Added PermissionTicket count test.

2021-01-25 15:09:28 +01:00 · 2021-01-25 15:09:28 +01:00 · b97f5eb128
commit b97f5eb128
parent 5a500055f6
4 changed files with 55 additions and 0 deletions
--- a/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
+++ b/authz/client/src/main/java/org/keycloak/authorization/client/resource/PermissionResource.java
@ -19,6 +19,7 @@ package org.keycloak.authorization.client.resource;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.Callable;
 import com.fasterxml.jackson.core.type.TypeReference;
@ -58,6 +59,34 @@ public class PermissionResource {
        return create(request);
    }
    public Long count(final String resourceId,
                      final String scopeId,
                      final String owner,
                      final String requester,
                      final Boolean granted,
                      final Boolean returnNames) {
        Callable<Map<String, Long>> callable = new Callable<Map<String, Long>>() {
            @Override
            public Map<String, Long> call() throws Exception {
                return http.<Map<String, Long>>get(serverConfiguration.getPermissionEndpoint()+"/ticket/count")
                        .authorizationBearer(pat.call())
                        .param("resourceId", resourceId)
                        .param("scopeId", scopeId)
                        .param("owner", owner)
                        .param("requester", requester)
                        .param("granted", granted == null ? null : granted.toString())
                        .param("returnNames", returnNames == null ? null : returnNames.toString())
                        .response().json(new TypeReference<Map<String, Long>>(){}).execute();
            }
        };
        try {
            return callable.call().get("count");
        } catch (Exception cause) {
            return Throwables.retryAndWrapExceptionIfNecessary(callable, pat, "Error querying permission ticket count", cause)
                    .get("count");
        }
    }
    /**
     * Creates a new permission ticket for a single resource and scope(s).
     *
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/authorization/StoreFactoryCacheSession.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/authorization/StoreFactoryCacheSession.java
@ -1114,6 +1114,11 @@ public class StoreFactoryCacheSession implements CachedStoreFactoryProvider {
    }
    protected class PermissionTicketCache implements PermissionTicketStore {
        @Override
        public long count(Map<String, String> attributes, String resourceServerId) {
            return getPermissionTicketStoreDelegate().count(attributes, resourceServerId);
        }
        @Override
        public PermissionTicket create(String resourceId, String scopeId, String requester, ResourceServer resourceServer) {
            PermissionTicket created = getPermissionTicketStoreDelegate().create(resourceId, scopeId, requester, resourceServer);
--- a/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
+++ b/services/src/main/java/org/keycloak/authorization/protection/permission/PermissionTicketService.java
@ -228,6 +228,7 @@ public class PermissionTicketService {
    @Path("/count")
    @GET
    @Produces("application/json")
    public Response getResourceCount(@QueryParam("scopeId") String scopeId,
                                       @QueryParam("resourceId") String resourceId,
                                       @QueryParam("owner") String owner,
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/PermissionManagementTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/PermissionManagementTest.java
@ -448,4 +448,24 @@ public class PermissionManagementTest extends AbstractResourceServerTest {
      foundScope = expectedScopes.remove(tickets.get(1).getScopeName());
      assertTrue("Returned set of permission tickets must be only a sub-set as per pagination offset and specified page size.", foundScope);
    }
    @Test
    public void testPermissionCount() throws Exception {
        String[] scopes = {"ScopeA", "ScopeB", "ScopeC", "ScopeD"};
        ResourceRepresentation resource = addResource("Resource A", "kolo", true, scopes);
        AuthzClient authzClient = getAuthzClient();
        PermissionResponse response = authzClient.protection("marta", "password").permission().create(new PermissionRequest(resource.getId(), scopes));
        AuthorizationRequest request = new AuthorizationRequest();
        request.setTicket(response.getTicket());
        request.setClaimToken(authzClient.obtainAccessToken("marta", "password").getToken());
        try {
            authzClient.authorization().authorize(request);
        } catch (Exception ignored) {
        }
        Long ticketCount = getAuthzClient().protection().permission().count(resource.getId(), null, null, null, null, true);
        assertEquals("Returned number of permissions tickets must match the amount of permission tickets.", Long.valueOf(4), ticketCount);
    }
 }