Ejemplo n.º 1
0
 protected void addRealmRep(
     List<RealmRepresentation> reps, RealmModel realm, ClientModel realmManagementClient) {
   if (auth.hasAppRole(realmManagementClient, AdminRoles.VIEW_REALM)) {
     reps.add(ModelToRepresentation.toRepresentation(realm, false));
   } else if (auth.hasOneOfAppRole(realmManagementClient, AdminRoles.ALL_REALM_ROLES)) {
     RealmRepresentation rep = new RealmRepresentation();
     rep.setRealm(realm.getName());
     reps.add(rep);
   }
 }
Ejemplo n.º 2
0
  @GET
  @NoCache
  @Produces("application/json")
  public RealmRepresentation getRealm() {
    if (auth.hasView()) {
      return ModelToRepresentation.toRepresentation(realm);
    } else {
      auth.requireAny();

      RealmRepresentation rep = new RealmRepresentation();
      rep.setRealm(realm.getName());

      return rep;
    }
  }
  @Override
  public void addTestRealms(List<RealmRepresentation> testRealms) {
    RealmRepresentation rep = new RealmRepresentation();
    rep.setEnabled(true);
    rep.setRealm(REALM_NAME);
    rep.setUsers(new LinkedList<UserRepresentation>());

    LinkedList<CredentialRepresentation> credentials = new LinkedList<>();
    CredentialRepresentation password = new CredentialRepresentation();
    password.setType(CredentialRepresentation.PASSWORD);
    password.setValue("password");
    credentials.add(password);

    UserRepresentation user = new UserRepresentation();
    user.setEnabled(true);
    user.setUsername("manage-clients");
    user.setCredentials(credentials);
    user.setClientRoles(
        Collections.singletonMap(
            Constants.REALM_MANAGEMENT_CLIENT_ID,
            Collections.singletonList(AdminRoles.MANAGE_CLIENTS)));

    rep.getUsers().add(user);

    UserRepresentation user2 = new UserRepresentation();
    user2.setEnabled(true);
    user2.setUsername("create-clients");
    user2.setCredentials(credentials);
    user2.setClientRoles(
        Collections.singletonMap(
            Constants.REALM_MANAGEMENT_CLIENT_ID,
            Collections.singletonList(AdminRoles.CREATE_CLIENT)));

    rep.getUsers().add(user2);

    UserRepresentation user3 = new UserRepresentation();
    user3.setEnabled(true);
    user3.setUsername("no-access");
    user3.setCredentials(credentials);

    rep.getUsers().add(user3);

    testRealms.add(rep);
  }
Ejemplo n.º 4
0
  /**
   * Get the top-level representation of the realm
   *
   * <p>It will not include nested information like User and Client representations.
   *
   * @return
   */
  @GET
  @NoCache
  @Produces(MediaType.APPLICATION_JSON)
  public RealmRepresentation getRealm() {
    if (auth.hasView()) {
      return ModelToRepresentation.toRepresentation(realm, false);
    } else {
      auth.requireAny();

      RealmRepresentation rep = new RealmRepresentation();
      rep.setRealm(realm.getName());

      if (auth.init(Resource.IDENTITY_PROVIDER).hasView()) {
        RealmRepresentation r = ModelToRepresentation.toRepresentation(realm, false);
        rep.setIdentityProviders(r.getIdentityProviders());
        rep.setIdentityProviderMappers(r.getIdentityProviderMappers());
      }

      return rep;
    }
  }
Ejemplo n.º 5
0
  /**
   * Get the top-level representation of the realm
   *
   * <p>It will not include nested information like User and Client representations.
   *
   * @return
   */
  @GET
  @NoCache
  @Produces(MediaType.APPLICATION_JSON)
  public RealmRepresentation getRealm() {
    if (auth.hasView()) {
      RealmRepresentation rep = ModelToRepresentation.toRepresentation(realm, false);
      if (session.realms() instanceof CacheRealmProvider) {
        CacheRealmProvider cacheRealmProvider = (CacheRealmProvider) session.realms();
        rep.setRealmCacheEnabled(cacheRealmProvider.isEnabled());
      }
      if (session.userStorage() instanceof CacheUserProvider) {
        CacheUserProvider cache = (CacheUserProvider) session.userStorage();
        rep.setUserCacheEnabled(cache.isEnabled());
      }
      return rep;
    } else {
      auth.requireAny();

      RealmRepresentation rep = new RealmRepresentation();
      rep.setRealm(realm.getName());
      return rep;
    }
  }
Ejemplo n.º 6
0
  @Test
  public void addUserTest() throws Throwable {
    AddUser.main(new String[] {"-u", "addusertest-admin", "-p", "password"});
    assertEquals(1, dir.listFiles().length);

    List<RealmRepresentation> realms =
        JsonSerialization.readValue(
            new FileInputStream(new File(dir, "keycloak-add-user.json")),
            new TypeReference<List<RealmRepresentation>>() {});
    assertEquals(1, realms.size());
    assertEquals(1, realms.get(0).getUsers().size());

    UserRepresentation user = realms.get(0).getUsers().get(0);
    assertEquals(new Integer(100000), user.getCredentials().get(0).getHashIterations());
    assertNull(user.getCredentials().get(0).getValue());

    CredentialRepresentation credentials = user.getCredentials().get(0);

    assertEquals(Pbkdf2PasswordHashProvider.ID, credentials.getAlgorithm());
    assertEquals(new Integer(100000), credentials.getHashIterations());

    KeycloakServer server = new KeycloakServer();
    try {
      server.start();

      Keycloak keycloak =
          Keycloak.getInstance(
              "http://localhost:8081/auth",
              "master",
              "addusertest-admin",
              "password",
              Constants.ADMIN_CLI_CLIENT_ID);
      keycloak.realms().findAll();

      RealmRepresentation testRealm = new RealmRepresentation();
      testRealm.setEnabled(true);
      testRealm.setId("test");
      testRealm.setRealm("test");

      keycloak.realms().create(testRealm);

      RealmResource realm = keycloak.realm("master");

      List<UserRepresentation> users =
          realm.users().search("addusertest-admin", null, null, null, null, null);
      assertEquals(1, users.size());

      UserRepresentation created = users.get(0);
      assertNotNull(created.getCreatedTimestamp());

      UserResource userResource = realm.users().get(created.getId());

      List<RoleRepresentation> realmRoles = userResource.roles().realmLevel().listAll();

      assertRoles(realmRoles, "admin", "offline_access");

      List<ClientRepresentation> clients = realm.clients().findAll();
      String accountId = null;
      for (ClientRepresentation c : clients) {
        if (c.getClientId().equals("account")) {
          accountId = c.getId();
        }
      }

      List<RoleRepresentation> accountRoles = userResource.roles().clientLevel(accountId).listAll();

      assertRoles(accountRoles, "view-profile", "manage-account");

      keycloak.close();

      assertEquals(0, dir.listFiles().length);
    } finally {
      server.stop();
    }
  }