145 lines
5.7 KiB
Java
145 lines
5.7 KiB
Java
package org.gcube.keycloak.protocol.oidc.mapper;
|
|
|
|
import static org.assertj.core.api.Assertions.assertThat;
|
|
import static org.mockito.Mockito.when;
|
|
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
import java.util.stream.Collectors;
|
|
|
|
import javax.ws.rs.core.HttpHeaders;
|
|
|
|
import org.assertj.core.util.Maps;
|
|
import org.junit.Test;
|
|
import org.keycloak.models.AuthenticatedClientSessionModel;
|
|
import org.keycloak.models.ClientModel;
|
|
import org.keycloak.models.ClientSessionContext;
|
|
import org.keycloak.models.KeycloakContext;
|
|
import org.keycloak.models.KeycloakSession;
|
|
import org.keycloak.models.ProtocolMapperModel;
|
|
import org.keycloak.models.UserModel;
|
|
import org.keycloak.models.UserSessionModel;
|
|
import org.keycloak.protocol.oidc.mappers.FullNameMapper;
|
|
import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
|
|
import org.keycloak.provider.ProviderConfigProperty;
|
|
import org.keycloak.representations.AccessToken;
|
|
import org.mockito.Mockito;
|
|
|
|
/**
|
|
* Original code repo: https://github.com/mschwartau/keycloak-custom-protocol-mapper-example
|
|
*/
|
|
public class D4ScienceContextMapperTest {
|
|
|
|
static final String CLAIM_NAME = "haandlerIdClaimNameExample";
|
|
static final String HEADER_VALUE = "ginostilla";
|
|
|
|
@Test
|
|
public void shouldTokenMapperDisplayCategory() {
|
|
final String tokenMapperDisplayCategory = new FullNameMapper().getDisplayCategory();
|
|
assertThat(new D4ScienceContextMapper().getDisplayCategory()).isEqualTo(tokenMapperDisplayCategory);
|
|
}
|
|
|
|
@Test
|
|
public void shouldHaveDisplayType() {
|
|
assertThat(new D4ScienceContextMapper().getDisplayType()).isNotBlank();
|
|
}
|
|
|
|
@Test
|
|
public void shouldHaveHelpText() {
|
|
assertThat(new D4ScienceContextMapper().getHelpText()).isNotBlank();
|
|
}
|
|
|
|
@Test
|
|
public void shouldHaveIdId() {
|
|
assertThat(new D4ScienceContextMapper().getId()).isNotBlank();
|
|
}
|
|
|
|
@Test
|
|
public void shouldHaveProperties() {
|
|
final List<String> configPropertyNames = new D4ScienceContextMapper().getConfigProperties().stream()
|
|
.map(ProviderConfigProperty::getName)
|
|
.collect(Collectors.toList());
|
|
|
|
assertThat(configPropertyNames).containsExactly(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME,
|
|
OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN);
|
|
}
|
|
|
|
@Test
|
|
public void shouldAddClaim() {
|
|
final UserSessionModel session = givenUserSession();
|
|
final KeycloakSession keycloakSession = givenKeycloakSession(true);
|
|
final AccessToken accessToken = transformAccessToken(session, keycloakSession, true);
|
|
assertThat(accessToken.getOtherClaims().get(CLAIM_NAME)).isEqualTo(HEADER_VALUE);
|
|
}
|
|
|
|
@Test
|
|
public void shouldNotAddClaim() {
|
|
final UserSessionModel session = givenUserSession();
|
|
final KeycloakSession keycloakSession = givenKeycloakSession(false);
|
|
final AccessToken accessToken = transformAccessToken(session, keycloakSession, true);
|
|
assertThat(accessToken.getOtherClaims().get(CLAIM_NAME)).isNull();
|
|
}
|
|
|
|
@Test
|
|
public void shouldNotAddClaimAndLogWarning() {
|
|
final UserSessionModel session = givenUserSession();
|
|
final KeycloakSession keycloakSession = givenKeycloakSession(true);
|
|
final AccessToken accessToken = transformAccessToken(session, keycloakSession, false);
|
|
assertThat(accessToken.getOtherClaims().get(CLAIM_NAME)).isNull();
|
|
}
|
|
|
|
private UserSessionModel givenUserSession() {
|
|
UserSessionModel userSession = Mockito.mock(UserSessionModel.class);
|
|
UserModel user = Mockito.mock(UserModel.class);
|
|
when(userSession.getUser()).thenReturn(user);
|
|
return userSession;
|
|
}
|
|
|
|
private KeycloakSession givenKeycloakSession(boolean withHeader) {
|
|
KeycloakSession keycloakSession = Mockito.mock(KeycloakSession.class);
|
|
KeycloakContext context = Mockito.mock(KeycloakContext.class);
|
|
when(keycloakSession.getContext()).thenReturn(context);
|
|
HttpHeaders headers = Mockito.mock(HttpHeaders.class);
|
|
when(context.getRequestHeaders()).thenReturn(headers);
|
|
|
|
if (withHeader) {
|
|
when(headers.getHeaderString(D4ScienceContextMapper.HEADER_NAME)).thenReturn(HEADER_VALUE);
|
|
} else {
|
|
when(headers.getHeaderString(D4ScienceContextMapper.HEADER_NAME)).thenReturn("");
|
|
}
|
|
return keycloakSession;
|
|
}
|
|
|
|
private AccessToken transformAccessToken(UserSessionModel userSessionModel, KeycloakSession keycloakSession,
|
|
boolean withResourceAccess) {
|
|
|
|
final ProtocolMapperModel mappingModel = new ProtocolMapperModel();
|
|
mappingModel.setConfig(createConfig());
|
|
AccessToken at = new AccessToken();
|
|
if (withResourceAccess) {
|
|
at.setResourceAccess(Maps.newHashMap(HEADER_VALUE, null));
|
|
}
|
|
|
|
return new D4ScienceContextMapper().transformAccessToken(at, mappingModel, keycloakSession,
|
|
userSessionModel, givenClientSessionContext());
|
|
}
|
|
|
|
private ClientSessionContext givenClientSessionContext() {
|
|
ClientModel clientModel = Mockito.mock(ClientModel.class);
|
|
when(clientModel.getName()).thenReturn("test-client-id");
|
|
AuthenticatedClientSessionModel acsm = Mockito.mock(AuthenticatedClientSessionModel.class);
|
|
when(acsm.getClient()).thenReturn(clientModel);
|
|
ClientSessionContext csc = Mockito.mock(ClientSessionContext.class);
|
|
when(csc.getClientSession()).thenReturn(acsm);
|
|
return csc;
|
|
}
|
|
|
|
private Map<String, String> createConfig() {
|
|
final Map<String, String> result = new HashMap<>();
|
|
result.put("access.token.claim", "true");
|
|
result.put("claim.name", CLAIM_NAME);
|
|
return result;
|
|
}
|
|
|
|
} |