Added PermissionTicket count test.

2021-01-25 15:09:28 +01:00 · 2021-01-25 15:09:28 +01:00 · b97f5eb128
commit b97f5eb128
parent 5a500055f6
4 changed files with 55 additions and 0 deletions
--- a/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
+++ b/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
@ -19,6 +19,7 @@ package org.keycloak.authorization.client.resource;

 import java.util.Arrays;
 import java.util.List;
+import java.util.Map;
 import java.util.concurrent.Callable;

 import com.fasterxml.jackson.core.type.TypeReference;
@ -58,6 +59,34 @@ public class PermissionResource {
        return create(request);
    }

+    public Long count(final String resourceId,
+                      final String scopeId,
+                      final String owner,
+                      final String requester,
+                      final Boolean granted,
+                      final Boolean returnNames) {
+        Callable<Map<String, Long>> callable = new Callable<Map<String, Long>>() {
+            @Override
+            public Map<String, Long> call() throws Exception {
+                return http.<Map<String, Long>>get(serverConfiguration.getPermissionEndpoint()+"/ticket/count")
+                        .authorizationBearer(pat.call())
+                        .param("resourceId", resourceId)
+                        .param("scopeId", scopeId)
+                        .param("owner", owner)
+                        .param("requester", requester)
+                        .param("granted", granted == null ? null : granted.toString())
+                        .param("returnNames", returnNames == null ? null : returnNames.toString())
+                        .response().json(new TypeReference<Map<String, Long>>(){}).execute();
+            }
+        };
+        try {
+            return callable.call().get("count");
+        } catch (Exception cause) {
+            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket count", cause)
+                    .get("count");
+        }
+    }
+
    /**
     * Creates a new permission ticket for a single resource and scope(s).
     *
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/authorization/StoreFactoryCacheSession.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/authorization/StoreFactoryCacheSession.java
@ -1114,6 +1114,11 @@ public class StoreFactoryCacheSession implements CachedStoreFactoryProvider {
    }

    protected class PermissionTicketCache implements PermissionTicketStore {
+        @Override
+        public long count(Map<String, String> attributes, String resourceServerId) {
+            return getPermissionTicketStoreDelegate().count(attributes, resourceServerId);
+        }
+
        @Override
        public PermissionTicket create(String resourceId, String scopeId, String requester, ResourceServer resourceServer) {
            PermissionTicket created = getPermissionTicketStoreDelegate().create(resourceId, scopeId, requester, resourceServer);
--- a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
@ -228,6 +228,7 @@ public class PermissionTicketService {

    @Path("/count")
    @GET
+    @Produces("application/json")
    public Response getResourceCount(@QueryParam("scopeId") String scopeId,
                                       @QueryParam("resourceId") String resourceId,
                                       @QueryParam("owner") String owner,
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/PermissionManagementTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/PermissionManagementTest.java
@ -448,4 +448,24 @@ public class PermissionManagementTest extends AbstractResourceServerTest {
      foundScope = expectedScopes.remove(tickets.get(1).getScopeName());
      assertTrue("Returned set of permission tickets must be only a sub-set as per pagination offset and specified page size.", foundScope);
    }
+
+    @Test
+    public void testPermissionCount() throws Exception {
+        String[] scopes = {"ScopeA", "ScopeB", "ScopeC", "ScopeD"};
+        ResourceRepresentation resource = addResource("Resource A", "kolo", true, scopes);
+        AuthzClient authzClient = getAuthzClient();
+        PermissionResponse response = authzClient.protection("marta", "password").permission().create(new PermissionRequest(resource.getId(), scopes));
+        AuthorizationRequest request = new AuthorizationRequest();
+        request.setTicket(response.getTicket());
+        request.setClaimToken(authzClient.obtainAccessToken("marta", "password").getToken());
+
+        try {
+            authzClient.authorization().authorize(request);
+        } catch (Exception ignored) {
+
+        }
+
+        Long ticketCount = getAuthzClient().protection().permission().count(resource.getId(), null, null, null, null, true);
+        assertEquals("Returned number of permissions tickets must match the amount of permission tickets.", Long.valueOf(4), ticketCount);
+    }
 }