Translate client type exception during client create into bad request response.

Signed-off-by: Patrick Jennings <pajennin@redhat.com>
This commit is contained in:
Patrick Jennings 2024-03-29 11:00:59 -04:00 committed by Marek Posolda
parent 1646315939
commit 42202ae45e
2 changed files with 27 additions and 13 deletions

View file

@ -24,6 +24,7 @@ import org.eclipse.microprofile.openapi.annotations.tags.Tag;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.jboss.resteasy.reactive.NoCache; import org.jboss.resteasy.reactive.NoCache;
import org.keycloak.authorization.admin.AuthorizationService; import org.keycloak.authorization.admin.AuthorizationService;
import org.keycloak.client.clienttype.ClientTypeException;
import org.keycloak.common.Profile; import org.keycloak.common.Profile;
import org.keycloak.events.Errors; import org.keycloak.events.Errors;
import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.OperationType;
@ -227,6 +228,9 @@ public class ClientsResource {
} catch (ClientPolicyException cpe) { } catch (ClientPolicyException cpe) {
throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST); throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST);
} }
catch (ClientTypeException cte) {
throw ErrorResponse.error(cte.getMessage(), Response.Status.BAD_REQUEST);
}
} }
/** /**

View file

@ -18,24 +18,17 @@
package org.keycloak.testsuite.client; package org.keycloak.testsuite.client;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import jakarta.ws.rs.BadRequestException; import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response;
import org.junit.Test; import org.junit.Test;
import org.keycloak.client.clienttype.ClientTypeManager;
import org.keycloak.common.util.ObjectUtil; import org.keycloak.common.util.ObjectUtil;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol; import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientTypeRepresentation; import org.keycloak.representations.idm.ClientTypeRepresentation;
import org.keycloak.representations.idm.ClientTypesRepresentation; import org.keycloak.representations.idm.ClientTypesRepresentation;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.client.clienttype.ClientTypeManager;
import org.keycloak.services.clienttype.impl.DefaultClientTypeProviderFactory; import org.keycloak.services.clienttype.impl.DefaultClientTypeProviderFactory;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.Assert;
@ -45,7 +38,13 @@ import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected; import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.ClientBuilder;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail; import static org.junit.Assert.fail;
import static org.keycloak.common.Profile.Feature.CLIENT_TYPES; import static org.keycloak.common.Profile.Feature.CLIENT_TYPES;
@ -75,9 +74,9 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest {
@Test @Test
public void testCreateClientWithClientType() { public void testCreateClientWithClientType() {
ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT); ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT);
Assert.assertEquals("foo", clientRep.getClientId()); assertEquals("foo", clientRep.getClientId());
Assert.assertEquals(ClientTypeManager.SERVICE_ACCOUNT, clientRep.getType()); assertEquals(ClientTypeManager.SERVICE_ACCOUNT, clientRep.getType());
Assert.assertEquals(OIDCLoginProtocol.LOGIN_PROTOCOL, clientRep.getProtocol()); assertEquals(OIDCLoginProtocol.LOGIN_PROTOCOL, clientRep.getProtocol());
Assert.assertFalse(clientRep.isStandardFlowEnabled()); Assert.assertFalse(clientRep.isStandardFlowEnabled());
Assert.assertFalse(clientRep.isImplicitFlowEnabled()); Assert.assertFalse(clientRep.isImplicitFlowEnabled());
Assert.assertFalse(clientRep.isDirectAccessGrantsEnabled()); Assert.assertFalse(clientRep.isDirectAccessGrantsEnabled());
@ -89,6 +88,17 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest {
Assert.assertFalse(clientRep.getAttributes().containsKey(ClientModel.TYPE)); Assert.assertFalse(clientRep.getAttributes().containsKey(ClientModel.TYPE));
} }
@Test
public void testThatCreateClientWithWrongClientTypeFails() {
ClientRepresentation clientRep = ClientBuilder.create()
.clientId("client-type-does-not-exist-request")
.type("DNE")
.build();
Response response = testRealm().clients().create(clientRep);
assertEquals(Response.Status.BAD_REQUEST, response.getStatusInfo());
}
@Test @Test
public void testUpdateClientWithClientType() { public void testUpdateClientWithClientType() {
ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT); ClientRepresentation clientRep = createClientWithType("foo", ClientTypeManager.SERVICE_ACCOUNT);
@ -133,7 +143,7 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest {
public void testClientTypesAdminRestAPI_globalTypes() { public void testClientTypesAdminRestAPI_globalTypes() {
ClientTypesRepresentation clientTypes = testRealm().clientTypes().getClientTypes(); ClientTypesRepresentation clientTypes = testRealm().clientTypes().getClientTypes();
Assert.assertEquals(0, clientTypes.getRealmClientTypes().size()); assertEquals(0, clientTypes.getRealmClientTypes().size());
List<String> globalClientTypeNames = clientTypes.getGlobalClientTypes().stream() List<String> globalClientTypeNames = clientTypes.getGlobalClientTypes().stream()
.map(ClientTypeRepresentation::getName) .map(ClientTypeRepresentation::getName)
@ -144,7 +154,7 @@ public class ClientTypesTest extends AbstractTestRealmKeycloakTest {
.filter(clientType -> "service-account".equals(clientType.getName())) .filter(clientType -> "service-account".equals(clientType.getName()))
.findFirst() .findFirst()
.get(); .get();
Assert.assertEquals("default", serviceAccountType.getProvider()); assertEquals("default", serviceAccountType.getProvider());
ClientTypeRepresentation.PropertyConfig cfg = serviceAccountType.getConfig().get("standardFlowEnabled"); ClientTypeRepresentation.PropertyConfig cfg = serviceAccountType.getConfig().get("standardFlowEnabled");
assertPropertyConfig("standardFlowEnabled", cfg, true, true, false); assertPropertyConfig("standardFlowEnabled", cfg, true, true, false);