Stian Thorgersen
commit
058f44743c
18 changed files with 202 additions and 319 deletions
|
|
@ -230,7 +230,7 @@ module.controller('ClientCertificateImportCtrl', function($scope, $location, $ht
|
|||
for (var i = 0; i < $scope.files.length; i++) {
|
||||
var $file = $scope.files[i];
|
||||
$scope.upload = $upload.upload({
|
||||
url: authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/certificates/' + attribute + '/upload',
|
||||
url: authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/certificates/' + attribute + '/upload',
|
||||
// method: POST or PUT,
|
||||
// headers: {'headerKey': 'headerValue'}, withCredential: true,
|
||||
data: {keystoreFormat: $scope.uploadKeyFormat,
|
||||
|
|
@ -290,7 +290,7 @@ module.controller('ClientCertificateExportCtrl', function($scope, $location, $ht
|
|||
|
||||
$scope.download = function() {
|
||||
$http({
|
||||
url: authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/certificates/' + attribute + '/download',
|
||||
url: authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/certificates/' + attribute + '/download',
|
||||
method: 'POST',
|
||||
responseType: 'arraybuffer',
|
||||
data: $scope.jks,
|
||||
|
|
@ -906,7 +906,7 @@ module.controller('ClientScopeMappingCtrl', function($scope, $http, realm, clien
|
|||
};
|
||||
|
||||
$scope.addRealmRole = function() {
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/scope-mappings/realm',
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/scope-mappings/realm',
|
||||
$scope.selectedRealmRoles).success(function() {
|
||||
updateRealmRoles();
|
||||
Notifications.success("Scope mappings updated.");
|
||||
|
|
@ -914,7 +914,7 @@ module.controller('ClientScopeMappingCtrl', function($scope, $http, realm, clien
|
|||
};
|
||||
|
||||
$scope.deleteRealmRole = function() {
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/scope-mappings/realm',
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/scope-mappings/realm',
|
||||
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function () {
|
||||
updateRealmRoles();
|
||||
Notifications.success("Scope mappings updated.");
|
||||
|
|
@ -922,7 +922,7 @@ module.controller('ClientScopeMappingCtrl', function($scope, $http, realm, clien
|
|||
};
|
||||
|
||||
$scope.addClientRole = function() {
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/scope-mappings/clients-by-id/' + $scope.targetClient.id,
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/scope-mappings/clients/' + $scope.targetClient.id,
|
||||
$scope.selectedClientRoles).success(function () {
|
||||
updateClientRoles();
|
||||
Notifications.success("Scope mappings updated.");
|
||||
|
|
@ -930,7 +930,7 @@ module.controller('ClientScopeMappingCtrl', function($scope, $http, realm, clien
|
|||
};
|
||||
|
||||
$scope.deleteClientRole = function() {
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/scope-mappings/clients-by-id/' + $scope.targetClient.id,
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/scope-mappings/clients/' + $scope.targetClient.id,
|
||||
{data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).success(function () {
|
||||
updateClientRoles();
|
||||
Notifications.success("Scope mappings updated.");
|
||||
|
|
@ -1151,7 +1151,7 @@ module.controller('AddBuiltinProtocolMapperCtrl', function($scope, realm, client
|
|||
toAdd.push($scope.mappers[i]);
|
||||
}
|
||||
}
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients-by-id/' + client.id + '/protocol-mappers/add-models',
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/clients/' + client.id + '/protocol-mappers/add-models',
|
||||
toAdd).success(function() {
|
||||
Notifications.success("Mappers added");
|
||||
$location.url('/realms/' + realm.realm + '/clients/' + client.id + '/mappers');
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
|
|||
};
|
||||
|
||||
$scope.addClientRole = function() {
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients-by-id/' + $scope.client.id,
|
||||
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients/' + $scope.client.id,
|
||||
$scope.selectedClientRoles).success(function() {
|
||||
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
|
||||
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
|
||||
|
|
@ -72,7 +72,7 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
|
|||
};
|
||||
|
||||
$scope.deleteClientRole = function() {
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients-by-id/' + $scope.client.id,
|
||||
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients/' + $scope.client.id,
|
||||
{data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).success(function() {
|
||||
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
|
||||
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
|
||||
|
|
|
|||
|
|
@ -197,7 +197,7 @@ module.factory('ServerInfo', function($resource) {
|
|||
|
||||
|
||||
module.factory('ClientProtocolMapper', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/protocol-mappers/models/:id', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/protocol-mappers/models/:id', {
|
||||
realm : '@realm',
|
||||
client: '@client',
|
||||
id : "@id"
|
||||
|
|
@ -364,7 +364,7 @@ module.factory('AvailableRealmRoleMapping', function($resource) {
|
|||
|
||||
|
||||
module.factory('ClientRoleMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients/:client', {
|
||||
realm : '@realm',
|
||||
userId : '@userId',
|
||||
client : "@client"
|
||||
|
|
@ -372,7 +372,7 @@ module.factory('ClientRoleMapping', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('AvailableClientRoleMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client/available', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients/:client/available', {
|
||||
realm : '@realm',
|
||||
userId : '@userId',
|
||||
client : "@client"
|
||||
|
|
@ -380,7 +380,7 @@ module.factory('AvailableClientRoleMapping', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('CompositeClientRoleMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients-by-id/:client/composite', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/clients/:client/composite', {
|
||||
realm : '@realm',
|
||||
userId : '@userId',
|
||||
client : "@client"
|
||||
|
|
@ -388,28 +388,28 @@ module.factory('CompositeClientRoleMapping', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientRealmScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/realm', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientAvailableRealmScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm/available', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/realm/available', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientCompositeRealmScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/realm/composite', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/realm/composite', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientClientScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/clients/:targetClient', {
|
||||
realm : '@realm',
|
||||
client : '@client',
|
||||
targetClient : '@targetClient'
|
||||
|
|
@ -417,7 +417,7 @@ module.factory('ClientClientScopeMapping', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientAvailableClientScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient/available', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/clients/:targetClient/available', {
|
||||
realm : '@realm',
|
||||
client : '@client',
|
||||
targetClient : '@targetClient'
|
||||
|
|
@ -425,7 +425,7 @@ module.factory('ClientAvailableClientScopeMapping', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientCompositeClientScopeMapping', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/scope-mappings/clients-by-id/:targetClient/composite', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/scope-mappings/clients/:targetClient/composite', {
|
||||
realm : '@realm',
|
||||
client : '@client',
|
||||
targetClient : '@targetClient'
|
||||
|
|
@ -460,14 +460,14 @@ module.factory('RealmSessionStats', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('RealmClientSessionStats', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/client-by-id-session-stats', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/client-session-stats', {
|
||||
realm : '@realm'
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
module.factory('RoleClientComposites', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/roles-by-id/:role/composites/clients-by-id/:client', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/roles-by-id/:role/composites/clients/:client', {
|
||||
realm : '@realm',
|
||||
role : '@role',
|
||||
client : "@client"
|
||||
|
|
@ -670,7 +670,7 @@ module.factory('RoleById', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientRole', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/roles/:role', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/roles/:role', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
role : '@role'
|
||||
|
|
@ -682,7 +682,7 @@ module.factory('ClientRole', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientClaims', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/claims', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/claims', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
}, {
|
||||
|
|
@ -693,7 +693,7 @@ module.factory('ClientClaims', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientProtocolMappersByProtocol', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/protocol-mappers/protocol/:protocol', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/protocol-mappers/protocol/:protocol', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
protocol : "@protocol"
|
||||
|
|
@ -701,41 +701,41 @@ module.factory('ClientProtocolMappersByProtocol', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientSessionStats', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-stats', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/session-stats', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientSessionStatsWithUsers', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-stats?users=true', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/session-stats?users=true', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientSessionCount', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/session-count', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/session-count', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientUserSessions', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/user-sessions', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/user-sessions', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientLogoutAll', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/logout-all', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/logout-all', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
module.factory('ClientLogoutUser', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/logout-user/:user', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/logout-user/:user', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
user : "@user"
|
||||
|
|
@ -748,28 +748,28 @@ module.factory('RealmLogoutAll', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientPushRevocation', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/push-revocation', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/push-revocation', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientClusterNode', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/nodes/:node', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/nodes/:node', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientTestNodesAvailable', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/test-nodes-available', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/test-nodes-available', {
|
||||
realm : '@realm',
|
||||
client : "@client"
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('ClientCertificate', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/certificates/:attribute', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
attribute: "@attribute"
|
||||
|
|
@ -777,7 +777,7 @@ module.factory('ClientCertificate', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientCertificateGenerate', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute/generate', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/certificates/:attribute/generate', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
attribute: "@attribute"
|
||||
|
|
@ -790,7 +790,7 @@ module.factory('ClientCertificateGenerate', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientCertificateDownload', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/certificates/:attribute/download', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/certificates/:attribute/download', {
|
||||
realm : '@realm',
|
||||
client : "@client",
|
||||
attribute: "@attribute"
|
||||
|
|
@ -804,7 +804,7 @@ module.factory('ClientCertificateDownload', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('Client', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
}, {
|
||||
|
|
@ -815,7 +815,7 @@ module.factory('Client', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientInstallation', function($resource) {
|
||||
var url = authUrl + '/admin/realms/:realm/clients-by-id/:client/installation/json';
|
||||
var url = authUrl + '/admin/realms/:realm/clients/:client/installation/json';
|
||||
return {
|
||||
url : function(parameters)
|
||||
{
|
||||
|
|
@ -824,7 +824,7 @@ module.factory('ClientInstallation', function($resource) {
|
|||
}
|
||||
});
|
||||
module.factory('ClientInstallationJBoss', function($resource) {
|
||||
var url = authUrl + '/admin/realms/:realm/clients-by-id/:client/installation/jboss';
|
||||
var url = authUrl + '/admin/realms/:realm/clients/:client/installation/jboss';
|
||||
return {
|
||||
url : function(parameters)
|
||||
{
|
||||
|
|
@ -834,7 +834,7 @@ module.factory('ClientInstallationJBoss', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientCredentials', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/client-secret', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/client-secret', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
}, {
|
||||
|
|
@ -845,7 +845,7 @@ module.factory('ClientCredentials', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('ClientOrigins', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients-by-id/:client/allowed-origins', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/clients/:client/allowed-origins', {
|
||||
realm : '@realm',
|
||||
client : '@client'
|
||||
}, {
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import javax.ws.rs.Path;
|
|||
import javax.ws.rs.PathParam;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
|
|
@ -16,12 +17,12 @@ import java.util.List;
|
|||
*/
|
||||
public interface ClientsResource {
|
||||
|
||||
@Path("{clientId}")
|
||||
public ClientResource get(@PathParam("clientId") String clientId);
|
||||
@Path("{id}")
|
||||
public ClientResource get(@PathParam("id") String id);
|
||||
|
||||
@POST
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void create(ClientRepresentation clientRepresentation);
|
||||
public Response create(ClientRepresentation clientRepresentation);
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ import javax.ws.rs.PUT;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* @author rodrigo.sasaki@icarros.com.br
|
||||
|
|
@ -17,25 +19,29 @@ public interface RealmResource {
|
|||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public RealmRepresentation toRepresentation();
|
||||
RealmRepresentation toRepresentation();
|
||||
|
||||
@PUT
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void update(RealmRepresentation realmRepresentation);
|
||||
void update(RealmRepresentation realmRepresentation);
|
||||
|
||||
@Path("clients")
|
||||
public ClientsResource clients();
|
||||
ClientsResource clients();
|
||||
|
||||
@Path("users")
|
||||
public UsersResource users();
|
||||
UsersResource users();
|
||||
|
||||
@Path("roles")
|
||||
public RolesResource roles();
|
||||
RolesResource roles();
|
||||
|
||||
@Path("identity-provider")
|
||||
IdentityProvidersResource identityProviders();
|
||||
|
||||
@DELETE
|
||||
public void remove();
|
||||
void remove();
|
||||
|
||||
@Path("client-session-stats")
|
||||
@GET
|
||||
List<Map<String, String>> getClientSessionStats();
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,6 +66,10 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory {
|
|||
Config.Scope scope = Config.scope(spi.getName(), provider);
|
||||
factory.init(scope);
|
||||
|
||||
if (spi.isPrivate() && !isInternal(factory)) {
|
||||
log.warnv("{0} ({1}) is implementing the internal SPI {2}. This SPI is internal and may change without notice", factory.getId(), factory.getClass().getName(), spi.getName());
|
||||
}
|
||||
|
||||
factories.put(factory.getId(), factory);
|
||||
|
||||
log.debugv("Loaded SPI {0} (provider = {1})", spi.getName(), provider);
|
||||
|
|
@ -74,6 +78,10 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory {
|
|||
Config.Scope scope = Config.scope(spi.getName(), factory.getId());
|
||||
factory.init(scope);
|
||||
|
||||
if (spi.isPrivate() && !isInternal(factory)) {
|
||||
log.warnv("{0} ({1}) is implementing the internal SPI {2}. This SPI is internal and may change without notice", factory.getId(), factory.getClass().getName(), spi.getName());
|
||||
}
|
||||
|
||||
factories.put(factory.getId(), factory);
|
||||
}
|
||||
|
||||
|
|
@ -138,4 +146,8 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory {
|
|||
}
|
||||
}
|
||||
|
||||
private boolean isInternal(ProviderFactory<?> factory) {
|
||||
return factory.getClass().getPackage().getName().startsWith("org.keycloak");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -154,19 +154,7 @@ public class AdminEventBuilder {
|
|||
sb.append("/");
|
||||
String realmRelative = sb.toString();
|
||||
|
||||
path = path.substring(path.indexOf(realmRelative) + realmRelative.length());
|
||||
|
||||
if (path.contains("clients-by-id")) {
|
||||
path = path.replaceAll("clients-by-id", "clients");
|
||||
} else if (path.contains("roles-by-id")) {
|
||||
path = path.replaceAll("roles-by-id", "roles");
|
||||
} else if (path.contains("role-mappings/realm")) {
|
||||
path = path.replaceFirst("role-mappings/realm", "role-mappings");
|
||||
} else if (path.contains("role-mappings/clients")) {
|
||||
path = path.replaceFirst("role-mappings/clients", "role-mappings");
|
||||
}
|
||||
|
||||
return path;
|
||||
return path.substring(path.indexOf(realmRelative) + realmRelative.length());
|
||||
}
|
||||
|
||||
public void error(String error) {
|
||||
|
|
|
|||
|
|
@ -1,25 +0,0 @@
|
|||
package org.keycloak.services.resources.admin;
|
||||
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class ClientsByIdResource extends ClientsResource {
|
||||
public ClientsByIdResource(RealmModel realm, RealmAuth auth, AdminEventBuilder adminEvent) {
|
||||
super(realm, auth, adminEvent);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected ClientModel getClientByPathParam(String id) {
|
||||
return realm.getClientById(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getClientPath(ClientModel clientModel) {
|
||||
return clientModel.getId();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -96,27 +96,23 @@ public class ClientsResource {
|
|||
|
||||
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success();
|
||||
|
||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(getClientPath(clientModel)).build()).build();
|
||||
return Response.created(uriInfo.getAbsolutePathBuilder().path(clientModel.getId()).build()).build();
|
||||
} catch (ModelDuplicateException e) {
|
||||
return ErrorResponse.exists("Client " + rep.getClientId() + " already exists");
|
||||
}
|
||||
}
|
||||
|
||||
protected String getClientPath(ClientModel clientModel) {
|
||||
return clientModel.getClientId();
|
||||
}
|
||||
|
||||
/**
|
||||
* Base path for managing a specific client.
|
||||
*
|
||||
* @param name
|
||||
* @param id id of client (not client-id)
|
||||
* @return
|
||||
*/
|
||||
@Path("{app-name}")
|
||||
public ClientResource getClient(final @PathParam("app-name") String name) {
|
||||
ClientModel clientModel = getClientByPathParam(name);
|
||||
@Path("{id}")
|
||||
public ClientResource getClient(final @PathParam("id") String id) {
|
||||
ClientModel clientModel = realm.getClientById(id);
|
||||
if (clientModel == null) {
|
||||
throw new NotFoundException("Could not find client: " + name);
|
||||
throw new NotFoundException("Could not find client: " + id);
|
||||
}
|
||||
|
||||
session.getContext().setClient(clientModel);
|
||||
|
|
@ -126,8 +122,4 @@ public class ClientsResource {
|
|||
return clientResource;
|
||||
}
|
||||
|
||||
protected ClientModel getClientByPathParam(String name) {
|
||||
return realm.getClientByClientId(name);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -118,18 +118,6 @@ public class RealmAdminResource {
|
|||
return clientsResource;
|
||||
}
|
||||
|
||||
/**
|
||||
* Base path for managing clients under this realm.
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Path("clients-by-id")
|
||||
public ClientsByIdResource getClientsById() {
|
||||
ClientsByIdResource clientsResource = new ClientsByIdResource(realm, auth, adminEvent);
|
||||
ResteasyProviderFactory.getInstance().injectProperties(clientsResource);
|
||||
return clientsResource;
|
||||
}
|
||||
|
||||
/**
|
||||
* base path for managing realm-level roles of this realm
|
||||
*
|
||||
|
|
@ -302,7 +290,7 @@ public class RealmAdminResource {
|
|||
}
|
||||
|
||||
/**
|
||||
* Returns a JSON map. The key is the client name, the value is the number of sessions that currently are active
|
||||
* Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
|
||||
* with that client. Only client's that actually have a session associated with them will be in this map.
|
||||
*
|
||||
* @return
|
||||
|
|
@ -311,29 +299,7 @@ public class RealmAdminResource {
|
|||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Deprecated
|
||||
public Map<String, Integer> getClientSessionStats() {
|
||||
auth.requireView();
|
||||
Map<String, Integer> stats = new HashMap<String, Integer>();
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
int size = session.sessions().getActiveUserSessions(client.getRealm(), client);
|
||||
if (size == 0) continue;
|
||||
stats.put(client.getClientId(), size);
|
||||
}
|
||||
return stats;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
|
||||
* with that client. Only client's that actually have a session associated with them will be in this map.
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Path("client-by-id-session-stats")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public List<Map<String, String>> getClientByIdSessionStats() {
|
||||
public List<Map<String, String>> getClientSessionStats() {
|
||||
auth.requireView();
|
||||
List<Map<String, String>> data = new LinkedList<Map<String, String>>();
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
|
|
|
|||
|
|
@ -170,46 +170,45 @@ public class RoleByIdResource extends RoleResource {
|
|||
* Return a set of client-level roles for a specific client that are in the role's composite
|
||||
*
|
||||
* @param id
|
||||
* @param appName
|
||||
* @param client
|
||||
* @return
|
||||
*/
|
||||
@Path("{role-id}/composites/clients/{app}")
|
||||
@Path("{role-id}/composites/clients/{client}")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getClientRoleComposites(final @PathParam("role-id") String id,
|
||||
final @PathParam("app") String appName) {
|
||||
final @PathParam("client") String client) {
|
||||
RoleModel role = getRoleModel(id);
|
||||
auth.requireView();
|
||||
ClientModel app = realm.getClientByClientId(appName);
|
||||
if (app == null) {
|
||||
throw new NotFoundException("Could not find client: " + appName);
|
||||
|
||||
ClientModel clientModel = realm.getClientById(client);
|
||||
if (clientModel == null) {
|
||||
throw new NotFoundException("Could not find client: " + client);
|
||||
}
|
||||
return getClientRoleComposites(app, role);
|
||||
return getClientRoleComposites(clientModel, role);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a set of client-level roles for a specific client that are in the role's composite
|
||||
*
|
||||
* @param id
|
||||
* @param appId
|
||||
* @param role
|
||||
* @param client
|
||||
* @return
|
||||
*/
|
||||
@Path("{role-id}/composites/clients-by-id/{appId}")
|
||||
@Path("{role}/composites/clients/{client}")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getClientByIdRoleComposites(final @PathParam("role-id") String id,
|
||||
final @PathParam("appId") String appId) {
|
||||
RoleModel role = getRoleModel(id);
|
||||
public Set<RoleRepresentation> getClientByIdRoleComposites(final @PathParam("role-id") String role,
|
||||
final @PathParam("client") String client) {
|
||||
RoleModel roleModel = getRoleModel(role);
|
||||
auth.requireView();
|
||||
ClientModel app = realm.getClientById(appId);
|
||||
if (app == null) {
|
||||
throw new NotFoundException("Could not find client: " + appId);
|
||||
ClientModel clientModel = realm.getClientById(client);
|
||||
if (clientModel == null) {
|
||||
throw new NotFoundException("Could not find client: " + client);
|
||||
|
||||
}
|
||||
return getClientRoleComposites(app, role);
|
||||
return getClientRoleComposites(clientModel, roleModel);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -222,61 +222,32 @@ public class RoleContainerResource extends RoleResource {
|
|||
return getRealmRoleComposites(role);
|
||||
}
|
||||
|
||||
/**
|
||||
* An client-level roles for a specific client for this role's composite
|
||||
*
|
||||
* @param roleName role's name (not id!)
|
||||
* @param clientId
|
||||
* @return
|
||||
*/
|
||||
@Path("{role-name}/composites/client/{clientId}")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getClientRoleComposites(
|
||||
final @PathParam("role-name") String roleName,
|
||||
final @PathParam("clientId") String clientId) {
|
||||
auth.requireManage();
|
||||
|
||||
RoleModel role = roleContainer.getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new NotFoundException("Could not find role: " + roleName);
|
||||
}
|
||||
ClientModel app = realm.getClientByClientId(clientId);
|
||||
if (app == null) {
|
||||
throw new NotFoundException("Could not find client: " + clientId);
|
||||
|
||||
}
|
||||
return getClientRoleComposites(app, role);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* An app-level roles for a specific app for this role's composite
|
||||
*
|
||||
* @param roleName role's name (not id!)
|
||||
* @param id
|
||||
* @param client
|
||||
* @return
|
||||
*/
|
||||
@Path("{role-name}/composites/client-by-id/{id}")
|
||||
@Path("{role-name}/composites/clients/{client}")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getClientByIdRoleComposites(@Context final UriInfo uriInfo,
|
||||
public Set<RoleRepresentation> getClientRoleComposites(@Context final UriInfo uriInfo,
|
||||
final @PathParam("role-name") String roleName,
|
||||
final @PathParam("id") String id) {
|
||||
final @PathParam("client") String client) {
|
||||
auth.requireManage();
|
||||
|
||||
RoleModel role = roleContainer.getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new NotFoundException("Could not find role: " + roleName);
|
||||
}
|
||||
ClientModel client = realm.getClientById(id);
|
||||
ClientModel clientModel = realm.getClientById(client);
|
||||
if (client == null) {
|
||||
throw new NotFoundException("Could not find client: " + id);
|
||||
throw new NotFoundException("Could not find client: " + client);
|
||||
|
||||
}
|
||||
return getClientRoleComposites(client, role);
|
||||
return getClientRoleComposites(clientModel, role);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -215,23 +215,12 @@ public class ScopeMappedResource {
|
|||
|
||||
}
|
||||
|
||||
@Path("clients/{clientId}")
|
||||
public ScopeMappedClientResource getClientScopeMappings(@PathParam("clientId") String clientId) {
|
||||
ClientModel app = realm.getClientByClientId(clientId);
|
||||
|
||||
if (app == null) {
|
||||
throw new NotFoundException("Role not found");
|
||||
}
|
||||
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
||||
}
|
||||
|
||||
@Path("clients-by-id/{id}")
|
||||
public ScopeMappedClientResource getClientByIdScopeMappings(@PathParam("id") String id) {
|
||||
ClientModel app = realm.getClientById(id);
|
||||
|
||||
if (app == null) {
|
||||
@Path("clients/{client}")
|
||||
public ScopeMappedClientResource getClientByIdScopeMappings(@PathParam("client") String client) {
|
||||
ClientModel clientModel = realm.getClientById(client);
|
||||
if (clientModel == null) {
|
||||
throw new NotFoundException("Client not found");
|
||||
}
|
||||
return new ScopeMappedClientResource(realm, auth, client, session, app, adminEvent);
|
||||
return new ScopeMappedClientResource(realm, auth, this.client, session, clientModel, adminEvent);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -681,35 +681,19 @@ public class UsersResource {
|
|||
|
||||
}
|
||||
|
||||
@Path("{username}/role-mappings/clients/{clientId}")
|
||||
public UserClientRoleMappingsResource getUserClientRoleMappingsResource(@PathParam("username") String username, @PathParam("clientId") String clientId) {
|
||||
@Path("{username}/role-mappings/clients/{client}")
|
||||
public UserClientRoleMappingsResource getUserClientRoleMappingsResource(@PathParam("username") String username, @PathParam("client") String client) {
|
||||
UserModel user = session.users().getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
throw new NotFoundException("User not found");
|
||||
}
|
||||
|
||||
ClientModel client = realm.getClientByClientId(clientId);
|
||||
|
||||
if (client == null) {
|
||||
throw new NotFoundException("Client not found");
|
||||
}
|
||||
return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, client, adminEvent);
|
||||
|
||||
}
|
||||
@Path("{username}/role-mappings/clients-by-id/{id}")
|
||||
public UserClientRoleMappingsResource getUserClientRoleMappingsResourceById(@PathParam("username") String username, @PathParam("id") String id) {
|
||||
UserModel user = session.users().getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
throw new NotFoundException("User not found");
|
||||
}
|
||||
|
||||
ClientModel client = realm.getClientById(id);
|
||||
|
||||
ClientModel clientModel = realm.getClientById(client);
|
||||
if (client == null) {
|
||||
throw new NotFoundException("Client not found");
|
||||
}
|
||||
|
||||
return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, client, adminEvent);
|
||||
return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, clientModel, adminEvent);
|
||||
|
||||
}
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -44,6 +44,7 @@ import org.keycloak.services.managers.RealmManager;
|
|||
import org.keycloak.services.managers.ResourceAdminManager;
|
||||
import org.keycloak.services.resources.admin.AdminRoot;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.pages.AccountSessionsPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
|
|
@ -65,6 +66,7 @@ import javax.ws.rs.core.HttpHeaders;
|
|||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
|
||||
|
|
@ -135,25 +137,6 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
webRule.after();
|
||||
}
|
||||
|
||||
protected String createAdminToken() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmManager manager = new RealmManager(session);
|
||||
|
||||
RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
|
||||
ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
TokenManager tm = new TokenManager();
|
||||
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
|
||||
ClientSessionModel clientSession = session.sessions().createClientSession(adminRealm, adminConsole);
|
||||
clientSession.setNote(OIDCLoginProtocol.ISSUER, AUTH_SERVER_URL + "/realms/master");
|
||||
UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "admin", null, "form", false, null, null);
|
||||
AccessToken token = tm.createClientAccessToken(session, TokenManager.getAccess(null, adminConsole, admin), adminRealm, adminConsole, admin, userSession, clientSession);
|
||||
return tm.encodeToken(adminRealm, token);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal");
|
||||
|
|
@ -212,27 +195,20 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// View stats
|
||||
String adminToken = createAdminToken();
|
||||
|
||||
Client client = ClientBuilder.newClient();
|
||||
UriBuilder authBase = UriBuilder.fromUri(AUTH_SERVER_URL);
|
||||
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
|
||||
Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
|
||||
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
|
||||
.get(new GenericType<Map<String, Integer>>() {
|
||||
});
|
||||
Integer custSessionsCount = stats.get("customer-portal");
|
||||
Assert.assertNotNull(custSessionsCount);
|
||||
Assert.assertEquals(1, custSessionsCount.intValue());
|
||||
Integer prodStatsCount = stats.get("product-portal");
|
||||
Assert.assertNotNull(prodStatsCount);
|
||||
Assert.assertTrue(1 == prodStatsCount);
|
||||
|
||||
client.close();
|
||||
|
||||
List<Map<String, String>> stats = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", "security-admin-console").realm("demo").getClientSessionStats();
|
||||
Map<String, String> customerPortalStats = null;
|
||||
Map<String, String> productPortalStats = null;
|
||||
for (Map<String, String> s : stats) {
|
||||
if (s.get("clientId").equals("customer-portal")) {
|
||||
customerPortalStats = s;
|
||||
} else if (s.get("clientId").equals("product-portal")) {
|
||||
productPortalStats = s;
|
||||
}
|
||||
}
|
||||
Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active")));
|
||||
Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active")));
|
||||
|
||||
// test logout
|
||||
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
|
|
@ -244,8 +220,6 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
loginPage.cancel();
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("Error Page"));
|
||||
|
||||
|
||||
}
|
||||
|
||||
public void testServletRequestLogout() throws Exception {
|
||||
|
|
@ -587,7 +561,7 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
|
||||
// logout mposolda with admin client
|
||||
Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
keycloakAdmin.realm("demo").clients().get("session-portal").logoutUser("mposolda");
|
||||
ApiUtil.findClientByClientId(keycloakAdmin.realm("demo"), "session-portal").logoutUser("mposolda");
|
||||
|
||||
// bburke should be still logged with original httpSession in our browser window
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ import org.junit.ClassRule;
|
|||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.ClientSessionModel;
|
||||
import org.keycloak.models.Constants;
|
||||
|
|
@ -56,6 +57,7 @@ import javax.ws.rs.core.HttpHeaders;
|
|||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URL;
|
||||
import java.security.PublicKey;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
|
|
@ -74,6 +76,8 @@ public class RelativeUriAdapterTest {
|
|||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
adminRealm.setPasswordCredentialGrantAllowed(true);
|
||||
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/demorealm-relative.json"), RealmRepresentation.class);
|
||||
RealmModel realm = manager.importRealm(representation);
|
||||
|
||||
|
|
@ -85,20 +89,9 @@ public class RelativeUriAdapterTest {
|
|||
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
|
||||
url = getClass().getResource("/adapter-test/product-keycloak-relative.json");
|
||||
deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user");
|
||||
ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
TokenManager tm = new TokenManager();
|
||||
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
|
||||
ClientSessionModel clientSession = session.sessions().createClientSession(realm, adminConsole);
|
||||
clientSession.setNote(OIDCLoginProtocol.ISSUER, "http://localhost:8081/auth/realms/master");
|
||||
UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "user", null, "form", false, null, null);
|
||||
AccessToken token = tm.createClientAccessToken(session, tm.getAccess(null, adminConsole, admin), adminRealm, adminConsole, admin, userSession, clientSession);
|
||||
adminToken = tm.encodeToken(adminRealm, token);
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
public static String adminToken;
|
||||
|
||||
@Rule
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
|
|
@ -115,42 +108,33 @@ public class RelativeUriAdapterTest {
|
|||
public void testLoginSSOAndLogout() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to("http://localhost:8081/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal");
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to("http://localhost:8081/product-portal");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/product-portal");
|
||||
pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// View stats
|
||||
Client client = ClientBuilder.newClient();
|
||||
UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth");
|
||||
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
|
||||
Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
|
||||
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
|
||||
.get(new GenericType<Map<String, Integer>>(){});
|
||||
|
||||
Integer custSessionsCount = stats.get("customer-portal");
|
||||
Assert.assertNotNull(custSessionsCount);
|
||||
Assert.assertTrue(1 == custSessionsCount);
|
||||
Integer prodStatsCount = stats.get("product-portal");
|
||||
Assert.assertNotNull(prodStatsCount);
|
||||
Assert.assertTrue(1 == prodStatsCount);
|
||||
|
||||
client.close();
|
||||
|
||||
List<Map<String, String>> stats = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", "security-admin-console").realm("demo").getClientSessionStats();
|
||||
Map<String, String> customerPortalStats = null;
|
||||
Map<String, String> productPortalStats = null;
|
||||
for (Map<String, String> s : stats) {
|
||||
if (s.get("clientId").equals("customer-portal")) {
|
||||
customerPortalStats = s;
|
||||
} else if (s.get("clientId").equals("product-portal")) {
|
||||
productPortalStats = s;
|
||||
}
|
||||
}
|
||||
Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active")));
|
||||
Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active")));
|
||||
|
||||
// test logout
|
||||
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
|
|
@ -159,8 +143,6 @@ public class RelativeUriAdapterTest {
|
|||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to("http://localhost:8081/customer-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
|
|
@ -0,0 +1,33 @@
|
|||
package org.keycloak.testsuite.admin;
|
||||
|
||||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.net.URI;
|
||||
|
||||
/**
|
||||
* Created by st on 28.05.15.
|
||||
*/
|
||||
public class ApiUtil {
|
||||
|
||||
public static String getCreatedId(Response response) {
|
||||
URI location = response.getLocation();
|
||||
if (location == null) {
|
||||
return null;
|
||||
}
|
||||
String path = location.getPath();
|
||||
return path.substring(path.lastIndexOf('/') + 1);
|
||||
}
|
||||
|
||||
public static ClientResource findClientByClientId(RealmResource realm, String clientId) {
|
||||
for (ClientRepresentation c : realm.clients().findAll()) {
|
||||
if (c.getClientId().equals(clientId)) {
|
||||
return realm.clients().get(c.getId());
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -45,28 +45,36 @@ public class ClientTest extends AbstractClientTest {
|
|||
assertNames(realm.clients().findAll(), "account", "realm-management", "security-admin-console", "broker");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void createClient() {
|
||||
private String createClient() {
|
||||
ClientRepresentation rep = new ClientRepresentation();
|
||||
rep.setClientId("my-app");
|
||||
rep.setEnabled(true);
|
||||
realm.clients().create(rep);
|
||||
Response response = realm.clients().create(rep);
|
||||
response.close();
|
||||
return ApiUtil.getCreatedId(response);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void createClientVerify() {
|
||||
String id = createClient();
|
||||
|
||||
assertNotNull(realm.clients().get(id));
|
||||
assertNames(realm.clients().findAll(), "account", "realm-management", "security-admin-console", "broker", "my-app");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void removeClient() {
|
||||
createClient();
|
||||
String id = createClient();
|
||||
|
||||
realm.clients().get("my-app").remove();
|
||||
realm.clients().get(id).remove();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getClientRepresentation() {
|
||||
createClient();
|
||||
String id = createClient();
|
||||
|
||||
ClientRepresentation rep = realm.clients().get("my-app").toRepresentation();
|
||||
ClientRepresentation rep = realm.clients().get(id).toRepresentation();
|
||||
assertEquals(id, rep.getId());
|
||||
assertEquals("my-app", rep.getClientId());
|
||||
assertTrue(rep.isEnabled());
|
||||
}
|
||||
|
|
@ -81,7 +89,7 @@ public class ClientTest extends AbstractClientTest {
|
|||
OAuthClient.AccessTokenResponse response2 = oauth.doAccessTokenRequest(codeResponse.getCode(), "password");
|
||||
assertEquals(200, response2.getStatusCode());
|
||||
|
||||
ClientResource app = keycloak.realm("test").clients().get("test-app");
|
||||
ClientResource app = ApiUtil.findClientByClientId(keycloak.realm("test"), "test-app");
|
||||
|
||||
assertEquals(2, (long) app.getApplicationSessionCount().get("count"));
|
||||
|
||||
|
|
@ -96,26 +104,28 @@ public class ClientTest extends AbstractClientTest {
|
|||
ClientRepresentation rep = new ClientRepresentation();
|
||||
rep.setClientId("my-app");
|
||||
rep.setEnabled(true);
|
||||
realm.clients().create(rep);
|
||||
Response response = realm.clients().create(rep);
|
||||
response.close();
|
||||
String id = ApiUtil.getCreatedId(response);
|
||||
|
||||
RoleRepresentation role = new RoleRepresentation("test", "test");
|
||||
realm.clients().get("my-app").roles().create(role);
|
||||
realm.clients().get(id).roles().create(role);
|
||||
|
||||
rep = realm.clients().get("my-app").toRepresentation();
|
||||
rep = realm.clients().get(id).toRepresentation();
|
||||
rep.setDefaultRoles(new String[] { "test" });
|
||||
realm.clients().get("my-app").update(rep);
|
||||
realm.clients().get(id).update(rep);
|
||||
|
||||
assertArrayEquals(new String[] { "test" }, realm.clients().get("my-app").toRepresentation().getDefaultRoles());
|
||||
assertArrayEquals(new String[] { "test" }, realm.clients().get(id).toRepresentation().getDefaultRoles());
|
||||
|
||||
realm.clients().get("my-app").roles().deleteRole("test");
|
||||
realm.clients().get(id).roles().deleteRole("test");
|
||||
|
||||
assertNull(realm.clients().get("my-app").toRepresentation().getDefaultRoles());
|
||||
assertNull(realm.clients().get(id).toRepresentation().getDefaultRoles());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testProtocolMappers() {
|
||||
createClient();
|
||||
ProtocolMappersResource mappersResource = realm.clients().get("my-app").getProtocolMappers();
|
||||
ProtocolMappersResource mappersResource = ApiUtil.findClientByClientId(realm, "my-app").getProtocolMappers();
|
||||
|
||||
protocolMappersTest(mappersResource);
|
||||
}
|
||||
|
|
@ -171,4 +181,5 @@ public class ClientTest extends AbstractClientTest {
|
|||
} catch (NotFoundException nfe) {
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue