Java Code Examples for org.keycloak.representations.idm.UserRepresentation#setCredentials()
The following examples show how to use
org.keycloak.representations.idm.UserRepresentation#setCredentials() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: KeycloakRealmResourceManager.java From quarkus with Apache License 2.0 | 7 votes |
|
private static UserRepresentation createUser(String username, String... realmRoles) {
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setEnabled(true);
user.setCredentials(new ArrayList<>());
user.setRealmRoles(Arrays.asList(realmRoles));
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(username);
credential.setTemporary(false);
user.getCredentials().add(credential);
return user;
}
Example 2
| Source File: KeycloakRealmResourceManager.java From quarkus with Apache License 2.0 | 7 votes |
|
private static UserRepresentation createUser(String username, String... realmRoles) {
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setEnabled(true);
user.setCredentials(new ArrayList<>());
user.setRealmRoles(Arrays.asList(realmRoles));
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(username);
credential.setTemporary(false);
user.getCredentials().add(credential);
return user;
}
Example 3
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 6 votes |
|
private static UserRepresentation createUser(String username, String... realmRoles) {
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setEnabled(true);
user.setCredentials(new ArrayList<>());
user.setRealmRoles(Arrays.asList(realmRoles));
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(username);
credential.setTemporary(false);
user.getCredentials().add(credential);
return user;
}
Example 4
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 6 votes |
|
private static UserRepresentation createUser(String username, String... realmRoles) {
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setEnabled(true);
user.setCredentials(new ArrayList<>());
user.setRealmRoles(Arrays.asList(realmRoles));
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue(username);
credential.setTemporary(false);
user.getCredentials().add(credential);
return user;
}
Example 5
| Source File: UserTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Test
public void createUserWithInvalidPolicyPassword() {
RealmRepresentation rep = realm.toRepresentation();
String passwordPolicy = rep.getPasswordPolicy();
rep.setPasswordPolicy("length(8)");
realm.update(rep);
UserRepresentation user = new UserRepresentation();
user.setUsername("user4");
user.setEmail("user4@localhost");
CredentialRepresentation rawPassword = new CredentialRepresentation();
rawPassword.setValue("ABCD");
rawPassword.setType(CredentialRepresentation.PASSWORD);
user.setCredentials(Arrays.asList(rawPassword));
Response response = realm.users().create(user);
assertEquals(400, response.getStatus());
ErrorRepresentation error = response.readEntity(ErrorRepresentation.class);
Assert.assertEquals("Password policy not met", error.getErrorMessage());
rep.setPasswordPolicy(passwordPolicy);
realm.update(rep);
response.close();
}
Example 6
| Source File: UserTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void createUserWithRawCredentials() {
UserRepresentation user = new UserRepresentation();
user.setUsername("user_rawpw");
user.setEmail("email.raw@localhost");
CredentialRepresentation rawPassword = new CredentialRepresentation();
rawPassword.setValue("ABCD");
rawPassword.setType(CredentialRepresentation.PASSWORD);
user.setCredentials(Arrays.asList(rawPassword));
createUser(user);
CredentialModel credential = fetchCredentials("user_rawpw");
assertNotNull("Expecting credential", credential);
PasswordCredentialModel pcm = PasswordCredentialModel.createFromCredentialModel(credential);
assertEquals(PasswordPolicy.HASH_ALGORITHM_DEFAULT, pcm.getPasswordCredentialData().getAlgorithm());
assertEquals(PasswordPolicy.HASH_ITERATIONS_DEFAULT, pcm.getPasswordCredentialData().getHashIterations());
assertNotEquals("ABCD", pcm.getPasswordSecretData().getValue());
assertEquals(CredentialRepresentation.PASSWORD, credential.getType());
}
Example 7
| Source File: UserTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Test
public void createUserWithTempolaryCredentials() {
UserRepresentation user = new UserRepresentation();
user.setUsername("user_temppw");
user.setEmail("email.temppw@localhost");
CredentialRepresentation password = new CredentialRepresentation();
password.setValue("password");
password.setType(CredentialRepresentation.PASSWORD);
password.setTemporary(true);
user.setCredentials(Arrays.asList(password));
String userId = createUser(user);
UserRepresentation userRep = realm.users().get(userId).toRepresentation();
Assert.assertEquals(1, userRep.getRequiredActions().size());
Assert.assertEquals(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), userRep.getRequiredActions().get(0));
}
Example 8
| Source File: ServiceAccountTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Test
public void failManagePassword() {
UserResource serviceAccount = adminClient.realm("test").users().get(userId);
UserRepresentation representation = serviceAccount.toRepresentation();
CredentialRepresentation password = new CredentialRepresentation();
password.setValue("password");
password.setType(CredentialRepresentation.PASSWORD);
password.setTemporary(false);
representation.setCredentials(Arrays.asList(password));
this.expectedException.expect(Matchers.allOf(Matchers.instanceOf(ClientErrorException.class),
Matchers.hasProperty("response", Matchers.hasProperty("status", Matchers.is(400)))));
this.expectedException.reportMissingExceptionWithMessage("Should fail, should not be possible to manage credentials for service accounts");
serviceAccount.update(representation);
}
Example 9
| Source File: TokenIntrospectionTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
ClientRepresentation confApp = KeycloakModelUtils.createClient(testRealm, "confidential-cli");
confApp.setSecret("secret1");
confApp.setServiceAccountsEnabled(Boolean.TRUE);
ClientRepresentation pubApp = KeycloakModelUtils.createClient(testRealm, "public-cli");
pubApp.setPublicClient(Boolean.TRUE);
ClientRepresentation samlApp = KeycloakModelUtils.createClient(testRealm, "saml-client");
samlApp.setSecret("secret2");
samlApp.setServiceAccountsEnabled(Boolean.TRUE);
samlApp.setProtocol("saml");
UserRepresentation user = new UserRepresentation();
user.setUsername("no-permissions");
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType("password");
credential.setValue("password");
List<CredentialRepresentation> creds = new ArrayList<>();
creds.add(credential);
user.setCredentials(creds);
user.setEnabled(Boolean.TRUE);
List<String> realmRoles = new ArrayList<>();
realmRoles.add("user");
user.setRealmRoles(realmRoles);
testRealm.getUsers().add(user);
}
Example 10
| Source File: UserSetup.java From keycloak-custom-protocol-mapper-example with Apache License 2.0 | 5 votes |
|
public String createUser(String name, String firstName, String lastName) {
UserRepresentation user = new UserRepresentation();
user.setUsername(name);
user.setFirstName(firstName);
user.setLastName(lastName);
user.setEnabled(true);
user.setCredentials(Arrays.asList(createPassword(PASSWORD)));
Response response = users.create(user);
return getCreatedId(response);
}
Example 11
| Source File: UserTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void updateUserWithRawCredentials() {
UserRepresentation user = new UserRepresentation();
user.setUsername("user_rawpw");
user.setEmail("email.raw@localhost");
CredentialRepresentation rawPassword = new CredentialRepresentation();
rawPassword.setValue("ABCD");
rawPassword.setType(CredentialRepresentation.PASSWORD);
user.setCredentials(Arrays.asList(rawPassword));
String id = createUser(user);
PasswordCredentialModel credential = PasswordCredentialModel
.createFromCredentialModel(fetchCredentials("user_rawpw"));
assertNotNull("Expecting credential", credential);
assertEquals(PasswordPolicy.HASH_ALGORITHM_DEFAULT, credential.getPasswordCredentialData().getAlgorithm());
assertEquals(PasswordPolicy.HASH_ITERATIONS_DEFAULT, credential.getPasswordCredentialData().getHashIterations());
assertNotEquals("ABCD", credential.getPasswordSecretData().getValue());
assertEquals(CredentialRepresentation.PASSWORD, credential.getType());
UserResource userResource = realm.users().get(id);
UserRepresentation userRep = userResource.toRepresentation();
CredentialRepresentation rawPasswordForUpdate = new CredentialRepresentation();
rawPasswordForUpdate.setValue("EFGH");
rawPasswordForUpdate.setType(CredentialRepresentation.PASSWORD);
userRep.setCredentials(Arrays.asList(rawPasswordForUpdate));
updateUser(userResource, userRep);
PasswordCredentialModel updatedCredential = PasswordCredentialModel
.createFromCredentialModel(fetchCredentials("user_rawpw"));
assertNotNull("Expecting credential", updatedCredential);
assertEquals(PasswordPolicy.HASH_ALGORITHM_DEFAULT, updatedCredential.getPasswordCredentialData().getAlgorithm());
assertEquals(PasswordPolicy.HASH_ITERATIONS_DEFAULT, updatedCredential.getPasswordCredentialData().getHashIterations());
assertNotEquals("EFGH", updatedCredential.getPasswordSecretData().getValue());
assertEquals(CredentialRepresentation.PASSWORD, updatedCredential.getType());
}
Example 12
| Source File: UserTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void createUserWithDeprecatedCredentialsFormat() throws IOException {
UserRepresentation user = new UserRepresentation();
user.setUsername("user_creds");
user.setEmail("email@localhost");
PasswordCredentialModel pcm = PasswordCredentialModel.createFromValues("my-algorithm", "theSalt".getBytes(), 22, "ABC");
//CredentialRepresentation hashedPassword = ModelToRepresentation.toRepresentation(pcm);
String deprecatedCredential = "{\n" +
" \"type\" : \"password\",\n" +
" \"hashedSaltedValue\" : \"" + pcm.getPasswordSecretData().getValue() + "\",\n" +
" \"salt\" : \"" + Base64.encodeBytes(pcm.getPasswordSecretData().getSalt()) + "\",\n" +
" \"hashIterations\" : " + pcm.getPasswordCredentialData().getHashIterations() + ",\n" +
" \"algorithm\" : \"" + pcm.getPasswordCredentialData().getAlgorithm() + "\"\n" +
" }";
CredentialRepresentation deprecatedHashedPassword = JsonSerialization.readValue(deprecatedCredential, CredentialRepresentation.class);
Assert.assertNotNull(deprecatedHashedPassword.getHashedSaltedValue());
Assert.assertNull(deprecatedHashedPassword.getCredentialData());
deprecatedHashedPassword.setCreatedDate(1001l);
deprecatedHashedPassword.setUserLabel("deviceX");
deprecatedHashedPassword.setType(CredentialRepresentation.PASSWORD);
user.setCredentials(Arrays.asList(deprecatedHashedPassword));
createUser(user, false);
CredentialModel credentialHashed = fetchCredentials("user_creds");
PasswordCredentialModel pcmh = PasswordCredentialModel.createFromCredentialModel(credentialHashed);
assertNotNull("Expecting credential", credentialHashed);
assertEquals("my-algorithm", pcmh.getPasswordCredentialData().getAlgorithm());
assertEquals(Long.valueOf(1001), credentialHashed.getCreatedDate());
assertEquals("deviceX", credentialHashed.getUserLabel());
assertEquals(22, pcmh.getPasswordCredentialData().getHashIterations());
assertEquals("ABC", pcmh.getPasswordSecretData().getValue());
assertEquals("theSalt", new String(pcmh.getPasswordSecretData().getSalt()));
assertEquals(CredentialRepresentation.PASSWORD, credentialHashed.getType());
}
Example 13
| Source File: UserTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void createUserWithHashedCredentials() {
UserRepresentation user = new UserRepresentation();
user.setUsername("user_creds");
user.setEmail("email@localhost");
PasswordCredentialModel pcm = PasswordCredentialModel.createFromValues("my-algorithm", "theSalt".getBytes(), 22, "ABC");
CredentialRepresentation hashedPassword = ModelToRepresentation.toRepresentation(pcm);
hashedPassword.setCreatedDate(1001L);
hashedPassword.setUserLabel("deviceX");
hashedPassword.setType(CredentialRepresentation.PASSWORD);
user.setCredentials(Arrays.asList(hashedPassword));
createUser(user);
CredentialModel credentialHashed = fetchCredentials("user_creds");
PasswordCredentialModel pcmh = PasswordCredentialModel.createFromCredentialModel(credentialHashed);
assertNotNull("Expecting credential", credentialHashed);
assertEquals("my-algorithm", pcmh.getPasswordCredentialData().getAlgorithm());
assertEquals(Long.valueOf(1001), credentialHashed.getCreatedDate());
assertEquals("deviceX", credentialHashed.getUserLabel());
assertEquals(22, pcmh.getPasswordCredentialData().getHashIterations());
assertEquals("ABC", pcmh.getPasswordSecretData().getValue());
assertEquals("theSalt", new String(pcmh.getPasswordSecretData().getSalt()));
assertEquals(CredentialRepresentation.PASSWORD, credentialHashed.getType());
}
Example 14
| Source File: GroupTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
RealmRepresentation testRealmRep = loadTestRealm(testRealms);
testRealmRep.setEventsEnabled(true);
List<UserRepresentation> users = testRealmRep.getUsers();
UserRepresentation user = new UserRepresentation();
user.setUsername("direct-login");
user.setEmail("direct-login@localhost");
user.setEnabled(true);
List<CredentialRepresentation> credentials = new LinkedList<>();
CredentialRepresentation credential = new CredentialRepresentation();
credential.setType(CredentialRepresentation.PASSWORD);
credential.setValue("password");
credentials.add(credential);
user.setCredentials(credentials);
users.add(user);
List<ClientRepresentation> clients = testRealmRep.getClients();
ClientRepresentation client = new ClientRepresentation();
client.setClientId("resource-owner");
client.setDirectAccessGrantsEnabled(true);
client.setSecret("secret");
clients.add(client);
}
Example 15
| Source File: DockerTestRealmSetup.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void configureUser(final RealmRepresentation dockerRealm, final String username, final String password) {
final UserRepresentation dockerUser = new UserRepresentation();
dockerUser.setUsername(username);
dockerUser.setEnabled(true);
dockerUser.setEmail("[email protected]");
dockerUser.setFirstName("docker");
dockerUser.setLastName("user");
final CredentialRepresentation dockerUserCreds = new CredentialRepresentation();
dockerUserCreds.setType(CredentialRepresentation.PASSWORD);
dockerUserCreds.setValue(password);
dockerUser.setCredentials(Collections.singletonList(dockerUserCreds));
dockerRealm.setUsers(Collections.singletonList(dockerUser));
}
Example 16
| Source File: Users.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void setPasswordFor(UserRepresentation user, String password, boolean temporary) {
List<CredentialRepresentation> credentials = new ArrayList<>();
CredentialRepresentation pass = new CredentialRepresentation();
pass.setType(PASSWORD);
pass.setValue(password);
pass.setTemporary(temporary);
credentials.add(pass);
user.setCredentials(credentials);
}
Example 17
| Source File: UserTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@Test
public void updateUserWithHashedCredentials() {
String userId = createUser("user_hashed_creds", "user_hashed_creds@localhost");
byte[] salt = new byte[]{-69, 85, 87, 99, 26, -107, 125, 99, -77, 30, -111, 118, 108, 100, -117, -56};
PasswordCredentialModel credentialModel = PasswordCredentialModel.createFromValues("pbkdf2-sha256", salt,
27500, "uskEPZWMr83pl2mzNB95SFXfIabe2UH9ClENVx/rrQqOjFEjL2aAOGpWsFNNF3qoll7Qht2mY5KxIDm3Rnve2w==");
credentialModel.setCreatedDate(1001l);
CredentialRepresentation hashedPassword = ModelToRepresentation.toRepresentation(credentialModel);
UserRepresentation userRepresentation = new UserRepresentation();
userRepresentation.setCredentials(Collections.singletonList(hashedPassword));
realm.users().get(userId).update(userRepresentation);
String accountUrl = RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build(REALM_NAME).toString();
driver.navigate().to(accountUrl);
assertEquals("Log In", PageUtils.getPageTitle(driver));
loginPage.login("user_hashed_creds", "admin");
assertTrue(driver.getTitle().contains("Account Management"));
}
Example 18
| Source File: StripSecretsUtils.java From keycloak with Apache License 2.0 | 4 votes |
|
public static UserRepresentation strip(UserRepresentation user) {
user.setCredentials(null);
return user;
}
Example 19
| Source File: AbstractClientRegistrationTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
RealmRepresentation rep = new RealmRepresentation();
rep.setEnabled(true);
rep.setId(REALM_NAME);
rep.setRealm(REALM_NAME);
rep.setUsers(new LinkedList<UserRepresentation>());
LinkedList<CredentialRepresentation> credentials = new LinkedList<>();
CredentialRepresentation password = new CredentialRepresentation();
password.setType(CredentialRepresentation.PASSWORD);
password.setValue("password");
credentials.add(password);
UserRepresentation user = new UserRepresentation();
user.setEnabled(true);
user.setUsername("manage-clients");
user.setCredentials(credentials);
user.setClientRoles(Collections.singletonMap(Constants.REALM_MANAGEMENT_CLIENT_ID, Collections.singletonList(AdminRoles.MANAGE_CLIENTS)));
rep.getUsers().add(user);
UserRepresentation user2 = new UserRepresentation();
user2.setEnabled(true);
user2.setUsername("create-clients");
user2.setCredentials(credentials);
user2.setClientRoles(Collections.singletonMap(Constants.REALM_MANAGEMENT_CLIENT_ID, Collections.singletonList(AdminRoles.CREATE_CLIENT)));
rep.getUsers().add(user2);
UserRepresentation user3 = new UserRepresentation();
user3.setEnabled(true);
user3.setUsername("no-access");
user3.setCredentials(credentials);
rep.getUsers().add(user3);
UserRepresentation appUser = new UserRepresentation();
appUser.setEnabled(true);
appUser.setUsername("test-user");
appUser.setEmail("test-user@localhost");
appUser.setCredentials(credentials);
rep.getUsers().add(appUser);
testRealms.add(rep);
}
Example 20
| Source File: ExportUtils.java From keycloak with Apache License 2.0 | 4 votes |
|
/**
* Full export of user data stored in federated storage (including role mappings and credentials)
*
* @param id
* @return fully exported user representation
*/
public static UserRepresentation exportFederatedUser(KeycloakSession session, RealmModel realm, String id, ExportOptions options) {
UserRepresentation userRep = new UserRepresentation();
userRep.setId(id);
MultivaluedHashMap<String, String> attributes = session.userFederatedStorage().getAttributes(realm, id);
if (attributes.size() > 0) {
Map<String, List<String>> attrs = new HashMap<>();
attrs.putAll(attributes);
userRep.setAttributes(attrs);
}
Set<String> requiredActions = session.userFederatedStorage().getRequiredActions(realm, id);
if (requiredActions.size() > 0) {
List<String> actions = new LinkedList<>();
actions.addAll(requiredActions);
userRep.setRequiredActions(actions);
}
// Social links
Set<FederatedIdentityModel> socialLinks = session.userFederatedStorage().getFederatedIdentities(id, realm);
List<FederatedIdentityRepresentation> socialLinkReps = new ArrayList<>();
for (FederatedIdentityModel socialLink : socialLinks) {
FederatedIdentityRepresentation socialLinkRep = exportSocialLink(socialLink);
socialLinkReps.add(socialLinkRep);
}
if (socialLinkReps.size() > 0) {
userRep.setFederatedIdentities(socialLinkReps);
}
// Role mappings
if (options.isGroupsAndRolesIncluded()) {
Set<RoleModel> roles = session.userFederatedStorage().getRoleMappings(realm, id);
List<String> realmRoleNames = new ArrayList<>();
Map<String, List<String>> clientRoleNames = new HashMap<>();
for (RoleModel role : roles) {
if (role.getContainer() instanceof RealmModel) {
realmRoleNames.add(role.getName());
} else {
ClientModel client = (ClientModel) role.getContainer();
String clientId = client.getClientId();
List<String> currentClientRoles = clientRoleNames.get(clientId);
if (currentClientRoles == null) {
currentClientRoles = new ArrayList<>();
clientRoleNames.put(clientId, currentClientRoles);
}
currentClientRoles.add(role.getName());
}
}
if (realmRoleNames.size() > 0) {
userRep.setRealmRoles(realmRoleNames);
}
if (clientRoleNames.size() > 0) {
userRep.setClientRoles(clientRoleNames);
}
}
// Credentials
List<CredentialModel> creds = session.userFederatedStorage().getStoredCredentials(realm, id);
List<CredentialRepresentation> credReps = new ArrayList<>();
for (CredentialModel cred : creds) {
CredentialRepresentation credRep = exportCredential(cred);
credReps.add(credRep);
}
userRep.setCredentials(credReps);
// Grants
List<UserConsentModel> consents = session.users().getConsents(realm, id);
LinkedList<UserConsentRepresentation> consentReps = new LinkedList<>();
for (UserConsentModel consent : consents) {
UserConsentRepresentation consentRep = ModelToRepresentation.toRepresentation(consent);
consentReps.add(consentRep);
}
if (consentReps.size() > 0) {
userRep.setClientConsents(consentReps);
}
// Not Before
int notBefore = session.userFederatedStorage().getNotBeforeOfUser(realm, userRep.getId());
userRep.setNotBefore(notBefore);
if (options.isGroupsAndRolesIncluded()) {
List<String> groups = new LinkedList<>();
for (GroupModel group : session.userFederatedStorage().getGroups(realm, id)) {
groups.add(ModelToRepresentation.buildGroupPath(group));
}
userRep.setGroups(groups);
}
return userRep;
}
