-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathKeycloakTestUtils.java
More file actions
228 lines (198 loc) · 9.95 KB
/
KeycloakTestUtils.java
File metadata and controls
228 lines (198 loc) · 9.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
package com.portal.keycloak;
import com.portal.keycloak.config.KeycloakTestProperties;
import com.portal.keycloak.init.KeycloakContainerInitializer;
import dasniko.testcontainers.keycloak.KeycloakContainer;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.stereotype.Component;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.RestTemplate;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
@Component
public class KeycloakTestUtils {
@Autowired
protected KeycloakTestProperties keycloakProperties;
/**
* Get access token using client credentials
* @param clientId Client ID
* @param clientSecret Client Secret
* @return Access token
*/
public String getAccessToken(String clientId, String clientSecret) {
String tokenUrl = KeycloakContainerInitializer.getKeycloakContainer().getAuthServerUrl()
+ "/realms/customer/protocol/openid-connect/token";
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> form = new LinkedMultiValueMap<>();
form.add("client_id", clientId);
form.add("client_secret", clientSecret);
form.add("grant_type", "client_credentials");
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(form, headers);
ResponseEntity<Map> response = restTemplate.postForEntity(tokenUrl, request, Map.class);
if (response.getStatusCode().is2xxSuccessful()) {
return (String) response.getBody().get("access_token");
} else {
throw new RuntimeException("Failed to obtain access token: " + response);
}
}
/**
* Create a new user in Keycloak
* @param username Username
* @param password Password
* @return boolean indicating success or failure
*/
public boolean createUser(String email, String password, String firstName, String lastName) {
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
Keycloak keycloakClient = keycloakClient();
AccessTokenResponse accessTokenResponse = keycloakClient.tokenManager().getAccessToken();
String accessToken = accessTokenResponse.getToken();
String userUrl = keycloakContainer.getAuthServerUrl() + "/admin/realms/customer/users";
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(accessToken);
String userJson = String.format("{\"username\":\"%s\",\"email\":\"%s\",\"firstName\":\"%s\",\"lastName\":\"%s\",\"enabled\":true,\"credentials\":[{\"type\":\"password\",\"value\":\"%s\",\"temporary\":false}]}",
email, email, firstName, lastName, password);
HttpEntity<String> request = new HttpEntity<>(userJson, headers);
ResponseEntity<String> response = restTemplate.postForEntity(userUrl, request, String.class);
if (response.getStatusCode().is2xxSuccessful()) {
return true;
} else {
throw new RuntimeException("Failed to create user: " + response);
}
}
/**
* Create a new group in Keycloak
* @param groupName Group name
* @return GroupRepresentation object
*/
public GroupRepresentation createGroup(String groupName) {
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
Keycloak keycloakClient = keycloakClient();
AccessTokenResponse accessTokenResponse = keycloakClient.tokenManager().getAccessToken();
String accessToken = accessTokenResponse.getToken();
String groupUrl = keycloakContainer.getAuthServerUrl() + "/admin/realms/customer/groups";
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(accessToken);
String groupJson = String.format("{\"name\":\"%s\"}", groupName);
HttpEntity<String> request = new HttpEntity<>(groupJson, headers);
ResponseEntity<GroupRepresentation> response = restTemplate.postForEntity(groupUrl, request, GroupRepresentation.class);
if (response.getStatusCode().is2xxSuccessful()) {
GroupRepresentation groupRepresentation = new GroupRepresentation();
groupRepresentation.setId(response.getHeaders().getFirst("Location").split("/")[7]);
return groupRepresentation;
} else {
throw new RuntimeException("Failed to create group: " + response);
}
}
/**
* Create Client Role
* @param clientId Client ID
* @param roleName Role name
* @return boolean indicating success or failure
*/
public boolean createClientRole(String clientId, String roleName) {
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
Keycloak keycloakClient = keycloakClient();
AccessTokenResponse accessTokenResponse = keycloakClient.tokenManager().getAccessToken();
String accessToken = accessTokenResponse.getToken();
String roleUrl = keycloakContainer.getAuthServerUrl() + "/admin/realms/customer/clients/" + clientId + "/roles";
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(accessToken);
String roleJson = String.format("{\"name\":\"%s\"}", roleName);
HttpEntity<String> request = new HttpEntity<>(roleJson, headers);
ResponseEntity<String> response = restTemplate.postForEntity(roleUrl, request, String.class);
if (response.getStatusCode().is2xxSuccessful()) {
return true;
} else {
throw new RuntimeException("Failed to create role: " + response);
}
}
/**
* Get client by name
* @param clientName Client name
* @return ClientRepresentation object
*/
public ClientRepresentation getClientByName(String clientName){
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
Keycloak keycloakClient = keycloakClient();
AccessTokenResponse accessTokenResponse = keycloakClient.tokenManager().getAccessToken();
String accessToken = accessTokenResponse.getToken();
String clientUrl = keycloakContainer.getAuthServerUrl() + "/admin/realms/customer/clients?clientId=" + clientName;
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(accessToken);
HttpEntity<String> request = new HttpEntity<>(headers);
ResponseEntity<ClientRepresentation[]> response = restTemplate.exchange(
clientUrl,
HttpMethod.GET,
request,
ClientRepresentation[].class
);
if (response.getStatusCode().is2xxSuccessful()) {
ClientRepresentation[] clientRepresentations = response.getBody();
if (clientRepresentations.length > 0) {
return clientRepresentations[0];
} else {
throw new RuntimeException("Client not found: " + clientName);
}
} else {
throw new RuntimeException("Failed to get client: " + response);
}
}
/**
* Get client roles
* @param clientId Client ID
* @return List of RoleRepresentation objects
*/
public List<RoleRepresentation> getClientRoles(String clientId) {
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
Keycloak keycloakClient = keycloakClient();
AccessTokenResponse accessTokenResponse = keycloakClient.tokenManager().getAccessToken();
String accessToken = accessTokenResponse.getToken();
String roleUrl = keycloakContainer.getAuthServerUrl() + "/admin/realms/customer/clients/" + clientId + "/roles";
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setBearerAuth(accessToken);
HttpEntity<String> request = new HttpEntity<>(headers);
ResponseEntity<RoleRepresentation[]> response = restTemplate.exchange(
roleUrl,
HttpMethod.GET,
request,
RoleRepresentation[].class
);
if (response.getStatusCode().is2xxSuccessful()) {
return Arrays.asList(response.getBody());
} else {
throw new RuntimeException("Failed to get roles: " + response);
}
}
/**
* Get Keycloak client instance
* @return Keycloak client instance
*/
private Keycloak keycloakClient(){
KeycloakContainer keycloakContainer = KeycloakContainerInitializer.getKeycloakContainer();
return Keycloak.getInstance(
keycloakContainer.getAuthServerUrl(),
"master",
keycloakProperties.getAdmin().getUsername(),
keycloakProperties.getAdmin().getPassword(),
"admin-cli");
}
}