diff --git a/connections/mongo/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java b/connections/mongo/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java index 3c0db050c5..5dff7c15de 100755 --- a/connections/mongo/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java +++ b/connections/mongo/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java @@ -28,6 +28,8 @@ public class DefaultMongoConnectionFactoryProvider implements MongoConnectionPro "org.keycloak.models.mongo.keycloak.entities.MongoUserEntity", "org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity", "org.keycloak.models.entities.IdentityProviderEntity", + "org.keycloak.models.entities.ClientIdentityProviderMappingEntity", + "org.keycloak.models.entities.ProtocolMapperEntity", "org.keycloak.models.entities.RequiredCredentialEntity", "org.keycloak.models.entities.CredentialEntity", "org.keycloak.models.entities.FederatedIdentityEntity", diff --git a/model/api/src/main/java/org/keycloak/models/entities/ClientIdentityProviderMappingEntity.java b/model/api/src/main/java/org/keycloak/models/entities/ClientIdentityProviderMappingEntity.java old mode 100644 new mode 100755 index a788aacf4b..eafe478107 --- a/model/api/src/main/java/org/keycloak/models/entities/ClientIdentityProviderMappingEntity.java +++ b/model/api/src/main/java/org/keycloak/models/entities/ClientIdentityProviderMappingEntity.java @@ -23,7 +23,7 @@ package org.keycloak.models.entities; public class ClientIdentityProviderMappingEntity { private String id; - private Boolean retrieveToken; + private boolean retrieveToken; public String getId() { return this.id; @@ -33,7 +33,7 @@ public class ClientIdentityProviderMappingEntity { this.id = id; } - public Boolean isRetrieveToken() { + public boolean isRetrieveToken() { return this.retrieveToken; } diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java index c0202c1f52..4d3465b9be 100755 --- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java +++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java @@ -327,15 +327,14 @@ public abstract class ClientAdapter extends A @Override public void updateAllowedIdentityProviders(List identityProviders) { List stored = getMongoEntityAsClient().getIdentityProviders(); - + stored.clear(); for (ClientIdentityProviderMappingModel model : identityProviders) { ClientIdentityProviderMappingEntity entity = new ClientIdentityProviderMappingEntity(); entity.setId(model.getIdentityProvider()); entity.setRetrieveToken(model.isRetrieveToken()); + stored.add(entity); } - - getMongoEntityAsClient().setIdentityProviders(stored); updateMongoEntity(); } diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java index d48ae7d898..be033a3e28 100755 --- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java +++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java @@ -910,7 +910,7 @@ public class RealmAdapter extends AbstractMongoAdapter impleme mapping.setConsentRequired(entity.isConsentRequired()); mapping.setConsentText(entity.getConsentText()); Map config = new HashMap(); - if (entity.getConfig() != null) config.putAll(config); + if (entity.getConfig() != null) config.putAll(entity.getConfig()); mapping.setConfig(config); return mapping; } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java old mode 100644 new mode 100755 index 8f43860e05..fe4febd40c --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/broker/ImportIdentityProviderTest.java @@ -1,301 +1,304 @@ -/* - * JBoss, Home of Professional Open Source - * - * Copyright 2013 Red Hat, Inc. and/or its affiliates. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.broker; - -import org.junit.Test; -import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig; -import org.keycloak.broker.oidc.OIDCIdentityProvider; -import org.keycloak.broker.oidc.OIDCIdentityProviderConfig; -import org.keycloak.broker.oidc.OIDCIdentityProviderFactory; -import org.keycloak.broker.saml.SAMLIdentityProvider; -import org.keycloak.broker.saml.SAMLIdentityProviderConfig; -import org.keycloak.broker.saml.SAMLIdentityProviderFactory; -import org.keycloak.models.ClientIdentityProviderMappingModel; -import org.keycloak.models.ClientModel; -import org.keycloak.models.IdentityProviderModel; -import org.keycloak.models.RealmModel; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.social.facebook.FacebookIdentityProvider; -import org.keycloak.social.facebook.FacebookIdentityProviderFactory; -import org.keycloak.social.github.GitHubIdentityProvider; -import org.keycloak.social.github.GitHubIdentityProviderFactory; -import org.keycloak.social.google.GoogleIdentityProvider; -import org.keycloak.social.google.GoogleIdentityProviderFactory; -import org.keycloak.social.twitter.TwitterIdentityProvider; -import org.keycloak.social.twitter.TwitterIdentityProviderFactory; - -import java.io.IOException; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; - -/** - * @author pedroigor - */ -public class ImportIdentityProviderTest extends AbstractIdentityProviderModelTest { - - @Test - public void testInstallation() throws Exception { - RealmModel realm = installTestRealm(); - - assertIdentityProviderConfig(realm.getIdentityProviders()); - - assertTrue(realm.isIdentityFederationEnabled()); - } - - @Test - public void testUpdateIdentityProvider() throws Exception { - RealmModel realm = installTestRealm(); - List identityProviders = realm.getIdentityProviders(); - - assertFalse(identityProviders.isEmpty()); - - IdentityProviderModel identityProviderModel = identityProviders.get(0); - String identityProviderId = identityProviderModel.getId(); - - identityProviderModel.setName("Changed Name"); - identityProviderModel.getConfig().put("config-added", "value-added"); - identityProviderModel.setEnabled(false); - identityProviderModel.setUpdateProfileFirstLogin(false); - identityProviderModel.setStoreToken(true); - identityProviderModel.setAuthenticateByDefault(true); - - realm.updateIdentityProvider(identityProviderModel); - - commit(); - - realm = this.realmManager.getRealm(realm.getId()); - - identityProviderModel = realm.getIdentityProviderById(identityProviderId); - - assertEquals("Changed Name", identityProviderModel.getName()); - assertEquals("value-added", identityProviderModel.getConfig().get("config-added")); - assertFalse(identityProviderModel.isEnabled()); - assertFalse(identityProviderModel.isUpdateProfileFirstLogin()); - assertTrue(identityProviderModel.isStoreToken()); - assertTrue(identityProviderModel.isAuthenticateByDefault()); - - identityProviderModel.setName("Changed Name Again"); - identityProviderModel.getConfig().remove("config-added"); - identityProviderModel.setEnabled(true); - identityProviderModel.setUpdateProfileFirstLogin(true); - identityProviderModel.setAuthenticateByDefault(false); - - realm.updateIdentityProvider(identityProviderModel); - - commit(); - - realm = this.realmManager.getRealm(realm.getId()); - identityProviderModel = realm.getIdentityProviderById(identityProviderId); - - assertEquals("Changed Name Again", identityProviderModel.getName()); - assertFalse(identityProviderModel.getConfig().containsKey("config-added")); - assertTrue(identityProviderModel.isEnabled()); - assertTrue(identityProviderModel.isUpdateProfileFirstLogin()); - assertFalse(identityProviderModel.isAuthenticateByDefault()); - } - - @Test - public void testApplicationIdentityProviders() throws Exception { - RealmModel realm = installTestRealm(); - - ClientModel client = realm.findClient("test-app-with-allowed-providers"); - List identityProviders = client.getIdentityProviders(); - - assertEquals(1, identityProviders.size()); - - ClientIdentityProviderMappingModel identityProviderMappingModel = identityProviders.get(0); - - assertEquals("kc-oidc-idp", identityProviderMappingModel.getIdentityProvider()); - assertEquals(false, identityProviderMappingModel.isRetrieveToken()); - - identityProviders.remove(identityProviderMappingModel); - - client.updateAllowedIdentityProviders(identityProviders); - - client = realm.findClientById(client.getId()); - identityProviders = client.getIdentityProviders(); - - assertEquals(0, identityProviders.size()); - } - - - private void assertIdentityProviderConfig(List identityProviders) { - assertFalse(identityProviders.isEmpty()); - - Set checkedProviders = new HashSet(getExpectedProviders()); - - for (IdentityProviderModel identityProvider : identityProviders) { - if (identityProvider.getId().startsWith("model-")) { - String providerId = identityProvider.getProviderId(); - - if (SAMLIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertSamlIdentityProviderConfig(identityProvider); - } else if (GoogleIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertGoogleIdentityProviderConfig(identityProvider); - } else if (OIDCIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertOidcIdentityProviderConfig(identityProvider); - } else if (FacebookIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertFacebookIdentityProviderConfig(identityProvider); - } else if (GitHubIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertGitHubIdentityProviderConfig(identityProvider); - } else if (TwitterIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { - assertTwitterIdentityProviderConfig(identityProvider); - } else { - continue; - } - - checkedProviders.remove(providerId); - } - } - - assertTrue(checkedProviders.isEmpty()); - } - - private void assertGoogleIdentityProviderConfig(IdentityProviderModel identityProvider) { - GoogleIdentityProvider googleIdentityProvider = new GoogleIdentityProviderFactory().create(identityProvider); - OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig(); - - assertEquals("model-google", config.getId()); - assertEquals(GoogleIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("Google", config.getName()); - assertEquals(true, config.isEnabled()); - assertEquals(true, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(true, config.isStoreToken()); - assertEquals("clientId", config.getClientId()); - assertEquals("clientSecret", config.getClientSecret()); - assertEquals(GoogleIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); - assertEquals(GoogleIdentityProvider.TOKEN_URL, config.getTokenUrl()); - assertEquals(GoogleIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); - - } - - private void assertSamlIdentityProviderConfig(IdentityProviderModel identityProvider) { - SAMLIdentityProvider samlIdentityProvider = new SAMLIdentityProviderFactory().create(identityProvider); - SAMLIdentityProviderConfig config = samlIdentityProvider.getConfig(); - - assertEquals("model-saml-signed-idp", config.getId()); - assertEquals(SAMLIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("SAML Signed IdP", config.getName()); - assertEquals(true, config.isEnabled()); - assertEquals(true, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(false, config.isStoreToken()); - assertEquals("http://localhost:8082/auth/realms/realm-with-saml-identity-provider/protocol/saml", config.getSingleSignOnServiceUrl()); - assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", config.getNameIDPolicyFormat()); - assertEquals("MIIDdzCCAl+gAwIBAgIEbySuqTANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE1MDEyODIyMTYyMFoXDTE3MTAyNDIyMTYyMFowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAII/K9NNvXi9IySl7+l2zY/kKrGTtuR4WdCI0xLW/Jn4dLY7v1/HOnV4CC4ecFOzhdNFPtJkmEhP/q62CpmOYOKApXk3tfmm2rwEz9bWprVxgFGKnbrWlz61Z/cjLAlhD3IUj2ZRBquYgSXQPsYfXo1JmSWF5pZ9uh1FVqu9f4wvRqY20ZhUN+39F+1iaBsoqsrbXypCn1HgZkW1/9D9GZug1c3vB4wg1TwZZWRNGtxwoEhdK6dPrNcZ+6PdanVilWrbQFbBjY4wz8/7IMBzssoQ7Usmo8F1Piv0FGfaVeJqBrcAvbiBMpk8pT+27u6p8VyIX6LhGvnxIwM07NByeSUCAwEAAaMhMB8wHQYDVR0OBBYEFFlcNuTYwI9W0tQ224K1gFJlMam0MA0GCSqGSIb3DQEBCwUAA4IBAQB5snl1KWOJALtAjLqD0mLPg1iElmZP82Lq1htLBt3XagwzU9CaeVeCQ7lTp+DXWzPa9nCLhsC3QyrV3/+oqNli8C6NpeqI8FqN2yQW/QMWN1m5jWDbmrWwtQzRUn/rh5KEb5m3zPB+tOC6e/2bV3QeQebxeW7lVMD0tSCviUg1MQf1l2gzuXQo60411YwqrXwk6GMkDOhFDQKDlMchO3oRbQkGbcP8UeiKAXjMeHfzbiBr+cWz8NYZEtxUEDYDjTpKrYCSMJBXpmgVJCZ00BswbksxJwaGqGMPpUKmCV671pf3m8nq3xyiHMDGuGwtbU+GE8kVx85menmp8+964nin", config.getSigningCertificate()); - assertEquals(true, config.isWantAuthnRequestsSigned()); - assertEquals(true, config.isForceAuthn()); - assertEquals(true, config.isPostBindingAuthnRequest()); - assertEquals(true, config.isPostBindingResponse()); - assertEquals(true, config.isValidateSignature()); - } - - private void assertOidcIdentityProviderConfig(IdentityProviderModel identityProvider) { - OIDCIdentityProvider googleIdentityProvider = new OIDCIdentityProviderFactory().create(identityProvider); - OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig(); - - assertEquals("model-oidc-idp", config.getId()); - assertEquals(OIDCIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("OIDC IdP", config.getName()); - assertEquals(false, config.isEnabled()); - assertEquals(false, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(false, config.isStoreToken()); - assertEquals("clientId", config.getClientId()); - assertEquals("clientSecret", config.getClientSecret()); - } - - private void assertFacebookIdentityProviderConfig(IdentityProviderModel identityProvider) { - FacebookIdentityProvider facebookIdentityProvider = new FacebookIdentityProviderFactory().create(identityProvider); - OAuth2IdentityProviderConfig config = facebookIdentityProvider.getConfig(); - - assertEquals("model-facebook", config.getId()); - assertEquals(FacebookIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("Facebook", config.getName()); - assertEquals(true, config.isEnabled()); - assertEquals(true, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(false, config.isStoreToken()); - assertEquals("clientId", config.getClientId()); - assertEquals("clientSecret", config.getClientSecret()); - assertEquals(FacebookIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); - assertEquals(FacebookIdentityProvider.TOKEN_URL, config.getTokenUrl()); - assertEquals(FacebookIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); - } - - private void assertGitHubIdentityProviderConfig(IdentityProviderModel identityProvider) { - GitHubIdentityProvider gitHubIdentityProvider = new GitHubIdentityProviderFactory().create(identityProvider); - OAuth2IdentityProviderConfig config = gitHubIdentityProvider.getConfig(); - - assertEquals("model-github", config.getId()); - assertEquals(GitHubIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("GitHub", config.getName()); - assertEquals(true, config.isEnabled()); - assertEquals(true, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(false, config.isStoreToken()); - assertEquals("clientId", config.getClientId()); - assertEquals("clientSecret", config.getClientSecret()); - assertEquals(GitHubIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); - assertEquals(GitHubIdentityProvider.TOKEN_URL, config.getTokenUrl()); - assertEquals(GitHubIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); - } - - private void assertTwitterIdentityProviderConfig(IdentityProviderModel identityProvider) { - TwitterIdentityProvider twitterIdentityProvider = new TwitterIdentityProviderFactory().create(identityProvider); - OAuth2IdentityProviderConfig config = twitterIdentityProvider.getConfig(); - - assertEquals("model-twitter", config.getId()); - assertEquals(TwitterIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); - assertEquals("Twitter", config.getName()); - assertEquals(true, config.isEnabled()); - assertEquals(true, config.isUpdateProfileFirstLogin()); - assertEquals(false, config.isAuthenticateByDefault()); - assertEquals(true, config.isStoreToken()); - assertEquals("clientId", config.getClientId()); - assertEquals("clientSecret", config.getClientSecret()); - } - - private RealmModel installTestRealm() throws IOException { - RealmRepresentation realmRepresentation = loadJson("broker-test/test-realm-with-broker.json"); - - assertNotNull(realmRepresentation); - assertEquals("realm-with-broker", realmRepresentation.getRealm()); - - RealmModel realmModel = this.realmManager.getRealm("realm-with-broker"); - - if (realmModel == null) { - realmModel = this.realmManager.importRealm(realmRepresentation); - - commit(); - - realmModel = this.realmManager.getRealm(realmModel.getId()); - - assertNotNull(realmModel); - } - - return realmModel; - } -} +/* + * JBoss, Home of Professional Open Source + * + * Copyright 2013 Red Hat, Inc. and/or its affiliates. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.keycloak.testsuite.broker; + +import org.junit.Test; +import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig; +import org.keycloak.broker.oidc.OIDCIdentityProvider; +import org.keycloak.broker.oidc.OIDCIdentityProviderConfig; +import org.keycloak.broker.oidc.OIDCIdentityProviderFactory; +import org.keycloak.broker.saml.SAMLIdentityProvider; +import org.keycloak.broker.saml.SAMLIdentityProviderConfig; +import org.keycloak.broker.saml.SAMLIdentityProviderFactory; +import org.keycloak.models.ClientIdentityProviderMappingModel; +import org.keycloak.models.ClientModel; +import org.keycloak.models.IdentityProviderModel; +import org.keycloak.models.RealmModel; +import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.social.facebook.FacebookIdentityProvider; +import org.keycloak.social.facebook.FacebookIdentityProviderFactory; +import org.keycloak.social.github.GitHubIdentityProvider; +import org.keycloak.social.github.GitHubIdentityProviderFactory; +import org.keycloak.social.google.GoogleIdentityProvider; +import org.keycloak.social.google.GoogleIdentityProviderFactory; +import org.keycloak.social.twitter.TwitterIdentityProvider; +import org.keycloak.social.twitter.TwitterIdentityProviderFactory; + +import java.io.IOException; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +/** + * @author pedroigor + */ +public class ImportIdentityProviderTest extends AbstractIdentityProviderModelTest { + + @Test + public void testInstallation() throws Exception { + RealmModel realm = installTestRealm(); + + assertIdentityProviderConfig(realm.getIdentityProviders()); + + assertTrue(realm.isIdentityFederationEnabled()); + this.realmManager.removeRealm(realm); + } + + @Test + public void testUpdateIdentityProvider() throws Exception { + RealmModel realm = installTestRealm(); + List identityProviders = realm.getIdentityProviders(); + + assertFalse(identityProviders.isEmpty()); + + IdentityProviderModel identityProviderModel = identityProviders.get(0); + String identityProviderId = identityProviderModel.getId(); + + identityProviderModel.setName("Changed Name"); + identityProviderModel.getConfig().put("config-added", "value-added"); + identityProviderModel.setEnabled(false); + identityProviderModel.setUpdateProfileFirstLogin(false); + identityProviderModel.setStoreToken(true); + identityProviderModel.setAuthenticateByDefault(true); + + realm.updateIdentityProvider(identityProviderModel); + + commit(); + + realm = this.realmManager.getRealm(realm.getId()); + + identityProviderModel = realm.getIdentityProviderById(identityProviderId); + + assertEquals("Changed Name", identityProviderModel.getName()); + assertEquals("value-added", identityProviderModel.getConfig().get("config-added")); + assertFalse(identityProviderModel.isEnabled()); + assertFalse(identityProviderModel.isUpdateProfileFirstLogin()); + assertTrue(identityProviderModel.isStoreToken()); + assertTrue(identityProviderModel.isAuthenticateByDefault()); + + identityProviderModel.setName("Changed Name Again"); + identityProviderModel.getConfig().remove("config-added"); + identityProviderModel.setEnabled(true); + identityProviderModel.setUpdateProfileFirstLogin(true); + identityProviderModel.setAuthenticateByDefault(false); + + realm.updateIdentityProvider(identityProviderModel); + + commit(); + + realm = this.realmManager.getRealm(realm.getId()); + identityProviderModel = realm.getIdentityProviderById(identityProviderId); + + assertEquals("Changed Name Again", identityProviderModel.getName()); + assertFalse(identityProviderModel.getConfig().containsKey("config-added")); + assertTrue(identityProviderModel.isEnabled()); + assertTrue(identityProviderModel.isUpdateProfileFirstLogin()); + assertFalse(identityProviderModel.isAuthenticateByDefault()); + this.realmManager.removeRealm(realm); + } + + @Test + public void testApplicationIdentityProviders() throws Exception { + RealmModel realm = installTestRealm(); + + ClientModel client = realm.findClient("test-app-with-allowed-providers"); + List identityProviders = client.getIdentityProviders(); + + assertEquals(1, identityProviders.size()); + + ClientIdentityProviderMappingModel identityProviderMappingModel = identityProviders.get(0); + + assertEquals("kc-oidc-idp", identityProviderMappingModel.getIdentityProvider()); + assertEquals(false, identityProviderMappingModel.isRetrieveToken()); + + identityProviders.remove(identityProviderMappingModel); + + client.updateAllowedIdentityProviders(identityProviders); + + client = realm.findClientById(client.getId()); + identityProviders = client.getIdentityProviders(); + + assertEquals(0, identityProviders.size()); + this.realmManager.removeRealm(realm); + } + + + private void assertIdentityProviderConfig(List identityProviders) { + assertFalse(identityProviders.isEmpty()); + + Set checkedProviders = new HashSet(getExpectedProviders()); + + for (IdentityProviderModel identityProvider : identityProviders) { + if (identityProvider.getId().startsWith("model-")) { + String providerId = identityProvider.getProviderId(); + + if (SAMLIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertSamlIdentityProviderConfig(identityProvider); + } else if (GoogleIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertGoogleIdentityProviderConfig(identityProvider); + } else if (OIDCIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertOidcIdentityProviderConfig(identityProvider); + } else if (FacebookIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertFacebookIdentityProviderConfig(identityProvider); + } else if (GitHubIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertGitHubIdentityProviderConfig(identityProvider); + } else if (TwitterIdentityProviderFactory.PROVIDER_ID.equals(providerId)) { + assertTwitterIdentityProviderConfig(identityProvider); + } else { + continue; + } + + checkedProviders.remove(providerId); + } + } + + assertTrue(checkedProviders.isEmpty()); + } + + private void assertGoogleIdentityProviderConfig(IdentityProviderModel identityProvider) { + GoogleIdentityProvider googleIdentityProvider = new GoogleIdentityProviderFactory().create(identityProvider); + OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig(); + + assertEquals("model-google", config.getId()); + assertEquals(GoogleIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("Google", config.getName()); + assertEquals(true, config.isEnabled()); + assertEquals(true, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(true, config.isStoreToken()); + assertEquals("clientId", config.getClientId()); + assertEquals("clientSecret", config.getClientSecret()); + assertEquals(GoogleIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); + assertEquals(GoogleIdentityProvider.TOKEN_URL, config.getTokenUrl()); + assertEquals(GoogleIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); + + } + + private void assertSamlIdentityProviderConfig(IdentityProviderModel identityProvider) { + SAMLIdentityProvider samlIdentityProvider = new SAMLIdentityProviderFactory().create(identityProvider); + SAMLIdentityProviderConfig config = samlIdentityProvider.getConfig(); + + assertEquals("model-saml-signed-idp", config.getId()); + assertEquals(SAMLIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("SAML Signed IdP", config.getName()); + assertEquals(true, config.isEnabled()); + assertEquals(true, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(false, config.isStoreToken()); + assertEquals("http://localhost:8082/auth/realms/realm-with-saml-identity-provider/protocol/saml", config.getSingleSignOnServiceUrl()); + assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", config.getNameIDPolicyFormat()); + assertEquals("MIIDdzCCAl+gAwIBAgIEbySuqTANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE1MDEyODIyMTYyMFoXDTE3MTAyNDIyMTYyMFowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAII/K9NNvXi9IySl7+l2zY/kKrGTtuR4WdCI0xLW/Jn4dLY7v1/HOnV4CC4ecFOzhdNFPtJkmEhP/q62CpmOYOKApXk3tfmm2rwEz9bWprVxgFGKnbrWlz61Z/cjLAlhD3IUj2ZRBquYgSXQPsYfXo1JmSWF5pZ9uh1FVqu9f4wvRqY20ZhUN+39F+1iaBsoqsrbXypCn1HgZkW1/9D9GZug1c3vB4wg1TwZZWRNGtxwoEhdK6dPrNcZ+6PdanVilWrbQFbBjY4wz8/7IMBzssoQ7Usmo8F1Piv0FGfaVeJqBrcAvbiBMpk8pT+27u6p8VyIX6LhGvnxIwM07NByeSUCAwEAAaMhMB8wHQYDVR0OBBYEFFlcNuTYwI9W0tQ224K1gFJlMam0MA0GCSqGSIb3DQEBCwUAA4IBAQB5snl1KWOJALtAjLqD0mLPg1iElmZP82Lq1htLBt3XagwzU9CaeVeCQ7lTp+DXWzPa9nCLhsC3QyrV3/+oqNli8C6NpeqI8FqN2yQW/QMWN1m5jWDbmrWwtQzRUn/rh5KEb5m3zPB+tOC6e/2bV3QeQebxeW7lVMD0tSCviUg1MQf1l2gzuXQo60411YwqrXwk6GMkDOhFDQKDlMchO3oRbQkGbcP8UeiKAXjMeHfzbiBr+cWz8NYZEtxUEDYDjTpKrYCSMJBXpmgVJCZ00BswbksxJwaGqGMPpUKmCV671pf3m8nq3xyiHMDGuGwtbU+GE8kVx85menmp8+964nin", config.getSigningCertificate()); + assertEquals(true, config.isWantAuthnRequestsSigned()); + assertEquals(true, config.isForceAuthn()); + assertEquals(true, config.isPostBindingAuthnRequest()); + assertEquals(true, config.isPostBindingResponse()); + assertEquals(true, config.isValidateSignature()); + } + + private void assertOidcIdentityProviderConfig(IdentityProviderModel identityProvider) { + OIDCIdentityProvider googleIdentityProvider = new OIDCIdentityProviderFactory().create(identityProvider); + OIDCIdentityProviderConfig config = googleIdentityProvider.getConfig(); + + assertEquals("model-oidc-idp", config.getId()); + assertEquals(OIDCIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("OIDC IdP", config.getName()); + assertEquals(false, config.isEnabled()); + assertEquals(false, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(false, config.isStoreToken()); + assertEquals("clientId", config.getClientId()); + assertEquals("clientSecret", config.getClientSecret()); + } + + private void assertFacebookIdentityProviderConfig(IdentityProviderModel identityProvider) { + FacebookIdentityProvider facebookIdentityProvider = new FacebookIdentityProviderFactory().create(identityProvider); + OAuth2IdentityProviderConfig config = facebookIdentityProvider.getConfig(); + + assertEquals("model-facebook", config.getId()); + assertEquals(FacebookIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("Facebook", config.getName()); + assertEquals(true, config.isEnabled()); + assertEquals(true, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(false, config.isStoreToken()); + assertEquals("clientId", config.getClientId()); + assertEquals("clientSecret", config.getClientSecret()); + assertEquals(FacebookIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); + assertEquals(FacebookIdentityProvider.TOKEN_URL, config.getTokenUrl()); + assertEquals(FacebookIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); + } + + private void assertGitHubIdentityProviderConfig(IdentityProviderModel identityProvider) { + GitHubIdentityProvider gitHubIdentityProvider = new GitHubIdentityProviderFactory().create(identityProvider); + OAuth2IdentityProviderConfig config = gitHubIdentityProvider.getConfig(); + + assertEquals("model-github", config.getId()); + assertEquals(GitHubIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("GitHub", config.getName()); + assertEquals(true, config.isEnabled()); + assertEquals(true, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(false, config.isStoreToken()); + assertEquals("clientId", config.getClientId()); + assertEquals("clientSecret", config.getClientSecret()); + assertEquals(GitHubIdentityProvider.AUTH_URL, config.getAuthorizationUrl()); + assertEquals(GitHubIdentityProvider.TOKEN_URL, config.getTokenUrl()); + assertEquals(GitHubIdentityProvider.PROFILE_URL, config.getUserInfoUrl()); + } + + private void assertTwitterIdentityProviderConfig(IdentityProviderModel identityProvider) { + TwitterIdentityProvider twitterIdentityProvider = new TwitterIdentityProviderFactory().create(identityProvider); + OAuth2IdentityProviderConfig config = twitterIdentityProvider.getConfig(); + + assertEquals("model-twitter", config.getId()); + assertEquals(TwitterIdentityProviderFactory.PROVIDER_ID, config.getProviderId()); + assertEquals("Twitter", config.getName()); + assertEquals(true, config.isEnabled()); + assertEquals(true, config.isUpdateProfileFirstLogin()); + assertEquals(false, config.isAuthenticateByDefault()); + assertEquals(true, config.isStoreToken()); + assertEquals("clientId", config.getClientId()); + assertEquals("clientSecret", config.getClientSecret()); + } + + private RealmModel installTestRealm() throws IOException { + RealmRepresentation realmRepresentation = loadJson("broker-test/test-realm-with-broker.json"); + + assertNotNull(realmRepresentation); + assertEquals("realm-with-broker", realmRepresentation.getRealm()); + + RealmModel realmModel = this.realmManager.getRealm("realm-with-broker"); + + if (realmModel == null) { + realmModel = this.realmManager.importRealm(realmRepresentation); + + commit(); + + realmModel = this.realmManager.getRealm(realmModel.getId()); + + assertNotNull(realmModel); + } + + return realmModel; + } +}