/clients-registrations API doesn't return secret anymore and is not coherent #11116

/clients-registrations API doesn't return secret anymore and is not coherent

fixing merge

/clients-registrations API doesn't return secret anymore and is not coherent

fixing test that was failing

Replace tabs with regular spaces

fixing identation

/clients-registrations API doesn't return secret anymore and is not coherent. Closes #11116

fixing test that was failing
This commit is contained in:
Pedro Hos 2022-05-24 21:24:36 -03:00 committed by Marek Posolda
parent 4222de8f41
commit e121371401
5 changed files with 53 additions and 2 deletions

1
.gitignore vendored
View file

@ -80,3 +80,4 @@ quarkus/data/*.db
###############################
/integration/admin-client-jakarta/src/
/.metadata/

View file

@ -690,6 +690,13 @@ public class ModelToRepresentation {
rep.setNotBefore(clientModel.getNotBefore());
rep.setNodeReRegistrationTimeout(clientModel.getNodeReRegistrationTimeout());
rep.setClientAuthenticatorType(clientModel.getClientAuthenticatorType());
// adding the secret if non public or bearer only
if (clientModel.isBearerOnly() || clientModel.isPublicClient()) {
rep.setSecret(null);
} else {
rep.setSecret(clientModel.getSecret());
}
rep.setDefaultClientScopes(new LinkedList<>(clientModel.getClientScopes(true).keySet()));
rep.setOptionalClientScopes(new LinkedList<>(clientModel.getClientScopes(false).keySet()));

View file

@ -28,6 +28,7 @@ import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Objects;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
@ -1431,7 +1432,16 @@ public class RepresentationToModel {
client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
}
client.setSecret(resourceRep.getSecret());
// adding secret if the client isn't public nor bearer only
if (Objects.nonNull(resourceRep.getSecret())) {
client.setSecret(resourceRep.getSecret());
} else {
if (client.isPublicClient() || client.isBearerOnly()) {
client.setSecret(null);
} else {
KeycloakModelUtils.generateSecret(client);
}
}
if (resourceRep.getAttributes() != null) {
for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) {

View file

@ -100,6 +100,7 @@ public class ClientTest extends AbstractAdminTest {
rep.setClientId("my-app");
rep.setDescription("my-app description");
rep.setEnabled(true);
rep.setPublicClient(true);
Response response = realm.clients().create(rep);
response.close();
String id = ApiUtil.getCreatedId(response);
@ -113,6 +114,37 @@ public class ClientTest extends AbstractAdminTest {
return rep;
}
private ClientRepresentation createClientNonPublic() {
ClientRepresentation rep = new ClientRepresentation();
rep.setClientId("my-app");
rep.setDescription("my-app description");
rep.setEnabled(true);
rep.setPublicClient(false);
Response response = realm.clients().create(rep);
response.close();
String id = ApiUtil.getCreatedId(response);
getCleanup().addClientUuid(id);
ClientRepresentation found = ApiUtil.findClientResourceByClientId(realm, "my-app").toRepresentation();
assertEquals("my-app", found.getClientId());
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(id), rep, ResourceType.CLIENT);
rep.setId(id);
return rep;
}
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void createClientVerifyWithSecret() {
String id = createClientNonPublic().getId();
ClientResource client = realm.clients().get(id);
assertNotNull(client);
assertNotNull(client.toRepresentation().getSecret());
Assert.assertNames(realm.clients().findAll(), "account", "account-console", "realm-management", "security-admin-console", "broker", "my-app", Constants.ADMIN_CLI_CLIENT_ID);
}
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)

View file

@ -266,7 +266,8 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
String clientId = response.getClientId();
ClientRepresentation kcClientRep = getKeycloakClient(clientId);
Assert.assertFalse(kcClientRep.isPublicClient());
Assert.assertNull(kcClientRep.getSecret());
Assert.assertFalse(kcClientRep.isBearerOnly());
Assert.assertNotNull(kcClientRep.getSecret());
}
@Test