes roles is null", updatedGroup.getAttributes(),
            hasEntry(is("my changed attribute"), containsInAnyOrder("my changed attribute value")));
    assertThat("realm roles is null", updatedGroup.getRealmRoles(), hasSize(0));
    assertThat("client roles is null", updatedGroup.getClientRoles(), aMapWithSize(1));
    assertThat("client roles is null", updatedGroup.getClientRoles(), hasEntry(is("moped-client"), containsInAnyOrder("my_second_client_role")));

    List<GroupRepresentation> subGroups = updatedGroup.getSubGroups();
    assertThat("subgroups is empty", subGroups, hasSize(1));

    GroupRepresentation subGroup = subGroups.get(0);
    assertThat("subgroup is null", subGroup, notNullValue());
    assertThat("subgroup's name not equal", subGroup.getName(), is("My SubGroup"));
    assertThat("subgroup's path not equal", subGroup.getPath(), is("/My Group/My SubGroup"));
    assertThat("subgroup's attributes is null", subGroup.getAttributes(), aMapWithSize(0));
    assertThat("subgroup's realm roles is null", subGroup.getRealmRoles(), hasSize(0));
    assertThat("subgroup's client roles is null", subGroup.getClientRoles(), aMapWithSize(0));
    assertThat("subgroup's subgroups is null", subGroup.getSubGroups(), hasSize(0));
}
 
Example #22
Source File: AbstractFirstBrokerLoginTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
/**
 * Refers to in old test suite: org.keycloak.testsuite.broker.AbstractKeycloakIdentityProviderTest#testSuccessfulAuthenticationWithoutUpdateProfile_emailProvided_emailVerifyEnabled_emailTrustEnabled
 */
@Test
public void testVerifyEmailNotRequiredActionWhenEmailIsTrustedByProvider() {
    RealmResource realm = adminClient.realm(bc.consumerRealmName());
    RealmRepresentation realmRep = realm.toRepresentation();

    realmRep.setVerifyEmail(true);

    realm.update(realmRep);

    IdentityProviderRepresentation idpRep = identityProviderResource.toRepresentation();

    idpRep.setTrustEmail(true);

    identityProviderResource.update(idpRep);

    driver.navigate().to(getAccountUrl(getConsumerRoot(), bc.consumerRealmName()));
    logInWithBroker(bc);

    waitForPage(driver, "update account information", false);
    updateAccountInformationPage.assertCurrent();
    updateAccountInformationPage.updateAccountInformation("FirstName", "LastName");

    waitForAccountManagementTitle();
    accountUpdateProfilePage.assertCurrent();

    List<UserRepresentation> users = realm.users().search(bc.getUserLogin());
    assertEquals(1, users.size());
    List<String> requiredActions = users.get(0).getRequiredActions();
    assertEquals(0, requiredActions.size());
}
 
Example #23
Source File: ImportSimpleRealmYamlIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(0)
void shouldCreateSimpleRealm() {
    doImport("0_create_simple-realm.yaml");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));
    assertThat(createdRealm.getLoginTheme(), is(nullValue()));
    assertThat(
            createdRealm.getAttributes().get("de.adorsys.keycloak.config.import-checksum-default"),
            is("de0fd72cce66f641973bde5a13b648582eb2a0718d2cdcd1075bb2ec464d3eb6")
    );
}
 
Example #24
Source File: PolicyEvaluationCompositeRoleTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    RealmRepresentation testRealmRep = new RealmRepresentation();
    testRealmRep.setId(TEST);
    testRealmRep.setRealm(TEST);
    testRealmRep.setEnabled(true);
    testRealms.add(testRealmRep);
}
 
Example #25
Source File: LinkedAccountsTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    super.addTestRealms(testRealms);
    RealmRepresentation realm1 = testRealms.get(0);

    realm1.addIdentityProvider(createIdentityProviderRepresentation(SOCIAL_IDP_ALIAS,
            GoogleIdentityProviderFactory.PROVIDER_ID));

    String oidcRoot = getAuthServerRoot() + "realms/" + REALM2_NAME + "/protocol/openid-connect/";

    IdentityProviderRepresentation systemIdp = createIdentityProviderRepresentation(SYSTEM_IDP_ALIAS,
            OIDCIdentityProviderFactory.PROVIDER_ID);
    systemIdp.getConfig().put("clientId", CLIENT_ID);
    systemIdp.getConfig().put("clientSecret", CLIENT_SECRET);
    systemIdp.getConfig().put("clientAuthMethod", OIDCLoginProtocol.CLIENT_SECRET_POST);
    systemIdp.getConfig().put("authorizationUrl", oidcRoot + "auth");
    systemIdp.getConfig().put("tokenUrl", oidcRoot + "token");
    realm1.addIdentityProvider(systemIdp);

    ClientRepresentation client = ClientBuilder.create()
            .clientId(CLIENT_ID)
            .secret(CLIENT_SECRET)
            .redirectUris(getAuthServerRoot() + "realms/" + TEST + "/broker/" + SYSTEM_IDP_ALIAS + "/endpoint")
            .build();

    // using REALM2 as an identity provider
    RealmRepresentation realm2 = new RealmRepresentation();
    realm2.setId(REALM2_NAME);
    realm2.setRealm(REALM2_NAME);
    realm2.setEnabled(true);
    realm2.setClients(Collections.singletonList(client));
    realm2.setUsers(Collections.singletonList(homerUser));
    testRealms.add(realm2);
}
 
Example #26
Source File: ConflictingScopePermissionTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    testRealms.add(RealmBuilder.create().name("authz-test")
            .user(UserBuilder.create().username("marta").password("password"))
            .user(UserBuilder.create().username("kolo").password("password"))
            .client(ClientBuilder.create().clientId("resource-server-test")
                .secret("secret")
                .authorizationServicesEnabled(true)
                .redirectUris("http://localhost/resource-server-test")
                .defaultRoles("uma_protection")
                .directAccessGrants())
            .build());
}
 
Example #27
Source File: ImportSimpleRealmCustomImportKeyIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(0)
void shouldCreateSimpleRealm() {
    doImport("0_create_simple-realm.json");

    RealmRepresentation createdRealm = keycloakProvider.get().realm(REALM_NAME).toRepresentation();

    assertThat(createdRealm.getRealm(), is(REALM_NAME));
    assertThat(createdRealm.isEnabled(), is(true));
    assertThat(createdRealm.getLoginTheme(), is(nullValue()));
    assertThat(
            createdRealm.getAttributes().get("de.adorsys.keycloak.config.import-checksum-custom"),
            is("f1fa7181b84f808b5402f47c1b875195dc9b6d8a1c1f9e22227985ac63eb2ada")
    );
}
 
Example #28
Source File: ImpersonationTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
    RealmBuilder realm = RealmBuilder.create().name("test").testEventListener();

    realm.client(ClientBuilder.create().clientId("myclient").publicClient().directAccessGrants());

    impersonatedUserId = KeycloakModelUtils.generateId();

    realm.user(UserBuilder.create().id(impersonatedUserId).username("test-user@localhost"));
    realm.user(UserBuilder.create().username("realm-admin").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.REALM_ADMIN));
    realm.user(UserBuilder.create().username("impersonator").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, ImpersonationConstants.IMPERSONATION_ROLE).role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.VIEW_USERS));
    realm.user(UserBuilder.create().username("bad-impersonator").password("password").role(Constants.REALM_MANAGEMENT_CLIENT_ID, AdminRoles.MANAGE_USERS));

    testRealms.add(realm.build());
}
 
Example #29
Source File: ImportAuthenticationFlowsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(1)
void shouldAddExecutionToFlow() {
    doImport("01_update_realm__add_execution_to_flow.json");

    RealmRepresentation updatedRealm = keycloakProvider.get().realm(REALM_NAME).partialExport(true, true);

    assertThat(updatedRealm.getRealm(), is(REALM_NAME));
    assertThat(updatedRealm.isEnabled(), is(true));

    AuthenticationFlowRepresentation unchangedFlow = getAuthenticationFlow(updatedRealm, "my auth flow");
    assertThat(unchangedFlow.getDescription(), is("My auth flow for testing"));
    assertThat(unchangedFlow.getProviderId(), is("basic-flow"));
    assertThat(unchangedFlow.isBuiltIn(), is(false));
    assertThat(unchangedFlow.isTopLevel(), is(true));

    List<AuthenticationExecutionExportRepresentation> importedExecutions = unchangedFlow.getAuthenticationExecutions();
    assertThat(importedExecutions, hasSize(2));

    AuthenticationExecutionExportRepresentation importedExecution = getExecutionFromFlow(unchangedFlow, "docker-http-basic-authenticator");
    assertThat(importedExecution.getAuthenticator(), is("docker-http-basic-authenticator"));
    assertThat(importedExecution.getRequirement(), is("DISABLED"));
    assertThat(importedExecution.getPriority(), is(0));
    assertThat(importedExecution.isAutheticatorFlow(), is(false));
    importedExecution = getExecutionFromFlow(unchangedFlow, "http-basic-authenticator");
    assertThat(importedExecution.getAuthenticator(), is("http-basic-authenticator"));
    assertThat(importedExecution.getRequirement(), is("DISABLED"));
    assertThat(importedExecution.getPriority(), is(1));
    assertThat(importedExecution.isAutheticatorFlow(), is(false));
}
 
Example #30
Source File: ImportAuthenticationFlowsIT.java    From keycloak-config-cli with Apache License 2.0 5 votes vote down vote up
@Test
@Order(2)
void shouldChangeExecutionRequirement() {
    doImport("02_update_realm__change_execution_requirement.json");

    RealmRepresentation updatedRealm = keycloakProvider.get().realm(REALM_NAME).partialExport(true, true);

    assertThat(updatedRealm.getRealm(), is(REALM_NAME));
    assertThat(updatedRealm.isEnabled(), is(true));

    AuthenticationFlowRepresentation unchangedFlow = getAuthenticationFlow(updatedRealm, "my auth flow");
    assertThat(unchangedFlow.getDescription(), is("My auth flow for testing"));
    assertThat(unchangedFlow.getProviderId(), is("basic-flow"));
    assertThat(unchangedFlow.isBuiltIn(), is(false));
    assertThat(unchangedFlow.isTopLevel(), is(true));

    List<AuthenticationExecutionExportRepresentation> importedExecutions = unchangedFlow.getAuthenticationExecutions();
    assertThat(importedExecutions, hasSize(2));

    AuthenticationExecutionExportRepresentation importedExecution = getExecutionFromFlow(unchangedFlow, "docker-http-basic-authenticator");
    assertThat(importedExecution.getAuthenticator(), is("docker-http-basic-authenticator"));
    assertThat(importedExecution.getRequirement(), is("REQUIRED"));
    assertThat(importedExecution.getPriority(), is(0));
    assertThat(importedExecution.isAutheticatorFlow(), is(false));
    importedExecution = getExecutionFromFlow(unchangedFlow, "http-basic-authenticator");
    assertThat(importedExecution.getAuthenticator(), is("http-basic-authenticator"));
    assertThat(importedExecution.getRequirement(), is("DISABLED"));
    assertThat(importedExecution.getPriority(), is(1));
    assertThat(importedExecution.isAutheticatorFlow(), is(false));
}