KEYCLOAK-8419: Make most act mgt APIs only active in preview mode

This commit is contained in:
Stan Silvert 2018-10-01 14:41:48 -04:00
parent b4b3527df7
commit dba513c921
2 changed files with 24 additions and 2 deletions

View file

@ -47,6 +47,7 @@ import javax.ws.rs.core.Response;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.keycloak.common.Profile;
/** /**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a> * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@ -205,6 +206,7 @@ public class AccountRestService {
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@NoCache @NoCache
public Response sessions() { public Response sessions() {
checkAccount2Enabled();
List<SessionRepresentation> reps = new LinkedList<>(); List<SessionRepresentation> reps = new LinkedList<>();
List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user); List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
@ -242,6 +244,7 @@ public class AccountRestService {
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@NoCache @NoCache
public Response sessionsLogout(@QueryParam("current") boolean removeCurrent) { public Response sessionsLogout(@QueryParam("current") boolean removeCurrent) {
checkAccount2Enabled();
UserSessionModel userSession = auth.getSession(); UserSessionModel userSession = auth.getSession();
List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user); List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
@ -265,6 +268,7 @@ public class AccountRestService {
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@NoCache @NoCache
public Response sessionLogout(@QueryParam("id") String id) { public Response sessionLogout(@QueryParam("id") String id) {
checkAccount2Enabled();
UserSessionModel userSession = session.sessions().getUserSession(realm, id); UserSessionModel userSession = session.sessions().getUserSession(realm, id);
if (userSession != null && userSession.getUser().equals(user)) { if (userSession != null && userSession.getUser().equals(user)) {
AuthenticationManager.backchannelLogout(session, userSession, true); AuthenticationManager.backchannelLogout(session, userSession, true);
@ -274,6 +278,7 @@ public class AccountRestService {
@Path("/credentials") @Path("/credentials")
public AccountCredentialResource credentials() { public AccountCredentialResource credentials() {
checkAccount2Enabled();
return new AccountCredentialResource(session, event, user); return new AccountCredentialResource(session, event, user);
} }
@ -281,4 +286,9 @@ public class AccountRestService {
// TODO Applications // TODO Applications
// TODO Logs // TODO Logs
private static void checkAccount2Enabled() {
if (!Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2)) {
throw new NotFoundException();
}
}
} }

View file

@ -34,7 +34,6 @@ import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.util.TokenUtil; import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.UserBuilder; import org.keycloak.testsuite.util.UserBuilder;
import javax.ws.rs.core.Response;
import java.io.IOException; import java.io.IOException;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
@ -43,6 +42,9 @@ import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.junit.Assert.*; import static org.junit.Assert.*;
import org.keycloak.services.messages.Messages; import org.keycloak.services.messages.Messages;
import static org.keycloak.common.Profile.Feature.ACCOUNT2;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
/** /**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a> * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/ */
@ -187,6 +189,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
@Test @Test
public void testGetSessions() throws IOException { public void testGetSessions() throws IOException {
assumeFeatureEnabled(ACCOUNT2);
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {}); List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
assertEquals(1, sessions.size()); assertEquals(1, sessions.size());
@ -194,11 +198,15 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
@Test @Test
public void testGetPasswordDetails() throws IOException { public void testGetPasswordDetails() throws IOException {
assumeFeatureEnabled(ACCOUNT2);
getPasswordDetails(); getPasswordDetails();
} }
@Test @Test
public void testPostPasswordUpdate() throws IOException { public void testPostPasswordUpdate() throws IOException {
assumeFeatureEnabled(ACCOUNT2);
//Get the time of lastUpdate //Get the time of lastUpdate
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails(); AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
@ -222,6 +230,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
@Test @Test
public void testPasswordConfirmation() throws IOException { public void testPasswordConfirmation() throws IOException {
assumeFeatureEnabled(ACCOUNT2);
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400); updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200); updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
@ -263,6 +273,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
@Test @Test
public void testDeleteSession() throws IOException { public void testDeleteSession() throws IOException {
assumeFeatureEnabled(ACCOUNT2);
TokenUtil viewToken = new TokenUtil("view-account-access", "password"); TokenUtil viewToken = new TokenUtil("view-account-access", "password");
String sessionId = oauth.doLogin("view-account-access", "password").getSessionState(); String sessionId = oauth.doLogin("view-account-access", "password").getSessionState();
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {}); List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});