/clients-registrations API doesn't return secret anymore and is not coherent #11116
/clients-registrations API doesn't return secret anymore and is not coherent fixing merge /clients-registrations API doesn't return secret anymore and is not coherent fixing test that was failing Replace tabs with regular spaces fixing identation /clients-registrations API doesn't return secret anymore and is not coherent. Closes #11116 fixing test that was failing
This commit is contained in:
parent
4222de8f41
commit
e121371401
5 changed files with 53 additions and 2 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -80,3 +80,4 @@ quarkus/data/*.db
|
|||
###############################
|
||||
|
||||
/integration/admin-client-jakarta/src/
|
||||
/.metadata/
|
||||
|
|
|
@ -690,6 +690,13 @@ public class ModelToRepresentation {
|
|||
rep.setNotBefore(clientModel.getNotBefore());
|
||||
rep.setNodeReRegistrationTimeout(clientModel.getNodeReRegistrationTimeout());
|
||||
rep.setClientAuthenticatorType(clientModel.getClientAuthenticatorType());
|
||||
|
||||
// adding the secret if non public or bearer only
|
||||
if (clientModel.isBearerOnly() || clientModel.isPublicClient()) {
|
||||
rep.setSecret(null);
|
||||
} else {
|
||||
rep.setSecret(clientModel.getSecret());
|
||||
}
|
||||
|
||||
rep.setDefaultClientScopes(new LinkedList<>(clientModel.getClientScopes(true).keySet()));
|
||||
rep.setOptionalClientScopes(new LinkedList<>(clientModel.getClientScopes(false).keySet()));
|
||||
|
|
|
@ -28,6 +28,7 @@ import java.util.List;
|
|||
import java.util.ListIterator;
|
||||
import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
@ -1431,7 +1432,16 @@ public class RepresentationToModel {
|
|||
client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
|
||||
}
|
||||
|
||||
client.setSecret(resourceRep.getSecret());
|
||||
// adding secret if the client isn't public nor bearer only
|
||||
if (Objects.nonNull(resourceRep.getSecret())) {
|
||||
client.setSecret(resourceRep.getSecret());
|
||||
} else {
|
||||
if (client.isPublicClient() || client.isBearerOnly()) {
|
||||
client.setSecret(null);
|
||||
} else {
|
||||
KeycloakModelUtils.generateSecret(client);
|
||||
}
|
||||
}
|
||||
|
||||
if (resourceRep.getAttributes() != null) {
|
||||
for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) {
|
||||
|
|
|
@ -100,6 +100,7 @@ public class ClientTest extends AbstractAdminTest {
|
|||
rep.setClientId("my-app");
|
||||
rep.setDescription("my-app description");
|
||||
rep.setEnabled(true);
|
||||
rep.setPublicClient(true);
|
||||
Response response = realm.clients().create(rep);
|
||||
response.close();
|
||||
String id = ApiUtil.getCreatedId(response);
|
||||
|
@ -113,6 +114,37 @@ public class ClientTest extends AbstractAdminTest {
|
|||
|
||||
return rep;
|
||||
}
|
||||
|
||||
private ClientRepresentation createClientNonPublic() {
|
||||
ClientRepresentation rep = new ClientRepresentation();
|
||||
rep.setClientId("my-app");
|
||||
rep.setDescription("my-app description");
|
||||
rep.setEnabled(true);
|
||||
rep.setPublicClient(false);
|
||||
Response response = realm.clients().create(rep);
|
||||
response.close();
|
||||
String id = ApiUtil.getCreatedId(response);
|
||||
getCleanup().addClientUuid(id);
|
||||
ClientRepresentation found = ApiUtil.findClientResourceByClientId(realm, "my-app").toRepresentation();
|
||||
|
||||
assertEquals("my-app", found.getClientId());
|
||||
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(id), rep, ResourceType.CLIENT);
|
||||
|
||||
rep.setId(id);
|
||||
|
||||
return rep;
|
||||
}
|
||||
|
||||
@Test
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
public void createClientVerifyWithSecret() {
|
||||
String id = createClientNonPublic().getId();
|
||||
|
||||
ClientResource client = realm.clients().get(id);
|
||||
assertNotNull(client);
|
||||
assertNotNull(client.toRepresentation().getSecret());
|
||||
Assert.assertNames(realm.clients().findAll(), "account", "account-console", "realm-management", "security-admin-console", "broker", "my-app", Constants.ADMIN_CLI_CLIENT_ID);
|
||||
}
|
||||
|
||||
@Test
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
|
|
|
@ -266,7 +266,8 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
|
|||
String clientId = response.getClientId();
|
||||
ClientRepresentation kcClientRep = getKeycloakClient(clientId);
|
||||
Assert.assertFalse(kcClientRep.isPublicClient());
|
||||
Assert.assertNull(kcClientRep.getSecret());
|
||||
Assert.assertFalse(kcClientRep.isBearerOnly());
|
||||
Assert.assertNotNull(kcClientRep.getSecret());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
Loading…
Reference in a new issue