/clients-registrations API doesn't return secret anymore and is not coherent #11116
/clients-registrations API doesn't return secret anymore and is not coherent fixing merge /clients-registrations API doesn't return secret anymore and is not coherent fixing test that was failing Replace tabs with regular spaces fixing identation /clients-registrations API doesn't return secret anymore and is not coherent. Closes #11116 fixing test that was failing
This commit is contained in:
parent
4222de8f41
commit
e121371401
5 changed files with 53 additions and 2 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -80,3 +80,4 @@ quarkus/data/*.db
|
||||||
###############################
|
###############################
|
||||||
|
|
||||||
/integration/admin-client-jakarta/src/
|
/integration/admin-client-jakarta/src/
|
||||||
|
/.metadata/
|
||||||
|
|
|
@ -691,6 +691,13 @@ public class ModelToRepresentation {
|
||||||
rep.setNodeReRegistrationTimeout(clientModel.getNodeReRegistrationTimeout());
|
rep.setNodeReRegistrationTimeout(clientModel.getNodeReRegistrationTimeout());
|
||||||
rep.setClientAuthenticatorType(clientModel.getClientAuthenticatorType());
|
rep.setClientAuthenticatorType(clientModel.getClientAuthenticatorType());
|
||||||
|
|
||||||
|
// adding the secret if non public or bearer only
|
||||||
|
if (clientModel.isBearerOnly() || clientModel.isPublicClient()) {
|
||||||
|
rep.setSecret(null);
|
||||||
|
} else {
|
||||||
|
rep.setSecret(clientModel.getSecret());
|
||||||
|
}
|
||||||
|
|
||||||
rep.setDefaultClientScopes(new LinkedList<>(clientModel.getClientScopes(true).keySet()));
|
rep.setDefaultClientScopes(new LinkedList<>(clientModel.getClientScopes(true).keySet()));
|
||||||
rep.setOptionalClientScopes(new LinkedList<>(clientModel.getClientScopes(false).keySet()));
|
rep.setOptionalClientScopes(new LinkedList<>(clientModel.getClientScopes(false).keySet()));
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,7 @@ import java.util.List;
|
||||||
import java.util.ListIterator;
|
import java.util.ListIterator;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Map.Entry;
|
import java.util.Map.Entry;
|
||||||
|
import java.util.Objects;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
@ -1431,7 +1432,16 @@ public class RepresentationToModel {
|
||||||
client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
|
client.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// adding secret if the client isn't public nor bearer only
|
||||||
|
if (Objects.nonNull(resourceRep.getSecret())) {
|
||||||
client.setSecret(resourceRep.getSecret());
|
client.setSecret(resourceRep.getSecret());
|
||||||
|
} else {
|
||||||
|
if (client.isPublicClient() || client.isBearerOnly()) {
|
||||||
|
client.setSecret(null);
|
||||||
|
} else {
|
||||||
|
KeycloakModelUtils.generateSecret(client);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (resourceRep.getAttributes() != null) {
|
if (resourceRep.getAttributes() != null) {
|
||||||
for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) {
|
for (Map.Entry<String, String> entry : resourceRep.getAttributes().entrySet()) {
|
||||||
|
|
|
@ -100,6 +100,7 @@ public class ClientTest extends AbstractAdminTest {
|
||||||
rep.setClientId("my-app");
|
rep.setClientId("my-app");
|
||||||
rep.setDescription("my-app description");
|
rep.setDescription("my-app description");
|
||||||
rep.setEnabled(true);
|
rep.setEnabled(true);
|
||||||
|
rep.setPublicClient(true);
|
||||||
Response response = realm.clients().create(rep);
|
Response response = realm.clients().create(rep);
|
||||||
response.close();
|
response.close();
|
||||||
String id = ApiUtil.getCreatedId(response);
|
String id = ApiUtil.getCreatedId(response);
|
||||||
|
@ -114,6 +115,37 @@ public class ClientTest extends AbstractAdminTest {
|
||||||
return rep;
|
return rep;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private ClientRepresentation createClientNonPublic() {
|
||||||
|
ClientRepresentation rep = new ClientRepresentation();
|
||||||
|
rep.setClientId("my-app");
|
||||||
|
rep.setDescription("my-app description");
|
||||||
|
rep.setEnabled(true);
|
||||||
|
rep.setPublicClient(false);
|
||||||
|
Response response = realm.clients().create(rep);
|
||||||
|
response.close();
|
||||||
|
String id = ApiUtil.getCreatedId(response);
|
||||||
|
getCleanup().addClientUuid(id);
|
||||||
|
ClientRepresentation found = ApiUtil.findClientResourceByClientId(realm, "my-app").toRepresentation();
|
||||||
|
|
||||||
|
assertEquals("my-app", found.getClientId());
|
||||||
|
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(id), rep, ResourceType.CLIENT);
|
||||||
|
|
||||||
|
rep.setId(id);
|
||||||
|
|
||||||
|
return rep;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||||
|
public void createClientVerifyWithSecret() {
|
||||||
|
String id = createClientNonPublic().getId();
|
||||||
|
|
||||||
|
ClientResource client = realm.clients().get(id);
|
||||||
|
assertNotNull(client);
|
||||||
|
assertNotNull(client.toRepresentation().getSecret());
|
||||||
|
Assert.assertNames(realm.clients().findAll(), "account", "account-console", "realm-management", "security-admin-console", "broker", "my-app", Constants.ADMIN_CLI_CLIENT_ID);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||||
public void createClientVerify() {
|
public void createClientVerify() {
|
||||||
|
|
|
@ -266,7 +266,8 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
|
||||||
String clientId = response.getClientId();
|
String clientId = response.getClientId();
|
||||||
ClientRepresentation kcClientRep = getKeycloakClient(clientId);
|
ClientRepresentation kcClientRep = getKeycloakClient(clientId);
|
||||||
Assert.assertFalse(kcClientRep.isPublicClient());
|
Assert.assertFalse(kcClientRep.isPublicClient());
|
||||||
Assert.assertNull(kcClientRep.getSecret());
|
Assert.assertFalse(kcClientRep.isBearerOnly());
|
||||||
|
Assert.assertNotNull(kcClientRep.getSecret());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
Loading…
Reference in a new issue