KEYCLOAK-8419: Make most act mgt APIs only active in preview mode
This commit is contained in:
parent
b4b3527df7
commit
dba513c921
2 changed files with 24 additions and 2 deletions
|
@ -47,6 +47,7 @@ import javax.ws.rs.core.Response;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
@ -205,6 +206,7 @@ public class AccountRestService {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
@NoCache
|
@NoCache
|
||||||
public Response sessions() {
|
public Response sessions() {
|
||||||
|
checkAccount2Enabled();
|
||||||
List<SessionRepresentation> reps = new LinkedList<>();
|
List<SessionRepresentation> reps = new LinkedList<>();
|
||||||
|
|
||||||
List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
|
List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
|
||||||
|
@ -242,6 +244,7 @@ public class AccountRestService {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
@NoCache
|
@NoCache
|
||||||
public Response sessionsLogout(@QueryParam("current") boolean removeCurrent) {
|
public Response sessionsLogout(@QueryParam("current") boolean removeCurrent) {
|
||||||
|
checkAccount2Enabled();
|
||||||
UserSessionModel userSession = auth.getSession();
|
UserSessionModel userSession = auth.getSession();
|
||||||
|
|
||||||
List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
|
List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
|
||||||
|
@ -265,6 +268,7 @@ public class AccountRestService {
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
@NoCache
|
@NoCache
|
||||||
public Response sessionLogout(@QueryParam("id") String id) {
|
public Response sessionLogout(@QueryParam("id") String id) {
|
||||||
|
checkAccount2Enabled();
|
||||||
UserSessionModel userSession = session.sessions().getUserSession(realm, id);
|
UserSessionModel userSession = session.sessions().getUserSession(realm, id);
|
||||||
if (userSession != null && userSession.getUser().equals(user)) {
|
if (userSession != null && userSession.getUser().equals(user)) {
|
||||||
AuthenticationManager.backchannelLogout(session, userSession, true);
|
AuthenticationManager.backchannelLogout(session, userSession, true);
|
||||||
|
@ -274,11 +278,17 @@ public class AccountRestService {
|
||||||
|
|
||||||
@Path("/credentials")
|
@Path("/credentials")
|
||||||
public AccountCredentialResource credentials() {
|
public AccountCredentialResource credentials() {
|
||||||
|
checkAccount2Enabled();
|
||||||
return new AccountCredentialResource(session, event, user);
|
return new AccountCredentialResource(session, event, user);
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO Federated identities
|
// TODO Federated identities
|
||||||
// TODO Applications
|
// TODO Applications
|
||||||
// TODO Logs
|
// TODO Logs
|
||||||
|
|
||||||
|
private static void checkAccount2Enabled() {
|
||||||
|
if (!Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2)) {
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,7 +34,6 @@ import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.util.TokenUtil;
|
import org.keycloak.testsuite.util.TokenUtil;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
|
||||||
import javax.ws.rs.core.Response;
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -43,6 +42,9 @@ import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.*;
|
||||||
import org.keycloak.services.messages.Messages;
|
import org.keycloak.services.messages.Messages;
|
||||||
|
|
||||||
|
import static org.keycloak.common.Profile.Feature.ACCOUNT2;
|
||||||
|
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
|
@ -187,6 +189,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testGetSessions() throws IOException {
|
public void testGetSessions() throws IOException {
|
||||||
|
assumeFeatureEnabled(ACCOUNT2);
|
||||||
|
|
||||||
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||||
|
|
||||||
assertEquals(1, sessions.size());
|
assertEquals(1, sessions.size());
|
||||||
|
@ -194,11 +198,15 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testGetPasswordDetails() throws IOException {
|
public void testGetPasswordDetails() throws IOException {
|
||||||
|
assumeFeatureEnabled(ACCOUNT2);
|
||||||
|
|
||||||
getPasswordDetails();
|
getPasswordDetails();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testPostPasswordUpdate() throws IOException {
|
public void testPostPasswordUpdate() throws IOException {
|
||||||
|
assumeFeatureEnabled(ACCOUNT2);
|
||||||
|
|
||||||
//Get the time of lastUpdate
|
//Get the time of lastUpdate
|
||||||
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
|
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
|
||||||
|
|
||||||
|
@ -222,6 +230,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testPasswordConfirmation() throws IOException {
|
public void testPasswordConfirmation() throws IOException {
|
||||||
|
assumeFeatureEnabled(ACCOUNT2);
|
||||||
|
|
||||||
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
|
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
|
||||||
|
|
||||||
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
|
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
|
||||||
|
@ -263,6 +273,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testDeleteSession() throws IOException {
|
public void testDeleteSession() throws IOException {
|
||||||
|
assumeFeatureEnabled(ACCOUNT2);
|
||||||
|
|
||||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||||
String sessionId = oauth.doLogin("view-account-access", "password").getSessionState();
|
String sessionId = oauth.doLogin("view-account-access", "password").getSessionState();
|
||||||
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||||
|
|
Loading…
Reference in a new issue