From 65ecfc960a68e05e86073952a58a6a136b171dae Mon Sep 17 00:00:00 2001 From: dashaylan Date: Mon, 5 Oct 2020 12:12:41 -0700 Subject: [PATCH] Combine UserInfo KcOidcBrokerConfiguration with OidcUserInfoClaimToRoleMapperTest --- .../KcOidcBrokerClientUserInfoTest.java | 60 ------------------- .../OidcUserInfoClaimToRoleMapperTest.java | 55 +++++++++++++++-- 2 files changed, 49 insertions(+), 66 deletions(-) delete mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerClientUserInfoTest.java diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerClientUserInfoTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerClientUserInfoTest.java deleted file mode 100644 index 0d7097470c..0000000000 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerClientUserInfoTest.java +++ /dev/null @@ -1,60 +0,0 @@ -package org.keycloak.testsuite.broker; - -import org.keycloak.models.IdentityProviderSyncMode; -import org.keycloak.protocol.ProtocolMapperUtils; -import org.keycloak.protocol.oidc.OIDCLoginProtocol; -import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper; -import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; -import org.keycloak.provider.ProviderConfigProperty; -import org.keycloak.representations.idm.ClientRepresentation; -import org.keycloak.representations.idm.ProtocolMapperRepresentation; - -import java.util.Arrays; -import java.util.List; -import java.util.Map; - - -public class KcOidcBrokerClientUserInfoTest extends AbstractBrokerTest { - - protected static final String ATTRIBUTE_TO_MAP_USER_INFO = "user-attribute-ufo"; - - @Override - protected BrokerConfiguration getBrokerConfiguration() { - return new KcOidcBrokerConfigurationUserInfoOnlyMappers(); - } - - private class KcOidcBrokerConfigurationUserInfoOnlyMappers extends KcOidcBrokerConfiguration { - - @Override - public List createProviderClients() { - List clientsRepList = super.createProviderClients(); - log.info("Update provider clients to disable attributes in Access & ID token"); - - ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation(); - userAttrMapper.setName("attribute - name"); - userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); - userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); - - Map userAttrMapperConfig = userAttrMapper.getConfig(); - userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_USER_INFO); - userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_USER_INFO); - userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); - userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "false"); - userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "false"); - userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); - - for (ClientRepresentation client: clientsRepList) { - client.setProtocolMappers(Arrays.asList(userAttrMapper)); - } - - return clientsRepList; - - } - - @Override - protected void applyDefaultConfiguration(final Map config, IdentityProviderSyncMode syncMode) { - super.applyDefaultConfiguration(config, syncMode); - config.put("disableUserInfo", "false"); - } - } -} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/OidcUserInfoClaimToRoleMapperTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/OidcUserInfoClaimToRoleMapperTest.java index dd5d0cf489..a145534314 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/OidcUserInfoClaimToRoleMapperTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/OidcUserInfoClaimToRoleMapperTest.java @@ -8,21 +8,29 @@ import org.keycloak.broker.oidc.mappers.ClaimToRoleMapper; import org.keycloak.broker.provider.ConfigConstants; import org.keycloak.models.IdentityProviderMapperModel; import org.keycloak.models.IdentityProviderMapperSyncMode; -import org.keycloak.representations.idm.IdentityProviderMapperRepresentation; -import org.keycloak.representations.idm.IdentityProviderRepresentation; -import org.keycloak.representations.idm.UserRepresentation; +import org.keycloak.models.IdentityProviderSyncMode; +import org.keycloak.protocol.ProtocolMapperUtils; +import org.keycloak.protocol.oidc.OIDCLoginProtocol; +import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper; +import org.keycloak.protocol.oidc.mappers.UserAttributeMapper; +import org.keycloak.provider.ProviderConfigProperty; +import org.keycloak.representations.idm.*; +import java.util.Arrays; import java.util.List; +import java.util.Map; public class OidcUserInfoClaimToRoleMapperTest extends AbstractRoleMapperTest { - private static final String USER_INFO_CLAIM = KcOidcBrokerClientUserInfoTest.ATTRIBUTE_TO_MAP_USER_INFO; + protected static final String ATTRIBUTE_TO_MAP_USER_INFO = "user-attribute-info"; + private static final String USER_INFO_CLAIM = ATTRIBUTE_TO_MAP_USER_INFO; private static final String USER_INFO_CLAIM_VALUE = "value 1"; private String claimOnSecondLogin = ""; + @Override protected BrokerConfiguration getBrokerConfiguration() { - return new KcOidcBrokerClientUserInfoTest().getBrokerConfiguration(); + return new KcOidcBrokerConfigurationUserInfoOnlyMappers(); } @Test @@ -65,7 +73,7 @@ public class OidcUserInfoClaimToRoleMapperTest extends AbstractRoleMapperTest { protected void createMapperInIdp(IdentityProviderRepresentation idp, IdentityProviderMapperSyncMode syncMode) { createClaimToRoleMapper(idp, USER_INFO_CLAIM_VALUE, syncMode); } - + @Override protected void updateUser() { UserRepresentation user = findUser(bc.providerRealmName(), bc.getUserLogin(), bc.getUserEmail()); @@ -92,4 +100,39 @@ public class OidcUserInfoClaimToRoleMapperTest extends AbstractRoleMapperTest { idpResource.addMapper(claimToRoleMapper).close(); } + private class KcOidcBrokerConfigurationUserInfoOnlyMappers extends KcOidcBrokerConfiguration { + + @Override + public List createProviderClients() { + List clientsRepList = super.createProviderClients(); + log.info("Update provider clients to disable attributes in Access & ID token"); + + ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation(); + userAttrMapper.setName("attribute - name"); + userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); + userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); + + Map userAttrMapperConfig = userAttrMapper.getConfig(); + userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_USER_INFO); + userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_USER_INFO); + userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); + userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "false"); + userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "false"); + userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); + + for (ClientRepresentation client: clientsRepList) { + client.setProtocolMappers(Arrays.asList(userAttrMapper)); + } + + return clientsRepList; + + } + + @Override + protected void applyDefaultConfiguration(final Map config, IdentityProviderSyncMode syncMode) { + super.applyDefaultConfiguration(config, syncMode); + config.put("disableUserInfo", "false"); + } + } + }