KEYCLOAK-1327 Updated for client stats
This commit is contained in:
Stian Thorgersen
parent
6f164f0ee9
commit
a953b52eac
5 changed files with 46 additions and 106 deletions
|
|
@ -460,7 +460,7 @@ module.factory('RealmSessionStats', function($resource) {
|
|||
});
|
||||
|
||||
module.factory('RealmClientSessionStats', function($resource) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/client-by-id-session-stats', {
|
||||
return $resource(authUrl + '/admin/realms/:realm/client-session-stats', {
|
||||
realm : '@realm'
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ import javax.ws.rs.PUT;
|
|||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* @author rodrigo.sasaki@icarros.com.br
|
||||
|
|
@ -17,25 +19,29 @@ public interface RealmResource {
|
|||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public RealmRepresentation toRepresentation();
|
||||
RealmRepresentation toRepresentation();
|
||||
|
||||
@PUT
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void update(RealmRepresentation realmRepresentation);
|
||||
void update(RealmRepresentation realmRepresentation);
|
||||
|
||||
@Path("clients")
|
||||
public ClientsResource clients();
|
||||
ClientsResource clients();
|
||||
|
||||
@Path("users")
|
||||
public UsersResource users();
|
||||
UsersResource users();
|
||||
|
||||
@Path("roles")
|
||||
public RolesResource roles();
|
||||
RolesResource roles();
|
||||
|
||||
@Path("identity-provider")
|
||||
IdentityProvidersResource identityProviders();
|
||||
|
||||
@DELETE
|
||||
public void remove();
|
||||
void remove();
|
||||
|
||||
@Path("client-session-stats")
|
||||
@GET
|
||||
List<Map<String, String>> getClientSessionStats();
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -290,7 +290,7 @@ public class RealmAdminResource {
|
|||
}
|
||||
|
||||
/**
|
||||
* Returns a JSON map. The key is the client name, the value is the number of sessions that currently are active
|
||||
* Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
|
||||
* with that client. Only client's that actually have a session associated with them will be in this map.
|
||||
*
|
||||
* @return
|
||||
|
|
@ -299,29 +299,7 @@ public class RealmAdminResource {
|
|||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Deprecated
|
||||
public Map<String, Integer> getClientSessionStats() {
|
||||
auth.requireView();
|
||||
Map<String, Integer> stats = new HashMap<String, Integer>();
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
int size = session.sessions().getActiveUserSessions(client.getRealm(), client);
|
||||
if (size == 0) continue;
|
||||
stats.put(client.getClientId(), size);
|
||||
}
|
||||
return stats;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active
|
||||
* with that client. Only client's that actually have a session associated with them will be in this map.
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Path("client-by-id-session-stats")
|
||||
@GET
|
||||
@NoCache
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public List<Map<String, String>> getClientByIdSessionStats() {
|
||||
public List<Map<String, String>> getClientSessionStats() {
|
||||
auth.requireView();
|
||||
List<Map<String, String>> data = new LinkedList<Map<String, String>>();
|
||||
for (ClientModel client : realm.getClients()) {
|
||||
|
|
|
|||
|
|
@ -44,6 +44,7 @@ import org.keycloak.services.managers.RealmManager;
|
|||
import org.keycloak.services.managers.ResourceAdminManager;
|
||||
import org.keycloak.services.resources.admin.AdminRoot;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.pages.AccountSessionsPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
|
|
@ -65,6 +66,7 @@ import javax.ws.rs.core.HttpHeaders;
|
|||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
|
||||
|
|
@ -135,25 +137,6 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
webRule.after();
|
||||
}
|
||||
|
||||
protected String createAdminToken() {
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmManager manager = new RealmManager(session);
|
||||
|
||||
RealmModel adminRealm = manager.getRealm(Config.getAdminRealm());
|
||||
ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
TokenManager tm = new TokenManager();
|
||||
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
|
||||
ClientSessionModel clientSession = session.sessions().createClientSession(adminRealm, adminConsole);
|
||||
clientSession.setNote(OIDCLoginProtocol.ISSUER, AUTH_SERVER_URL + "/realms/master");
|
||||
UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "admin", null, "form", false, null, null);
|
||||
AccessToken token = tm.createClientAccessToken(session, TokenManager.getAccess(null, adminConsole, admin), adminRealm, adminConsole, admin, userSession, clientSession);
|
||||
return tm.encodeToken(adminRealm, token);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal");
|
||||
|
|
@ -212,27 +195,20 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// View stats
|
||||
String adminToken = createAdminToken();
|
||||
|
||||
Client client = ClientBuilder.newClient();
|
||||
UriBuilder authBase = UriBuilder.fromUri(AUTH_SERVER_URL);
|
||||
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
|
||||
Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
|
||||
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
|
||||
.get(new GenericType<Map<String, Integer>>() {
|
||||
});
|
||||
Integer custSessionsCount = stats.get("customer-portal");
|
||||
Assert.assertNotNull(custSessionsCount);
|
||||
Assert.assertEquals(1, custSessionsCount.intValue());
|
||||
Integer prodStatsCount = stats.get("product-portal");
|
||||
Assert.assertNotNull(prodStatsCount);
|
||||
Assert.assertTrue(1 == prodStatsCount);
|
||||
|
||||
client.close();
|
||||
|
||||
List<Map<String, String>> stats = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", "security-admin-console").realm("demo").getClientSessionStats();
|
||||
Map<String, String> customerPortalStats = null;
|
||||
Map<String, String> productPortalStats = null;
|
||||
for (Map<String, String> s : stats) {
|
||||
if (s.get("clientId").equals("customer-portal")) {
|
||||
customerPortalStats = s;
|
||||
} else if (s.get("clientId").equals("product-portal")) {
|
||||
productPortalStats = s;
|
||||
}
|
||||
}
|
||||
Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active")));
|
||||
Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active")));
|
||||
|
||||
// test logout
|
||||
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
|
|
@ -244,8 +220,6 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
loginPage.cancel();
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("Error Page"));
|
||||
|
||||
|
||||
}
|
||||
|
||||
public void testServletRequestLogout() throws Exception {
|
||||
|
|
@ -587,7 +561,7 @@ public class AdapterTestStrategy extends ExternalResource {
|
|||
|
||||
// logout mposolda with admin client
|
||||
Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
keycloakAdmin.realm("demo").clients().get("session-portal").logoutUser("mposolda");
|
||||
ApiUtil.findClientByClientId(keycloakAdmin.realm("demo"), "session-portal").logoutUser("mposolda");
|
||||
|
||||
// bburke should be still logged with original httpSession in our browser window
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ import org.junit.ClassRule;
|
|||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.ClientSessionModel;
|
||||
import org.keycloak.models.Constants;
|
||||
|
|
@ -56,6 +57,7 @@ import javax.ws.rs.core.HttpHeaders;
|
|||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URL;
|
||||
import java.security.PublicKey;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
|
|
@ -74,6 +76,8 @@ public class RelativeUriAdapterTest {
|
|||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
adminRealm.setPasswordCredentialGrantAllowed(true);
|
||||
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/demorealm-relative.json"), RealmRepresentation.class);
|
||||
RealmModel realm = manager.importRealm(representation);
|
||||
|
||||
|
|
@ -85,20 +89,9 @@ public class RelativeUriAdapterTest {
|
|||
deployApplication("customer-db", "/customer-db", CustomerDatabaseServlet.class, url.getPath(), "user");
|
||||
url = getClass().getResource("/adapter-test/product-keycloak-relative.json");
|
||||
deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user");
|
||||
ClientModel adminConsole = adminRealm.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
|
||||
TokenManager tm = new TokenManager();
|
||||
UserModel admin = session.users().getUserByUsername("admin", adminRealm);
|
||||
ClientSessionModel clientSession = session.sessions().createClientSession(realm, adminConsole);
|
||||
clientSession.setNote(OIDCLoginProtocol.ISSUER, "http://localhost:8081/auth/realms/master");
|
||||
UserSessionModel userSession = session.sessions().createUserSession(adminRealm, admin, "user", null, "form", false, null, null);
|
||||
AccessToken token = tm.createClientAccessToken(session, tm.getAccess(null, adminConsole, admin), adminRealm, adminConsole, admin, userSession, clientSession);
|
||||
adminToken = tm.encodeToken(adminRealm, token);
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
public static String adminToken;
|
||||
|
||||
@Rule
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
|
|
@ -115,42 +108,33 @@ public class RelativeUriAdapterTest {
|
|||
public void testLoginSSOAndLogout() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to("http://localhost:8081/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal");
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to("http://localhost:8081/product-portal");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/product-portal");
|
||||
pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// View stats
|
||||
Client client = ClientBuilder.newClient();
|
||||
UriBuilder authBase = UriBuilder.fromUri("http://localhost:8081/auth");
|
||||
WebTarget adminTarget = client.target(AdminRoot.realmsUrl(authBase)).path("demo");
|
||||
Map<String, Integer> stats = adminTarget.path("client-session-stats").request()
|
||||
.header(HttpHeaders.AUTHORIZATION, "Bearer " + adminToken)
|
||||
.get(new GenericType<Map<String, Integer>>(){});
|
||||
|
||||
Integer custSessionsCount = stats.get("customer-portal");
|
||||
Assert.assertNotNull(custSessionsCount);
|
||||
Assert.assertTrue(1 == custSessionsCount);
|
||||
Integer prodStatsCount = stats.get("product-portal");
|
||||
Assert.assertNotNull(prodStatsCount);
|
||||
Assert.assertTrue(1 == prodStatsCount);
|
||||
|
||||
client.close();
|
||||
|
||||
List<Map<String, String>> stats = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", "security-admin-console").realm("demo").getClientSessionStats();
|
||||
Map<String, String> customerPortalStats = null;
|
||||
Map<String, String> productPortalStats = null;
|
||||
for (Map<String, String> s : stats) {
|
||||
if (s.get("clientId").equals("customer-portal")) {
|
||||
customerPortalStats = s;
|
||||
} else if (s.get("clientId").equals("product-portal")) {
|
||||
productPortalStats = s;
|
||||
}
|
||||
}
|
||||
Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active")));
|
||||
Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active")));
|
||||
|
||||
// test logout
|
||||
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
|
|
@ -159,8 +143,6 @@ public class RelativeUriAdapterTest {
|
|||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to("http://localhost:8081/customer-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
Loading…
Reference in a new issue