libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #4740 from pedroigor/KEYCLOAK-5909

Browse source 
[KEYCLOAK-5909] - Allow providing username as owner when creating resources
This commit is contained in:
Pedro Igor 2017-11-24 17:57:50 -02:00 committed by GitHub
commit e4a6ee19d1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 105 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
View file

@ -2285,6 +2285,12 @@ public class RepresentationToModel {
throw new RuntimeException("No owner specified for resource [" + resource.getName() + "].");
}
ClientModel clientModel = authorization.getRealm().getClientById(resourceServer.getId());
if (ownerId.equals(clientModel.getClientId())) {
ownerId = resourceServer.getId();
}
if (!resourceServer.getId().equals(ownerId)) {
RealmModel realm = authorization.getRealm();
KeycloakSession keycloakSession = authorization.getKeycloakSession();
@ -2299,7 +2305,7 @@ public class RepresentationToModel {
throw new RuntimeException("Owner must be a valid username or user identifier. If the resource server, the client id or null.");
}
owner.setId(ownerModel.getId());
ownerId = ownerModel.getId();
}
Resource model = resourceStore.create(resource.getName(), resourceServer, ownerId);

9
testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/authorization/AbstractPhotozAdminTest.java
View file

@ -37,6 +37,7 @@ import org.keycloak.common.ClientConnection;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
@ -57,6 +58,7 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
/**
@ -72,6 +74,7 @@ public abstract class AbstractPhotozAdminTest extends AbstractAuthorizationTest
protected Resource albumResource;
protected Policy anyUserPolicy;
protected UserModel aliceUser;
@Before
public void onBefore() {
@ -84,6 +87,12 @@ public abstract class AbstractPhotozAdminTest extends AbstractAuthorizationTest
this.albumResource = createAlbumResource();
this.anyUserPolicy = createAnyUserPolicy();
this.aliceUser = onAuthorizationSession(new Function<AuthorizationProvider, UserModel>() {
@Override
public UserModel apply(AuthorizationProvider authorizationProvider) {
return authorizationProvider.getKeycloakSession().users().getUserByUsername("alice", authorizationProvider.getRealm());
}
});
}
protected ResourceServer createResourceServer() {

100
testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/authorization/ResourceManagementTest.java
View file

@ -20,6 +20,7 @@ package org.keycloak.testsuite.authorization;
import org.junit.Test;
import org.keycloak.authorization.model.Resource;
import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import javax.ws.rs.client.Entity;
@ -38,7 +39,7 @@ import static org.junit.Assert.assertNull;
public class ResourceManagementTest extends AbstractPhotozAdminTest {
@Test
public void testCreate() throws Exception {
public void testCreateWithoutOwner() throws Exception {
ResourceRepresentation newResource = new ResourceRepresentation();
newResource.setName("New Resource");
@ -52,17 +53,88 @@ public class ResourceManagementTest extends AbstractPhotozAdminTest {
ResourceRepresentation resource = response.readEntity(ResourceRepresentation.class);
onAuthorizationSession(authorizationProvider -> {
Resource resourceModel = authorizationProvider.getStoreFactory().getResourceStore().findById(resource.getId(), resourceServer.getId());
response = newResourceRequest(resource.getId()).get();
assertNotNull(resourceModel);
assertEquals(resource.getId(), resourceModel.getId());
assertEquals("New Resource", resourceModel.getName());
assertEquals("Resource Type", resourceModel.getType());
assertEquals("Resource Icon URI", resourceModel.getIconUri());
assertEquals("Resource URI", resourceModel.getUri());
assertEquals(resourceServer.getId(), resourceModel.getResourceServer().getId());
});
assertEquals(Status.OK.getStatusCode(), response.getStatus());
resource = response.readEntity(ResourceRepresentation.class);
assertEquals("New Resource", resource.getName());
assertEquals("Resource Type", resource.getType());
assertEquals("Resource Icon URI", resource.getIconUri());
assertEquals("Resource URI", resource.getUri());
assertEquals(resourceServer.getId(), resource.getOwner().getId());
assertEquals("photoz-restful-api", resource.getOwner().getName());
}
@Test
public void testCreateWithOwnerUser() throws Exception {
ResourceRepresentation newResource = new ResourceRepresentation();
newResource.setName("New Resource");
newResource.setType("Resource Type");
newResource.setIconUri("Resource Icon URI");
newResource.setUri("Resource URI");
ResourceOwnerRepresentation owner = new ResourceOwnerRepresentation();
owner.setId("alice");
newResource.setOwner(owner);
Response response = newResourceRequest().post(Entity.entity(newResource, MediaType.APPLICATION_JSON_TYPE));
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
ResourceRepresentation resource = response.readEntity(ResourceRepresentation.class);
response = newResourceRequest(resource.getId()).get();
assertEquals(Status.OK.getStatusCode(), response.getStatus());
resource = response.readEntity(ResourceRepresentation.class);
assertEquals("New Resource", resource.getName());
assertEquals("Resource Type", resource.getType());
assertEquals("Resource Icon URI", resource.getIconUri());
assertEquals("Resource URI", resource.getUri());
assertEquals(aliceUser.getId(), resource.getOwner().getId());
assertEquals(aliceUser.getUsername(), resource.getOwner().getName());
}
@Test
public void testCreateWithOwnerResourceServer() throws Exception {
ResourceRepresentation newResource = new ResourceRepresentation();
newResource.setName("New Resource");
newResource.setType("Resource Type");
newResource.setIconUri("Resource Icon URI");
newResource.setUri("Resource URI");
ResourceOwnerRepresentation owner = new ResourceOwnerRepresentation();
owner.setId("photoz-restful-api");
newResource.setOwner(owner);
Response response = newResourceRequest().post(Entity.entity(newResource, MediaType.APPLICATION_JSON_TYPE));
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
ResourceRepresentation resource = response.readEntity(ResourceRepresentation.class);
response = newResourceRequest(resource.getId()).get();
assertEquals(Status.OK.getStatusCode(), response.getStatus());
resource = response.readEntity(ResourceRepresentation.class);
assertEquals("New Resource", resource.getName());
assertEquals("Resource Type", resource.getType());
assertEquals("Resource Icon URI", resource.getIconUri());
assertEquals("Resource URI", resource.getUri());
assertEquals(resourceServer.getId(), resource.getOwner().getId());
assertEquals("photoz-restful-api", resource.getOwner().getName());
}
@Test
@ -109,6 +181,12 @@ public class ResourceManagementTest extends AbstractPhotozAdminTest {
newResource.setIconUri("Resource Icon URI");
newResource.setUri("Resource URI");
ResourceOwnerRepresentation owner = new ResourceOwnerRepresentation();
owner.setId("alice");
newResource.setOwner(owner);
Response response = newResourceRequest().post(Entity.entity(newResource, MediaType.APPLICATION_JSON_TYPE));
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());