From 42202ae45e08ead9b67a7d7c12b34a0b5c0d94c3 Mon Sep 17 00:00:00 2001 From: Patrick Jennings Date: Fri, 29 Mar 2024 11:00:59 -0400 Subject: [PATCH] Translate client type exception during client create into bad request response. Signed-off-by: Patrick Jennings --- .../resources/admin/ClientsResource.java | 4 +++ .../testsuite/client/ClientTypesTest.java | 36 ++++++++++++------- 2 files changed, 27 insertions(+), 13 deletions(-) diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java index 7b17101284..5ea265e52c 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java @@ -24,6 +24,7 @@ import org.eclipse.microprofile.openapi.annotations.tags.Tag; import org.jboss.logging.Logger; import org.jboss.resteasy.reactive.NoCache; import org.keycloak.authorization.admin.AuthorizationService; +import org.keycloak.client.clienttype.ClientTypeException; import org.keycloak.common.Profile; import org.keycloak.events.Errors; import org.keycloak.events.admin.OperationType; @@ -227,6 +228,9 @@ public class ClientsResource { } catch (ClientPolicyException cpe) { throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST); } + catch (ClientTypeException cte) { + throw ErrorResponse.error(cte.getMessage(), Response.Status.BAD_REQUEST); + } } /** diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientTypesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientTypesTest.java index 539a960f6a..9a2ac13381 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientTypesTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientTypesTest.java @@ -18,24 +18,17 @@ package org.keycloak.testsuite.client; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.stream.Collectors; - import jakarta.ws.rs.BadRequestException; import jakarta.ws.rs.core.Response; - import org.junit.Test; +import org.keycloak.client.clienttype.ClientTypeManager; import org.keycloak.common.util.ObjectUtil; import org.keycloak.models.ClientModel; import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientTypeRepresentation; - import org.keycloak.representations.idm.ClientTypesRepresentation; import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.client.clienttype.ClientTypeManager; import org.keycloak.services.clienttype.impl.DefaultClientTypeProviderFactory; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.Assert; @@ -45,7 +38,13 @@ import org.keycloak.testsuite.arquillian.annotation.EnableFeature; import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected; import org.keycloak.testsuite.util.ClientBuilder; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.stream.Collectors; + import static org.hamcrest.MatcherAssert.assertThat; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.fail; import static org.keycloak.common.Profile.Feature.CLIENT_TYPES; @@ -75,9 +74,9 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest { @Test public void testCreateClientWithClientType() { ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT); - Assert.assertEquals("foo", clientRep.getClientId()); - Assert.assertEquals(ClientTypeManager.SERVICE_ACCOUNT, clientRep.getType()); - Assert.assertEquals(OIDCLoginProtocol.LOGIN_PROTOCOL, clientRep.getProtocol()); + assertEquals("foo", clientRep.getClientId()); + assertEquals(ClientTypeManager.SERVICE_ACCOUNT, clientRep.getType()); + assertEquals(OIDCLoginProtocol.LOGIN_PROTOCOL, clientRep.getProtocol()); Assert.assertFalse(clientRep.isStandardFlowEnabled()); Assert.assertFalse(clientRep.isImplicitFlowEnabled()); Assert.assertFalse(clientRep.isDirectAccessGrantsEnabled()); @@ -89,6 +88,17 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest { Assert.assertFalse(clientRep.getAttributes().containsKey(ClientModel.TYPE)); } + @Test + public void testThatCreateClientWithWrongClientTypeFails() { + ClientRepresentation clientRep = ClientBuilder.create() + .clientId("client-type-does-not-exist-request") + .type("DNE") + .build(); + + Response response = testRealm().clients().create(clientRep); + assertEquals(Response.Status.BAD_REQUEST, response.getStatusInfo()); + } + @Test public void testUpdateClientWithClientType() { ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT); @@ -133,7 +143,7 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest { public void testClientTypesAdminRestAPI_globalTypes() { ClientTypesRepresentation clientTypes = testRealm().clientTypes().getClientTypes(); - Assert.assertEquals(0, clientTypes.getRealmClientTypes().size()); + assertEquals(0, clientTypes.getRealmClientTypes().size()); List globalClientTypeNames = clientTypes.getGlobalClientTypes().stream() .map(ClientTypeRepresentation::getName) @@ -144,7 +154,7 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest { .filter(clientType -> "service-account".equals(clientType.getName())) .findFirst() .get(); - Assert.assertEquals("default", serviceAccountType.getProvider()); + assertEquals("default", serviceAccountType.getProvider()); ClientTypeRepresentation.PropertyConfig cfg = serviceAccountType.getConfig().get("standardFlowEnabled"); assertPropertyConfig("standardFlowEnabled", cfg, true, true, false);