Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#setAdminUrl()
The following examples show how to use
org.keycloak.representations.idm.ClientRepresentation#setAdminUrl() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ClientTest.java From keycloak with Apache License 2.0 | 6 votes |
|
private ClientRepresentation createAppClient() {
String redirectUri = oauth.getRedirectUri().replace("/master/", "/" + REALM_NAME + "/");
ClientRepresentation client = new ClientRepresentation();
client.setClientId("test-app");
client.setAdminUrl(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/app/admin");
client.setRedirectUris(Collections.singletonList(redirectUri));
client.setSecret("secret");
client.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
int notBefore = Time.currentTime() - 60;
client.setNotBefore(notBefore);
Response response = realm.clients().create(client);
String id = ApiUtil.getCreatedId(response);
getCleanup().addClientUuid(id);
response.close();
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(id), client, ResourceType.CLIENT);
client.setId(id);
return client;
}
Example 2
| Source File: ConsentsTest.java From keycloak with Apache License 2.0 | 6 votes |
|
protected List<ClientRepresentation> createProviderClients() {
ClientRepresentation client = new ClientRepresentation();
client.setId(CLIENT_ID);
client.setName(CLIENT_ID);
client.setSecret(CLIENT_SECRET);
client.setEnabled(true);
client.setConsentRequired(true);
client.setRedirectUris(Collections.singletonList(getAuthRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint/*"));
client.setAdminUrl(getAuthRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint");
return Collections.singletonList(client);
}
Example 3
| Source File: SAMLServletAdapterTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Test
public void salesMetadataTest() throws Exception {
Document doc = IOUtil.loadXML(SAMLServletAdapterTest.class.getResourceAsStream("/adapter-test/keycloak-saml/sp-metadata.xml"));
IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "Location", "8080", System.getProperty("app.server.http.port", null));
IOUtil.modifyDocElementAttribute(doc, "AssertionConsumerService", "Location", "8080", System.getProperty("app.server.http.port", null));
ClientRepresentation clientRep = testRealmResource().convertClientDescription(IOUtil.documentToString(doc));
String appServerUrl;
if (Boolean.parseBoolean(System.getProperty("app.server.ssl.required"))) {
appServerUrl = "https://localhost:" + System.getProperty("app.server.https.port", "8543") + "/";
} else {
appServerUrl = "http://localhost:" + System.getProperty("app.server.http.port", "8280") + "/";
}
clientRep.setAdminUrl(appServerUrl + "sales-metadata/saml");
try (Response response = testRealmResource().clients().create(clientRep)) {
Assert.assertEquals(201, response.getStatus());
}
testSuccessfulAndUnauthorizedLogin(salesMetadataServletPage, testRealmSAMLPostLoginPage);
}
Example 4
| Source File: AbstractAdapterTest.java From keycloak with Apache License 2.0 | 6 votes |
|
/**
* Modifies baseUrl, adminUrl and redirectUris for client based on real
* deployment url of the app.
*
* @param realm
* @param clientId
* @param deploymentUrl
*/
protected void fixClientUrisUsingDeploymentUrl(RealmRepresentation realm, String clientId, String deploymentUrl) {
for (ClientRepresentation client : realm.getClients()) {
if (clientId.equals(client.getClientId())) {
if (client.getBaseUrl() != null) {
client.setBaseUrl(deploymentUrl);
}
if (client.getAdminUrl() != null) {
client.setAdminUrl(deploymentUrl);
}
List<String> redirectUris = client.getRedirectUris();
if (redirectUris != null) {
List<String> newRedirectUris = new ArrayList<>();
for (String uri : redirectUris) {
newRedirectUris.add(deploymentUrl + "/*");
}
client.setRedirectUris(newRedirectUris);
}
}
}
}
Example 5
| Source File: CustomAuthFlowCookieTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Before
@Override
public void beforeTest() {
super.beforeTest();
ClientRepresentation testApp = new ClientRepresentation();
testApp.setClientId("test-app");
testApp.setEnabled(true);
testApp.setBaseUrl(APP_ROOT);
testApp.setRedirectUris(Arrays.asList(new String[]{APP_ROOT + "/*"}));
testApp.setAdminUrl(APP_ROOT + "/logout");
testApp.setSecret("password");
Response response = testRealmResource().clients().create(testApp);
assertEquals(201, response.getStatus());
getCleanup().addClientUuid(ApiUtil.getCreatedId(response));
response.close();
}
Example 6
| Source File: RealmTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private void setupTestAppAndUser() {
testingClient.testApp().clearAdminActions();
String redirectUri = oauth.getRedirectUri().replace("/master/", "/" + REALM_NAME + "/");
ClientRepresentation client = new ClientRepresentation();
client.setClientId("test-app");
client.setAdminUrl(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/app/admin");
client.setRedirectUris(Collections.singletonList(redirectUri));
client.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
client.setSecret("secret");
Response resp = realm.clients().create(client);
String clientDbId = ApiUtil.getCreatedId(resp);
getCleanup().addClientUuid(clientDbId);
resp.close();
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(clientDbId), client, ResourceType.CLIENT);
oauth.realm(REALM_NAME);
oauth.redirectUri(redirectUri);
UserRepresentation userRep = UserBuilder.create().username("testuser").build();
Response response = realm.users().create(userRep);
String userId = ApiUtil.getCreatedId(response);
response.close();
getCleanup().addUserId(userId);
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(userId), userRep, ResourceType.USER);
realm.users().get(userId).resetPassword(CredentialBuilder.create().password("password").build());
assertAdminEvents.assertEvent(realmId, OperationType.ACTION, AdminEventPaths.userResetPasswordPath(userId), ResourceType.USER);
testingClient.testApp().clearAdminActions();
}
Example 7
| Source File: AbstractKeycloakTest.java From keycloak with Apache License 2.0 | 5 votes |
|
public void fixAuthServerHostAndPortForClientRepresentation(ClientRepresentation cr) {
cr.setBaseUrl(removeDefaultPorts(replaceAuthHostWithRealHost(cr.getBaseUrl())));
cr.setAdminUrl(removeDefaultPorts(replaceAuthHostWithRealHost(cr.getAdminUrl())));
if (cr.getRedirectUris() != null && !cr.getRedirectUris().isEmpty()) {
List<String> fixedUrls = new ArrayList<>(cr.getRedirectUris().size());
for (String url : cr.getRedirectUris()) {
fixedUrls.add(removeDefaultPorts(replaceAuthHostWithRealHost(url)));
}
cr.setRedirectUris(fixedUrls);
}
}
Example 8
| Source File: AbstractAdapterTest.java From keycloak with Apache License 2.0 | 5 votes |
|
protected void modifyClientUrls(RealmRepresentation realm, String regex, String replacement) {
if (realm.getClients() != null) {
for (ClientRepresentation client : realm.getClients()) {
String baseUrl = client.getBaseUrl();
if (baseUrl != null) {
client.setBaseUrl(baseUrl.replaceAll(regex, replacement));
}
String adminUrl = client.getAdminUrl();
if (adminUrl != null) {
client.setAdminUrl(adminUrl.replaceAll(regex, replacement));
}
}
}
}
Example 9
| Source File: AbstractAdapterTest.java From keycloak with Apache License 2.0 | 5 votes |
|
protected void modifySamlMasterURLs(RealmRepresentation realm, String regex, String replacement) {
if (realm.getClients() != null) {
for (ClientRepresentation client : realm.getClients()) {
if (client.getProtocol() != null && client.getProtocol().equals("saml")) {
log.debug("Modifying master URL of SAML client: " + client.getClientId());
String masterUrl = client.getAdminUrl();
if (masterUrl == null) {
masterUrl = client.getBaseUrl();
}
masterUrl = masterUrl.replaceFirst(regex, replacement);
client.setAdminUrl(masterUrl + ((!masterUrl.endsWith("/saml")) ? "/saml" : ""));
}
}
}
}
Example 10
| Source File: BrokerTestTools.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void createKcOidcBroker(Keycloak adminClient, String childRealm, String idpRealm, String alias, boolean linkOnly) {
IdentityProviderRepresentation idp = createIdentityProvider(alias, IDP_OIDC_PROVIDER_ID);
idp.setLinkOnly(linkOnly);
idp.setStoreToken(true);
Map<String, String> config = idp.getConfig();
config.put("clientId", childRealm);
config.put("clientSecret", childRealm);
config.put("authorizationUrl", getProviderRoot() + "/auth/realms/" + idpRealm + "/protocol/openid-connect/auth");
config.put("tokenUrl", getProviderRoot() + "/auth/realms/" + idpRealm + "/protocol/openid-connect/token");
config.put("logoutUrl", getProviderRoot() + "/auth/realms/" + idpRealm + "/protocol/openid-connect/logout");
config.put("userInfoUrl", getProviderRoot() + "/auth/realms/" + idpRealm + "/protocol/openid-connect/userinfo");
config.put("backchannelSupported", "true");
adminClient.realm(childRealm).identityProviders().create(idp);
ClientRepresentation client = new ClientRepresentation();
client.setClientId(childRealm);
client.setName(childRealm);
client.setSecret(childRealm);
client.setEnabled(true);
client.setRedirectUris(Collections.singletonList(getConsumerRoot() +
"/auth/realms/" + childRealm + "/broker/" + idpRealm + "/endpoint/*"));
client.setAdminUrl(getConsumerRoot() +
"/auth/realms/" + childRealm + "/broker/" + idpRealm + "/endpoint");
adminClient.realm(idpRealm).clients().create(client);
}
Example 11
| Source File: AbstractSpringBootTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private ClientRepresentation createClient() {
ClientRepresentation clientRepresentation = new ClientRepresentation();
clientRepresentation.setId(CLIENT_ID);
clientRepresentation.setSecret(SECRET);
clientRepresentation.setBaseUrl(BASE_URL);
clientRepresentation.setRedirectUris(Collections.singletonList(BASE_URL + "/*"));
clientRepresentation.setAdminUrl(BASE_URL);
return clientRepresentation;
}
Example 12
| Source File: AbstractKeycloakTest.java From keycloak with Apache License 2.0 | 4 votes |
|
private void modifyMainUrls(ClientRepresentation cr) {
cr.setBaseUrl(replaceHttpValuesWithHttps(cr.getBaseUrl()));
cr.setAdminUrl(replaceHttpValuesWithHttps(cr.getAdminUrl()));
}
Example 13
| Source File: KcOidcBrokerConfiguration.java From keycloak with Apache License 2.0 | 4 votes |
|
@Override
public List<ClientRepresentation> createProviderClients() {
ClientRepresentation client = new ClientRepresentation();
client.setId(CLIENT_ID);
client.setClientId(getIDPClientIdInProviderRealm());
client.setName(CLIENT_ID);
client.setSecret(CLIENT_SECRET);
client.setEnabled(true);
client.setRedirectUris(Collections.singletonList(getConsumerRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint/*"));
client.setAdminUrl(getConsumerRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint");
ProtocolMapperRepresentation emailMapper = new ProtocolMapperRepresentation();
emailMapper.setName("email");
emailMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
emailMapper.setProtocolMapper(UserPropertyMapper.PROVIDER_ID);
Map<String, String> emailMapperConfig = emailMapper.getConfig();
emailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "email");
emailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "email");
emailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation nestedAttrMapper = new ProtocolMapperRepresentation();
nestedAttrMapper.setName("attribute - nested claim");
nestedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
nestedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> nestedEmailMapperConfig = nestedAttrMapper.getConfig();
nestedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "nested.email");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "nested.email");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation dottedAttrMapper = new ProtocolMapperRepresentation();
dottedAttrMapper.setName("attribute - claim with dot in name");
dottedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
dottedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> dottedEmailMapperConfig = dottedAttrMapper.getConfig();
dottedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "dotted.email");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "dotted\\.email");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation();
userAttrMapper.setName("attribute - name");
userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig();
userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
userAttrMapperConfig.put(ProtocolMapperUtils.MULTIVALUED, "true");
ProtocolMapperRepresentation userAttrMapper2 = new ProtocolMapperRepresentation();
userAttrMapper2.setName("attribute - name - 2");
userAttrMapper2.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper2.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig2 = userAttrMapper2.getConfig();
userAttrMapperConfig2.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME_2);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME_2);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
userAttrMapperConfig2.put(ProtocolMapperUtils.MULTIVALUED, "true");
ProtocolMapperRepresentation hardcodedJsonClaim = new ProtocolMapperRepresentation();
hardcodedJsonClaim.setName("json-mapper");
hardcodedJsonClaim.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
hardcodedJsonClaim.setProtocolMapper(HardcodedClaim.PROVIDER_ID);
Map<String, String> hardcodedJsonClaimMapperConfig = hardcodedJsonClaim.getConfig();
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, KcOidcBrokerConfiguration.USER_INFO_CLAIM);
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, "JSON");
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
hardcodedJsonClaimMapperConfig.put(HardcodedClaim.CLAIM_VALUE, "{\"" + HARDOCDED_CLAIM + "\": \"" + HARDOCDED_VALUE + "\"}");
client.setProtocolMappers(Arrays.asList(emailMapper, userAttrMapper, userAttrMapper2, nestedAttrMapper, dottedAttrMapper, hardcodedJsonClaim));
return Collections.singletonList(client);
}
