libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Combine UserInfo KcOidcBrokerConfiguration with OidcUserInfoClaimToRoleMapperTest

Browse source
This commit is contained in:
dashaylan 2020-10-05 12:12:41 -07:00 committed by Marek Posolda
parent 787d44be78
commit 65ecfc960a
2 changed files with 49 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerClientUserInfoTest.java
View file

@ -1,60 +0,0 @@
package org.keycloak.testsuite.broker;
import org.keycloak.models.IdentityProviderSyncMode;
import org.keycloak.protocol.ProtocolMapperUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
public class KcOidcBrokerClientUserInfoTest extends AbstractBrokerTest {
protected static final String ATTRIBUTE_TO_MAP_USER_INFO = "user-attribute-ufo";
@Override
protected BrokerConfiguration getBrokerConfiguration() {
return new KcOidcBrokerConfigurationUserInfoOnlyMappers();
}
private class KcOidcBrokerConfigurationUserInfoOnlyMappers extends KcOidcBrokerConfiguration {
@Override
public List<ClientRepresentation> createProviderClients() {
List<ClientRepresentation> clientsRepList = super.createProviderClients();
log.info("Update provider clients to disable attributes in Access & ID token");
ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation();
userAttrMapper.setName("attribute - name");
userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig();
userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_USER_INFO);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_USER_INFO);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "false");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "false");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
for (ClientRepresentation client: clientsRepList) {
client.setProtocolMappers(Arrays.asList(userAttrMapper));
}
return clientsRepList;
}
@Override
protected void applyDefaultConfiguration(final Map<String, String> config, IdentityProviderSyncMode syncMode) {
super.applyDefaultConfiguration(config, syncMode);
config.put("disableUserInfo", "false");
}
}
}

53
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/OidcUserInfoClaimToRoleMapperTest.java
View file

@ -8,21 +8,29 @@ import org.keycloak.broker.oidc.mappers.ClaimToRoleMapper;
import org.keycloak.broker.provider.ConfigConstants;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderMapperSyncMode;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.models.IdentityProviderSyncMode;
import org.keycloak.protocol.ProtocolMapperUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.*;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
public class OidcUserInfoClaimToRoleMapperTest extends AbstractRoleMapperTest {
private static final String USER_INFO_CLAIM = KcOidcBrokerClientUserInfoTest.ATTRIBUTE_TO_MAP_USER_INFO;
protected static final String ATTRIBUTE_TO_MAP_USER_INFO = "user-attribute-info";
private static final String USER_INFO_CLAIM = ATTRIBUTE_TO_MAP_USER_INFO;
private static final String USER_INFO_CLAIM_VALUE = "value 1";
private String claimOnSecondLogin = "";
@Override
protected BrokerConfiguration getBrokerConfiguration() {
return new KcOidcBrokerClientUserInfoTest().getBrokerConfiguration();
return new KcOidcBrokerConfigurationUserInfoOnlyMappers();
}
@Test
@ -92,4 +100,39 @@ public class OidcUserInfoClaimToRoleMapperTest extends AbstractRoleMapperTest {
idpResource.addMapper(claimToRoleMapper).close();
}
private class KcOidcBrokerConfigurationUserInfoOnlyMappers extends KcOidcBrokerConfiguration {
@Override
public List<ClientRepresentation> createProviderClients() {
List<ClientRepresentation> clientsRepList = super.createProviderClients();
log.info("Update provider clients to disable attributes in Access & ID token");
ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation();
userAttrMapper.setName("attribute - name");
userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig();
userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_USER_INFO);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_USER_INFO);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "false");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "false");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
for (ClientRepresentation client: clientsRepList) {
client.setProtocolMappers(Arrays.asList(userAttrMapper));
}
return clientsRepList;
}
@Override
protected void applyDefaultConfiguration(final Map<String, String> config, IdentityProviderSyncMode syncMode) {
super.applyDefaultConfiguration(config, syncMode);
config.put("disableUserInfo", "false");
}
}
}