libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-18035 Fix update client with default default scope assigned as optional

Browse source
This commit is contained in:
vramik 2021-06-03 17:22:35 +02:00 committed by Hynek Mlnařík
parent b071be7799
commit 95bf912dc9
3 changed files with 40 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
View file

@ -868,7 +868,8 @@ public class JpaRealmProvider implements RealmProvider, ClientProvider, ClientSc
// Defaults to openid-connect
String clientProtocol = client.getProtocol() == null ? OIDCLoginProtocol.LOGIN_PROTOCOL : client.getProtocol();
Map<String, ClientScopeModel> existingClientScopes = getClientScopes(realm, client, defaultScope);
Map<String, ClientScopeModel> existingClientScopes = getClientScopes(realm, client, true);
existingClientScopes.putAll(getClientScopes(realm, client, false));
clientScopes.stream()
.filter(clientScope -> ! existingClientScopes.containsKey(clientScope.getName()))

3
model/map/src/main/java/org/keycloak/models/map/client/MapClientProvider.java
View file

@ -298,7 +298,8 @@ public class MapClientProvider<K> implements ClientProvider {
LOG.tracef("addClientScopes(%s, %s, %s, %b)%s", realm, client, clientScopes, defaultScope, getShortStackTrace());
Map<String, ClientScopeModel> existingClientScopes = getClientScopes(realm, client, defaultScope);
Map<String, ClientScopeModel> existingClientScopes = getClientScopes(realm, client, true);
existingClientScopes.putAll(getClientScopes(realm, client, false));
clientScopes.stream()
.filter(clientScope -> ! existingClientScopes.containsKey(clientScope.getName()))

36
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientScopeTest.java
View file

@ -506,6 +506,42 @@ public class ClientScopeTest extends AbstractClientTest {
clientScopes().get(scopeId).remove();
}
@Test
public void updateClientWithDefaultScopeAssignedAsOptionalAndOpposite() {
// create client
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId("bar-client");
clientRep.setProtocol("openid-connect");
String clientUuid = createClient(clientRep);
getCleanup().addClientUuid(clientUuid);
// Create 2 client scopes
ClientScopeRepresentation scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-def");
scopeRep.setProtocol("openid-connect");
String scopeDefId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeDefId);
scopeRep = new ClientScopeRepresentation();
scopeRep.setName("scope-opt");
scopeRep.setProtocol("openid-connect");
String scopeOptId = createClientScope(scopeRep);
getCleanup().addClientScopeId(scopeOptId);
// assign "scope-def" as optional client scope to client
testRealmResource().clients().get(clientUuid).addOptionalClientScope(scopeDefId);
// assign "scope-opt" as default client scope to client
testRealmResource().clients().get(clientUuid).addDefaultClientScope(scopeOptId);
// Add scope-def as default and scope-opt as optional client scope within the realm
testRealmResource().addDefaultDefaultClientScope(scopeDefId);
testRealmResource().addDefaultOptionalClientScope(scopeOptId);
//update client - check it passes (it used to throw ModelDuplicateException before)
clientRep.setDescription("new_description");
testRealmResource().clients().get(clientUuid).update(clientRep);
}
private ClientScopesResource clientScopes() {
return testRealmResource().clientScopes();