Merge pull request #642 from patriot1burke/master
import console from export
This commit is contained in:
commit
ca97e7ba35
8 changed files with 661 additions and 617 deletions
|
@ -18,6 +18,7 @@ import org.keycloak.models.UserModel;
|
|||
import org.keycloak.models.UserSessionProvider;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
import org.keycloak.models.utils.RepresentationToModel;
|
||||
import org.keycloak.representations.idm.ApplicationRepresentation;
|
||||
import org.keycloak.representations.idm.RealmAuditRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.timer.TimerProvider;
|
||||
|
@ -115,6 +116,10 @@ public class RealmManager {
|
|||
return "realm-management";
|
||||
}
|
||||
|
||||
public String getRealmAdminApplicationName(RealmRepresentation realm) {
|
||||
return "realm-management";
|
||||
}
|
||||
|
||||
|
||||
|
||||
protected void setupRealmDefaults(RealmModel realm) {
|
||||
|
@ -208,20 +213,61 @@ public class RealmManager {
|
|||
if (id == null) {
|
||||
id = KeycloakModelUtils.generateId();
|
||||
}
|
||||
RealmModel realm = createRealm(id, rep.getRealm());
|
||||
importRealm(rep, realm);
|
||||
RealmModel realm = model.createRealm(id, rep.getRealm());
|
||||
realm.setName(rep.getRealm());
|
||||
|
||||
// setup defaults
|
||||
|
||||
setupRealmDefaults(realm);
|
||||
setupMasterAdminManagement(realm);
|
||||
if (!hasRealmAdminManagementApp(rep)) setupRealmAdminManagement(realm);
|
||||
if (!hasAccountManagementApp(rep)) setupAccountManagement(realm);
|
||||
if (!hasAdminConsoleApp(rep)) setupAdminConsole(realm);
|
||||
|
||||
RepresentationToModel.importRealm(session, rep, realm);
|
||||
|
||||
|
||||
if (realm.getAuditListeners().size() == 0) {
|
||||
realm.setAuditListeners(Collections.singleton("jboss-logging"));
|
||||
}
|
||||
|
||||
// Refresh periodic sync tasks for configured federationProviders
|
||||
List<UserFederationProviderModel> federationProviders = realm.getUserFederationProviders();
|
||||
UsersSyncManager usersSyncManager = new UsersSyncManager();
|
||||
for (final UserFederationProviderModel fedProvider : federationProviders) {
|
||||
usersSyncManager.refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), fedProvider, realm.getId());
|
||||
}
|
||||
return realm;
|
||||
}
|
||||
|
||||
public void importRealm(RealmRepresentation rep, RealmModel newRealm) {
|
||||
RepresentationToModel.importRealm(session, rep, newRealm);
|
||||
|
||||
// Refresh periodic sync tasks for configured federationProviders
|
||||
List<UserFederationProviderModel> federationProviders = newRealm.getUserFederationProviders();
|
||||
UsersSyncManager usersSyncManager = new UsersSyncManager();
|
||||
for (final UserFederationProviderModel fedProvider : federationProviders) {
|
||||
usersSyncManager.refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), fedProvider, newRealm.getId());
|
||||
private boolean hasRealmAdminManagementApp(RealmRepresentation rep) {
|
||||
if (rep.getApplications() == null) return false;
|
||||
for (ApplicationRepresentation app : rep.getApplications()) {
|
||||
if (app.getName().equals(getRealmAdminApplicationName(rep))) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private boolean hasAccountManagementApp(RealmRepresentation rep) {
|
||||
if (rep.getApplications() == null) return false;
|
||||
for (ApplicationRepresentation app : rep.getApplications()) {
|
||||
if (app.getName().equals(Constants.ACCOUNT_MANAGEMENT_APP)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private boolean hasAdminConsoleApp(RealmRepresentation rep) {
|
||||
if (rep.getApplications() == null) return false;
|
||||
for (ApplicationRepresentation app : rep.getApplications()) {
|
||||
if (app.getName().equals(Constants.ADMIN_CONSOLE_APPLICATION)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -217,8 +217,7 @@ public class KeycloakApplication extends Application {
|
|||
return;
|
||||
}
|
||||
|
||||
RealmModel realm = manager.createRealm(rep.getId(), rep.getRealm());
|
||||
manager.importRealm(rep, realm);
|
||||
RealmModel realm = manager.importRealm(rep);
|
||||
|
||||
log.info("Imported realm " + realm.getName() + " from " + from);
|
||||
|
||||
|
|
|
@ -246,8 +246,7 @@ public class KeycloakServer {
|
|||
return;
|
||||
}
|
||||
manager.setContextPath("/auth");
|
||||
RealmModel realm = manager.createRealm(rep.getId(), rep.getRealm());
|
||||
manager.importRealm(rep, realm);
|
||||
RealmModel realm = manager.importRealm(rep);
|
||||
|
||||
info("Imported realm " + realm.getName());
|
||||
|
||||
|
|
|
@ -1,198 +1,198 @@
|
|||
/*
|
||||
* JBoss, Home of Professional Open Source.
|
||||
* Copyright 2012, Red Hat, Inc., and individual contributors
|
||||
* as indicated by the @author tags. See the copyright.txt file in the
|
||||
* distribution for a full listing of individual contributors.
|
||||
*
|
||||
* This is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU Lesser General Public License as
|
||||
* published by the Free Software Foundation; either version 2.1 of
|
||||
* the License, or (at your option) any later version.
|
||||
*
|
||||
* This software is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this software; if not, write to the Free
|
||||
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||
*/
|
||||
package org.keycloak.testsuite.composites;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.ApplicationServlet;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.OAuthClient.AccessTokenResponse;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
import org.keycloak.testsuite.rule.WebResource;
|
||||
import org.keycloak.testsuite.rule.WebRule;
|
||||
import org.keycloak.testutils.KeycloakServer;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import java.security.PublicKey;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class CompositeImportRoleTest {
|
||||
|
||||
public static PublicKey realmPublicKey;
|
||||
@ClassRule
|
||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
RealmModel realm = manager.createRealm("Test");
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/testcomposite.json"), RealmRepresentation.class);
|
||||
manager.importRealm(representation, realm);
|
||||
|
||||
realmPublicKey = realm.getPublicKey();
|
||||
|
||||
deployServlet("app", "/app", ApplicationServlet.class);
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
@Rule
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
@WebResource
|
||||
protected WebDriver driver;
|
||||
|
||||
@WebResource
|
||||
protected OAuthClient oauth;
|
||||
|
||||
@WebResource
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Test
|
||||
public void testAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_COMPOSITE_APPLICATION");
|
||||
oauth.doLogin("APP_COMPOSITE_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testRealmAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_ROLE_APPLICATION");
|
||||
oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(2, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_COMPOSITE_1"));
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_ROLE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserRoleAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_ROLE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
/*
|
||||
* JBoss, Home of Professional Open Source.
|
||||
* Copyright 2012, Red Hat, Inc., and individual contributors
|
||||
* as indicated by the @author tags. See the copyright.txt file in the
|
||||
* distribution for a full listing of individual contributors.
|
||||
*
|
||||
* This is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU Lesser General Public License as
|
||||
* published by the Free Software Foundation; either version 2.1 of
|
||||
* the License, or (at your option) any later version.
|
||||
*
|
||||
* This software is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this software; if not, write to the Free
|
||||
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
|
||||
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
|
||||
*/
|
||||
package org.keycloak.testsuite.composites;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.ApplicationServlet;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.OAuthClient.AccessTokenResponse;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
import org.keycloak.testsuite.rule.WebResource;
|
||||
import org.keycloak.testsuite.rule.WebRule;
|
||||
import org.keycloak.testutils.KeycloakServer;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import java.security.PublicKey;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class CompositeImportRoleTest {
|
||||
|
||||
public static PublicKey realmPublicKey;
|
||||
@ClassRule
|
||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/testcomposite.json"), RealmRepresentation.class);
|
||||
representation.setId("Test");
|
||||
RealmModel realm = manager.importRealm(representation);
|
||||
|
||||
realmPublicKey = realm.getPublicKey();
|
||||
|
||||
deployServlet("app", "/app", ApplicationServlet.class);
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
@Rule
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
@WebResource
|
||||
protected WebDriver driver;
|
||||
|
||||
@WebResource
|
||||
protected OAuthClient oauth;
|
||||
|
||||
@WebResource
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@Test
|
||||
public void testAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_COMPOSITE_APPLICATION");
|
||||
oauth.doLogin("APP_COMPOSITE_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testRealmAppCompositeUser() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("APP_ROLE_APPLICATION");
|
||||
oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_APP_COMPOSITE_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
|
||||
Assert.assertTrue(token.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(2, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_COMPOSITE_1"));
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_ROLE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_COMPOSITE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRealmOnlyWithUserRoleAppComposite() throws Exception {
|
||||
oauth.realm("Test");
|
||||
oauth.realmPublicKey(realmPublicKey);
|
||||
oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
|
||||
oauth.doLogin("REALM_ROLE_1_USER", "password");
|
||||
|
||||
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
|
||||
AccessTokenResponse response = oauth.doAccessTokenRequest(code, "password");
|
||||
|
||||
Assert.assertEquals(200, response.getStatusCode());
|
||||
|
||||
Assert.assertEquals("bearer", response.getTokenType());
|
||||
|
||||
AccessToken token = oauth.verifyToken(response.getAccessToken());
|
||||
|
||||
Assert.assertEquals(keycloakRule.getUser("Test", "REALM_ROLE_1_USER").getId(), token.getSubject());
|
||||
|
||||
Assert.assertEquals(1, token.getRealmAccess().getRoles().size());
|
||||
Assert.assertTrue(token.getRealmAccess().isUserInRole("REALM_ROLE_1"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -1,397 +1,397 @@
|
|||
package org.keycloak.testsuite.exportimport;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExternalResource;
|
||||
import org.junit.rules.RuleChain;
|
||||
import org.junit.rules.TestRule;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.exportimport.ExportImportConfig;
|
||||
import org.keycloak.exportimport.dir.DirExportProvider;
|
||||
import org.keycloak.exportimport.dir.DirExportProviderFactory;
|
||||
import org.keycloak.exportimport.singlefile.SingleFileExportProviderFactory;
|
||||
import org.keycloak.exportimport.zip.ZipExportProviderFactory;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RealmProvider;
|
||||
import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.UserProvider;
|
||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.model.AbstractModelTest;
|
||||
import org.keycloak.testsuite.model.ImportTest;
|
||||
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
import java.util.Set;
|
||||
import java.util.regex.Matcher;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
public class ExportImportTest {
|
||||
|
||||
private static SystemPropertiesHelper propsHelper = new SystemPropertiesHelper();
|
||||
|
||||
private static final String JPA_CONNECTION_URL = "keycloak.connectionsJpa.url";
|
||||
private static final String JPA_DB_SCHEMA = "keycloak.connectionsJpa.databaseSchema";
|
||||
private static final String MONGO_CLEAR_ON_STARTUP = "keycloak.connectionsMongo.clearOnStartup";
|
||||
|
||||
// We want data to be persisted among server restarts
|
||||
private static ExternalResource persistenceSetupRule = new ExternalResource() {
|
||||
|
||||
private boolean connectionURLSet = false;
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
if (System.getProperty(JPA_CONNECTION_URL) == null) {
|
||||
String baseExportImportDir = getExportImportTestDirectory();
|
||||
|
||||
File oldDBFile = new File(baseExportImportDir, "keycloakDB.h2.db");
|
||||
if (oldDBFile.exists()) {
|
||||
oldDBFile.delete();
|
||||
}
|
||||
|
||||
String dbDir = baseExportImportDir + "/keycloakDB";
|
||||
propsHelper.pushProperty(JPA_CONNECTION_URL, "jdbc:h2:file:" + dbDir + ";DB_CLOSE_DELAY=-1");
|
||||
connectionURLSet = true;
|
||||
}
|
||||
propsHelper.pushProperty(JPA_DB_SCHEMA, "create");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
if (connectionURLSet) {
|
||||
propsHelper.pullProperty(JPA_CONNECTION_URL);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
private static ExternalResource outerPersistenceSetupRule = new ExternalResource() {
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
System.setProperty(JPA_DB_SCHEMA, "update");
|
||||
propsHelper.pushProperty(MONGO_CLEAR_ON_STARTUP, "false");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
propsHelper.pullProperty(JPA_DB_SCHEMA);
|
||||
propsHelper.pullProperty(MONGO_CLEAR_ON_STARTUP);
|
||||
}
|
||||
};
|
||||
|
||||
private static KeycloakRule keycloakRule = new KeycloakRule( new KeycloakRule.KeycloakSetup() {
|
||||
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
// Create some users in "test" and "master" realms
|
||||
addUser(manager.getSession().users(), appRealm, "user1", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user2", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user3", "password");
|
||||
addUser(manager.getSession().users(), adminstrationRealm, "admin2", "admin2");
|
||||
|
||||
// Import "test-realm" realm
|
||||
try {
|
||||
RealmRepresentation rep = AbstractModelTest.loadJson("model/testrealm.json");
|
||||
RealmModel demoRealm = manager.createRealm("test-realm", rep.getRealm());
|
||||
manager.importRealm(rep, demoRealm);
|
||||
} catch (IOException ioe) {
|
||||
throw new RuntimeException(ioe);
|
||||
}
|
||||
}
|
||||
|
||||
}) {
|
||||
@Override
|
||||
protected void after() {
|
||||
super.after();
|
||||
|
||||
// Clear export/import properties after test
|
||||
Properties systemProps = System.getProperties();
|
||||
Set<String> propsToRemove = new HashSet<String>();
|
||||
|
||||
for (Object key : systemProps.keySet()) {
|
||||
if (key.toString().startsWith(ExportImportConfig.PREFIX)) {
|
||||
propsToRemove.add(key.toString());
|
||||
}
|
||||
}
|
||||
|
||||
for (String propToRemove : propsToRemove) {
|
||||
systemProps.remove(propToRemove);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@ClassRule
|
||||
public static TestRule chain = RuleChain
|
||||
.outerRule(persistenceSetupRule)
|
||||
.around(keycloakRule)
|
||||
.around(outerPersistenceSetupRule);
|
||||
|
||||
@Test
|
||||
public void testDirFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(DirExportProviderFactory.PROVIDER_ID);
|
||||
String targetDirPath = getExportImportTestDirectory() + File.separator + "dirExport";
|
||||
DirExportProvider.recursiveDeleteDir(new File(targetDirPath));
|
||||
ExportImportConfig.setDir(targetDirPath);
|
||||
ExportImportConfig.setUsersPerFile(ExportImportConfig.DEFAULT_USERS_PER_FILE);
|
||||
|
||||
testFullExportImport();
|
||||
|
||||
// There should be 6 files in target directory (3 realm, 3 user)
|
||||
Assert.assertEquals(6, new File(targetDirPath).listFiles().length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDirRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(DirExportProviderFactory.PROVIDER_ID);
|
||||
String targetDirPath = getExportImportTestDirectory() + File.separator + "dirRealmExport";
|
||||
DirExportProvider.recursiveDeleteDir(new File(targetDirPath));
|
||||
ExportImportConfig.setDir(targetDirPath);
|
||||
ExportImportConfig.setUsersPerFile(3);
|
||||
|
||||
testRealmExportImport();
|
||||
|
||||
// There should be 3 files in target directory (1 realm, 2 user)
|
||||
Assert.assertEquals(3, new File(targetDirPath).listFiles().length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSingleFileFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
|
||||
String targetFilePath = getExportImportTestDirectory() + File.separator + "singleFile-full.json";
|
||||
ExportImportConfig.setFile(targetFilePath);
|
||||
|
||||
testFullExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSingleFileRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
|
||||
String targetFilePath = getExportImportTestDirectory() + File.separator + "singleFile-realm.json";
|
||||
ExportImportConfig.setFile(targetFilePath);
|
||||
|
||||
testRealmExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testZipFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(ZipExportProviderFactory.PROVIDER_ID);
|
||||
String zipFilePath = getExportImportTestDirectory() + File.separator + "export-full.zip";
|
||||
new File(zipFilePath).delete();
|
||||
ExportImportConfig.setZipFile(zipFilePath);
|
||||
ExportImportConfig.setZipPassword("encPassword");
|
||||
ExportImportConfig.setUsersPerFile(ExportImportConfig.DEFAULT_USERS_PER_FILE);
|
||||
|
||||
testFullExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testZipRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(ZipExportProviderFactory.PROVIDER_ID);
|
||||
String zipFilePath = getExportImportTestDirectory() + File.separator + "export-realm.zip";
|
||||
new File(zipFilePath).delete();
|
||||
ExportImportConfig.setZipFile(zipFilePath);
|
||||
ExportImportConfig.setZipPassword("encPassword");
|
||||
ExportImportConfig.setUsersPerFile(3);
|
||||
|
||||
testRealmExportImport();
|
||||
}
|
||||
|
||||
private void testFullExportImport() {
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_EXPORT);
|
||||
ExportImportConfig.setRealmName(null);
|
||||
|
||||
// Restart server, which triggers export
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Delete some realm (and some data in admin realm)
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
|
||||
// Configure import
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_IMPORT);
|
||||
|
||||
// Restart server, which triggers import
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Ensure data are imported back
|
||||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider model = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, model.getRealms().size());
|
||||
|
||||
assertAuthenticated(userProvider, model, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, model, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user2", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user3", "password");
|
||||
|
||||
RealmModel testRealmRealm = model.getRealm("test-realm");
|
||||
ImportTest.assertDataImportedInRealm(session, testRealmRealm);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
private void testRealmExportImport() {
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_EXPORT);
|
||||
ExportImportConfig.setRealmName("test");
|
||||
|
||||
// Restart server, which triggers export
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Delete some realm (and some data in admin realm)
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
|
||||
// Configure import
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_IMPORT);
|
||||
|
||||
// Restart server, which triggers import
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Ensure data are imported back, but just for "test" realm
|
||||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, realmProvider.getRealms().size());
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
|
||||
addUser(userProvider, realmProvider.getRealmByName(Config.getAdminRealm()), "admin2", "admin2");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
private void assertAuthenticated(UserProvider userProvider, RealmProvider realmProvider, String realmName, String username, String password) {
|
||||
RealmModel realm = realmProvider.getRealmByName(realmName);
|
||||
if (realm == null) {
|
||||
Assert.fail("realm " + realmName + " not found");
|
||||
}
|
||||
|
||||
UserModel user = userProvider.getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
Assert.fail("user " + username + " not found");
|
||||
}
|
||||
|
||||
Assert.assertTrue(userProvider.validCredentials(realm, user, UserCredentialModel.password(password)));
|
||||
}
|
||||
|
||||
private void assertNotAuthenticated(UserProvider userProvider, RealmProvider realmProvider, String realmName, String username, String password) {
|
||||
RealmModel realm = realmProvider.getRealmByName(realmName);
|
||||
if (realm == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
UserModel user = userProvider.getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
Assert.assertFalse(userProvider.validCredentials(realm, user, UserCredentialModel.password(password)));
|
||||
}
|
||||
|
||||
private static void addUser(UserProvider userProvider, RealmModel appRealm, String username, String password) {
|
||||
UserModel user = userProvider.addUser(appRealm, username);
|
||||
user.setEmail(username + "@test.com");
|
||||
user.setEnabled(true);
|
||||
|
||||
UserCredentialModel creds = new UserCredentialModel();
|
||||
creds.setType(CredentialRepresentation.PASSWORD);
|
||||
creds.setValue(password);
|
||||
user.updateCredential(creds);
|
||||
}
|
||||
|
||||
private static String getExportImportTestDirectory() {
|
||||
String dirPath = null;
|
||||
String relativeDirExportImportPath = "testsuite" + File.separator + "integration" + File.separator + "target" + File.separator + "export-import";
|
||||
|
||||
if (System.getProperties().containsKey("maven.home")) {
|
||||
dirPath = System.getProperty("user.dir").replaceFirst("testsuite.integration.*", Matcher.quoteReplacement(relativeDirExportImportPath));
|
||||
} else {
|
||||
for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) {
|
||||
if (c.contains(File.separator + "testsuite" + File.separator + "integration")) {
|
||||
dirPath = c.replaceFirst("testsuite.integration.*", Matcher.quoteReplacement(relativeDirExportImportPath));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
String absolutePath = new File(dirPath).getAbsolutePath();
|
||||
return absolutePath;
|
||||
}
|
||||
|
||||
private static class SystemPropertiesHelper {
|
||||
|
||||
private Map<String,String> previousValues = new HashMap<String,String>();
|
||||
|
||||
private void pushProperty(String name, String value) {
|
||||
String currentValue = System.getProperty(name);
|
||||
if (currentValue != null) {
|
||||
previousValues.put(name, currentValue);
|
||||
}
|
||||
System.setProperty(name, value);
|
||||
}
|
||||
|
||||
private void pullProperty(String name) {
|
||||
String prevValue = previousValues.get(name);
|
||||
|
||||
if (prevValue == null) {
|
||||
System.getProperties().remove(name);
|
||||
} else {
|
||||
System.setProperty(name, prevValue);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
package org.keycloak.testsuite.exportimport;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExternalResource;
|
||||
import org.junit.rules.RuleChain;
|
||||
import org.junit.rules.TestRule;
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.exportimport.ExportImportConfig;
|
||||
import org.keycloak.exportimport.dir.DirExportProvider;
|
||||
import org.keycloak.exportimport.dir.DirExportProviderFactory;
|
||||
import org.keycloak.exportimport.singlefile.SingleFileExportProviderFactory;
|
||||
import org.keycloak.exportimport.zip.ZipExportProviderFactory;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RealmProvider;
|
||||
import org.keycloak.models.UserCredentialModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.UserProvider;
|
||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.model.AbstractModelTest;
|
||||
import org.keycloak.testsuite.model.ImportTest;
|
||||
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
import java.util.Set;
|
||||
import java.util.regex.Matcher;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
public class ExportImportTest {
|
||||
|
||||
private static SystemPropertiesHelper propsHelper = new SystemPropertiesHelper();
|
||||
|
||||
private static final String JPA_CONNECTION_URL = "keycloak.connectionsJpa.url";
|
||||
private static final String JPA_DB_SCHEMA = "keycloak.connectionsJpa.databaseSchema";
|
||||
private static final String MONGO_CLEAR_ON_STARTUP = "keycloak.connectionsMongo.clearOnStartup";
|
||||
|
||||
// We want data to be persisted among server restarts
|
||||
private static ExternalResource persistenceSetupRule = new ExternalResource() {
|
||||
|
||||
private boolean connectionURLSet = false;
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
if (System.getProperty(JPA_CONNECTION_URL) == null) {
|
||||
String baseExportImportDir = getExportImportTestDirectory();
|
||||
|
||||
File oldDBFile = new File(baseExportImportDir, "keycloakDB.h2.db");
|
||||
if (oldDBFile.exists()) {
|
||||
oldDBFile.delete();
|
||||
}
|
||||
|
||||
String dbDir = baseExportImportDir + "/keycloakDB";
|
||||
propsHelper.pushProperty(JPA_CONNECTION_URL, "jdbc:h2:file:" + dbDir + ";DB_CLOSE_DELAY=-1");
|
||||
connectionURLSet = true;
|
||||
}
|
||||
propsHelper.pushProperty(JPA_DB_SCHEMA, "create");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
if (connectionURLSet) {
|
||||
propsHelper.pullProperty(JPA_CONNECTION_URL);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
private static ExternalResource outerPersistenceSetupRule = new ExternalResource() {
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
System.setProperty(JPA_DB_SCHEMA, "update");
|
||||
propsHelper.pushProperty(MONGO_CLEAR_ON_STARTUP, "false");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
propsHelper.pullProperty(JPA_DB_SCHEMA);
|
||||
propsHelper.pullProperty(MONGO_CLEAR_ON_STARTUP);
|
||||
}
|
||||
};
|
||||
|
||||
private static KeycloakRule keycloakRule = new KeycloakRule( new KeycloakRule.KeycloakSetup() {
|
||||
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
// Create some users in "test" and "master" realms
|
||||
addUser(manager.getSession().users(), appRealm, "user1", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user2", "password");
|
||||
addUser(manager.getSession().users(), appRealm, "user3", "password");
|
||||
addUser(manager.getSession().users(), adminstrationRealm, "admin2", "admin2");
|
||||
|
||||
// Import "test-realm" realm
|
||||
try {
|
||||
RealmRepresentation rep = AbstractModelTest.loadJson("model/testrealm.json");
|
||||
rep.setId("test-realm");
|
||||
RealmModel demoRealm = manager.importRealm(rep);
|
||||
} catch (IOException ioe) {
|
||||
throw new RuntimeException(ioe);
|
||||
}
|
||||
}
|
||||
|
||||
}) {
|
||||
@Override
|
||||
protected void after() {
|
||||
super.after();
|
||||
|
||||
// Clear export/import properties after test
|
||||
Properties systemProps = System.getProperties();
|
||||
Set<String> propsToRemove = new HashSet<String>();
|
||||
|
||||
for (Object key : systemProps.keySet()) {
|
||||
if (key.toString().startsWith(ExportImportConfig.PREFIX)) {
|
||||
propsToRemove.add(key.toString());
|
||||
}
|
||||
}
|
||||
|
||||
for (String propToRemove : propsToRemove) {
|
||||
systemProps.remove(propToRemove);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@ClassRule
|
||||
public static TestRule chain = RuleChain
|
||||
.outerRule(persistenceSetupRule)
|
||||
.around(keycloakRule)
|
||||
.around(outerPersistenceSetupRule);
|
||||
|
||||
@Test
|
||||
public void testDirFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(DirExportProviderFactory.PROVIDER_ID);
|
||||
String targetDirPath = getExportImportTestDirectory() + File.separator + "dirExport";
|
||||
DirExportProvider.recursiveDeleteDir(new File(targetDirPath));
|
||||
ExportImportConfig.setDir(targetDirPath);
|
||||
ExportImportConfig.setUsersPerFile(ExportImportConfig.DEFAULT_USERS_PER_FILE);
|
||||
|
||||
testFullExportImport();
|
||||
|
||||
// There should be 6 files in target directory (3 realm, 3 user)
|
||||
Assert.assertEquals(6, new File(targetDirPath).listFiles().length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDirRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(DirExportProviderFactory.PROVIDER_ID);
|
||||
String targetDirPath = getExportImportTestDirectory() + File.separator + "dirRealmExport";
|
||||
DirExportProvider.recursiveDeleteDir(new File(targetDirPath));
|
||||
ExportImportConfig.setDir(targetDirPath);
|
||||
ExportImportConfig.setUsersPerFile(3);
|
||||
|
||||
testRealmExportImport();
|
||||
|
||||
// There should be 3 files in target directory (1 realm, 2 user)
|
||||
Assert.assertEquals(3, new File(targetDirPath).listFiles().length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSingleFileFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
|
||||
String targetFilePath = getExportImportTestDirectory() + File.separator + "singleFile-full.json";
|
||||
ExportImportConfig.setFile(targetFilePath);
|
||||
|
||||
testFullExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSingleFileRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
|
||||
String targetFilePath = getExportImportTestDirectory() + File.separator + "singleFile-realm.json";
|
||||
ExportImportConfig.setFile(targetFilePath);
|
||||
|
||||
testRealmExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testZipFullExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(ZipExportProviderFactory.PROVIDER_ID);
|
||||
String zipFilePath = getExportImportTestDirectory() + File.separator + "export-full.zip";
|
||||
new File(zipFilePath).delete();
|
||||
ExportImportConfig.setZipFile(zipFilePath);
|
||||
ExportImportConfig.setZipPassword("encPassword");
|
||||
ExportImportConfig.setUsersPerFile(ExportImportConfig.DEFAULT_USERS_PER_FILE);
|
||||
|
||||
testFullExportImport();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testZipRealmExportImport() throws Throwable {
|
||||
ExportImportConfig.setProvider(ZipExportProviderFactory.PROVIDER_ID);
|
||||
String zipFilePath = getExportImportTestDirectory() + File.separator + "export-realm.zip";
|
||||
new File(zipFilePath).delete();
|
||||
ExportImportConfig.setZipFile(zipFilePath);
|
||||
ExportImportConfig.setZipPassword("encPassword");
|
||||
ExportImportConfig.setUsersPerFile(3);
|
||||
|
||||
testRealmExportImport();
|
||||
}
|
||||
|
||||
private void testFullExportImport() {
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_EXPORT);
|
||||
ExportImportConfig.setRealmName(null);
|
||||
|
||||
// Restart server, which triggers export
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Delete some realm (and some data in admin realm)
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
|
||||
// Configure import
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_IMPORT);
|
||||
|
||||
// Restart server, which triggers import
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Ensure data are imported back
|
||||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider model = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, model.getRealms().size());
|
||||
|
||||
assertAuthenticated(userProvider, model, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, model, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user2", "password");
|
||||
assertAuthenticated(userProvider, model, "test", "user3", "password");
|
||||
|
||||
RealmModel testRealmRealm = model.getRealm("test-realm");
|
||||
ImportTest.assertDataImportedInRealm(session, testRealmRealm);
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
private void testRealmExportImport() {
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_EXPORT);
|
||||
ExportImportConfig.setRealmName("test");
|
||||
|
||||
// Restart server, which triggers export
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Delete some realm (and some data in admin realm)
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
new RealmManager(session).removeRealm(realmProvider.getRealmByName("test"));
|
||||
Assert.assertEquals(2, realmProvider.getRealms().size());
|
||||
|
||||
RealmModel master = realmProvider.getRealmByName(Config.getAdminRealm());
|
||||
UserModel admin2 = session.users().getUserByUsername("admin2", master);
|
||||
session.users().removeUser(master, admin2);
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertNotAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
|
||||
// Configure import
|
||||
ExportImportConfig.setAction(ExportImportConfig.ACTION_IMPORT);
|
||||
|
||||
// Restart server, which triggers import
|
||||
keycloakRule.restartServer();
|
||||
|
||||
// Ensure data are imported back, but just for "test" realm
|
||||
session = keycloakRule.startSession();
|
||||
try {
|
||||
RealmProvider realmProvider = session.realms();
|
||||
UserProvider userProvider = session.users();
|
||||
Assert.assertEquals(3, realmProvider.getRealms().size());
|
||||
|
||||
assertNotAuthenticated(userProvider, realmProvider, Config.getAdminRealm(), "admin2", "admin2");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "test-user@localhost", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user1", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user2", "password");
|
||||
assertAuthenticated(userProvider, realmProvider, "test", "user3", "password");
|
||||
|
||||
addUser(userProvider, realmProvider.getRealmByName(Config.getAdminRealm()), "admin2", "admin2");
|
||||
} finally {
|
||||
keycloakRule.stopSession(session, true);
|
||||
}
|
||||
}
|
||||
|
||||
private void assertAuthenticated(UserProvider userProvider, RealmProvider realmProvider, String realmName, String username, String password) {
|
||||
RealmModel realm = realmProvider.getRealmByName(realmName);
|
||||
if (realm == null) {
|
||||
Assert.fail("realm " + realmName + " not found");
|
||||
}
|
||||
|
||||
UserModel user = userProvider.getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
Assert.fail("user " + username + " not found");
|
||||
}
|
||||
|
||||
Assert.assertTrue(userProvider.validCredentials(realm, user, UserCredentialModel.password(password)));
|
||||
}
|
||||
|
||||
private void assertNotAuthenticated(UserProvider userProvider, RealmProvider realmProvider, String realmName, String username, String password) {
|
||||
RealmModel realm = realmProvider.getRealmByName(realmName);
|
||||
if (realm == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
UserModel user = userProvider.getUserByUsername(username, realm);
|
||||
if (user == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
Assert.assertFalse(userProvider.validCredentials(realm, user, UserCredentialModel.password(password)));
|
||||
}
|
||||
|
||||
private static void addUser(UserProvider userProvider, RealmModel appRealm, String username, String password) {
|
||||
UserModel user = userProvider.addUser(appRealm, username);
|
||||
user.setEmail(username + "@test.com");
|
||||
user.setEnabled(true);
|
||||
|
||||
UserCredentialModel creds = new UserCredentialModel();
|
||||
creds.setType(CredentialRepresentation.PASSWORD);
|
||||
creds.setValue(password);
|
||||
user.updateCredential(creds);
|
||||
}
|
||||
|
||||
private static String getExportImportTestDirectory() {
|
||||
String dirPath = null;
|
||||
String relativeDirExportImportPath = "testsuite" + File.separator + "integration" + File.separator + "target" + File.separator + "export-import";
|
||||
|
||||
if (System.getProperties().containsKey("maven.home")) {
|
||||
dirPath = System.getProperty("user.dir").replaceFirst("testsuite.integration.*", Matcher.quoteReplacement(relativeDirExportImportPath));
|
||||
} else {
|
||||
for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) {
|
||||
if (c.contains(File.separator + "testsuite" + File.separator + "integration")) {
|
||||
dirPath = c.replaceFirst("testsuite.integration.*", Matcher.quoteReplacement(relativeDirExportImportPath));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
String absolutePath = new File(dirPath).getAbsolutePath();
|
||||
return absolutePath;
|
||||
}
|
||||
|
||||
private static class SystemPropertiesHelper {
|
||||
|
||||
private Map<String,String> previousValues = new HashMap<String,String>();
|
||||
|
||||
private void pushProperty(String name, String value) {
|
||||
String currentValue = System.getProperty(name);
|
||||
if (currentValue != null) {
|
||||
previousValues.put(name, currentValue);
|
||||
}
|
||||
System.setProperty(name, value);
|
||||
}
|
||||
|
||||
private void pullProperty(String name) {
|
||||
String prevValue = previousValues.get(name);
|
||||
|
||||
if (prevValue == null) {
|
||||
System.getProperties().remove(name);
|
||||
} else {
|
||||
System.setProperty(name, prevValue);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -24,8 +24,8 @@ public class CompositeRolesModelTest extends AbstractModelTest {
|
|||
super.before();
|
||||
RealmManager manager = realmManager;
|
||||
RealmRepresentation rep = AbstractModelTest.loadJson("model/testcomposites.json");
|
||||
RealmModel realm = manager.createRealm("TestComposites", rep.getRealm());
|
||||
manager.importRealm(rep, realm);
|
||||
rep.setId("TestComposites");
|
||||
RealmModel realm = manager.importRealm(rep);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -43,8 +43,8 @@ public class ImportTest extends AbstractModelTest {
|
|||
@Test
|
||||
public void install() throws Exception {
|
||||
RealmRepresentation rep = AbstractModelTest.loadJson("model/testrealm.json");
|
||||
RealmModel realm = realmManager.createRealm("demo", rep.getRealm());
|
||||
realmManager.importRealm(rep, realm);
|
||||
rep.setId("demo");
|
||||
RealmModel realm = realmManager.importRealm(rep);
|
||||
|
||||
// Commit after import
|
||||
commit();
|
||||
|
@ -216,8 +216,8 @@ public class ImportTest extends AbstractModelTest {
|
|||
public void install2() throws Exception {
|
||||
RealmManager manager = realmManager;
|
||||
RealmRepresentation rep = AbstractModelTest.loadJson("model/testrealm-demo.json");
|
||||
RealmModel realm = manager.createRealm("demo", rep.getRealm());
|
||||
manager.importRealm(rep, realm);
|
||||
rep.setId("demo");
|
||||
RealmModel realm =manager.importRealm(rep);
|
||||
|
||||
Assert.assertFalse(realm.isUpdateProfileOnInitialSocialLogin());
|
||||
Assert.assertEquals(600, realm.getAccessCodeLifespanUserAction());
|
||||
|
|
|
@ -69,8 +69,8 @@ public class ModelTest extends AbstractModelTest {
|
|||
private RealmModel importExport(RealmModel src, String copyName) {
|
||||
RealmRepresentation representation = ModelToRepresentation.toRepresentation(src);
|
||||
representation.setRealm(copyName);
|
||||
RealmModel copy = realmManager.createRealm(copyName);
|
||||
realmManager.importRealm(representation, copy);
|
||||
representation.setId(copyName);
|
||||
RealmModel copy = realmManager.importRealm(representation);
|
||||
return realmManager.getRealm(copy.getId());
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue