libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLAOK-9999 fix client import (#6136)

Browse source
This commit is contained in:
Benjamin Weimer 2019-09-23 13:08:24 +02:00 committed by Marek Posolda
parent f810e85526
commit 2b1acb99a2
2 changed files with 45 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
View file

@ -1247,22 +1247,24 @@ public class RepresentationToModel {
addClientScopeToClient(realm, client, clientTemplateName, true); addClientScopeToClient(realm, client, clientTemplateName, true);
} }
if (resourceRep.getDefaultClientScopes() != null) { if (resourceRep.getDefaultClientScopes() != null || resourceRep.getOptionalClientScopes() != null) {
// First remove all default/built in client scopes // First remove all default/built in client scopes
for (ClientScopeModel clientScope : client.getClientScopes(true, false).values()) { for (ClientScopeModel clientScope : client.getClientScopes(true, false).values()) {
client.removeClientScope(clientScope); client.removeClientScope(clientScope);
} }
// First remove all default/built in client scopes
for (ClientScopeModel clientScope : client.getClientScopes(false, false).values()) {
client.removeClientScope(clientScope);
}
}
if (resourceRep.getDefaultClientScopes() != null) {
for (String clientScopeName : resourceRep.getDefaultClientScopes()) { for (String clientScopeName : resourceRep.getDefaultClientScopes()) {
addClientScopeToClient(realm, client, clientScopeName, true); addClientScopeToClient(realm, client, clientScopeName, true);
} }
} }
if (resourceRep.getOptionalClientScopes() != null) { if (resourceRep.getOptionalClientScopes() != null) {
// First remove all default/built in client scopes
for (ClientScopeModel clientScope : client.getClientScopes(false, false).values()) {
client.removeClientScope(clientScope);
}
for (String clientScopeName : resourceRep.getOptionalClientScopes()) { for (String clientScopeName : resourceRep.getOptionalClientScopes()) {
addClientScopeToClient(realm, client, clientScopeName, false); addClientScopeToClient(realm, client, clientScopeName, false);
} }

37
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientScopeTest.java
View file

@ -439,6 +439,43 @@ public class ClientScopeTest extends AbstractClientTest {
Assert.assertFalse(clientOptionalScopes .contains("scope-opt")); Assert.assertFalse(clientOptionalScopes .contains("scope-opt"));
} }
// KEYCLOAK-9999
@Test
public void defaultOptionalClientScopeCanBeAssignedToClientAsDefaultScope() {
// Create optional client scope
ClientScopeRepresentation optionalClientScope = new ClientScopeRepresentation();
optionalClientScope.setName("optional-client-scope");
optionalClientScope.setProtocol("openid-connect");
String optionalClientScopeId = createClientScope(optionalClientScope);
getCleanup().addClientScopeId(optionalClientScopeId);
testRealmResource().addDefaultOptionalClientScope(optionalClientScopeId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE);
// Ensure that scope is optional
List<String> realmOptionalScopes = getClientScopeNames(testRealmResource().getDefaultOptionalClientScopes());
Assert.assertTrue(realmOptionalScopes.contains("optional-client-scope"));
// Create client
ClientRepresentation client = new ClientRepresentation();
client.setClientId("test-client");
client.setDefaultClientScopes(Collections.singletonList("optional-client-scope"));
String clientUuid = createClient(client);
getCleanup().addClientUuid(clientUuid);
// Ensure that default optional client scope is a default scope of the client
List<String> clientDefaultScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getDefaultClientScopes());
Assert.assertTrue(clientDefaultScopes.contains("optional-client-scope"));
// Ensure that no optional scopes are assigned to the client, even if there are default optional scopes!
List<String> clientOptionalScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getOptionalClientScopes());
Assert.assertTrue(clientOptionalScopes.isEmpty());
// Unassign optional client scope from realm for cleanup
testRealmResource().removeDefaultOptionalClientScope(optionalClientScopeId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE);
}
// KEYCLOAK-5863 // KEYCLOAK-5863
@Test @Test