Make the ORGANIZATION a default feature (#32404)
Closes #32395 Signed-off-by: vramik <vramik@redhat.com>
This commit is contained in:
parent
c137482d77
commit
4ce40be1af
41 changed files with 210 additions and 168 deletions
|
@ -118,7 +118,7 @@ public class Profile {
|
|||
|
||||
DECLARATIVE_UI("declarative ui spi", Type.EXPERIMENTAL),
|
||||
|
||||
ORGANIZATION("Organization support within realms", Type.PREVIEW),
|
||||
ORGANIZATION("Organization support within realms", Type.DEFAULT),
|
||||
|
||||
PASSKEYS("Passkeys", Type.PREVIEW),
|
||||
|
||||
|
|
|
@ -104,6 +104,10 @@ when exporting a realm.
|
|||
|
||||
For information on how to migrate, see the link:{upgradingguide_link}[{upgradingguide_name}].
|
||||
|
||||
= Keycloak Organization is now a supported feature
|
||||
|
||||
Starting with {project_name} 26, the Organizations feature is fully supported.
|
||||
|
||||
= Adding support for ECDH-ES encryption key management algorithms
|
||||
|
||||
Now {project_name} allows configuring ECDH-ES, ECDH-ES+A128KW, ECDH-ES+A192KW or ECDH-ES+A256KW as the encryption key management algorithm for clients. The Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) specification introduces three new header parameters for the JWT: `epk`, `apu` and `apv`. Currently {project_name} implementation only manages the compulsory `epk` while the other two (which are optional) are never added to the header. For more information about those algorithms please refer to the link:https://datatracker.ietf.org/doc/html/rfc7518#section-4.6[JSON Web Algorithms (JWA)].
|
||||
|
|
|
@ -155,7 +155,7 @@ public class ExecutionTest extends AbstractAuthenticationTest {
|
|||
|
||||
AuthenticationExecutionInfoRepresentation previousExecution = findPreviousExecution(exec, executionReps);
|
||||
Assert.assertNotNull(previousExecution);
|
||||
compareExecution(newExecInfo("Review Profile", "idp-review-profile", true, 0, 4, DISABLED, null, new String[]{REQUIRED, ALTERNATIVE,DISABLED}, previousExecution.getPriority() + 1), exec);
|
||||
compareExecution(newExecInfo("Review Profile", "idp-review-profile", true, 0, 5, DISABLED, null, new String[]{REQUIRED, ALTERNATIVE,DISABLED}, previousExecution.getPriority() + 1), exec);
|
||||
|
||||
// remove execution
|
||||
authMgmtResource.removeExecution(exec.getId());
|
||||
|
|
|
@ -408,7 +408,8 @@ public class FlowTest extends AbstractAuthenticationTest {
|
|||
// adjust expected values before comparing
|
||||
browser.setAlias("Copy of browser");
|
||||
browser.setBuiltIn(false);
|
||||
browser.getAuthenticationExecutions().get(3).setFlowAlias("Copy of browser forms");
|
||||
browser.getAuthenticationExecutions().get(3).setFlowAlias("Copy of browser Organization");
|
||||
browser.getAuthenticationExecutions().get(4).setFlowAlias("Copy of browser forms");
|
||||
compareFlows(browser, copyOfBrowser);
|
||||
|
||||
// get new flow directly and compare
|
||||
|
|
|
@ -126,13 +126,18 @@ public class InitialFlowsTest extends AbstractAuthenticationTest {
|
|||
addExecExport(flow, null, false, "auth-cookie", false, null, ALTERNATIVE, 10);
|
||||
addExecExport(flow, null, false, "auth-spnego", false, null, DISABLED, 20);
|
||||
addExecExport(flow, null, false, "identity-provider-redirector", false, null, ALTERNATIVE, 25);
|
||||
addExecExport(flow, "Organization", false, null, true, null, ALTERNATIVE, 26);
|
||||
addExecExport(flow, "forms", false, null, true, null, ALTERNATIVE, 30);
|
||||
|
||||
List<AuthenticationExecutionInfoRepresentation> execs = new LinkedList<>();
|
||||
addExecInfo(execs, "Cookie", "auth-cookie", false, 0, 0, ALTERNATIVE, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 10);
|
||||
addExecInfo(execs, "Kerberos", "auth-spnego", false, 0, 1, DISABLED, null, kerberosAuthExpectedChoices, 20);
|
||||
addExecInfo(execs, "Identity Provider Redirector", "identity-provider-redirector", true, 0, 2, ALTERNATIVE, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 25);
|
||||
addExecInfo(execs, "forms", null, false, 0, 3, ALTERNATIVE, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 30);
|
||||
addExecInfo(execs, "Organization", null, false, 0, 3, ALTERNATIVE, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 26);
|
||||
addExecInfo(execs, "Browser - Conditional Organization", null, false, 1, 0, CONDITIONAL, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 10);
|
||||
addExecInfo(execs, "Condition - user configured", "conditional-user-configured", false, 2, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED}, 10);
|
||||
addExecInfo(execs, "Organization Identity-First Login", "organization", true, 2, 1, ALTERNATIVE, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 20);
|
||||
addExecInfo(execs, "forms", null, false, 0, 4, ALTERNATIVE, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 30);
|
||||
addExecInfo(execs, "Username Password Form", "auth-username-password-form", false, 1, 0, REQUIRED, null, new String[]{REQUIRED}, 10);
|
||||
addExecInfo(execs, "Browser - Conditional OTP", null, false, 1, 1, CONDITIONAL, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 20);
|
||||
addExecInfo(execs, "Condition - user configured", "conditional-user-configured", false, 2, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED}, 10);
|
||||
|
@ -176,6 +181,7 @@ public class InitialFlowsTest extends AbstractAuthenticationTest {
|
|||
"basic-flow", true, true);
|
||||
addExecExport(flow, null, false, "idp-review-profile", false, "review profile config", REQUIRED, 10);
|
||||
addExecExport(flow, "User creation or linking", false, null, true, null, REQUIRED, 20);
|
||||
addExecExport(flow, "First Broker Login - Conditional Organization", false, null, true, null, CONDITIONAL, 50);
|
||||
|
||||
execs = new LinkedList<>();
|
||||
addExecInfo(execs, "Review Profile", "idp-review-profile", true, 0, 0, REQUIRED, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 10);
|
||||
|
@ -190,6 +196,9 @@ public class InitialFlowsTest extends AbstractAuthenticationTest {
|
|||
addExecInfo(execs, "First broker login - Conditional OTP", null, false, 4, 1, CONDITIONAL, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 20);
|
||||
addExecInfo(execs, "Condition - user configured", "conditional-user-configured", false, 5, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED}, 10);
|
||||
addExecInfo(execs, "OTP Form", "auth-otp-form", false, 5, 1, REQUIRED, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 20);
|
||||
addExecInfo(execs, "First Broker Login - Conditional Organization", null, false, 0, 2, CONDITIONAL, true, new String[]{REQUIRED, ALTERNATIVE, DISABLED, CONDITIONAL}, 50);
|
||||
addExecInfo(execs, "Condition - user configured", "conditional-user-configured", false, 1, 0, REQUIRED, null, new String[]{REQUIRED, DISABLED}, 10);
|
||||
addExecInfo(execs, "Organization Member Onboard", "idp-add-organization-member", false, 1, 1, REQUIRED, null, new String[]{REQUIRED, ALTERNATIVE, DISABLED}, 20);
|
||||
expected.add(new FlowExecutions(flow, execs));
|
||||
|
||||
flow = newFlow("registration", "Registration flow", "basic-flow", true, true);
|
||||
|
|
|
@ -230,6 +230,9 @@ public class ProvidersTest extends AbstractAuthenticationTest {
|
|||
addProviderInfo(result, "custom-callback-authenticator", "Custom callback Factory",
|
||||
"Used for testing purposes of Callback factory");
|
||||
|
||||
addProviderInfo(result, "idp-add-organization-member", "Organization Member Onboard", "Adds a federated user as a member of an organization");
|
||||
addProviderInfo(result, "organization", "Organization Identity-First Login", "If organizations are enabled, automatically redirects users to the corresponding identity provider.");
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -246,9 +249,9 @@ public class ProvidersTest extends AbstractAuthenticationTest {
|
|||
}
|
||||
|
||||
private List<Map<String, Object>> normalizeResults(List<Map<String, Object>> list) {
|
||||
ArrayList<Map<String, Object>> result = new ArrayList();
|
||||
ArrayList<Map<String, Object>> result = new ArrayList<>();
|
||||
for (Map<String, Object> item: list) {
|
||||
result.add(new HashMap(item));
|
||||
result.add(new HashMap<>(item));
|
||||
}
|
||||
return sortProviders(result);
|
||||
}
|
||||
|
|
|
@ -984,6 +984,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
Assert.assertFalse(StorageId.isLocalStorage(user.getId()));
|
||||
|
@ -1008,6 +1009,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: password, otp1, otp2
|
||||
|
@ -1027,6 +1029,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: password, otp2, otp1
|
||||
|
@ -1040,6 +1043,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: otp2, password, otp1
|
||||
|
@ -1053,6 +1057,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: otp2, otp1, password
|
||||
|
@ -1066,6 +1071,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: otp2, otp1, password
|
||||
|
@ -1079,6 +1085,7 @@ public class UserStorageTest extends AbstractAuthTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "thor");
|
||||
|
||||
// Assert priorities: otp2, password
|
||||
|
|
|
@ -23,7 +23,6 @@ import org.junit.After;
|
|||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.common.util.Time;
|
||||
import org.keycloak.infinispan.util.InfinispanUtils;
|
||||
import org.keycloak.models.ClientModel;
|
||||
|
@ -100,6 +99,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD1) -> {
|
||||
KeycloakSession currentSession = sessionCRUD1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel client1 = realm.getClientByClientId("test-app");
|
||||
|
||||
|
@ -116,6 +116,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD2) -> {
|
||||
KeycloakSession currentSession = sessionCRUD2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel client1 = realm.getClientByClientId("test-app");
|
||||
|
||||
|
@ -135,6 +136,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD3) -> {
|
||||
KeycloakSession currentSession = sessionCRUD3;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user1 = currentSession.users().getUserByUsername(realm, "user1");
|
||||
|
||||
// Ensure currentSession was updated
|
||||
|
@ -153,6 +155,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCRUD4) -> {
|
||||
KeycloakSession currentSession = sessionCRUD4;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
// Ensure currentSession was removed
|
||||
assertThat(currentSession.authenticationSessions().getRootAuthenticationSession(realm, rootAuthSessionID.get()), nullValue());
|
||||
|
@ -169,6 +172,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart1) -> {
|
||||
KeycloakSession currentSession = sessionRestart1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel client1 = realm.getClientByClientId("test-app");
|
||||
UserModel user1 = currentSession.users().getUserByUsername(realm, "user1");
|
||||
|
@ -191,6 +195,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart2) -> {
|
||||
KeycloakSession currentSession = sessionRestart2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
// Test restart root authentication session
|
||||
ClientModel client1 = realm.getClientByClientId("test-app");
|
||||
|
@ -202,6 +207,7 @@ public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloak
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRestart3) -> {
|
||||
KeycloakSession currentSession = sessionRestart3;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel client1 = realm.getClientByClientId("test-app");
|
||||
|
||||
|
|
|
@ -122,6 +122,7 @@ public class CompositeRolesModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session5) -> {
|
||||
|
||||
RealmModel realm = session5.realms().getRealmByName("TestComposites");
|
||||
session5.getContext().setRealm(realm);
|
||||
|
||||
Set<RoleModel> requestedRoles = getRequestedRoles(realm.getClientByClientId("APP_COMPOSITE_APPLICATION"), session.users().getUserByUsername(realm, "APP_COMPOSITE_USER"));
|
||||
|
||||
|
|
|
@ -225,6 +225,7 @@ public class ConcurrentTransactionsTest extends AbstractTestRealmKeycloakTest {
|
|||
try {
|
||||
// Read user attribute
|
||||
RealmModel realm = session1.realms().getRealmByName("original");
|
||||
session1.getContext().setRealm(realm);
|
||||
UserModel john = session1.users().getUserByUsername(realm, "john");
|
||||
String attrVal = john.getFirstAttribute("foo");
|
||||
|
||||
|
|
|
@ -36,6 +36,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
List<CredentialModel> list = user.credentialManager().getStoredCredentialsStream()
|
||||
|
@ -55,6 +56,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: password, otp1, otp2
|
||||
|
@ -74,6 +76,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: password, otp2, otp1
|
||||
|
@ -87,6 +90,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: otp2, password, otp1
|
||||
|
@ -100,6 +104,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: otp2, otp1, password
|
||||
|
@ -113,6 +118,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: otp2, otp1, password
|
||||
|
@ -126,6 +132,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSession) -> {
|
||||
RealmModel realm = currentSession.realms().getRealmByName("test");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
UserModel user = currentSession.users().getUserByUsername(realm, "test-user@localhost");
|
||||
|
||||
// Assert priorities: otp2, password
|
||||
|
@ -139,7 +146,7 @@ public class CredentialModelTest extends AbstractTestRealmKeycloakTest {
|
|||
private void assertOrder(List<CredentialModel> creds, String... expectedIds) {
|
||||
Assert.assertEquals(expectedIds.length, creds.size());
|
||||
|
||||
if (creds.size() == 0) return;
|
||||
if (creds.isEmpty()) return;
|
||||
|
||||
for (int i=0 ; i<expectedIds.length ; i++) {
|
||||
Assert.assertEquals(creds.get(i).getId(), expectedIds[i]);
|
||||
|
|
|
@ -80,21 +80,23 @@ public class MultipleRealmsTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakSession currentSession = sessionTestUser1;
|
||||
|
||||
RealmModel realm1 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm1");
|
||||
RealmModel realm2 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm2");
|
||||
currentSession.getContext().setRealm(realm1);
|
||||
|
||||
String id1 = realm1.getId();
|
||||
String id2 = realm2.getId();
|
||||
|
||||
realm1.setDefaultRole(currentSession.roles().addRealmRole(realm1, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm1.getName()));
|
||||
realm2.setDefaultRole(currentSession.roles().addRealmRole(realm2, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm2.getName()));
|
||||
|
||||
createObjects(currentSession, realm1);
|
||||
createObjects(currentSession, realm2);
|
||||
|
||||
UserModel r1user1 = currentSession.users().getUserByUsername(realm1, "user1");
|
||||
UserModel r2user1 = currentSession.users().getUserByUsername(realm2, "user1");
|
||||
|
||||
|
||||
r1user1Atomic.set(r1user1);
|
||||
|
||||
RealmModel realm2 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm2");
|
||||
currentSession.getContext().setRealm(realm2);
|
||||
|
||||
String id2 = realm2.getId();
|
||||
realm2.setDefaultRole(currentSession.roles().addRealmRole(realm2, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm2.getName()));
|
||||
createObjects(currentSession, realm2);
|
||||
UserModel r2user1 = currentSession.users().getUserByUsername(realm2, "user1");
|
||||
|
||||
Assert.assertEquals(r1user1.getUsername(), r2user1.getUsername());
|
||||
// The following check is not valid anymore since file store does have the same ID, and is redundant due to the previous line
|
||||
// Assert.assertNotEquals(r1user1.getId(), r2user1.getId());
|
||||
|
@ -108,6 +110,7 @@ public class MultipleRealmsTest extends AbstractTestRealmKeycloakTest {
|
|||
Assert.assertFalse(r2user1.credentialManager().isValid(UserCredentialModel.password("pass1")));
|
||||
Assert.assertTrue(r2user1.credentialManager().isValid(UserCredentialModel.password("pass2")));
|
||||
|
||||
currentSession.getContext().setRealm(realm1);
|
||||
// Test searching
|
||||
Assert.assertEquals(2, currentSession.users().searchForUserStream(realm1, Map.of(UserModel.SEARCH, "user")).count());
|
||||
|
||||
|
@ -162,30 +165,34 @@ public class MultipleRealmsTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakSession currentSession = sessionById;
|
||||
|
||||
RealmModel realm1 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm1");
|
||||
RealmModel realm2 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm2");
|
||||
currentSession.getContext().setRealm(realm1);
|
||||
|
||||
String id1 = realm1.getId();
|
||||
String id2 = realm2.getId();
|
||||
|
||||
realm1.setDefaultRole(currentSession.roles().addRealmRole(realm1, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm1.getName()));
|
||||
realm2.setDefaultRole(currentSession.roles().addRealmRole(realm2, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm2.getName()));
|
||||
|
||||
createObjects(currentSession, realm1);
|
||||
createObjects(currentSession, realm2);
|
||||
|
||||
Assert.assertEquals(realm1, currentSession.realms().getRealm(id1));
|
||||
Assert.assertEquals(realm1, currentSession.realms().getRealmByName("realm1"));
|
||||
Assert.assertEquals(realm2, currentSession.realms().getRealm(id2));
|
||||
Assert.assertEquals(realm2, currentSession.realms().getRealmByName("realm2"));
|
||||
|
||||
ClientModel r1app1 = realm1.getClientByClientId("app1");
|
||||
|
||||
Assert.assertNotNull(realm1.getClientByClientId("app2"));
|
||||
Assert.assertNotNull(realm2.getClientByClientId("app1"));
|
||||
Assert.assertNotNull(realm2.getClientByClientId("app2"));
|
||||
|
||||
Assert.assertEquals(r1app1, realm1.getClientById(r1app1.getId()));
|
||||
assertThat(r1app1.getAttribute(REALM_ATTRIBUTE), is(realm1.getName()));
|
||||
|
||||
|
||||
RealmModel realm2 = currentSession.realms().createRealm(KeycloakModelUtils.generateId(), "realm2");
|
||||
currentSession.getContext().setRealm(realm2);
|
||||
|
||||
String id2 = realm2.getId();
|
||||
realm2.setDefaultRole(currentSession.roles().addRealmRole(realm2, Constants.DEFAULT_ROLES_ROLE_PREFIX + "-" + realm2.getName()));
|
||||
createObjects(currentSession, realm2);
|
||||
|
||||
Assert.assertEquals(realm2, currentSession.realms().getRealm(id2));
|
||||
Assert.assertEquals(realm2, currentSession.realms().getRealmByName("realm2"));
|
||||
|
||||
Assert.assertNotNull(realm2.getClientByClientId("app1"));
|
||||
Assert.assertNotNull(realm2.getClientByClientId("app2"));
|
||||
|
||||
ClientModel r2cl1 = realm2.getClientByClientId("cl1");
|
||||
Assert.assertEquals(r2cl1.getId(), realm2.getClientById(r2cl1.getId()).getId());
|
||||
assertThat(r2cl1.getAttribute(REALM_ATTRIBUTE), is(realm2.getName()));
|
||||
|
@ -197,8 +204,11 @@ public class MultipleRealmsTest extends AbstractTestRealmKeycloakTest {
|
|||
RoleModel r2Role1 = realm2.getRole("role2");
|
||||
assertAttrRealm(realm2, r2Role1.getAttributeStream(REALM_ATTRIBUTE));
|
||||
|
||||
currentSession.getContext().setRealm(realm1);
|
||||
UserModel user1 = currentSession.users().getUserByUsername(realm1, "user1");
|
||||
assertAttrRealm(realm1, user1.getAttributeStream(REALM_ATTRIBUTE));
|
||||
currentSession.getContext().setRealm(realm2);
|
||||
|
||||
UserModel user1a = currentSession.users().getUserByUsername(realm2, "user1");
|
||||
assertAttrRealm(realm2, user1a.getAttributeStream(REALM_ATTRIBUTE));
|
||||
|
||||
|
|
|
@ -160,6 +160,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakSession currentSession = sessionCT;
|
||||
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
ClientModel barClient = realm.getClientByClientId("bar-client");
|
||||
|
@ -168,26 +169,26 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
UserModel mary = currentSession.users().getUserByUsername(realm, "mary");
|
||||
|
||||
UserConsentModel johnFooConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
Assert.assertEquals(johnFooConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnFooConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", johnFooConsent));
|
||||
Assert.assertNotNull("Created Date should be set", johnFooConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", johnFooConsent.getLastUpdatedDate());
|
||||
|
||||
UserConsentModel johnBarConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, barClient.getId());
|
||||
Assert.assertEquals(johnBarConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnBarConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "bar", johnBarConsent));
|
||||
Assert.assertNotNull("Created Date should be set", johnBarConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", johnBarConsent.getLastUpdatedDate());
|
||||
|
||||
UserConsentModel maryConsent = UserConsentManager.getConsentByClient(currentSession, realm, mary, fooClient.getId());
|
||||
Assert.assertEquals(maryConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, maryConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", maryConsent));
|
||||
Assert.assertNotNull("Created Date should be set", maryConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", maryConsent.getLastUpdatedDate());
|
||||
|
||||
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
UserConsentModel maryHardcodedConsent = UserConsentManager.getConsentByClient(currentSession, realm, mary, hardcodedClient.getId());
|
||||
Assert.assertEquals(maryHardcodedConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, maryHardcodedConsent.getGrantedClientScopes().size());
|
||||
Assert.assertNotNull("Created Date should be set", maryHardcodedConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", maryHardcodedConsent.getLastUpdatedDate());
|
||||
|
||||
|
@ -203,6 +204,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionACT) -> {
|
||||
KeycloakSession currentSession = sessionACT;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
|
||||
|
@ -224,11 +226,11 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
}
|
||||
Assert.assertEquals(maryConsent.getClient().getId(), fooClient.getId());
|
||||
Assert.assertEquals(maryConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, maryConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", maryConsent));
|
||||
|
||||
Assert.assertEquals(maryHardcodedConsent.getClient().getId(), hardcodedClient.getId());
|
||||
Assert.assertEquals(maryHardcodedConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, maryHardcodedConsent.getGrantedClientScopes().size());
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -239,6 +241,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession removalTestSession1) -> {
|
||||
KeycloakSession currentSession = removalTestSession1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
|
@ -256,12 +259,13 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession removalTestSession2) -> {
|
||||
KeycloakSession currentSession = removalTestSession2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
UserConsentModel johnConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
|
||||
Assert.assertEquals(johnConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, johnConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue("Created date should be less than last updated date", johnConsent.getCreatedDate() < johnConsent.getLastUpdatedDate());
|
||||
});
|
||||
}
|
||||
|
@ -273,6 +277,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRT1) -> {
|
||||
KeycloakSession currentSession = sessionRT1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
|
@ -286,6 +291,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRT2) -> {
|
||||
KeycloakSession currentSession = sessionRT2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
|
@ -320,6 +326,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionST1) -> {
|
||||
KeycloakSession currentSession = sessionST1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientScopeModel fooScope = KeycloakModelUtils.getClientScopeByName(realm, "foo");
|
||||
realm.removeClientScope(fooScope.getId());
|
||||
|
@ -328,13 +335,14 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionST2) -> {
|
||||
KeycloakSession currentSession = sessionST2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
UserConsentModel johnConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
|
||||
Assert.assertEquals(johnConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, johnConsent.getGrantedClientScopes().size());
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -347,6 +355,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionDCT1) -> {
|
||||
KeycloakSession currentSession = sessionDCT1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel barClient = realm.getClientByClientId("bar-client");
|
||||
barClientID.set(barClient.getId());
|
||||
|
@ -357,15 +366,15 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionDCT2) -> {
|
||||
KeycloakSession currentSession = sessionDCT2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
Assert.assertNull(realm.getClientByClientId("bar-client"));
|
||||
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
ClientModel barClient = realm.getClientByClientId("bar-client");
|
||||
|
||||
UserConsentModel johnFooConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
Assert.assertEquals(johnFooConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnFooConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", johnFooConsent));
|
||||
|
||||
Assert.assertNull(UserConsentManager.getConsentByClient(currentSession, realm, john, barClientID.get()));
|
||||
|
@ -379,6 +388,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCST1) -> {
|
||||
KeycloakSession currentSession = sessionCST1;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
realm.removeComponent(clientStorageComponent);
|
||||
});
|
||||
|
@ -386,6 +396,7 @@ public class UserConsentModelTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCST2) -> {
|
||||
KeycloakSession currentSession = sessionCST2;
|
||||
RealmModel realm = currentSession.realms().getRealm(realmId);
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
Assert.assertNull(hardcodedClient);
|
||||
|
|
|
@ -167,6 +167,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSessionCT) -> {
|
||||
KeycloakSession currentSession = currentSessionCT;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
ClientModel barClient = realm.getClientByClientId("bar-client");
|
||||
|
@ -175,26 +176,26 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
UserModel mary = currentSessionCT.users().getUserByUsername(realm, "mary");
|
||||
|
||||
UserConsentModel johnFooConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
Assert.assertEquals(johnFooConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnFooConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", johnFooConsent));
|
||||
Assert.assertNotNull("Created Date should be set", johnFooConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", johnFooConsent.getLastUpdatedDate());
|
||||
|
||||
UserConsentModel johnBarConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, barClient.getId());
|
||||
Assert.assertEquals(johnBarConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnBarConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "bar", johnBarConsent));
|
||||
Assert.assertNotNull("Created Date should be set", johnBarConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", johnBarConsent.getLastUpdatedDate());
|
||||
|
||||
UserConsentModel maryConsent = UserConsentManager.getConsentByClient(currentSession, realm, mary, fooClient.getId());
|
||||
Assert.assertEquals(maryConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, maryConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", maryConsent));
|
||||
Assert.assertNotNull("Created Date should be set", maryConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", maryConsent.getLastUpdatedDate());
|
||||
|
||||
ClientModel hardcodedClient = currentSessionCT.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
UserConsentModel maryHardcodedConsent = UserConsentManager.getConsentByClient(currentSession, realm, mary, hardcodedClient.getId());
|
||||
Assert.assertEquals(maryHardcodedConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, maryHardcodedConsent.getGrantedClientScopes().size());
|
||||
Assert.assertNotNull("Created Date should be set", maryHardcodedConsent.getCreatedDate());
|
||||
Assert.assertNotNull("Last Updated Date should be set", maryHardcodedConsent.getLastUpdatedDate());
|
||||
|
||||
|
@ -210,6 +211,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession currentSessionACT) -> {
|
||||
KeycloakSession currentSession = currentSessionACT;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
|
||||
|
@ -231,11 +233,11 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
|
||||
}
|
||||
Assert.assertEquals(maryConsent.getClient().getId(), fooClient.getId());
|
||||
Assert.assertEquals(maryConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, maryConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", maryConsent));
|
||||
|
||||
Assert.assertEquals(maryHardcodedConsent.getClient().getId(), hardcodedClient.getId());
|
||||
Assert.assertEquals(maryHardcodedConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, maryHardcodedConsent.getGrantedClientScopes().size());
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -246,6 +248,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionScopeRemoval1) -> {
|
||||
KeycloakSession currentSession = sessionScopeRemoval1;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
|
@ -263,12 +266,13 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionScopeRemoval2) -> {
|
||||
KeycloakSession currentSession = sessionScopeRemoval2;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
UserConsentModel johnConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
|
||||
Assert.assertEquals(johnConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, johnConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue("Created date should be less than last updated date", johnConsent.getCreatedDate() < johnConsent.getLastUpdatedDate());
|
||||
});
|
||||
}
|
||||
|
@ -280,6 +284,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRevoke1) -> {
|
||||
KeycloakSession currentSession = sessionRevoke1;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
|
@ -293,6 +298,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionRevoke2) -> {
|
||||
KeycloakSession currentSession = sessionRevoke2;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
|
@ -329,8 +335,8 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesDelClScope1) -> {
|
||||
KeycloakSession currentSession = sesDelClScope1;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
ClientScopeModel fooScope = KeycloakModelUtils.getClientScopeByName(realm, "foo");
|
||||
realm.removeClientScope(fooScope.getId());
|
||||
});
|
||||
|
@ -338,12 +344,13 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesDelClScope2) -> {
|
||||
KeycloakSession currentSession = sesDelClScope2;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
UserModel john = currentSession.users().getUserByUsername(realm, "john");
|
||||
UserConsentModel johnConsent = UserConsentManager.getConsentByClient(currentSession, realm, john, fooClient.getId());
|
||||
|
||||
Assert.assertEquals(johnConsent.getGrantedClientScopes().size(), 0);
|
||||
Assert.assertEquals(0, johnConsent.getGrantedClientScopes().size());
|
||||
});
|
||||
}
|
||||
|
||||
|
@ -356,6 +363,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakSession currentSession = sesDelClient1;
|
||||
RealmManager realmManager = new RealmManager(currentSession);
|
||||
RealmModel realm = realmManager.getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel barClient = realm.getClientByClientId("bar-client");
|
||||
barClientID.set(barClient.getId());
|
||||
|
@ -367,6 +375,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakSession currentSession = sesDelClient2;
|
||||
RealmManager realmManager = new RealmManager(currentSession);
|
||||
RealmModel realm = realmManager.getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel fooClient = realm.getClientByClientId("foo-client");
|
||||
Assert.assertNull(realm.getClientByClientId("bar-client"));
|
||||
|
@ -374,7 +383,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
UserModel john = realmManager.getSession().users().getUserByUsername(realm, "john");
|
||||
|
||||
UserConsentModel johnFooConsent = UserConsentManager.getConsentByClient(realmManager.getSession(), realm, john, fooClient.getId());
|
||||
Assert.assertEquals(johnFooConsent.getGrantedClientScopes().size(), 1);
|
||||
Assert.assertEquals(1, johnFooConsent.getGrantedClientScopes().size());
|
||||
Assert.assertTrue(isClientScopeGranted(realm, "foo", johnFooConsent));
|
||||
|
||||
Assert.assertNull(UserConsentManager.getConsentByClient(realmManager.getSession(), realm, john, barClientID.get()));
|
||||
|
@ -388,6 +397,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesDelClientStore1) -> {
|
||||
KeycloakSession currentSession = sesDelClientStore1;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
realm.removeComponent(clientStorageComponent);
|
||||
});
|
||||
|
@ -395,6 +405,7 @@ public class UserConsentWithUserStorageModelTest extends AbstractTestRealmKeyclo
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sesDelClientStore2) -> {
|
||||
KeycloakSession currentSession = sesDelClientStore2;
|
||||
RealmModel realm = currentSession.realms().getRealmByName("original");
|
||||
currentSession.getContext().setRealm(realm);
|
||||
|
||||
ClientModel hardcodedClient = currentSession.clients().getClientByClientId(realm, "hardcoded-client");
|
||||
Assert.assertNull(hardcodedClient);
|
||||
|
|
|
@ -64,17 +64,11 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@Rule
|
||||
public InfinispanTestTimeServiceRule ispnTestTimeService = new InfinispanTestTimeServiceRule(this);
|
||||
|
||||
public static void setupRealm(KeycloakSession session){
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
UserModel user1 = session.users().addUser(realm, "user1");
|
||||
user1.setEmail("user1@localhost");
|
||||
UserModel user2 = session.users().addUser(realm, "user2");
|
||||
user2.setEmail("user2@localhost");
|
||||
}
|
||||
@Before
|
||||
public void before() {
|
||||
testingClient.server().run( session -> {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
session.users().addUser(realm, "user1").setEmail("user1@localhost");
|
||||
session.users().addUser(realm, "user2").setEmail("user2@localhost");
|
||||
});
|
||||
|
@ -84,6 +78,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
public void after() {
|
||||
testingClient.server().run( session -> {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
session.sessions().removeUserSessions(realm);
|
||||
UserModel user1 = session.users().getUserByUsername(realm, "user1");
|
||||
UserModel user2 = session.users().getUserByUsername(realm, "user2");
|
||||
|
@ -105,6 +100,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
UserSessionModel[] sessions = createSessions(session);
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertSession(kcSession.sessions().getUserSession(realm, sessions[0].getId()), session.users().getUserByUsername(realm, "user1"), "127.0.0.1", started, started, "test-app", "third-party");
|
||||
assertSession(kcSession.sessions().getUserSession(realm, sessions[1].getId()), session.users().getUserByUsername(realm, "user1"), "127.0.0.2", started, started, "test-app");
|
||||
assertSession(kcSession.sessions().getUserSession(realm, sessions[2].getId()), session.users().getUserByUsername(realm, "user2"), "127.0.0.3", started, started, "test-app");
|
||||
|
@ -118,6 +114,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
UserSessionModel[] sessions = createSessions(session);
|
||||
int lastRefresh = Time.currentTime();
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
kcSession.sessions().getUserSession(realm, sessions[0].getId()).setLastSessionRefresh(lastRefresh);
|
||||
assertEquals(lastRefresh, kcSession.sessions().getUserSession(realm, sessions[0].getId()).getLastSessionRefresh());
|
||||
});
|
||||
|
@ -130,6 +127,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
UserSessionModel[] sessions = createSessions(session);
|
||||
int lastRefresh = Time.currentTime();
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
kcSession.sessions().getUserSession(realm, sessions[0].getId()).setLastSessionRefresh(lastRefresh);
|
||||
assertEquals(lastRefresh, kcSession.sessions().getUserSession(realm, sessions[0].getId()).getLastSessionRefresh());
|
||||
});
|
||||
|
@ -145,6 +143,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
Time.setOffset(100);
|
||||
try {
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = kcSession.sessions().getUserSession(realm, sessions[0].getId());
|
||||
assertSession(userSession, kcSession.users().getUserByUsername(realm, "user1"), "127.0.0.1", started, started, "test-app", "third-party");
|
||||
|
||||
|
@ -166,6 +165,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
UserSessionModel[] sessions = createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
Map<String, AuthenticatedClientSessionModel> clientSessions = kcSession.sessions().getUserSession(realm, sessions[0].getId()).getAuthenticatedClientSessions();
|
||||
assertEquals(2, clientSessions.size());
|
||||
|
||||
|
@ -192,6 +192,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
String clientUUID = realm.getClientByClientId("test-app").getId();
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = kcSession.sessions().getUserSession(realm, userSessionId);
|
||||
AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessions().get(clientUUID);
|
||||
|
||||
|
@ -217,6 +218,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
String clientUUID = realm.getClientByClientId("test-app").getId();
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = kcSession.sessions().getUserSession(realm, userSessionId);
|
||||
AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessionByClient(clientUUID);
|
||||
|
||||
|
@ -242,6 +244,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
String clientUUID = realm.getClientByClientId("test-app").getId();
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = kcSession.sessions().getUserSession(realm, userSessionId);
|
||||
AuthenticatedClientSessionModel clientSession = userSession.getAuthenticatedClientSessionByClient(clientUUID);
|
||||
|
||||
|
@ -261,6 +264,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
UserSessionModel[] sessions = createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertSessions(kcSession.sessions().getUserSessionsStream(realm, session.users().getUserByUsername(realm, "user1"))
|
||||
.collect(Collectors.toList()), sessions[0], sessions[1]);
|
||||
assertSessions(kcSession.sessions().getUserSessionsStream(realm, session.users().getUserByUsername(realm, "user2"))
|
||||
|
@ -276,6 +280,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
final Map<String, Integer> clientSessionsKept = new HashMap<>();
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
clientSessionsKept.putAll(kcSession.sessions().getUserSessionsStream(realm,
|
||||
kcSession.users().getUserByUsername(realm, "user2"))
|
||||
.collect(Collectors.toMap(model -> model.getId(), model -> model.getAuthenticatedClientSessions().keySet().size())));
|
||||
|
@ -284,6 +289,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertEquals(0, kcSession.sessions().getUserSessionsStream(realm, kcSession.users().getUserByUsername(realm, "user1"))
|
||||
.count());
|
||||
List<UserSessionModel> userSessions = kcSession.sessions().getUserSessionsStream(realm,
|
||||
|
@ -303,6 +309,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
public void testRemoveUserSession(KeycloakSession session) {
|
||||
String userSessionId = KeycloakModelUtils.runJobInTransactionWithResult(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = createSessions(kcSession)[0];
|
||||
userSession = kcSession.sessions().getUserSession(realm, userSession.getId());
|
||||
|
||||
|
@ -320,9 +327,13 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@ModelTest
|
||||
public void testRemoveUserSessionsByRealm(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> kcSession.sessions().removeUserSessions(realm));
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
kcSession.sessions().removeUserSessions(realm);
|
||||
});
|
||||
|
||||
var user1 = session.users().getUserByUsername(realm, "user1");
|
||||
var user2 = session.users().getUserByUsername(realm, "user2");
|
||||
|
@ -340,6 +351,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
try {
|
||||
clientRemoved = KeycloakModelUtils.runJobInTransactionWithResult(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
String thirdPartyClientUUID = realm.getClientByClientId("third-party").getId();
|
||||
Map<String, Set<String>> clientSessionsKept = new HashMap<>();
|
||||
|
||||
|
@ -366,6 +378,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
// Revert client
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
realm.addClient("third-party");
|
||||
});
|
||||
}
|
||||
|
@ -377,6 +390,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
public void testRemoveUserSessionsByExpired(KeycloakSession session) {
|
||||
try {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
ClientModel client = realm.getClientByClientId("test-app");
|
||||
|
||||
Set<String> validUserSessions = new HashSet<>();
|
||||
|
@ -385,6 +399,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
// create an user session that is older than the max lifespan timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
Time.setOffset(-(realm.getSsoSessionMaxLifespan() + 1));
|
||||
UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
expiredUserSessions.add(userSession.getId());
|
||||
|
@ -394,6 +409,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
// create an user session whose last refresh exceeds the max session idle timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
Time.setOffset(-(realm.getSsoSessionIdleTimeout() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1));
|
||||
UserSessionModel s = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
// no need to explicitly set the last refresh time - it is the same as the creation time.
|
||||
|
@ -403,15 +419,20 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// create an user session and associated client session that conforms to the max lifespan and max idle timeouts.
|
||||
Time.setOffset(0);
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = session1.sessions().createUserSession(null, realm, session1.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
validUserSessions.add(userSession.getId());
|
||||
validClientSessions.add(session1.sessions().createClientSession(realm, client, userSession).getId());
|
||||
});
|
||||
|
||||
// remove the expired sessions - we expect the first two sessions to have been removed as they either expired the max lifespan or the session idle timeouts.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> session1.sessions().removeExpired(realm));
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
session1.sessions().removeExpired(realm);
|
||||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
for (String e : expiredUserSessions) {
|
||||
assertNull(kcSession.sessions().getUserSession(realm, e));
|
||||
}
|
||||
|
@ -435,11 +456,13 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@ModelTest
|
||||
public void testTransientUserSession(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
ClientModel client = realm.getClientByClientId("test-app");
|
||||
String userSessionId = UUID.randomUUID().toString();
|
||||
|
||||
// create an user session, but don't persist it to infinispan
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
long sessionsBefore = session1.sessions().getActiveUserSessions(realm, client);
|
||||
|
||||
UserSessionModel userSession = session1.sessions().createUserSession(userSessionId, realm, session1.users().getUserByUsername(realm, "user1"),
|
||||
|
@ -459,6 +482,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
// create an user session whose last refresh exceeds the max session idle timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession session1) -> {
|
||||
session1.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = session1.sessions().getUserSession(realm, userSessionId);
|
||||
Assert.assertNull(userSession);
|
||||
});
|
||||
|
@ -474,6 +498,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@ModelTest
|
||||
public void testRemoveUserSessionsByExpiredRememberMe(KeycloakSession session) {
|
||||
RealmModel testRealm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(testRealm);
|
||||
int previousMaxLifespan = testRealm.getSsoSessionMaxLifespanRememberMe();
|
||||
int previousMaxIdle = testRealm.getSsoSessionIdleTimeoutRememberMe();
|
||||
try {
|
||||
|
@ -485,6 +510,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// first lets update the realm by setting remember-me timeout values, which will be 4 times higher than the default timeout values.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel r = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(r);
|
||||
r.setSsoSessionMaxLifespanRememberMe(r.getSsoSessionMaxLifespan() * 4);
|
||||
r.setSsoSessionIdleTimeoutRememberMe(r.getSsoSessionIdleTimeout() * 4);
|
||||
});
|
||||
|
@ -493,6 +519,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// the session's last refresh also exceeds the default 'session idle' timeout but doesn't exceed the 'session idle remember-me' timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
Time.setOffset(-(realm.getSsoSessionMaxLifespan() * 2));
|
||||
UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
AuthenticatedClientSessionModel clientSession = kcSession.sessions().createClientSession(realm, client, userSession);
|
||||
|
@ -507,6 +534,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// create an user session with remember-me enabled that is older than the 'max lifespan remember-me' timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
Time.setOffset(-(realm.getSsoSessionMaxLifespanRememberMe() + 1));
|
||||
UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
expiredUserSessions.add(userSession.getId());
|
||||
|
@ -515,6 +543,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// finally create an user session with remember-me enabled whose last refresh exceeds the 'session idle remember-me' timeout.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
Time.setOffset(-(realm.getSsoSessionIdleTimeoutRememberMe() + SessionTimeoutHelper.PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS + 1));
|
||||
UserSessionModel userSession = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user2"), "user2", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
// no need to explicitly set the last refresh time - it is the same as the creation time.
|
||||
|
@ -523,10 +552,15 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
// remove the expired sessions - the first session should not be removed as it doesn't exceed any of the remember-me timeout values.
|
||||
Time.setOffset(0);
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> kcSession.sessions().removeExpired(kcSession.realms().getRealmByName("test")));
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
kcSession.sessions().removeExpired(realm);
|
||||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
|
||||
for (String sessionId : expiredUserSessions) {
|
||||
assertNull(kcSession.sessions().getUserSession(realm, sessionId));
|
||||
|
@ -547,6 +581,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
// restore the original remember-me timeout values in the realm.
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel r = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(r);
|
||||
r.setSsoSessionMaxLifespanRememberMe(previousMaxLifespan);
|
||||
r.setSsoSessionIdleTimeoutRememberMe(previousMaxIdle);
|
||||
});
|
||||
|
@ -561,6 +596,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
try {
|
||||
UserSessionModel userSession = sessions[0];
|
||||
RealmModel realm = userSession.getRealm();
|
||||
session.getContext().setRealm(realm);
|
||||
// reload userSession in current session
|
||||
userSession = session.sessions().getUserSession(realm, userSession.getId());
|
||||
Time.setOffset(3600000);
|
||||
|
@ -581,6 +617,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
final UserSessionModel[] sessions = createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertSessions(kcSession.sessions().getUserSessionsStream(realm, realm.getClientByClientId("test-app"))
|
||||
.collect(Collectors.toList()), sessions[0], sessions[1], sessions[2]);
|
||||
assertSessions(kcSession.sessions().getUserSessionsStream(realm, realm.getClientByClientId("third-party"))
|
||||
|
@ -594,6 +631,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
try {
|
||||
for (int i = 0; i < 25; i++) {
|
||||
Time.setOffset(i);
|
||||
|
@ -611,6 +649,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertPaginatedSession(kcSession, realm, realm.getClientByClientId("test-app"), 0, 1, 1);
|
||||
assertPaginatedSession(kcSession, realm, realm.getClientByClientId("test-app"), 0, 10, 10);
|
||||
assertPaginatedSession(kcSession, realm, realm.getClientByClientId("test-app"), 10, 10, 10);
|
||||
|
@ -623,6 +662,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@ModelTest
|
||||
public void testCreateAndGetInSameTransaction(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
ClientModel client = realm.getClientByClientId("test-app");
|
||||
UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
AuthenticatedClientSessionModel clientSession = createClientSession(session, client, userSession, "http://redirect", "state");
|
||||
|
@ -640,6 +680,8 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
@ModelTest
|
||||
public void testAuthenticatedClientSessions(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
realm.setSsoSessionIdleTimeout(1800);
|
||||
realm.setSsoSessionMaxLifespan(36000);
|
||||
UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.2", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
|
@ -720,6 +762,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), kcSession -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertEquals(3, kcSession.sessions().getActiveUserSessions(realm, realm.getClientByClientId("test-app")));
|
||||
assertEquals(1, kcSession.sessions().getActiveUserSessions(realm, realm.getClientByClientId("third-party")));
|
||||
});
|
||||
|
@ -729,6 +772,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
public void loginFailures() {
|
||||
testingClient.server().run((KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
UserLoginFailureModel failure1 = kcSession.loginFailures().addUserLoginFailure(realm, "user1");
|
||||
failure1.incrementFailures();
|
||||
|
||||
|
@ -739,6 +783,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
testingClient.server().run((KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
|
||||
UserLoginFailureModel failure1 = kcSession.loginFailures().getUserLoginFailure(realm, "user1");
|
||||
assertEquals(1, failure1.getNumFailures());
|
||||
|
@ -760,11 +805,13 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
testingClient.server().run((KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
kcSession.loginFailures().removeUserLoginFailure(realm, "user1");
|
||||
});
|
||||
|
||||
testingClient.server().run((KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
|
||||
assertNull(kcSession.loginFailures().getUserLoginFailure(realm, "user1"));
|
||||
|
||||
|
@ -773,6 +820,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
testingClient.server().run((KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertNull(kcSession.loginFailures().getUserLoginFailure(realm, "user1"));
|
||||
assertNull(kcSession.loginFailures().getUserLoginFailure(realm, "user2"));
|
||||
});
|
||||
|
@ -784,22 +832,26 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
}
|
||||
public static void testOnUserRemoved(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName("test");
|
||||
session.getContext().setRealm(realm);
|
||||
UserModel user1 = session.users().getUserByUsername(realm, "user1");
|
||||
UserModel user2 = session.users().getUserByUsername(realm, "user2");
|
||||
|
||||
createSessions(session);
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertEquals(2, kcSession.sessions().getUserSessionsStream(realm, user1).count());
|
||||
assertEquals(1, kcSession.sessions().getUserSessionsStream(realm, user2).count());
|
||||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
// remove user1
|
||||
new UserManager(kcSession).removeUser(realm, user1);
|
||||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
kcSession.getContext().setRealm(realm);
|
||||
assertEquals(0, kcSession.sessions().getUserSessionsStream(realm, user1).count());
|
||||
assertEquals(1, kcSession.sessions().getUserSessionsStream(realm, user2).count());
|
||||
});
|
||||
|
@ -817,6 +869,7 @@ public class UserSessionProviderTest extends AbstractTestRealmKeycloakTest {
|
|||
UserSessionModel[] sessions = new UserSessionModel[3];
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession kcSession) -> {
|
||||
RealmModel realm = kcSession.realms().getRealmByName("test");
|
||||
kcSession.getContext().setRealm(realm);
|
||||
|
||||
sessions[0] = kcSession.sessions().createUserSession(null, realm, kcSession.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
|
||||
|
|
|
@ -386,7 +386,7 @@ public abstract class AbstractWellKnownProviderTest extends AbstractKeycloakTest
|
|||
protected void assertScopesSupportedMatchesWithRealm(OIDCConfigurationRepresentation oidcConfig) {
|
||||
Assert.assertNames(oidcConfig.getScopesSupported(), OAuth2Constants.SCOPE_OPENID, OAuth2Constants.OFFLINE_ACCESS,
|
||||
OAuth2Constants.SCOPE_PROFILE, OAuth2Constants.SCOPE_EMAIL, OAuth2Constants.SCOPE_PHONE, OAuth2Constants.SCOPE_ADDRESS, OIDCLoginProtocolFactory.ACR_SCOPE, OIDCLoginProtocolFactory.BASIC_SCOPE,
|
||||
OIDCLoginProtocolFactory.ROLES_SCOPE, OIDCLoginProtocolFactory.WEB_ORIGINS_SCOPE, OIDCLoginProtocolFactory.MICROPROFILE_JWT_SCOPE);
|
||||
OIDCLoginProtocolFactory.ROLES_SCOPE, OIDCLoginProtocolFactory.WEB_ORIGINS_SCOPE, OIDCLoginProtocolFactory.MICROPROFILE_JWT_SCOPE, OAuth2Constants.ORGANIZATION);
|
||||
}
|
||||
|
||||
protected OIDCConfigurationRepresentation getOIDCDiscoveryRepresentation(Client client, String uriTemplate) {
|
||||
|
|
|
@ -32,20 +32,17 @@ import org.junit.Rule;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.broker.provider.util.SimpleHttp.Response;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.representations.account.LinkedAccountRepresentation;
|
||||
import org.keycloak.representations.account.OrganizationRepresentation;
|
||||
import org.keycloak.representations.idm.ErrorRepresentation;
|
||||
import org.keycloak.representations.idm.OrganizationDomainRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationAccountTest extends AbstractOrganizationTest {
|
||||
|
||||
@Rule
|
||||
|
|
|
@ -29,7 +29,6 @@ import java.util.Set;
|
|||
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.GroupModel;
|
||||
import org.keycloak.models.ModelValidationException;
|
||||
import org.keycloak.models.OrganizationModel;
|
||||
|
@ -41,10 +40,8 @@ import org.keycloak.organization.jpa.OrganizationAdapter;
|
|||
import org.keycloak.representations.idm.GroupRepresentation;
|
||||
import org.keycloak.representations.idm.OrganizationRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServer;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationGroupTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -39,7 +39,6 @@ import org.jboss.arquillian.graphene.page.Page;
|
|||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.common.util.UriUtils;
|
||||
import org.keycloak.cookie.CookieType;
|
||||
import org.keycloak.representations.idm.ErrorRepresentation;
|
||||
|
@ -50,7 +49,6 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.pages.InfoPage;
|
||||
import org.keycloak.testsuite.pages.RegisterPage;
|
||||
import org.keycloak.testsuite.util.GreenMailRule;
|
||||
|
@ -58,7 +56,6 @@ import org.keycloak.testsuite.util.MailUtils;
|
|||
import org.keycloak.testsuite.util.MailUtils.EmailBody;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationInvitationLinkTest extends AbstractOrganizationTest {
|
||||
|
||||
@Rule
|
||||
|
|
|
@ -51,7 +51,6 @@ import org.junit.Test;
|
|||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.admin.client.resource.OrganizationsResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.OrganizationModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.organization.OrganizationProvider;
|
||||
|
@ -61,12 +60,10 @@ import org.keycloak.representations.idm.OrganizationDomainRepresentation;
|
|||
import org.keycloak.representations.idm.OrganizationRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServer;
|
||||
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -33,7 +33,6 @@ import org.junit.Before;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.OrganizationModel.IdentityProviderRedirectMode;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
|
@ -41,13 +40,11 @@ import org.keycloak.representations.idm.OrganizationRepresentation;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationThemeTest extends AbstractOrganizationTest {
|
||||
|
||||
@Page
|
||||
|
|
|
@ -25,14 +25,11 @@ import java.io.IOException;
|
|||
import org.hamcrest.Matchers;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationAuthenticationTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -1,30 +0,0 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.organization.authentication;
|
||||
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.forms.BruteForceTest;
|
||||
|
||||
/**
|
||||
* Remove this test class once the {@link Feature#ORGANIZATION} is supported
|
||||
*/
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationBruteForceTest extends BruteForceTest {
|
||||
|
||||
}
|
|
@ -28,7 +28,6 @@ import org.hamcrest.Matchers;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.AdminRoles;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
|
@ -36,12 +35,10 @@ import org.keycloak.representations.idm.OrganizationRepresentation;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationAdminPermissionsTest extends AbstractOrganizationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
@ -35,17 +35,14 @@ import org.junit.Test;
|
|||
import org.keycloak.admin.client.resource.IdentityProviderResource;
|
||||
import org.keycloak.admin.client.resource.OrganizationIdentityProviderResource;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.IdentityProviderModel;
|
||||
import org.keycloak.models.OrganizationModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.organization.OrganizationProvider;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.representations.idm.OrganizationRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationIdentityProviderTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -19,15 +19,12 @@ package org.keycloak.testsuite.organization.broker;
|
|||
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationOIDCBrokerSelfRegistrationTest extends AbstractBrokerSelfRegistrationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -18,14 +18,11 @@
|
|||
package org.keycloak.testsuite.organization.broker;
|
||||
|
||||
import org.keycloak.broker.saml.SAMLIdentityProviderConfig;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.IdentityProviderSyncMode;
|
||||
import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.BrokerConfiguration;
|
||||
import org.keycloak.testsuite.broker.KcSamlBrokerConfiguration;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationSAMLBrokerSelfRegistrationTest extends AbstractBrokerSelfRegistrationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
@ -31,7 +31,6 @@ import java.util.stream.Stream;
|
|||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.IdentityProviderStorageProvider;
|
||||
import org.keycloak.models.IdentityProviderStorageProvider.FetchMode;
|
||||
import org.keycloak.models.OrganizationDomainModel;
|
||||
|
@ -47,11 +46,9 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
|||
import org.keycloak.representations.idm.OrganizationDomainRepresentation;
|
||||
import org.keycloak.representations.idm.OrganizationRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServer;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationCacheTest extends AbstractOrganizationTest {
|
||||
|
||||
@Before
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.organization.exportimport;
|
||||
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.exportimport.ExportImportTest;
|
||||
|
||||
/**
|
||||
* Tests the export/import functionality with the organization feature enabled.
|
||||
*
|
||||
* NOTE: When export/import of organizations is implemented and the organization feature is supported, we should either enhance
|
||||
* this class or the existing ExportImportTest to check org-specific settings.
|
||||
*
|
||||
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
|
||||
*/
|
||||
@EnableFeature(Profile.Feature.ORGANIZATION)
|
||||
public class OrganizationEnabledExportImportTest extends ExportImportTest {
|
||||
}
|
|
@ -37,7 +37,6 @@ import org.keycloak.admin.client.resource.AuthenticationManagementResource;
|
|||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.admin.client.resource.UsersResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.exportimport.ExportImportConfig;
|
||||
import org.keycloak.exportimport.singlefile.SingleFileExportProviderFactory;
|
||||
import org.keycloak.exportimport.singlefile.SingleFileImportProviderFactory;
|
||||
|
@ -49,13 +48,11 @@ import org.keycloak.representations.idm.OrganizationRepresentation;
|
|||
import org.keycloak.representations.idm.PartialImportRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.client.resources.TestingExportImportResource;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationExportTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -44,7 +44,6 @@ import org.keycloak.TokenVerifier;
|
|||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.ClientScopeResource;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.common.util.MultivaluedHashMap;
|
||||
import org.keycloak.common.util.UriUtils;
|
||||
import org.keycloak.models.OrganizationModel;
|
||||
|
@ -62,13 +61,11 @@ import org.keycloak.representations.idm.MemberRepresentation;
|
|||
import org.keycloak.representations.idm.OrganizationRepresentation;
|
||||
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.KcOidcBrokerConfiguration;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationOIDCProtocolMapperTest extends AbstractOrganizationTest {
|
||||
|
||||
@Before
|
||||
|
|
|
@ -29,7 +29,6 @@ import jakarta.ws.rs.core.UriBuilder;
|
|||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.dom.saml.v2.assertion.AttributeStatementType;
|
||||
import org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
|
||||
import org.keycloak.dom.saml.v2.assertion.AttributeType;
|
||||
|
@ -40,7 +39,6 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
|
|||
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
|
||||
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.saml.RoleMapperTest;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
|
@ -48,7 +46,6 @@ import org.keycloak.testsuite.util.Matchers;
|
|||
import org.keycloak.testsuite.util.SamlClient;
|
||||
import org.keycloak.testsuite.util.SamlClientBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationSAMLProtocolMapperTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -46,7 +46,6 @@ import org.junit.Test;
|
|||
import org.keycloak.admin.client.resource.OrganizationMemberResource;
|
||||
import org.keycloak.admin.client.resource.OrganizationResource;
|
||||
import org.keycloak.admin.client.resource.UserResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.models.OrganizationModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
|
@ -60,13 +59,11 @@ import org.keycloak.representations.userprofile.config.UPConfig;
|
|||
import org.keycloak.representations.userprofile.config.UPConfig.UnmanagedAttributePolicy;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.organization.admin.AbstractOrganizationTest;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
@EnableFeature(Feature.ORGANIZATION)
|
||||
public class OrganizationMemberTest extends AbstractOrganizationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
@ -50,6 +50,7 @@ import org.keycloak.timer.TimerProviderFactory;
|
|||
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
import org.keycloak.models.cache.infinispan.organization.InfinispanOrganizationProviderFactory;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -87,6 +88,7 @@ public class Infinispan extends KeycloakModelParameters {
|
|||
.add(TimerProviderFactory.class)
|
||||
.add(InfinispanPublicKeyStorageProviderFactory.class)
|
||||
.add(InfinispanCachePublicKeyProviderFactory.class)
|
||||
.add(InfinispanOrganizationProviderFactory.class)
|
||||
.build();
|
||||
|
||||
@Override
|
||||
|
|
|
@ -45,6 +45,8 @@ import org.keycloak.models.jpa.session.JpaRevokedTokensPersisterProviderFactory;
|
|||
import org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory;
|
||||
import org.keycloak.models.session.RevokedTokenPersisterSpi;
|
||||
import org.keycloak.models.session.UserSessionPersisterSpi;
|
||||
import org.keycloak.organization.OrganizationSpi;
|
||||
import org.keycloak.organization.jpa.JpaOrganizationProviderFactory;
|
||||
import org.keycloak.protocol.LoginProtocolFactory;
|
||||
import org.keycloak.protocol.LoginProtocolSpi;
|
||||
import org.keycloak.provider.ProviderFactory;
|
||||
|
@ -80,6 +82,8 @@ public class Jpa extends KeycloakModelParameters {
|
|||
.add(IdentityProviderStorageSpi.class)
|
||||
.add(IdentityProviderSpi.class)
|
||||
|
||||
.add(OrganizationSpi.class)
|
||||
|
||||
.build();
|
||||
|
||||
static final Set<Class<? extends ProviderFactory>> ALLOWED_FACTORIES = ImmutableSet.<Class<? extends ProviderFactory>>builder()
|
||||
|
@ -109,6 +113,8 @@ public class Jpa extends KeycloakModelParameters {
|
|||
//required for FederatedIdentityModel
|
||||
.add(IdentityProviderFactory.class)
|
||||
|
||||
.add(JpaOrganizationProviderFactory.class)
|
||||
|
||||
.build();
|
||||
|
||||
public Jpa() {
|
||||
|
|
|
@ -176,6 +176,7 @@ public class SessionTimeoutsTest extends KeycloakModelTest {
|
|||
try {
|
||||
final String[] sessions = inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
UserModel user = session.users().getUserByUsername(realm, "user1");
|
||||
UserSessionModel userSession = createUserSession(session, realm, user, offline);
|
||||
|
|
|
@ -86,6 +86,7 @@ public class UserSessionConcurrencyTest extends KeycloakModelTest {
|
|||
IntStream.range(0, 20 * CLIENTS_COUNT).parallel()
|
||||
.forEach(i -> inComittedTransaction(i, (session, n) -> { try {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
ClientModel client = realm.getClientByClientId("client" + (n % CLIENTS_COUNT));
|
||||
|
||||
UserSessionModel uSession = session.sessions().getUserSession(realm, uId);
|
||||
|
|
|
@ -108,6 +108,7 @@ public class UserSessionInitializerTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
// Assert sessions are in
|
||||
ClientModel testApp = realm.getClientByClientId("test-app");
|
||||
|
@ -140,6 +141,7 @@ public class UserSessionInitializerTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
// Assert sessions are in
|
||||
ClientModel thirdparty = realm.getClientByClientId("third-party");
|
||||
|
|
|
@ -146,6 +146,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
inComittedTransaction(session -> {
|
||||
// Persist 3 created userSessions and clientSessions as offline
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
ClientModel testApp = realm.getClientByClientId("test-app");
|
||||
session.sessions().getUserSessionsStream(realm, testApp).collect(Collectors.toList())
|
||||
.forEach(userSessionLooper -> persistUserSession(session, userSessionLooper, true));
|
||||
|
@ -196,6 +197,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
UserSessionModel[] origSessions = origSessionsAt.get();
|
||||
|
||||
// Persist 1 offline session
|
||||
|
@ -449,6 +451,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
public void testMoreSessions() {
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
// Create 10 userSessions - each having 1 clientSession
|
||||
List<String> userSessionsInner = new LinkedList<>();
|
||||
|
@ -505,6 +508,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
inComittedTransaction(session -> {
|
||||
// Persist 2 offline sessions of 2 users
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
userSession1[0] = session.sessions().getUserSession(realm, origSessions[1].getId());
|
||||
userSession2[0] = session.sessions().getUserSession(realm, origSessions[2].getId());
|
||||
persistUserSession(session, userSession1[0], true);
|
||||
|
@ -551,6 +555,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
UserSessionModel origSession = inComittedTransaction(session -> {
|
||||
// Create session in infinispan
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
createClientSession(session, realmId, realm.getClientByClientId("test-app"), userSession, "http://redirect", "state");
|
||||
|
@ -567,6 +572,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
inComittedTransaction(session -> {
|
||||
// Assert offline session
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
List<UserSessionModel> loadedSessions = loadPersistedSessionsPaginated(session, true, 1, 1, 1);
|
||||
|
||||
assertSessions(loadedSessions, new String[]{origSession.getId()});
|
||||
|
@ -618,6 +624,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
}
|
||||
|
||||
private void setupClientStorageComponents(KeycloakSession s, RealmModel realm) {
|
||||
s.getContext().setRealm(realm);
|
||||
getParameters(ClientStorageProviderModel.class).forEach(cm -> {
|
||||
cm.put(HardcodedClientStorageProviderFactory.CLIENT_ID, "external-storage-client");
|
||||
cm.put(HardcodedClientStorageProviderFactory.DELAYED_SEARCH, Boolean.toString(false));
|
||||
|
@ -632,6 +639,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
}
|
||||
|
||||
private void cleanClientStorageComponents(KeycloakSession s, RealmModel realm) {
|
||||
s.getContext().setRealm(realm);
|
||||
s.roles().removeRoles(realm);
|
||||
s.clientScopes().removeClientScopes(realm);
|
||||
|
||||
|
@ -648,6 +656,7 @@ public class UserSessionPersisterProviderTest extends KeycloakModelTest {
|
|||
|
||||
protected static UserSessionModel[] createSessions(KeycloakSession session, String realmId) {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
UserSessionModel[] sessions = new UserSessionModel[3];
|
||||
sessions[0] = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", true, null, null, UserSessionModel.SessionPersistenceState.PERSISTENT);
|
||||
|
||||
|
|
|
@ -148,6 +148,7 @@ public class UserSessionProviderModelTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
|
||||
UserSessionModel userSession = session.sessions().getUserSession(realm, origSessions[0].getId());
|
||||
Assert.assertEquals(origSessions[0], userSession);
|
||||
|
@ -194,6 +195,7 @@ public class UserSessionProviderModelTest extends KeycloakModelTest {
|
|||
public void testTransientUserSessionIsNotPersisted() {
|
||||
String id = inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = session.sessions().createUserSession(KeycloakModelUtils.generateId(), realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
|
||||
|
||||
ClientModel testApp = realm.getClientByClientId("test-app");
|
||||
|
@ -217,6 +219,7 @@ public class UserSessionProviderModelTest extends KeycloakModelTest {
|
|||
public void testClientSessionIsNotPersistedForTransientUserSession() {
|
||||
Object[] transientUserSessionWithClientSessionId = inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
UserSessionModel userSession = session.sessions().createUserSession(null, realm, session.users().getUserByUsername(realm, "user1"), "user1", "127.0.0.1", "form", false, null, null, UserSessionModel.SessionPersistenceState.TRANSIENT);
|
||||
ClientModel testApp = realm.getClientByClientId("test-app");
|
||||
AuthenticatedClientSessionModel clientSession = session.sessions().createClientSession(realm, testApp, userSession);
|
||||
|
|
|
@ -146,6 +146,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
sessionManager = new UserSessionManager(session);
|
||||
persister = session.getProvider(UserSessionPersisterProvider.class);
|
||||
|
||||
|
@ -275,6 +276,7 @@ public class UserSessionProviderOfflineModelTest extends KeycloakModelTest {
|
|||
|
||||
inComittedTransaction(session -> {
|
||||
RealmModel realm = session.realms().getRealm(realmId);
|
||||
session.getContext().setRealm(realm);
|
||||
sessionManager = new UserSessionManager(session);
|
||||
persister = session.getProvider(UserSessionPersisterProvider.class);
|
||||
|
||||
|
|
Loading…
Reference in a new issue