test keycloak
This commit is contained in:
parent
d17292c1b9
commit
711af67199
|
@ -257,6 +257,52 @@
|
|||
}
|
||||
},
|
||||
"response": []
|
||||
},
|
||||
{
|
||||
"name": "test keycloak",
|
||||
"request": {
|
||||
"auth": {
|
||||
"type": "bearer",
|
||||
"bearer": [
|
||||
{
|
||||
"key": "token",
|
||||
"value": "{{uma_token}}a",
|
||||
"type": "string"
|
||||
}
|
||||
]
|
||||
},
|
||||
"method": "GET",
|
||||
"header": [
|
||||
{
|
||||
"key": "gcube-token",
|
||||
"value": "{{gcube_token}}",
|
||||
"type": "text",
|
||||
"disabled": true
|
||||
}
|
||||
],
|
||||
"url": {
|
||||
"raw": "{{base_url}}/{{application}}/keycloak?client_secret={{service_client_secret}}",
|
||||
"host": [
|
||||
"{{base_url}}"
|
||||
],
|
||||
"path": [
|
||||
"{{application}}",
|
||||
"keycloak"
|
||||
],
|
||||
"query": [
|
||||
{
|
||||
"key": "client_secret",
|
||||
"value": "{{service_client_secret}}"
|
||||
},
|
||||
{
|
||||
"key": "client_id",
|
||||
"value": "{{current_client-id}}",
|
||||
"disabled": true
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"response": []
|
||||
}
|
||||
],
|
||||
"event": [
|
||||
|
@ -299,6 +345,16 @@
|
|||
"key": "uma_token",
|
||||
"value": "",
|
||||
"type": "string"
|
||||
},
|
||||
{
|
||||
"key": "service_client_secret",
|
||||
"value": "",
|
||||
"type": "string"
|
||||
},
|
||||
{
|
||||
"key": "service_client_id",
|
||||
"value": "",
|
||||
"type": "string"
|
||||
}
|
||||
]
|
||||
}
|
59
pom.xml
59
pom.xml
|
@ -24,6 +24,10 @@
|
|||
|
||||
<!-- OPTIONAL. for authorization-control-library -->
|
||||
<aspectj-plugin.version>1.14.0</aspectj-plugin.version>
|
||||
|
||||
|
||||
<jacksonVersion>2.15.3</jacksonVersion>
|
||||
|
||||
</properties>
|
||||
|
||||
<scm>
|
||||
|
@ -48,13 +52,56 @@
|
|||
</dependencyManagement>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!-- <dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-client-jakarta</artifactId>
|
||||
<version>21.1.2</version>
|
||||
</dependency>
|
||||
|
||||
<!--
|
||||
Keycloak use a older version of jackson (2.12.3).
|
||||
some jackson libraries are imported only by keyclock,
|
||||
not by smartgears so it mixed different versions.
|
||||
We explicity import its jackson dependency to ovverride the version
|
||||
-->
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-core</artifactId>
|
||||
<version>${jacksonVersion}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.jaxrs</groupId>
|
||||
<artifactId>jackson-jaxrs-base</artifactId>
|
||||
<version>${jacksonVersion}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.jaxrs</groupId>
|
||||
<artifactId>jackson-jaxrs-json-provider</artifactId>
|
||||
<version>${jacksonVersion}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.module</groupId>
|
||||
<artifactId>jackson-module-jaxb-annotations</artifactId>
|
||||
<version>${jacksonVersion}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>jakarta.activation</groupId>
|
||||
<artifactId>jakarta.activation-api</artifactId>
|
||||
<version>2.1.2</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-client</artifactId>
|
||||
<version>21.1.2</version>
|
||||
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.jboss.spec.javax.ws.rs</groupId>
|
||||
<artifactId>jboss-jaxrs-api_3.0_spec</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.aspectj</groupId>
|
||||
<artifactId>aspectjrt</artifactId>
|
||||
|
|
|
@ -0,0 +1,141 @@
|
|||
package org.gcube.service.helloworld.services;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.gcube.service.helloworld.HelloWorldManager;
|
||||
import org.gcube.service.helloworld.serializers.ContextSerializator;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.admin.client.KeycloakBuilder;
|
||||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.ClientsResource;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.admin.client.resource.RoleResource;
|
||||
import org.keycloak.admin.client.resource.RolesResource;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
|
||||
import jakarta.ws.rs.GET;
|
||||
import jakarta.ws.rs.Path;
|
||||
import jakarta.ws.rs.Produces;
|
||||
import jakarta.ws.rs.QueryParam;
|
||||
import jakarta.ws.rs.DefaultValue;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
|
||||
@ManagedBy(HelloWorldManager.class)
|
||||
@Path("")
|
||||
public class KeycloakTestService {
|
||||
|
||||
private final String CLIENT_SECRET = "NOT_COMMITTED";
|
||||
|
||||
private final static Logger logger = LoggerFactory.getLogger(KeycloakTestService.class);
|
||||
|
||||
public static String getClientIdContext(String context) {
|
||||
return context.replace("/", "%2F");
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("/keycloak")
|
||||
@Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" })
|
||||
public Response testKeycloak(
|
||||
@QueryParam("serverUrl") @DefaultValue("https://accounts.dev.d4science.org/auth") String serverUrl,
|
||||
@QueryParam("realm") @DefaultValue("d4science") String realm,
|
||||
@QueryParam("role-name") @DefaultValue("Member") String roleName,
|
||||
@QueryParam("client_id") @DefaultValue("id.d4science.org") String clientId,
|
||||
@QueryParam("client_secret") @DefaultValue(CLIENT_SECRET) String client_secret
|
||||
) {
|
||||
|
||||
String client_contenxt = "/gcube";
|
||||
|
||||
List<String> usernames = new ArrayList<String>();
|
||||
try {
|
||||
Keycloak kclient = KeycloakBuilder.builder()
|
||||
.serverUrl(serverUrl)
|
||||
.realm(realm)
|
||||
.grantType(OAuth2Constants.CLIENT_CREDENTIALS)
|
||||
.clientId(clientId) //
|
||||
.clientSecret(client_secret).build();
|
||||
|
||||
List<UserRepresentation> users = searchByRole(kclient, realm, client_contenxt, roleName);
|
||||
if (users != null) {
|
||||
for (UserRepresentation user : users) {
|
||||
usernames.add(user.getUsername());
|
||||
}
|
||||
}
|
||||
|
||||
// responseBean.setResult(usernames);
|
||||
// responseBean.setSuccess(true);
|
||||
|
||||
ObjectMapper objectMapper = ContextSerializator.getSerializer();
|
||||
|
||||
String jsonData = objectMapper.writeValueAsString(usernames);
|
||||
return Response.ok(jsonData).build();
|
||||
|
||||
} catch (JsonProcessingException e) {
|
||||
e.printStackTrace();
|
||||
return Response.serverError().build();
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return Response.serverError().build();
|
||||
}
|
||||
|
||||
// return Response.status(status).entity(responseBean).build();
|
||||
|
||||
}
|
||||
|
||||
private static List<UserRepresentation> searchByRole(Keycloak kclient, String krealm, String clientIdContext,
|
||||
String roleName) {
|
||||
|
||||
clientIdContext = getClientIdContext(clientIdContext);
|
||||
|
||||
logger.info("Searching by role: {}", roleName);
|
||||
|
||||
RealmResource realm_resource = kclient.realm(krealm);
|
||||
logger.info("{} realm_resource: {}", krealm, realm_resource);
|
||||
|
||||
ClientsResource clients_resource = realm_resource.clients();
|
||||
logger.info("clients_resource {}", clients_resource);
|
||||
|
||||
for (ClientRepresentation c : clients_resource.findAll()) {
|
||||
logger.info("listing all clients, found {} - {}", c.getClientId(), c.getId());
|
||||
}
|
||||
|
||||
List<ClientRepresentation> clients_repr = clients_resource.findByClientId(clientIdContext);
|
||||
logger.info("{} clients_repr: {}", clientIdContext, clients_repr);
|
||||
|
||||
String client_id = "";
|
||||
for (ClientRepresentation c_repr : clients_repr) {
|
||||
logger.info("searching {}, found client {} - {}", clientIdContext, c_repr.getClientId(), c_repr.getId());
|
||||
client_id = c_repr.getId();
|
||||
}
|
||||
|
||||
ClientResource client_resource = clients_resource.get(client_id);
|
||||
logger.info("client_resource {}", client_resource);
|
||||
|
||||
RolesResource roles_resource = client_resource.roles();
|
||||
for (RoleRepresentation r : roles_resource.list()) {
|
||||
logger.info("found role {}", r);
|
||||
}
|
||||
|
||||
logger.info("roles_resource {}", roles_resource);
|
||||
|
||||
RoleResource role_resource = roles_resource.get(roleName);
|
||||
logger.info("{} role_resource: {}", roleName, roles_resource);
|
||||
|
||||
List<UserRepresentation> users_repr = role_resource.getUserMembers(0, 100000);
|
||||
for (UserRepresentation u : users_repr) {
|
||||
logger.info("found user {}", u);
|
||||
}
|
||||
|
||||
return users_repr;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue