KEYCLOAK-16996 User not able to revoke his offline token for directGrant clients
This commit is contained in:
parent
9b0e1fff8d
commit
4dacbb9e0b
4 changed files with 22 additions and 7 deletions
|
@ -492,7 +492,7 @@ public class AccountRestService {
|
|||
|
||||
realm.getAlwaysDisplayInConsoleClientsStream().forEach(clients::add);
|
||||
|
||||
return clients.stream().filter(client -> !client.isBearerOnly() && client.getBaseUrl() != null && !client.getClientId().isEmpty())
|
||||
return clients.stream().filter(client -> !client.isBearerOnly() && !client.getClientId().isEmpty())
|
||||
.filter(client -> matches(client, name))
|
||||
.map(client -> modelToRepresentation(client, inUseClients, offlineClients, consentModels));
|
||||
}
|
||||
|
|
|
@ -104,6 +104,13 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
|||
.secret("secret1").build();
|
||||
testRealm.getClients().add(offlineApp);
|
||||
|
||||
org.keycloak.representations.idm.ClientRepresentation offlineApp2 = ClientBuilder.create().clientId("offline-client-without-base-url")
|
||||
.id(KeycloakModelUtils.generateId())
|
||||
.name("Offline Client Without Base URL")
|
||||
.directAccessGrants()
|
||||
.secret("secret1").build();
|
||||
testRealm.getClients().add(offlineApp2);
|
||||
|
||||
org.keycloak.representations.idm.ClientRepresentation alwaysDisplayApp = ClientBuilder.create().clientId("always-display-client")
|
||||
.id(KeycloakModelUtils.generateId())
|
||||
.name("Always Display Client")
|
||||
|
|
|
@ -778,10 +778,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertFalse(applications.isEmpty());
|
||||
|
||||
Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("in-use-client", "always-display-client"));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("in-use-client", "always-display-client", "direct-grant"));
|
||||
|
||||
assertClientRep(apps.get("in-use-client"), "In Use Client", null, false, true, false, null, inUseClientAppUri);
|
||||
assertClientRep(apps.get("always-display-client"), "Always Display Client", null, false, false, false, null, alwaysDisplayClientAppUri);
|
||||
assertClientRep(apps.get("direct-grant"), null, null, false, true, false, null, null);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -813,6 +814,10 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
OAuthClient.AccessTokenResponse offlineTokenResponse = oauth.doGrantAccessTokenRequest("secret1", "view-applications-access", "password");
|
||||
assertNull(offlineTokenResponse.getErrorDescription());
|
||||
|
||||
oauth.clientId("offline-client-without-base-url");
|
||||
offlineTokenResponse = oauth.doGrantAccessTokenRequest("secret1", "view-applications-access", "password");
|
||||
assertNull(offlineTokenResponse.getErrorDescription());
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
|
@ -823,9 +828,10 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertFalse(applications.isEmpty());
|
||||
|
||||
Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("offline-client", "always-display-client"));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("offline-client", "offline-client-without-base-url", "always-display-client", "direct-grant"));
|
||||
|
||||
assertClientRep(apps.get("offline-client"), "Offline Client", null, false, true, true, null, offlineClientAppUri);
|
||||
assertClientRep(apps.get("offline-client-without-base-url"), "Offline Client Without Base URL", null, false, true, true, null, null);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -861,7 +867,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
.asResponse();
|
||||
|
||||
Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder(appId, "always-display-client"));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder(appId, "always-display-client", "direct-grant"));
|
||||
|
||||
ClientRepresentation app = apps.get(appId);
|
||||
assertClientRep(app, null, "A third party application", true, false, false, null, "http://localhost:8180/auth/realms/master/app/auth");
|
||||
|
@ -887,7 +893,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertFalse(applications.isEmpty());
|
||||
|
||||
Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("root-url-client", "always-display-client"));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("root-url-client", "always-display-client", "direct-grant"));
|
||||
|
||||
assertClientRep(apps.get("root-url-client"), null, null, false, true, false, "http://localhost:8180/foo/bar", "/baz");
|
||||
}
|
||||
|
@ -1308,7 +1314,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertFalse(applications.isEmpty());
|
||||
|
||||
Map<String, ClientRepresentation> apps = applications.stream().collect(Collectors.toMap(x -> x.getClientId(), x -> x));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("offline-client", "always-display-client"));
|
||||
Assert.assertThat(apps.keySet(), containsInAnyOrder("offline-client", "always-display-client", "direct-grant"));
|
||||
|
||||
assertClientRep(apps.get("offline-client"), "Offline Client", null, false, true, false, null, offlineClientAppUri);
|
||||
}
|
||||
|
|
|
@ -181,7 +181,9 @@ export class ApplicationsPage extends React.Component<ApplicationsPageProps, App
|
|||
{application.description &&
|
||||
<GridItem><strong>{Msg.localize('description') + ': '}</strong> {application.description}</GridItem>
|
||||
}
|
||||
{application.effectiveUrl &&
|
||||
<GridItem><strong>URL: </strong> <span id={this.elementId('effectiveurl', application)}>{application.effectiveUrl.split('"')}</span></GridItem>
|
||||
}
|
||||
{application.consent &&
|
||||
<React.Fragment>
|
||||
<GridItem span={12}>
|
||||
|
|
Loading…
Reference in a new issue