KEYCLOAK-1099 Test of identity providers and protocol mappers import
This commit is contained in:
mposolda
parent
29030a6d39
commit
7d2d3230d2
2 changed files with 52 additions and 11 deletions
|
|
@ -4,11 +4,14 @@ import org.junit.Assert;
|
||||||
import org.junit.FixMethodOrder;
|
import org.junit.FixMethodOrder;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.junit.runners.MethodSorters;
|
import org.junit.runners.MethodSorters;
|
||||||
|
import org.keycloak.constants.KerberosConstants;
|
||||||
import org.keycloak.models.ApplicationModel;
|
import org.keycloak.models.ApplicationModel;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.models.FederatedIdentityModel;
|
import org.keycloak.models.FederatedIdentityModel;
|
||||||
|
import org.keycloak.models.IdentityProviderModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.models.ProtocolMapperModel;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RequiredCredentialModel;
|
import org.keycloak.models.RequiredCredentialModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
|
|
@ -16,6 +19,9 @@ import org.keycloak.models.UserFederationProvider;
|
||||||
import org.keycloak.models.UserFederationProviderFactory;
|
import org.keycloak.models.UserFederationProviderFactory;
|
||||||
import org.keycloak.models.UserFederationProviderModel;
|
import org.keycloak.models.UserFederationProviderModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
|
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
|
||||||
|
import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
|
||||||
|
import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
|
|
||||||
|
|
@ -197,12 +203,16 @@ public class ImportTest extends AbstractModelTest {
|
||||||
Assert.assertEquals("localhost", smtpConfig.get("host"));
|
Assert.assertEquals("localhost", smtpConfig.get("host"));
|
||||||
Assert.assertEquals("3025", smtpConfig.get("port"));
|
Assert.assertEquals("3025", smtpConfig.get("port"));
|
||||||
|
|
||||||
// Test social config
|
// Test identity providers
|
||||||
//FIXME: KEYCLOAK-883
|
List<IdentityProviderModel> identityProviders = realm.getIdentityProviders();
|
||||||
// Map<String, String> socialConfig = realm.getSocialConfig();
|
Assert.assertEquals(1, identityProviders.size());
|
||||||
// Assert.assertTrue(socialConfig.size() == 2);
|
IdentityProviderModel google = identityProviders.get(0);
|
||||||
// Assert.assertEquals("abc", socialConfig.get("google.key"));
|
Assert.assertEquals("google1", google.getId());
|
||||||
// Assert.assertEquals("def", socialConfig.get("google.secret"));
|
Assert.assertEquals("google", google.getProviderId());
|
||||||
|
Assert.assertEquals("Google", google.getName());
|
||||||
|
Assert.assertTrue(google.isEnabled());
|
||||||
|
Assert.assertEquals("googleId", google.getConfig().get("clientId"));
|
||||||
|
Assert.assertEquals("googleSecret", google.getConfig().get("clientSecret"));
|
||||||
|
|
||||||
// Test federation providers
|
// Test federation providers
|
||||||
List<UserFederationProviderModel> fedProviders = realm.getUserFederationProviders();
|
List<UserFederationProviderModel> fedProviders = realm.getUserFederationProviders();
|
||||||
|
|
@ -216,6 +226,23 @@ public class ImportTest extends AbstractModelTest {
|
||||||
// Assert that federation link wasn't created during import
|
// Assert that federation link wasn't created during import
|
||||||
UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy");
|
UserFederationProviderFactory factory = (UserFederationProviderFactory)session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, "dummy");
|
||||||
Assert.assertNull(factory.getInstance(session, null).getUserByUsername(realm, "wburke"));
|
Assert.assertNull(factory.getInstance(session, null).getUserByUsername(realm, "wburke"));
|
||||||
|
|
||||||
|
// Test protocol mappers. Default application has all the builtin protocol mappers. OtherApp just gss credential
|
||||||
|
Assert.assertNotNull(application.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "username"));
|
||||||
|
Assert.assertNotNull(application.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "email"));
|
||||||
|
Assert.assertNotNull(application.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "given name"));
|
||||||
|
Assert.assertNull(application.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, KerberosConstants.GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME));
|
||||||
|
|
||||||
|
Assert.assertEquals(1, otherApp.getProtocolMappers().size());
|
||||||
|
Assert.assertNull(otherApp.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, "username"));
|
||||||
|
ProtocolMapperModel gssCredentialMapper = otherApp.getProtocolMapperByName(OIDCLoginProtocol.LOGIN_PROTOCOL, KerberosConstants.GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME);
|
||||||
|
Assert.assertEquals(KerberosConstants.GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME, gssCredentialMapper.getName());
|
||||||
|
Assert.assertEquals( OIDCLoginProtocol.LOGIN_PROTOCOL, gssCredentialMapper.getProtocol());
|
||||||
|
Assert.assertEquals(UserSessionNoteMapper.PROVIDER_ID, gssCredentialMapper.getProtocolMapper());
|
||||||
|
String includeInAccessToken = gssCredentialMapper.getConfig().get(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN);
|
||||||
|
String includeInIdToken = gssCredentialMapper.getConfig().get(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN);
|
||||||
|
Assert.assertTrue(includeInAccessToken.equalsIgnoreCase("true"));
|
||||||
|
Assert.assertTrue(includeInIdToken == null || Boolean.parseBoolean(includeInIdToken) == false);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
||||||
|
|
@ -15,12 +15,12 @@
|
||||||
"identityProviders" : [
|
"identityProviders" : [
|
||||||
{
|
{
|
||||||
"providerId" : "google",
|
"providerId" : "google",
|
||||||
"id" : "google",
|
"id" : "google1",
|
||||||
"name" : "Google",
|
"name" : "Google",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
"config": {
|
"config": {
|
||||||
"clientId": "clientId",
|
"clientId": "googleId",
|
||||||
"clientSecret": "clientSecret"
|
"clientSecret": "googleSecret"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|
@ -111,9 +111,23 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "OtherApp",
|
"name": "OtherApp",
|
||||||
"enabled": true
|
"enabled": true,
|
||||||
|
"protocolMappers" : [
|
||||||
|
{
|
||||||
|
"name" : "gss delegation credential",
|
||||||
|
"protocol" : "openid-connect",
|
||||||
|
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
|
||||||
|
"consentRequired" : true,
|
||||||
|
"consentText" : "gss delegation credential",
|
||||||
|
"config" : {
|
||||||
|
"user.session.note" : "gss_delegation_credential",
|
||||||
|
"access.token.claim" : "true",
|
||||||
|
"claim.name" : "gss_delegation_credential",
|
||||||
|
"Claim JSON Type" : "String"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
],
|
],
|
||||||
"oauthClients" : [
|
"oauthClients" : [
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue