libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

[KEYCLOAK-13115] - Unable to add a role to a user if username query matches multiple acounts

Browse source
This commit is contained in:
Pedro Igor 2021-02-03 15:16:25 -03:00 committed by Marek Posolda
parent eb37a1ed69
commit ab9a38ec27
3 changed files with 32 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/operations/UserOperations.java
View file

@ -91,6 +91,7 @@ public class UserOperations {
}
public static String getIdFromUsername(String rootUrl, String realm, String auth, String username) {
return getIdForType(rootUrl, realm, auth, "users", "username", username, "username");
return getIdForType(rootUrl, realm, auth, "users", "username", username, "username",
() -> new String[] {"exact", "true"});
}
}

22
integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/util/HttpUtil.java
View file

@ -56,6 +56,7 @@ import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.function.Supplier;
import static org.keycloak.common.util.ObjectUtil.capitalize;
@ -68,6 +69,7 @@ public class HttpUtil {
public static final String APPLICATION_JSON = "application/json";
public static final String APPLICATION_FORM_URL_ENCODED = "application/x-www-form-urlencoded";
public static final String UTF_8 = "utf-8";
private static final String[] DEFAULT_QUERY_PARAMS = { "first", "0", "max", "2" };
private static HttpClient httpClient;
private static SSLConnectionSocketFactory sslsf;
@ -436,13 +438,29 @@ public class HttpUtil {
public static String getIdForType(String rootUrl, String realm, String auth, String resourceEndpoint, String attrName, String attrValue, String inputAttrName) {
return getAttrForType(rootUrl, realm, auth, resourceEndpoint, attrName, attrValue, inputAttrName, "id");
return getAttrForType(rootUrl, realm, auth, resourceEndpoint, attrName, attrValue, inputAttrName, "id", null);
}
public static String getIdForType(String rootUrl, String realm, String auth, String resourceEndpoint, String attrName, String attrValue, String inputAttrName, Supplier<String[]> endpointParams) {
return getAttrForType(rootUrl, realm, auth, resourceEndpoint, attrName, attrValue, inputAttrName, "id", endpointParams);
}
public static String getAttrForType(String rootUrl, String realm, String auth, String resourceEndpoint, String attrName, String attrValue, String inputAttrName, String returnAttrName) {
return getAttrForType(rootUrl, realm, auth, resourceEndpoint, attrName, attrValue, inputAttrName, returnAttrName, null);
}
public static String getAttrForType(String rootUrl, String realm, String auth, String resourceEndpoint, String attrName, String attrValue, String inputAttrName, String returnAttrName, Supplier<String[]> endpointParams) {
String resourceUrl = composeResourceUrl(rootUrl, realm, resourceEndpoint);
resourceUrl = HttpUtil.addQueryParamsToUri(resourceUrl, attrName, attrValue, "first", "0", "max", "2");
String[] defaultParams;
if (endpointParams == null) {
defaultParams = DEFAULT_QUERY_PARAMS;
} else {
defaultParams = endpointParams.get();
}
resourceUrl = HttpUtil.addQueryParamsToUri(resourceUrl, attrName, attrValue);
resourceUrl = HttpUtil.addQueryParamsToUri(resourceUrl, defaultParams);
List<ObjectNode> users = doGetJSON(RoleOperations.LIST_OF_NODES.class, resourceUrl, auth);

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTest.java
View file

@ -590,5 +590,14 @@ public class KcAdmTest extends AbstractAdmCliTest {
}
@Test
public void testGetUserNameExact() {
KcAdmExec.execute("config credentials --server " + serverUrl + " --realm master --user admin --password admin");
KcAdmExec.execute("create realms -s realm=demorealm -s enabled=true");
KcAdmExec.execute("create users -r demorealm -s username=testuser");
KcAdmExec.execute("create users -r demorealm -s username=anothertestuser");
KcAdmExec.execute("create users -r demorealm -s username=onemoretestuser");
KcAdmExec exec = execute("add-roles --uusername=testuser --rolename offline_access --target-realm=demorealm");
Assert.assertEquals(0, exec.exitCode());
}
}