[KEYCLOAK-883] - Model tests.
This commit is contained in:
parent
15feb39ecc
commit
2065815627
32 changed files with 928 additions and 62 deletions
|
@ -105,6 +105,11 @@ public abstract class AbstractOAuth2IdentityProvider<C extends OAuth2IdentityPro
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public C getConfig() {
|
||||||
|
return super.getConfig();
|
||||||
|
}
|
||||||
|
|
||||||
protected AuthenticationResponse doHandleResponse(String response) throws IOException {
|
protected AuthenticationResponse doHandleResponse(String response) throws IOException {
|
||||||
String token = extractTokenFromResponse(response, OAUTH2_PARAMETER_ACCESS_TOKEN);
|
String token = extractTokenFromResponse(response, OAUTH2_PARAMETER_ACCESS_TOKEN);
|
||||||
|
|
||||||
|
|
|
@ -19,15 +19,13 @@ package org.keycloak.broker.oidc;
|
||||||
|
|
||||||
import org.keycloak.models.IdentityProviderModel;
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Pedro Igor
|
* @author Pedro Igor
|
||||||
*/
|
*/
|
||||||
public class OAuth2IdentityProviderConfig extends IdentityProviderModel {
|
public class OAuth2IdentityProviderConfig extends IdentityProviderModel {
|
||||||
|
|
||||||
public OAuth2IdentityProviderConfig(String providerId, String id, String name, Map<String, String> config) {
|
public OAuth2IdentityProviderConfig(IdentityProviderModel model) {
|
||||||
super(providerId, id, name, config);
|
super(model);
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getAuthorizationUrl() {
|
public String getAuthorizationUrl() {
|
||||||
|
|
|
@ -17,15 +17,15 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.broker.oidc;
|
package org.keycloak.broker.oidc;
|
||||||
|
|
||||||
import java.util.Map;
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Pedro Igor
|
* @author Pedro Igor
|
||||||
*/
|
*/
|
||||||
public class OIDCIdentityProviderConfig extends OAuth2IdentityProviderConfig {
|
public class OIDCIdentityProviderConfig extends OAuth2IdentityProviderConfig {
|
||||||
|
|
||||||
public OIDCIdentityProviderConfig(String providerId, String id, String name, Map<String, String> config) {
|
public OIDCIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
|
||||||
super(providerId, id, name, config);
|
super(identityProviderModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getPrompt() {
|
public String getPrompt() {
|
||||||
|
|
|
@ -25,6 +25,8 @@ import org.keycloak.models.IdentityProviderModel;
|
||||||
*/
|
*/
|
||||||
public class OIDCIdentityProviderFactory extends AbstractIdentityProviderFactory<OIDCIdentityProvider> {
|
public class OIDCIdentityProviderFactory extends AbstractIdentityProviderFactory<OIDCIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "oidc";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "OpenID Connect v1.0";
|
return "OpenID Connect v1.0";
|
||||||
|
@ -32,11 +34,11 @@ public class OIDCIdentityProviderFactory extends AbstractIdentityProviderFactory
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public OIDCIdentityProvider create(IdentityProviderModel model) {
|
public OIDCIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new OIDCIdentityProvider(new OIDCIdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new OIDCIdentityProvider(new OIDCIdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "oidc";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -69,7 +69,6 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
public class SAMLIdentityProvider extends AbstractIdentityProvider<SAMLIdentityProviderConfig> {
|
public class SAMLIdentityProvider extends AbstractIdentityProvider<SAMLIdentityProviderConfig> {
|
||||||
|
|
||||||
private static final String SAML_REQUEST_PARAMETER = "SAMLRequest";
|
|
||||||
private static final String SAML_RESPONSE_PARAMETER = "SAMLResponse";
|
private static final String SAML_RESPONSE_PARAMETER = "SAMLResponse";
|
||||||
private static final String RELAY_STATE_PARAMETER = "RelayState";
|
private static final String RELAY_STATE_PARAMETER = "RelayState";
|
||||||
|
|
||||||
|
|
|
@ -19,19 +19,16 @@ package org.keycloak.broker.saml;
|
||||||
|
|
||||||
import org.keycloak.models.IdentityProviderModel;
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Pedro Igor
|
* @author Pedro Igor
|
||||||
*/
|
*/
|
||||||
public class SAMLIdentityProviderConfig extends IdentityProviderModel {
|
public class SAMLIdentityProviderConfig extends IdentityProviderModel {
|
||||||
|
|
||||||
public SAMLIdentityProviderConfig() {
|
public SAMLIdentityProviderConfig() {
|
||||||
super();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public SAMLIdentityProviderConfig(String providerId, String id, String name, Map<String, String> config) {
|
public SAMLIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
|
||||||
super(providerId, id, name, config);
|
super(identityProviderModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getSingleSignOnServiceUrl() {
|
public String getSingleSignOnServiceUrl() {
|
||||||
|
|
|
@ -40,6 +40,8 @@ import java.util.Map;
|
||||||
*/
|
*/
|
||||||
public class SAMLIdentityProviderFactory extends AbstractIdentityProviderFactory<SAMLIdentityProvider> {
|
public class SAMLIdentityProviderFactory extends AbstractIdentityProviderFactory<SAMLIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "saml";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "SAML v2.0";
|
return "SAML v2.0";
|
||||||
|
@ -47,7 +49,7 @@ public class SAMLIdentityProviderFactory extends AbstractIdentityProviderFactory
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SAMLIdentityProvider create(IdentityProviderModel model) {
|
public SAMLIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new SAMLIdentityProvider(new SAMLIdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new SAMLIdentityProvider(new SAMLIdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -121,6 +123,6 @@ public class SAMLIdentityProviderFactory extends AbstractIdentityProviderFactory
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "saml";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -55,17 +55,15 @@ public class IdentityProviderModel {
|
||||||
private Map<String, String> config = new HashMap<String, String>();
|
private Map<String, String> config = new HashMap<String, String>();
|
||||||
|
|
||||||
public IdentityProviderModel() {
|
public IdentityProviderModel() {
|
||||||
this(null, null, null, null);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public IdentityProviderModel(String providerId, String id, String name, Map<String, String> config) {
|
public IdentityProviderModel(IdentityProviderModel model) {
|
||||||
this.providerId = providerId;
|
this.providerId = model.getProviderId();
|
||||||
this.id = id;
|
this.id = model.getId();
|
||||||
this.name = name;
|
this.name = model.getName();
|
||||||
|
this.config = new HashMap<String, String>(model.getConfig());
|
||||||
if (config != null) {
|
this.enabled = model.isEnabled();
|
||||||
this.config.putAll(config);
|
this.updateProfileFirstLogin = model.isUpdateProfileFirstLogin();
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getId() {
|
public String getId() {
|
||||||
|
|
|
@ -164,6 +164,7 @@ public interface RealmModel extends RoleContainerModel {
|
||||||
void setSmtpConfig(Map<String, String> smtpConfig);
|
void setSmtpConfig(Map<String, String> smtpConfig);
|
||||||
|
|
||||||
List<IdentityProviderModel> getIdentityProviders();
|
List<IdentityProviderModel> getIdentityProviders();
|
||||||
|
IdentityProviderModel getIdentityProviderById(String identityProviderId);
|
||||||
void addIdentityProvider(IdentityProviderModel identityProvider);
|
void addIdentityProvider(IdentityProviderModel identityProvider);
|
||||||
void removeIdentityProviderById(String providerId);
|
void removeIdentityProviderById(String providerId);
|
||||||
void updateIdentityProvider(IdentityProviderModel identityProvider);
|
void updateIdentityProvider(IdentityProviderModel identityProvider);
|
||||||
|
|
|
@ -8,6 +8,7 @@ import org.keycloak.models.BrowserSecurityHeaders;
|
||||||
import org.keycloak.models.ClaimMask;
|
import org.keycloak.models.ClaimMask;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.FederatedIdentityModel;
|
import org.keycloak.models.FederatedIdentityModel;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.OAuthClientModel;
|
import org.keycloak.models.OAuthClientModel;
|
||||||
import org.keycloak.models.PasswordPolicy;
|
import org.keycloak.models.PasswordPolicy;
|
||||||
|
@ -21,6 +22,7 @@ import org.keycloak.representations.idm.ApplicationRepresentation;
|
||||||
import org.keycloak.representations.idm.ClaimRepresentation;
|
import org.keycloak.representations.idm.ClaimRepresentation;
|
||||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||||
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
|
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
|
||||||
|
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||||
import org.keycloak.representations.idm.OAuthClientRepresentation;
|
import org.keycloak.representations.idm.OAuthClientRepresentation;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.RoleRepresentation;
|
import org.keycloak.representations.idm.RoleRepresentation;
|
||||||
|
@ -229,6 +231,21 @@ public class RepresentationToModel {
|
||||||
UserModel user = createUser(session, newRealm, userRep, appMap);
|
UserModel user = createUser(session, newRealm, userRep, appMap);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (rep.getIdentityProviders() != null) {
|
||||||
|
for (IdentityProviderRepresentation identityProviderRepresentation : rep.getIdentityProviders()) {
|
||||||
|
IdentityProviderModel identityProviderModel = new IdentityProviderModel();
|
||||||
|
|
||||||
|
identityProviderModel.setId(identityProviderRepresentation.getId());
|
||||||
|
identityProviderModel.setProviderId(identityProviderRepresentation.getProviderId());
|
||||||
|
identityProviderModel.setName(identityProviderRepresentation.getName());
|
||||||
|
identityProviderModel.setEnabled(identityProviderRepresentation.isEnabled());
|
||||||
|
identityProviderModel.setUpdateProfileFirstLogin(identityProviderRepresentation.isUpdateProfileFirstLogin());
|
||||||
|
identityProviderModel.setConfig(identityProviderRepresentation.getConfig());
|
||||||
|
|
||||||
|
newRealm.addIdentityProvider(identityProviderModel);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void updateRealm(RealmRepresentation rep, RealmModel realm) {
|
public static void updateRealm(RealmRepresentation rep, RealmModel realm) {
|
||||||
|
@ -727,5 +744,4 @@ public class RepresentationToModel {
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -615,6 +615,17 @@ public class RealmAdapter implements RealmModel {
|
||||||
return cached.getIdentityProviders();
|
return cached.getIdentityProviders();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public IdentityProviderModel getIdentityProviderById(String identityProviderId) {
|
||||||
|
for (IdentityProviderModel identityProviderModel : getIdentityProviders()) {
|
||||||
|
if (identityProviderModel.getId().equals(identityProviderId)) {
|
||||||
|
return identityProviderModel;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
||||||
getDelegateForUpdate();
|
getDelegateForUpdate();
|
||||||
|
|
|
@ -1111,9 +1111,12 @@ public class RealmAdapter implements RealmModel {
|
||||||
List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
|
List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
|
||||||
|
|
||||||
for (IdentityProviderEntity entity: realm.getIdentityProviders()) {
|
for (IdentityProviderEntity entity: realm.getIdentityProviders()) {
|
||||||
IdentityProviderModel identityProviderModel = new IdentityProviderModel(entity.getProviderId(), entity.getId(), entity.getName(),
|
IdentityProviderModel identityProviderModel = new IdentityProviderModel();
|
||||||
entity.getConfig());
|
|
||||||
|
|
||||||
|
identityProviderModel.setProviderId(entity.getProviderId());
|
||||||
|
identityProviderModel.setId(entity.getId());
|
||||||
|
identityProviderModel.setName(entity.getName());
|
||||||
|
identityProviderModel.setConfig(entity.getConfig());
|
||||||
identityProviderModel.setEnabled(entity.isEnabled());
|
identityProviderModel.setEnabled(entity.isEnabled());
|
||||||
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
|
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
|
||||||
|
|
||||||
|
@ -1123,6 +1126,17 @@ public class RealmAdapter implements RealmModel {
|
||||||
return identityProviders;
|
return identityProviders;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public IdentityProviderModel getIdentityProviderById(String identityProviderId) {
|
||||||
|
for (IdentityProviderModel identityProviderModel : getIdentityProviders()) {
|
||||||
|
if (identityProviderModel.getId().equals(identityProviderId)) {
|
||||||
|
return identityProviderModel;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
||||||
IdentityProviderEntity entity = new IdentityProviderEntity();
|
IdentityProviderEntity entity = new IdentityProviderEntity();
|
||||||
|
|
|
@ -787,9 +787,12 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
|
||||||
List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
|
List<IdentityProviderModel> identityProviders = new ArrayList<IdentityProviderModel>();
|
||||||
|
|
||||||
for (IdentityProviderEntity entity: realm.getIdentityProviders()) {
|
for (IdentityProviderEntity entity: realm.getIdentityProviders()) {
|
||||||
IdentityProviderModel identityProviderModel = new IdentityProviderModel(entity.getProviderId(), entity.getId(), entity.getName(),
|
IdentityProviderModel identityProviderModel = new IdentityProviderModel();
|
||||||
entity.getConfig());
|
|
||||||
|
|
||||||
|
identityProviderModel.setProviderId(entity.getProviderId());
|
||||||
|
identityProviderModel.setId(entity.getId());
|
||||||
|
identityProviderModel.setName(entity.getName());
|
||||||
|
identityProviderModel.setConfig(entity.getConfig());
|
||||||
identityProviderModel.setEnabled(entity.isEnabled());
|
identityProviderModel.setEnabled(entity.isEnabled());
|
||||||
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
|
identityProviderModel.setUpdateProfileFirstLogin(entity.isUpdateProfileFirstLogin());
|
||||||
|
|
||||||
|
@ -799,6 +802,17 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
|
||||||
return identityProviders;
|
return identityProviders;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public IdentityProviderModel getIdentityProviderById(String identityProviderId) {
|
||||||
|
for (IdentityProviderModel identityProviderModel : getIdentityProviders()) {
|
||||||
|
if (identityProviderModel.getId().equals(identityProviderId)) {
|
||||||
|
return identityProviderModel;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
public void addIdentityProvider(IdentityProviderModel identityProvider) {
|
||||||
IdentityProviderEntity entity = new IdentityProviderEntity();
|
IdentityProviderEntity entity = new IdentityProviderEntity();
|
||||||
|
|
|
@ -314,16 +314,16 @@ public class AuthenticationBrokerResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
private IdentityProvider getIdentityProvider(RealmModel realm, String providerId) {
|
private IdentityProvider getIdentityProvider(RealmModel realm, String providerId) {
|
||||||
for (IdentityProviderModel model : realm.getIdentityProviders()) {
|
IdentityProviderModel identityProviderModel = realm.getIdentityProviderById(providerId);
|
||||||
if (model.getId().equals(providerId)) {
|
|
||||||
IdentityProviderFactory providerFactory = getIdentityProviderFactory(model);
|
|
||||||
|
|
||||||
if (providerFactory == null) {
|
if (identityProviderModel != null) {
|
||||||
throw new RuntimeException("Could not find provider factory for identity provider [" + providerId + "].");
|
IdentityProviderFactory providerFactory = getIdentityProviderFactory(identityProviderModel);
|
||||||
}
|
|
||||||
|
|
||||||
return providerFactory.create(model);
|
if (providerFactory == null) {
|
||||||
|
throw new RuntimeException("Could not find provider factory for identity provider [" + providerId + "].");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return providerFactory.create(identityProviderModel);
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -12,11 +12,10 @@ import org.keycloak.social.SocialIdentityProvider;
|
||||||
*/
|
*/
|
||||||
public class FacebookIdentityProvider extends AbstractOAuth2IdentityProvider implements SocialIdentityProvider {
|
public class FacebookIdentityProvider extends AbstractOAuth2IdentityProvider implements SocialIdentityProvider {
|
||||||
|
|
||||||
private static final String ID = "facebook";
|
public static final String AUTH_URL = "https://graph.facebook.com/oauth/authorize";
|
||||||
private static final String AUTH_URL = "https://graph.facebook.com/oauth/authorize";
|
public static final String TOKEN_URL = "https://graph.facebook.com/oauth/access_token";
|
||||||
private static final String TOKEN_URL = "https://graph.facebook.com/oauth/access_token";
|
public static final String PROFILE_URL = "https://graph.facebook.com/me";
|
||||||
private static final String PROFILE_URL = "https://graph.facebook.com/me";
|
public static final String DEFAULT_SCOPE = "email";
|
||||||
private static final String DEFAULT_SCOPE = "email";
|
|
||||||
|
|
||||||
public FacebookIdentityProvider(OAuth2IdentityProviderConfig config) {
|
public FacebookIdentityProvider(OAuth2IdentityProviderConfig config) {
|
||||||
super(config);
|
super(config);
|
||||||
|
|
|
@ -27,6 +27,8 @@ import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
*/
|
*/
|
||||||
public class FacebookIdentityProviderFactory extends AbstractIdentityProviderFactory<FacebookIdentityProvider> implements SocialIdentityProviderFactory<FacebookIdentityProvider> {
|
public class FacebookIdentityProviderFactory extends AbstractIdentityProviderFactory<FacebookIdentityProvider> implements SocialIdentityProviderFactory<FacebookIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "facebook";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "Facebook";
|
return "Facebook";
|
||||||
|
@ -34,11 +36,11 @@ public class FacebookIdentityProviderFactory extends AbstractIdentityProviderFac
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public FacebookIdentityProvider create(IdentityProviderModel model) {
|
public FacebookIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new FacebookIdentityProvider(new OAuth2IdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new FacebookIdentityProvider(new OAuth2IdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "facebook";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,11 +12,10 @@ import org.keycloak.social.SocialIdentityProvider;
|
||||||
*/
|
*/
|
||||||
public class GitHubIdentityProvider extends AbstractOAuth2IdentityProvider implements SocialIdentityProvider {
|
public class GitHubIdentityProvider extends AbstractOAuth2IdentityProvider implements SocialIdentityProvider {
|
||||||
|
|
||||||
private static final String ID = "github";
|
public static final String AUTH_URL = "https://github.com/login/oauth/authorize";
|
||||||
private static final String AUTH_URL = "https://github.com/login/oauth/authorize";
|
public static final String TOKEN_URL = "https://github.com/login/oauth/access_token";
|
||||||
private static final String TOKEN_URL = "https://github.com/login/oauth/access_token";
|
public static final String PROFILE_URL = "https://api.github.com/user";
|
||||||
private static final String PROFILE_URL = "https://api.github.com/user";
|
public static final String DEFAULT_SCOPE = "user:email";
|
||||||
private static final String DEFAULT_SCOPE = "user:email";
|
|
||||||
|
|
||||||
public GitHubIdentityProvider(OAuth2IdentityProviderConfig config) {
|
public GitHubIdentityProvider(OAuth2IdentityProviderConfig config) {
|
||||||
super(config);
|
super(config);
|
||||||
|
|
|
@ -27,6 +27,8 @@ import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
*/
|
*/
|
||||||
public class GitHubIdentityProviderFactory extends AbstractIdentityProviderFactory<GitHubIdentityProvider> implements SocialIdentityProviderFactory<GitHubIdentityProvider> {
|
public class GitHubIdentityProviderFactory extends AbstractIdentityProviderFactory<GitHubIdentityProvider> implements SocialIdentityProviderFactory<GitHubIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "github";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "GitHub";
|
return "GitHub";
|
||||||
|
@ -34,11 +36,11 @@ public class GitHubIdentityProviderFactory extends AbstractIdentityProviderFacto
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public GitHubIdentityProvider create(IdentityProviderModel model) {
|
public GitHubIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new GitHubIdentityProvider(new OAuth2IdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new GitHubIdentityProvider(new OAuth2IdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "github";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,11 +30,10 @@ import org.keycloak.social.SocialIdentityProvider;
|
||||||
*/
|
*/
|
||||||
public class GoogleIdentityProvider extends OIDCIdentityProvider implements SocialIdentityProvider<OIDCIdentityProviderConfig> {
|
public class GoogleIdentityProvider extends OIDCIdentityProvider implements SocialIdentityProvider<OIDCIdentityProviderConfig> {
|
||||||
|
|
||||||
private static final String ID = "google";
|
public static final String AUTH_URL = "https://accounts.google.com/o/oauth2/auth";
|
||||||
private static final String AUTH_URL = "https://accounts.google.com/o/oauth2/auth";
|
public static final String TOKEN_URL = "https://accounts.google.com/o/oauth2/token";
|
||||||
private static final String TOKEN_URL = "https://accounts.google.com/o/oauth2/token";
|
public static final String PROFILE_URL = "https://www.googleapis.com/plus/v1/people/me/openIdConnect";
|
||||||
private static final String PROFILE_URL = "https://www.googleapis.com/plus/v1/people/me/openIdConnect";
|
public static final String DEFAULT_SCOPE = "openid profile email";
|
||||||
private static final String DEFAULT_SCOPE = "openid profile email";
|
|
||||||
|
|
||||||
public GoogleIdentityProvider(OIDCIdentityProviderConfig config) {
|
public GoogleIdentityProvider(OIDCIdentityProviderConfig config) {
|
||||||
super(config);
|
super(config);
|
||||||
|
|
|
@ -27,6 +27,8 @@ import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
*/
|
*/
|
||||||
public class GoogleIdentityProviderFactory extends AbstractIdentityProviderFactory<GoogleIdentityProvider> implements SocialIdentityProviderFactory<GoogleIdentityProvider> {
|
public class GoogleIdentityProviderFactory extends AbstractIdentityProviderFactory<GoogleIdentityProvider> implements SocialIdentityProviderFactory<GoogleIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "google";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "Google";
|
return "Google";
|
||||||
|
@ -34,11 +36,11 @@ public class GoogleIdentityProviderFactory extends AbstractIdentityProviderFacto
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public GoogleIdentityProvider create(IdentityProviderModel model) {
|
public GoogleIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new GoogleIdentityProvider(new OIDCIdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new GoogleIdentityProvider(new OIDCIdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "google";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,6 +27,8 @@ import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
*/
|
*/
|
||||||
public class TwitterIdentityProviderFactory extends AbstractIdentityProviderFactory<TwitterIdentityProvider> implements SocialIdentityProviderFactory<TwitterIdentityProvider> {
|
public class TwitterIdentityProviderFactory extends AbstractIdentityProviderFactory<TwitterIdentityProvider> implements SocialIdentityProviderFactory<TwitterIdentityProvider> {
|
||||||
|
|
||||||
|
public static final String PROVIDER_ID = "twitter";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getName() {
|
public String getName() {
|
||||||
return "Twitter";
|
return "Twitter";
|
||||||
|
@ -34,11 +36,11 @@ public class TwitterIdentityProviderFactory extends AbstractIdentityProviderFact
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public TwitterIdentityProvider create(IdentityProviderModel model) {
|
public TwitterIdentityProvider create(IdentityProviderModel model) {
|
||||||
return new TwitterIdentityProvider(new OAuth2IdentityProviderConfig(getId(), model.getId(), model.getName(), model.getConfig()));
|
return new TwitterIdentityProvider(new OAuth2IdentityProviderConfig(model));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return "twitter";
|
return PROVIDER_ID;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,57 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker;
|
||||||
|
|
||||||
|
import org.junit.Before;
|
||||||
|
import org.keycloak.broker.oidc.OIDCIdentityProviderFactory;
|
||||||
|
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.facebook.FacebookIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.github.GitHubIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.google.GoogleIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.twitter.TwitterIdentityProviderFactory;
|
||||||
|
import org.keycloak.testsuite.model.AbstractModelTest;
|
||||||
|
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public abstract class AbstractIdentityProviderModelTest extends AbstractModelTest {
|
||||||
|
|
||||||
|
private Set<String> expectedProviders;
|
||||||
|
|
||||||
|
@Before
|
||||||
|
public void onBefore() {
|
||||||
|
this.expectedProviders = new HashSet<String>();
|
||||||
|
|
||||||
|
this.expectedProviders.add(SAMLIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
this.expectedProviders.add(OIDCIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
this.expectedProviders.add(GoogleIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
this.expectedProviders.add(FacebookIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
this.expectedProviders.add(GitHubIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
this.expectedProviders.add(TwitterIdentityProviderFactory.PROVIDER_ID);
|
||||||
|
|
||||||
|
this.expectedProviders = Collections.unmodifiableSet(this.expectedProviders);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected Set<String> getExpectedProviders() {
|
||||||
|
return this.expectedProviders;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,105 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker;
|
||||||
|
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.keycloak.broker.provider.IdentityProvider;
|
||||||
|
import org.keycloak.broker.provider.IdentityProviderFactory;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
import org.keycloak.social.SocialIdentityProvider;
|
||||||
|
import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
|
import org.keycloak.testsuite.broker.provider.CustomIdentityProvider;
|
||||||
|
import org.keycloak.testsuite.broker.social.CustomSocialProvider;
|
||||||
|
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
import static org.junit.Assert.assertNotNull;
|
||||||
|
import static org.junit.Assert.assertTrue;
|
||||||
|
import static org.junit.Assert.fail;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class IdentityProviderRegistrationTest extends AbstractIdentityProviderModelTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testIdentityProviderRegistration() {
|
||||||
|
Set<String> installedProviders = getInstalledProviders();
|
||||||
|
|
||||||
|
for (String providerId : getExpectedProviders()) {
|
||||||
|
if (!installedProviders.contains(providerId)) {
|
||||||
|
fail("Provider [" + providerId + "] not installed ");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testCustomSocialProviderRegistration() {
|
||||||
|
String providerId = "custom-social-provider";
|
||||||
|
|
||||||
|
assertTrue(getInstalledProviders().contains(providerId));
|
||||||
|
|
||||||
|
SocialIdentityProviderFactory<CustomSocialProvider> providerFactory = (SocialIdentityProviderFactory) this.session.getKeycloakSessionFactory().getProviderFactory(SocialIdentityProvider.class, providerId);
|
||||||
|
|
||||||
|
assertNotNull(providerFactory);
|
||||||
|
|
||||||
|
IdentityProviderModel identityProviderModel = new IdentityProviderModel();
|
||||||
|
|
||||||
|
identityProviderModel.setId("custom-provider");
|
||||||
|
|
||||||
|
CustomSocialProvider customSocialProvider = providerFactory.create(identityProviderModel);
|
||||||
|
|
||||||
|
assertNotNull(customSocialProvider);
|
||||||
|
IdentityProviderModel config = customSocialProvider.getConfig();
|
||||||
|
|
||||||
|
assertNotNull(config);
|
||||||
|
assertEquals("custom-provider", config.getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testCustomIdentityProviderRegistration() {
|
||||||
|
String providerId = "custom-identity-provider";
|
||||||
|
|
||||||
|
assertTrue(getInstalledProviders().contains(providerId));
|
||||||
|
|
||||||
|
IdentityProviderFactory<CustomIdentityProvider> providerFactory = (IdentityProviderFactory) this.session.getKeycloakSessionFactory().getProviderFactory(IdentityProvider.class, providerId);
|
||||||
|
|
||||||
|
assertNotNull(providerFactory);
|
||||||
|
|
||||||
|
IdentityProviderModel identityProviderModel = new IdentityProviderModel();
|
||||||
|
|
||||||
|
identityProviderModel.setId("custom-provider");
|
||||||
|
|
||||||
|
CustomIdentityProvider provider = providerFactory.create(identityProviderModel);
|
||||||
|
|
||||||
|
assertNotNull(provider);
|
||||||
|
IdentityProviderModel config = provider.getConfig();
|
||||||
|
|
||||||
|
assertNotNull(config);
|
||||||
|
assertEquals("custom-provider", config.getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
private Set<String> getInstalledProviders() {
|
||||||
|
Set<String> installedProviders = this.session.listProviderIds(IdentityProvider.class);
|
||||||
|
|
||||||
|
installedProviders.addAll(this.session.listProviderIds(SocialIdentityProvider.class));
|
||||||
|
|
||||||
|
return installedProviders;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,276 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker;
|
||||||
|
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig;
|
||||||
|
import org.keycloak.broker.oidc.OIDCIdentityProvider;
|
||||||
|
import org.keycloak.broker.oidc.OIDCIdentityProviderConfig;
|
||||||
|
import org.keycloak.broker.oidc.OIDCIdentityProviderFactory;
|
||||||
|
import org.keycloak.broker.saml.SAMLIdentityProvider;
|
||||||
|
import org.keycloak.broker.saml.SAMLIdentityProviderConfig;
|
||||||
|
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
|
import org.keycloak.social.facebook.FacebookIdentityProvider;
|
||||||
|
import org.keycloak.social.facebook.FacebookIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.github.GitHubIdentityProvider;
|
||||||
|
import org.keycloak.social.github.GitHubIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.google.GoogleIdentityProvider;
|
||||||
|
import org.keycloak.social.google.GoogleIdentityProviderFactory;
|
||||||
|
import org.keycloak.social.twitter.TwitterIdentityProvider;
|
||||||
|
import org.keycloak.social.twitter.TwitterIdentityProviderFactory;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
import static org.junit.Assert.assertFalse;
|
||||||
|
import static org.junit.Assert.assertNotNull;
|
||||||
|
import static org.junit.Assert.assertNull;
|
||||||
|
import static org.junit.Assert.assertTrue;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class ImportIdentityProviderTest extends AbstractIdentityProviderModelTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testInstallation() throws Exception {
|
||||||
|
RealmModel realm = installTestRealm();
|
||||||
|
|
||||||
|
assertIdentityProviderConfig(realm.getIdentityProviders());
|
||||||
|
|
||||||
|
assertTrue(realm.isIdentityFederationEnabled());
|
||||||
|
|
||||||
|
this.realmManager.removeRealm(realm);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm = this.realmManager.getRealm(realm.getId());
|
||||||
|
|
||||||
|
assertNull(realm);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testUpdateIdentityProvider() throws Exception {
|
||||||
|
RealmModel realm = installTestRealm();
|
||||||
|
List<IdentityProviderModel> identityProviders = realm.getIdentityProviders();
|
||||||
|
|
||||||
|
assertFalse(identityProviders.isEmpty());
|
||||||
|
|
||||||
|
IdentityProviderModel identityProviderModel = identityProviders.get(0);
|
||||||
|
String identityProviderId = identityProviderModel.getId();
|
||||||
|
|
||||||
|
identityProviderModel.setName("Changed Name");
|
||||||
|
identityProviderModel.getConfig().put("config-added", "value-added");
|
||||||
|
identityProviderModel.setEnabled(false);
|
||||||
|
identityProviderModel.setUpdateProfileFirstLogin(false);
|
||||||
|
|
||||||
|
realm.updateIdentityProvider(identityProviderModel);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm = this.realmManager.getRealm(realm.getId());
|
||||||
|
|
||||||
|
identityProviderModel = realm.getIdentityProviderById(identityProviderId);
|
||||||
|
|
||||||
|
assertEquals("Changed Name", identityProviderModel.getName());
|
||||||
|
assertEquals("value-added", identityProviderModel.getConfig().get("config-added"));
|
||||||
|
assertEquals(false, identityProviderModel.isEnabled());
|
||||||
|
assertEquals(false, identityProviderModel.isUpdateProfileFirstLogin());
|
||||||
|
|
||||||
|
identityProviderModel.setName("Changed Name Again");
|
||||||
|
identityProviderModel.getConfig().remove("config-added");
|
||||||
|
identityProviderModel.setEnabled(true);
|
||||||
|
identityProviderModel.setUpdateProfileFirstLogin(true);
|
||||||
|
|
||||||
|
realm.updateIdentityProvider(identityProviderModel);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm = this.realmManager.getRealm(realm.getId());
|
||||||
|
identityProviderModel = realm.getIdentityProviderById(identityProviderId);
|
||||||
|
|
||||||
|
assertEquals("Changed Name Again", identityProviderModel.getName());
|
||||||
|
assertFalse(identityProviderModel.getConfig().containsKey("config-added"));
|
||||||
|
assertEquals(true, identityProviderModel.isEnabled());
|
||||||
|
assertEquals(true, identityProviderModel.isUpdateProfileFirstLogin());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testRemoveIdentityProvider() throws Exception {
|
||||||
|
RealmModel realm = installTestRealm();
|
||||||
|
List<IdentityProviderModel> identityProviders = realm.getIdentityProviders();
|
||||||
|
|
||||||
|
assertFalse(identityProviders.isEmpty());
|
||||||
|
|
||||||
|
IdentityProviderModel identityProviderModel = identityProviders.get(0);
|
||||||
|
String expectedId = identityProviderModel.getId();
|
||||||
|
|
||||||
|
realm.removeIdentityProviderById(expectedId);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realm = this.realmManager.getRealm(realm.getId());
|
||||||
|
|
||||||
|
assertNull(realm.getIdentityProviderById(expectedId));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertIdentityProviderConfig(List<IdentityProviderModel> identityProviders) {
|
||||||
|
assertFalse(identityProviders.isEmpty());
|
||||||
|
|
||||||
|
Set<String> checkedProviders = new HashSet<String>(getExpectedProviders());
|
||||||
|
|
||||||
|
for (IdentityProviderModel identityProvider : identityProviders) {
|
||||||
|
String providerId = identityProvider.getProviderId();
|
||||||
|
|
||||||
|
if (SAMLIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertSamlIdentityProviderConfig(identityProvider);
|
||||||
|
} else if (GoogleIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertGoogleIdentityProviderConfig(identityProvider);
|
||||||
|
} else if (OIDCIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertOidcIdentityProviderConfig(identityProvider);
|
||||||
|
} else if (FacebookIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertFacebookIdentityProviderConfig(identityProvider);
|
||||||
|
} else if (GitHubIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertGitHubIdentityProviderConfig(identityProvider);
|
||||||
|
} else if (TwitterIdentityProviderFactory.PROVIDER_ID.equals(providerId)) {
|
||||||
|
assertTwitterIdentityProviderConfig(identityProvider);
|
||||||
|
}
|
||||||
|
|
||||||
|
checkedProviders.remove(providerId);
|
||||||
|
}
|
||||||
|
|
||||||
|
assertTrue(checkedProviders.isEmpty());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertGoogleIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
GoogleIdentityProvider googleIdentityProvider = new GoogleIdentityProviderFactory().create(identityProvider);
|
||||||
|
OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("google", config.getId());
|
||||||
|
assertEquals(GoogleIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("Google", config.getName());
|
||||||
|
assertEquals(true, config.isEnabled());
|
||||||
|
assertEquals(true, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("clientId", config.getClientId());
|
||||||
|
assertEquals("clientSecret", config.getClientSecret());
|
||||||
|
assertEquals(GoogleIdentityProvider.AUTH_URL, config.getAuthorizationUrl());
|
||||||
|
assertEquals(GoogleIdentityProvider.TOKEN_URL, config.getTokenUrl());
|
||||||
|
assertEquals(GoogleIdentityProvider.PROFILE_URL, config.getUserInfoUrl());
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertSamlIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
SAMLIdentityProvider samlIdentityProvider = new SAMLIdentityProviderFactory().create(identityProvider);
|
||||||
|
SAMLIdentityProviderConfig config = samlIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("saml-idp", config.getId());
|
||||||
|
assertEquals(SAMLIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("SAML IdP", config.getName());
|
||||||
|
assertEquals(true, config.isEnabled());
|
||||||
|
assertEquals(true, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("http://localhost:8080/idp/", config.getSingleSignOnServiceUrl());
|
||||||
|
assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", config.getNameIDPolicyFormat());
|
||||||
|
assertEquals("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", config.getSigningPublicKey());
|
||||||
|
assertEquals(true, config.isWantAuthnRequestsSigned());
|
||||||
|
assertEquals(true, config.isForceAuthn());
|
||||||
|
assertEquals(true, config.isPostBindingAuthnRequest());
|
||||||
|
assertEquals(true, config.isPostBindingResponse());
|
||||||
|
assertEquals(true, config.isValidateSignature());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertOidcIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
OIDCIdentityProvider googleIdentityProvider = new OIDCIdentityProviderFactory().create(identityProvider);
|
||||||
|
OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("oidc-idp", config.getId());
|
||||||
|
assertEquals(OIDCIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("OIDC IdP", config.getName());
|
||||||
|
assertEquals(false, config.isEnabled());
|
||||||
|
assertEquals(false, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("clientId", config.getClientId());
|
||||||
|
assertEquals("clientSecret", config.getClientSecret());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertFacebookIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
FacebookIdentityProvider facebookIdentityProvider = new FacebookIdentityProviderFactory().create(identityProvider);
|
||||||
|
OAuth2IdentityProviderConfig config = facebookIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("facebook", config.getId());
|
||||||
|
assertEquals(FacebookIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("Facebook", config.getName());
|
||||||
|
assertEquals(true, config.isEnabled());
|
||||||
|
assertEquals(true, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("clientId", config.getClientId());
|
||||||
|
assertEquals("clientSecret", config.getClientSecret());
|
||||||
|
assertEquals(FacebookIdentityProvider.AUTH_URL, config.getAuthorizationUrl());
|
||||||
|
assertEquals(FacebookIdentityProvider.TOKEN_URL, config.getTokenUrl());
|
||||||
|
assertEquals(FacebookIdentityProvider.PROFILE_URL, config.getUserInfoUrl());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertGitHubIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
GitHubIdentityProvider gitHubIdentityProvider = new GitHubIdentityProviderFactory().create(identityProvider);
|
||||||
|
OAuth2IdentityProviderConfig config = gitHubIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("github", config.getId());
|
||||||
|
assertEquals(GitHubIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("GitHub", config.getName());
|
||||||
|
assertEquals(true, config.isEnabled());
|
||||||
|
assertEquals(true, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("clientId", config.getClientId());
|
||||||
|
assertEquals("clientSecret", config.getClientSecret());
|
||||||
|
assertEquals(GitHubIdentityProvider.AUTH_URL, config.getAuthorizationUrl());
|
||||||
|
assertEquals(GitHubIdentityProvider.TOKEN_URL, config.getTokenUrl());
|
||||||
|
assertEquals(GitHubIdentityProvider.PROFILE_URL, config.getUserInfoUrl());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertTwitterIdentityProviderConfig(IdentityProviderModel identityProvider) {
|
||||||
|
TwitterIdentityProvider gitHubIdentityProvider = new TwitterIdentityProviderFactory().create(identityProvider);
|
||||||
|
OAuth2IdentityProviderConfig config = gitHubIdentityProvider.getConfig();
|
||||||
|
|
||||||
|
assertEquals("twitter", config.getId());
|
||||||
|
assertEquals(TwitterIdentityProviderFactory.PROVIDER_ID, config.getProviderId());
|
||||||
|
assertEquals("Twitter", config.getName());
|
||||||
|
assertEquals(true, config.isEnabled());
|
||||||
|
assertEquals(true, config.isUpdateProfileFirstLogin());
|
||||||
|
assertEquals("clientId", config.getClientId());
|
||||||
|
assertEquals("clientSecret", config.getClientSecret());
|
||||||
|
}
|
||||||
|
|
||||||
|
private RealmModel installTestRealm() throws IOException {
|
||||||
|
RealmRepresentation realmRepresentation = loadJson("model/test-realm-with-identity-provider.json");
|
||||||
|
|
||||||
|
assertNotNull(realmRepresentation);
|
||||||
|
assertEquals("test-realm-with-identity-provider", realmRepresentation.getRealm());
|
||||||
|
|
||||||
|
RealmModel realmModel = this.realmManager.importRealm(realmRepresentation);
|
||||||
|
|
||||||
|
commit();
|
||||||
|
|
||||||
|
realmModel = this.realmManager.getRealm(realmModel.getId());
|
||||||
|
|
||||||
|
assertNotNull(realmModel);
|
||||||
|
|
||||||
|
return realmModel;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,48 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker.provider;
|
||||||
|
|
||||||
|
import org.keycloak.broker.provider.AbstractIdentityProvider;
|
||||||
|
import org.keycloak.broker.provider.AuthenticationRequest;
|
||||||
|
import org.keycloak.broker.provider.AuthenticationResponse;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class CustomIdentityProvider extends AbstractIdentityProvider<IdentityProviderModel> {
|
||||||
|
|
||||||
|
public CustomIdentityProvider(IdentityProviderModel config) {
|
||||||
|
super(config);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AuthenticationResponse handleRequest(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getRelayState(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AuthenticationResponse handleResponse(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,42 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker.provider;
|
||||||
|
|
||||||
|
import org.keycloak.broker.provider.AbstractIdentityProviderFactory;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class CustomIdentityProviderFactory extends AbstractIdentityProviderFactory<CustomIdentityProvider> {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getName() {
|
||||||
|
return "Custom Identity Provider";
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public CustomIdentityProvider create(IdentityProviderModel model) {
|
||||||
|
return new CustomIdentityProvider(model);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getId() {
|
||||||
|
return "custom-identity-provider";
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,49 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker.social;
|
||||||
|
|
||||||
|
import org.keycloak.broker.provider.AbstractIdentityProvider;
|
||||||
|
import org.keycloak.broker.provider.AuthenticationRequest;
|
||||||
|
import org.keycloak.broker.provider.AuthenticationResponse;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
import org.keycloak.social.SocialIdentityProvider;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class CustomSocialProvider extends AbstractIdentityProvider<IdentityProviderModel> implements SocialIdentityProvider<IdentityProviderModel> {
|
||||||
|
|
||||||
|
public CustomSocialProvider(IdentityProviderModel config) {
|
||||||
|
super(config);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AuthenticationResponse handleRequest(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getRelayState(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public AuthenticationResponse handleResponse(AuthenticationRequest request) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,43 @@
|
||||||
|
/*
|
||||||
|
* JBoss, Home of Professional Open Source
|
||||||
|
*
|
||||||
|
* Copyright 2013 Red Hat, Inc. and/or its affiliates.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.broker.social;
|
||||||
|
|
||||||
|
import org.keycloak.broker.provider.AbstractIdentityProviderFactory;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
|
import org.keycloak.social.SocialIdentityProviderFactory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author pedroigor
|
||||||
|
*/
|
||||||
|
public class CustomSocialProviderFactory extends AbstractIdentityProviderFactory<CustomSocialProvider> implements SocialIdentityProviderFactory<CustomSocialProvider> {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getName() {
|
||||||
|
return "Custom Social Provider";
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public CustomSocialProvider create(IdentityProviderModel model) {
|
||||||
|
return new CustomSocialProvider(model);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getId() {
|
||||||
|
return "custom-social-provider";
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
org.keycloak.testsuite.broker.provider.CustomIdentityProviderFactory
|
|
@ -0,0 +1 @@
|
||||||
|
org.keycloak.testsuite.broker.social.CustomSocialProviderFactory
|
|
@ -1 +0,0 @@
|
||||||
org.keycloak.testsuite.DummySocial
|
|
|
@ -0,0 +1,183 @@
|
||||||
|
{
|
||||||
|
"realm": "test-realm-with-identity-provider",
|
||||||
|
"enabled": true,
|
||||||
|
"requiredCredentials": [ "password" ],
|
||||||
|
"defaultRoles": [ "foo", "bar" ],
|
||||||
|
"identityProviders" : [
|
||||||
|
{
|
||||||
|
"id" : "google",
|
||||||
|
"providerId" : "google",
|
||||||
|
"name" : "Google",
|
||||||
|
"enabled": true,
|
||||||
|
"updateProfileFirstLogin" : "true",
|
||||||
|
"config": {
|
||||||
|
"clientId": "clientId",
|
||||||
|
"clientSecret": "clientSecret"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id" : "facebook",
|
||||||
|
"providerId" : "facebook",
|
||||||
|
"name" : "Facebook",
|
||||||
|
"enabled": true,
|
||||||
|
"updateProfileFirstLogin" : "true",
|
||||||
|
"config": {
|
||||||
|
"authorizationUrl": "authorizationUrl",
|
||||||
|
"tokenUrl": "tokenUrl",
|
||||||
|
"userInfoUrl": "userInfoUrl",
|
||||||
|
"clientId": "clientId",
|
||||||
|
"clientSecret": "clientSecret"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id" : "github",
|
||||||
|
"providerId" : "github",
|
||||||
|
"name" : "GitHub",
|
||||||
|
"enabled": true,
|
||||||
|
"updateProfileFirstLogin" : "true",
|
||||||
|
"config": {
|
||||||
|
"authorizationUrl": "authorizationUrl",
|
||||||
|
"tokenUrl": "tokenUrl",
|
||||||
|
"userInfoUrl": "userInfoUrl",
|
||||||
|
"clientId": "clientId",
|
||||||
|
"clientSecret": "clientSecret"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id" : "twitter",
|
||||||
|
"providerId" : "twitter",
|
||||||
|
"name" : "Twitter",
|
||||||
|
"enabled": true,
|
||||||
|
"updateProfileFirstLogin" : "true",
|
||||||
|
"config": {
|
||||||
|
"authorizationUrl": "authorizationUrl",
|
||||||
|
"tokenUrl": "tokenUrl",
|
||||||
|
"userInfoUrl": "userInfoUrl",
|
||||||
|
"clientId": "clientId",
|
||||||
|
"clientSecret": "clientSecret"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id" : "saml-idp",
|
||||||
|
"providerId" : "saml",
|
||||||
|
"name" : "SAML IdP",
|
||||||
|
"enabled": true,
|
||||||
|
"updateProfileFirstLogin" : "true",
|
||||||
|
"config": {
|
||||||
|
"singleSignOnServiceUrl": "http://localhost:8080/idp/",
|
||||||
|
"nameIDPolicyFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
|
||||||
|
"signingPublicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
"wantAuthnRequestsSigned": true,
|
||||||
|
"forceAuthn": true,
|
||||||
|
"validateSignature": true,
|
||||||
|
"postBindingResponse": true,
|
||||||
|
"postBindingAuthnRequest": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"id" : "oidc-idp",
|
||||||
|
"providerId" : "oidc",
|
||||||
|
"name" : "OIDC IdP",
|
||||||
|
"enabled": false,
|
||||||
|
"updateProfileFirstLogin" : "false",
|
||||||
|
"config": {
|
||||||
|
"clientId": "clientId",
|
||||||
|
"clientSecret": "clientSecret",
|
||||||
|
"prompt": "prompt",
|
||||||
|
"authorizationUrl": "authorizationUrl",
|
||||||
|
"tokenUrl": "tokenUrl",
|
||||||
|
"userInfoUrl": "userInfoUrl",
|
||||||
|
"defaultScope": "defaultScope",
|
||||||
|
"issuer": "issuer"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"users": [
|
||||||
|
{
|
||||||
|
"username": "federated-user",
|
||||||
|
"enabled": true,
|
||||||
|
"federatedIdentities": [
|
||||||
|
{
|
||||||
|
"identityProvider": "facebook",
|
||||||
|
"userId": "facebook1",
|
||||||
|
"userName": "fbuser1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"identityProvider": "twitter",
|
||||||
|
"userId": "twitter1",
|
||||||
|
"userName": "twuser1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"identityProvider": "google",
|
||||||
|
"userId": "google1",
|
||||||
|
"userName": "mySocialUser@gmail.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"applications": [
|
||||||
|
{
|
||||||
|
"name": "Application",
|
||||||
|
"enabled": true,
|
||||||
|
"nodeReRegistrationTimeout": 50,
|
||||||
|
"registeredNodes": {
|
||||||
|
"node1": 10,
|
||||||
|
"172.10.15.20": 20
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "OtherApp",
|
||||||
|
"enabled": true
|
||||||
|
}
|
||||||
|
|
||||||
|
],
|
||||||
|
"oauthClients" : [
|
||||||
|
{
|
||||||
|
"name" : "oauthclient",
|
||||||
|
"enabled": true,
|
||||||
|
"secret": "clientpassword"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"roles" : {
|
||||||
|
"realm" : [
|
||||||
|
{
|
||||||
|
"name": "admin"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"application" : {
|
||||||
|
"Application" : [
|
||||||
|
{
|
||||||
|
"name": "app-admin"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "app-user"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"OtherApp" : [
|
||||||
|
{
|
||||||
|
"name": "otherapp-admin"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "otherapp-user"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"scopeMappings": [
|
||||||
|
{
|
||||||
|
"client": "oauthclient",
|
||||||
|
"roles": ["admin"]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"applicationScopeMappings": {
|
||||||
|
"Application": [
|
||||||
|
{
|
||||||
|
"client": "oauthclient",
|
||||||
|
"roles": ["app-user"]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in a new issue