From df7aac01dd0de094199b461b073e417243ede9c2 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Mon, 7 Jul 2014 14:59:51 -0400 Subject: [PATCH] fix delete realm --- .../org/keycloak/models/jpa/RealmAdapter.java | 3 +- .../testsuite/admin/AdminAPITest.java | 154 ++++++++++++++++++ .../test/resources/admin-test/testrealm.json | 107 ++++++++++++ 3 files changed, 263 insertions(+), 1 deletion(-) create mode 100755 testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java create mode 100755 testsuite/integration/src/test/resources/admin-test/testrealm.json diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java index e774711903..0c2f66a5e8 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java @@ -623,7 +623,8 @@ public class RealmAdapter implements RealmModel { ApplicationModel application = getApplicationById(id); if (application == null) return false; - ((ApplicationAdapter)application).deleteUserSessionAssociation(); + em.createNamedQuery("removeClientUserSessionByClient").setParameter("clientId", application.getId()).executeUpdate(); + for (RoleModel role : application.getRoles()) { application.removeRole(role); } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java new file mode 100755 index 0000000000..b374975eee --- /dev/null +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/AdminAPITest.java @@ -0,0 +1,154 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2012, Red Hat, Inc., and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.keycloak.testsuite.admin; + +import org.jboss.resteasy.util.BasicAuthHelper; +import org.junit.Assert; +import org.junit.ClassRule; +import org.junit.Rule; +import org.junit.Test; +import org.keycloak.Config; +import org.keycloak.OAuth2Constants; +import org.keycloak.models.ApplicationModel; +import org.keycloak.models.Constants; +import org.keycloak.models.KeycloakSession; +import org.keycloak.models.RealmModel; +import org.keycloak.models.UserModel; +import org.keycloak.models.UserSessionModel; +import org.keycloak.representations.AccessToken; +import org.keycloak.representations.adapters.action.SessionStats; +import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.services.managers.RealmManager; +import org.keycloak.services.managers.TokenManager; +import org.keycloak.services.resources.TokenService; +import org.keycloak.services.resources.admin.AdminRoot; +import org.keycloak.testsuite.OAuthClient; +import org.keycloak.testsuite.adapter.CustomerDatabaseServlet; +import org.keycloak.testsuite.adapter.CustomerServlet; +import org.keycloak.testsuite.adapter.ProductServlet; +import org.keycloak.testsuite.pages.LoginPage; +import org.keycloak.testsuite.rule.AbstractKeycloakRule; +import org.keycloak.testsuite.rule.WebResource; +import org.keycloak.testsuite.rule.WebRule; +import org.keycloak.testutils.KeycloakServer; +import org.openqa.selenium.WebDriver; + +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; +import javax.ws.rs.client.ClientRequestContext; +import javax.ws.rs.client.ClientRequestFilter; +import javax.ws.rs.client.Entity; +import javax.ws.rs.client.WebTarget; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.GenericType; +import javax.ws.rs.core.HttpHeaders; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriBuilder; +import java.io.IOException; +import java.net.URI; +import java.net.URL; +import java.security.PublicKey; +import java.util.Map; + +/** + * Tests Undertow Adapter + * + * @author Bill Burke + */ +public class AdminAPITest { + + @ClassRule + public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { + @Override + protected void configure(RealmManager manager, RealmModel adminRealm) { + + + } + }; + + private static String createToken() { + KeycloakSession session = keycloakRule.startSession(); + try { + RealmManager manager = new RealmManager(session); + + RealmModel adminRealm = manager.getRealm(Config.getAdminRealm()); + ApplicationModel adminConsole = adminRealm.getApplicationByName(Constants.ADMIN_CONSOLE_APPLICATION); + TokenManager tm = new TokenManager(); + UserModel admin = adminRealm.getUser("admin"); + UserSessionModel userSession = adminRealm.createUserSession(admin, null); + AccessToken token = tm.createClientAccessToken(null, adminRealm, adminConsole, admin, userSession); + return tm.encodeToken(adminRealm, token); + } finally { + keycloakRule.stopSession(session, true); + } + } + + protected void testCreateRealm(RealmRepresentation rep) { + String token = createToken(); + final String authHeader = "Bearer " + token; + ClientRequestFilter authFilter = new ClientRequestFilter() { + @Override + public void filter(ClientRequestContext requestContext) throws IOException { + requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, authHeader); + } + }; + Client client = ClientBuilder.newBuilder().register(authFilter).build(); + UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth"); + WebTarget adminRealms = client.target(AdminRoot.realmsUrl(authBase)); + String realmName = rep.getRealm(); + + + // create with just name, enabled, and id, just like admin console + RealmRepresentation newRep = new RealmRepresentation(); + newRep.setRealm(rep.getRealm()); + newRep.setEnabled(rep.isEnabled()); + { + Response response = adminRealms.request().post(Entity.json(newRep)); + Assert.assertEquals(201, response.getStatus()); + response.close(); + } + + + + + + // delete realm + { + Response response = adminRealms.path(realmName).request().delete(); + Assert.assertEquals(204, response.getStatus()); + response.close(); + + } + } + + protected void testCreateRealm(String path) { + RealmRepresentation rep = KeycloakServer.loadJson(getClass().getResourceAsStream(path), RealmRepresentation.class); + Assert.assertNotNull(rep); + testCreateRealm(rep); + } + + @Test + public void testAdminApi() { + testCreateRealm("/admin-test/testrealm.json"); + } + +} diff --git a/testsuite/integration/src/test/resources/admin-test/testrealm.json b/testsuite/integration/src/test/resources/admin-test/testrealm.json new file mode 100755 index 0000000000..b703f751c2 --- /dev/null +++ b/testsuite/integration/src/test/resources/admin-test/testrealm.json @@ -0,0 +1,107 @@ +{ + "realm": "admin-test-1", + "enabled": true, + "sslNotRequired": true, + "registrationAllowed": true, + "resetPasswordAllowed": true, + "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "requiredCredentials": [ "password" ], + "defaultRoles": [ "user" ], + "smtpServer": { + "from": "auto@keycloak.org", + "host": "localhost", + "port":"3025" + }, + "users" : [ + { + "username" : "test-user@localhost", + "enabled": true, + "email" : "test-user@localhost", + "credentials" : [ + { "type" : "password", + "value" : "password" } + ] + } + ], + "oauthClients" : [ + { + "name" : "third-party", + "enabled": true, + "redirectUris": [ + "http://localhost:8081/app/*" + ], + "secret": "password" + } + ], + "roleMappings": [ + { + "username": "test-user@localhost", + "roles": ["user"] + } + ], + "scopeMappings": [ + { + "client": "third-party", + "roles": ["user"] + }, + { + "client": "test-app", + "roles": ["user"] + } + ], + "applications": [ + { + "name": "test-app", + "enabled": true, + "baseUrl": "http://localhost:8081/app", + "redirectUris": [ + "http://localhost:8081/app/*" + ], + "adminUrl": "http://localhost:8081/app/logout", + "secret": "password" + } + ], + "roles" : { + "realm" : [ + { + "name": "user", + "description": "Have User privileges" + }, + { + "name": "admin", + "description": "Have Administrator privileges" + } + ], + "application" : { + "test-app" : [ + { + "name": "customer-user", + "description": "Have Customer User privileges" + }, + { + "name": "customer-admin", + "description": "Have Customer Admin privileges" + } + ] + } + + }, + + "applicationRoleMappings": { + "test-app": [ + { + "username": "test-user@localhost", + "roles": ["customer-user"] + } + ] + }, + "applicationScopeMappings": { + "test-app": [ + { + "client": "third-party", + "roles": ["customer-user"] + } + ] + } +} \ No newline at end of file