KeyCloak/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-26 13:50:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Migrate OrganizationTest

Browse Source 
Closes #48922

Signed-off-by: vramik <vramik@redhat.com>
This commit is contained in:
vramik
2026-05-12 14:56:27 +02:00
committed by Pedro Igor
parent a3cac62f18
commit 97d1f46038
1 changed files with 216 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/admin/OrganizationTest.java → tests/base/src/test/java/org/keycloak/tests/organization/admin/OrganizationTest.java
Executable → Regular
+216 -187
View File
@@ -15,9 +15,8 @@
* limitations under the License.
*/
package org.keycloak.testsuite.organization.admin;
package org.keycloak.tests.organization.admin;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Comparator;
@@ -34,6 +33,7 @@ import jakarta.ws.rs.NotFoundException;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.Status;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.OrganizationIdentityProviderResource;
import org.keycloak.admin.client.resource.OrganizationResource;
import org.keycloak.admin.client.resource.OrganizationsResource;
@@ -47,14 +47,24 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.OrganizationDomainRepresentation;
import org.keycloak.representations.idm.OrganizationRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testframework.annotations.InjectAdminClient;
import org.keycloak.testframework.annotations.InjectRealm;
import org.keycloak.testframework.annotations.KeycloakIntegrationTest;
import org.keycloak.testframework.oauth.OAuthClient;
import org.keycloak.testframework.oauth.annotations.InjectOAuthClient;
import org.keycloak.testframework.realm.ManagedRealm;
import org.keycloak.testframework.realm.RealmBuilder;
import org.keycloak.testframework.remote.providers.runonserver.RunOnServer;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
import org.keycloak.testframework.remote.runonserver.InjectRunOnServer;
import org.keycloak.testframework.remote.runonserver.RunOnServerClient;
import org.keycloak.testframework.ui.annotations.InjectPage;
import org.keycloak.testframework.ui.annotations.InjectWebDriver;
import org.keycloak.testframework.ui.page.LoginUsernamePage;
import org.keycloak.testframework.ui.webdriver.ManagedWebDriver;
import org.keycloak.testframework.util.ApiUtil;
import org.junit.Before;
import org.junit.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsInAnyOrder;
@@ -74,12 +84,31 @@ import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;
@KeycloakIntegrationTest
public class OrganizationTest extends AbstractOrganizationTest {
@Before
@InjectRealm(ref = "providerRealm", config = OrganizationRealmConfig.class)
ManagedRealm secondRealm;
@InjectAdminClient(mode = InjectAdminClient.Mode.BOOTSTRAP)
Keycloak adminClient;
@InjectRunOnServer
RunOnServerClient runOnServer;
@InjectWebDriver
ManagedWebDriver driver;
@InjectPage
LoginUsernamePage loginPage;
@InjectOAuthClient
OAuthClient oauth;
@BeforeEach
public void onBefore() {
for (OrganizationRepresentation org : managedRealm.admin().organizations().list(null, null)) {
managedRealm.admin().organizations().get(org.getId()).delete().close();
for (OrganizationRepresentation org : realm.admin().organizations().list(null, null)) {
realm.admin().organizations().get(org.getId()).delete().close();
}
}
@@ -92,7 +121,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
expected.setEnabled(false);
expected.setDescription("ACME Corporation Organization");
OrganizationResource organization = managedRealm.admin().organizations().get(expected.getId());
OrganizationResource organization = realm.admin().organizations().get(expected.getId());
try (Response response = organization.update(expected)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
@@ -114,7 +143,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation org2 = createOrganization("orga");
org1.setName(org2.getName());
OrganizationResource organization = managedRealm.admin().organizations().get(org1.getId());
OrganizationResource organization = realm.admin().organizations().get(org1.getId());
try (Response response = organization.update(org1)) {
assertEquals(Status.CONFLICT.getStatusCode(), response.getStatus());
@@ -124,7 +153,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
@Test
public void testGet() {
OrganizationRepresentation expected = createOrganization();
OrganizationRepresentation existing = managedRealm.admin().organizations().get(expected.getId()).toRepresentation();
OrganizationRepresentation existing = realm.admin().organizations().get(expected.getId()).toRepresentation();
assertNotNull(existing);
assertEquals(expected.getId(), existing.getId());
assertEquals(expected.getName(), existing.getName());
@@ -139,18 +168,18 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation organization = createOrganization("kc.org." + i);
expected.add(organization);
organization.setAttributes(Map.of("foo", List.of("foo")));
managedRealm.admin().organizations().get(organization.getId()).update(organization).close();
realm.admin().organizations().get(organization.getId()).update(organization).close();
}
List<OrganizationRepresentation> existing = managedRealm.admin().organizations().list(-1, -1);
List<OrganizationRepresentation> existing = realm.admin().organizations().list(-1, -1);
assertFalse(existing.isEmpty());
assertThat(existing, containsInAnyOrder(expected.toArray()));
Assertions.assertTrue(existing.stream().map(OrganizationRepresentation::getAttributes).filter(Objects::nonNull).findAny().isEmpty());
List<OrganizationRepresentation> concatenatedList = Stream.of(
managedRealm.admin().organizations().list(0, 5),
managedRealm.admin().organizations().list(5, 5),
managedRealm.admin().organizations().list(10, 5))
realm.admin().organizations().list(0, 5),
realm.admin().organizations().list(5, 5),
realm.admin().organizations().list(10, 5))
.flatMap(Collection::stream).toList();
assertThat(concatenatedList, containsInAnyOrder(expected.toArray()));
@@ -165,8 +194,8 @@ public class OrganizationTest extends AbstractOrganizationTest {
createOrganization("TheWave", "the-wave.br");
// test exact search by name (e.g. 'wayne-industries'), e-mail (e.g. 'gtbank.net'), and no result (e.g. 'nonexistent.com')
List<OrganizationRepresentation> existing = managedRealm.admin().organizations().search("wayne-industries", true, 0, 10);
long count = managedRealm.admin().organizations().count("wayne-industries", true);
List<OrganizationRepresentation> existing = realm.admin().organizations().search("wayne-industries", true, 0, 10);
long count = realm.admin().organizations().count("wayne-industries", true);
assertThat(existing, hasSize(1));
assertThat(existing, hasSize((int) count));
OrganizationRepresentation orgRep = existing.get(0);
@@ -177,8 +206,8 @@ public class OrganizationTest extends AbstractOrganizationTest {
assertThat(orgRep.getDomain("wayneind-gotham.com"), not(nullValue()));
assertThat(orgRep.getAttributes(), nullValue());
existing = managedRealm.admin().organizations().search("gtbank.net", true, 0, 10);
count = managedRealm.admin().organizations().count("gtbank.net", true);
existing = realm.admin().organizations().search("gtbank.net", true, 0, 10);
count = realm.admin().organizations().count("gtbank.net", true);
assertThat(existing, hasSize(1));
assertThat(existing, hasSize((int) count));
@@ -192,45 +221,45 @@ public class OrganizationTest extends AbstractOrganizationTest {
orgRep.singleAttribute("foo", "bar");
orgRep.singleAttribute("bar", "foo");
managedRealm.admin().organizations().get(orgRep.getId()).update(orgRep).close();
existing = managedRealm.admin().organizations().search("gtbank.net", true, 0, 10, false);
realm.admin().organizations().get(orgRep.getId()).update(orgRep).close();
existing = realm.admin().organizations().search("gtbank.net", true, 0, 10, false);
assertThat(existing, hasSize(1));
orgRep = existing.get(0);
assertThat(orgRep.getAttributes(), notNullValue());
assertThat(2, is(orgRep.getAttributes().size()));
existing = managedRealm.admin().organizations().search("nonexistent.org", true, 0, 10);
count = managedRealm.admin().organizations().count("nonexistent.org", true);
existing = realm.admin().organizations().search("nonexistent.org", true, 0, 10);
count = realm.admin().organizations().count("nonexistent.org", true);
assertThat(existing, is(empty()));
assertThat(count, is(equalTo(0L)));
// partial search matching name (e.g. 'wa' matching 'wayne-industries', and 'TheWave')
existing = managedRealm.admin().organizations().search("wa", false, 0, 10);
count = managedRealm.admin().organizations().count("wa", false);
existing = realm.admin().organizations().search("wa", false, 0, 10);
count = realm.admin().organizations().count("wa", false);
assertThat(existing, hasSize(2));
assertThat(existing, hasSize((int) count));
List<String> orgNames = existing.stream().map(OrganizationRepresentation::getName).collect(Collectors.toList());
assertThat(orgNames, containsInAnyOrder("wayne-industries", "TheWave"));
// partial search matching domain (e.g. '.net', matching acme and gotham-bank)
existing = managedRealm.admin().organizations().search(".net", false, 0, 10);
count = managedRealm.admin().organizations().count(".net", false);
existing = realm.admin().organizations().search(".net", false, 0, 10);
count = realm.admin().organizations().count(".net", false);
assertThat(existing, hasSize(2));
assertThat(existing, hasSize((int) count));
orgNames = existing.stream().map(OrganizationRepresentation::getName).collect(Collectors.toList());
assertThat(orgNames, containsInAnyOrder("Gotham-Bank", "acme"));
// partial search matching both a domain and org name, on two different orgs (e.g. 'gotham' matching 'Gotham-Bank' by name and 'wayne-industries' by domain)
existing = managedRealm.admin().organizations().search("gotham", false, 0, 10);
count = managedRealm.admin().organizations().count("gotham", false);
existing = realm.admin().organizations().search("gotham", false, 0, 10);
count = realm.admin().organizations().count("gotham", false);
assertThat(existing, hasSize(2));
assertThat(existing, hasSize((int) count));
orgNames = existing.stream().map(OrganizationRepresentation::getName).collect(Collectors.toList());
assertThat(orgNames, containsInAnyOrder("Gotham-Bank", "wayne-industries"));
// partial search matching no org (e.g. nonexistent)
existing = managedRealm.admin().organizations().search("nonexistent", false, 0, 10);
count = managedRealm.admin().organizations().count("nonexistent", false);
existing = realm.admin().organizations().search("nonexistent", false, 0, 10);
count = realm.admin().organizations().count("nonexistent", false);
assertThat(existing, is(empty()));
assertThat(existing, hasSize((int) count));
@@ -238,17 +267,17 @@ public class OrganizationTest extends AbstractOrganizationTest {
for (int i = 0; i < 10; i++) {
createOrganization("ztest-" + i);
}
count = managedRealm.admin().organizations().count("", false);
count = realm.admin().organizations().count("", false);
assertThat(count, equalTo(14L));
existing = managedRealm.admin().organizations().search("", false, 0, 10);
existing = realm.admin().organizations().search("", false, 0, 10);
// first page should have 10 results.
assertThat(existing, hasSize(10));
orgNames = existing.stream().map(OrganizationRepresentation::getName).collect(Collectors.toList());
assertThat(orgNames, containsInAnyOrder("Gotham-Bank", "TheWave", "acme", "wayne-industries", "ztest-0",
"ztest-1", "ztest-2", "ztest-3", "ztest-4", "ztest-5"));
existing = managedRealm.admin().organizations().search("", false, 10, 10);
existing = realm.admin().organizations().search("", false, 10, 10);
// second page should have 4 results.
assertThat(existing, hasSize(4));
orgNames = existing.stream().map(OrganizationRepresentation::getName).collect(Collectors.toList());
@@ -265,31 +294,31 @@ public class OrganizationTest extends AbstractOrganizationTest {
// set attributes to the orgs.
OrganizationRepresentation orgRep = expected.get(0);
orgRep.singleAttribute("attr1", "value1");
try (Response response = managedRealm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
try (Response response = realm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
assertThat(response.getStatus(), is(equalTo(Status.NO_CONTENT.getStatusCode())));
}
orgRep = expected.get(1);
orgRep.singleAttribute("attr1", "value1").singleAttribute("attr2", "value2");
try (Response response = managedRealm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
try (Response response = realm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
assertThat(response.getStatus(), is(equalTo(Status.NO_CONTENT.getStatusCode())));
}
orgRep = expected.get(2);
orgRep.singleAttribute("attr1", "value1").singleAttribute("attr3", "value3");
try (Response response = managedRealm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
try (Response response = realm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
assertThat(response.getStatus(), is(equalTo(Status.NO_CONTENT.getStatusCode())));
}
orgRep = expected.get(3);
orgRep.singleAttribute("attr2", "value2");
try (Response response = managedRealm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
try (Response response = realm.admin().organizations().get(orgRep.getId()).update(orgRep)) {
assertThat(response.getStatus(), is(equalTo(Status.NO_CONTENT.getStatusCode())));
}
// search for "attr1:value1" - should match testorg.0, testorg.1, and testorg.2
List<OrganizationRepresentation> fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("attr1:value1");
long count = managedRealm.admin().organizations().countByAttribute("attr1:value1");
List<OrganizationRepresentation> fetchedOrgs = realm.admin().organizations().searchByAttribute("attr1:value1");
long count = realm.admin().organizations().countByAttribute("attr1:value1");
fetchedOrgs.sort(Comparator.comparing(OrganizationRepresentation::getName));
assertThat(fetchedOrgs, hasSize(3));
assertThat(fetchedOrgs, hasSize((int) count));
@@ -298,37 +327,37 @@ public class OrganizationTest extends AbstractOrganizationTest {
assertThat(fetchedOrgs.get(2).getName(), is(equalTo(expected.get(2).getName())));
// search for "attr2:value2" - should match testorg.1 and testorg.3
fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("attr2:value2");
fetchedOrgs = realm.admin().organizations().searchByAttribute("attr2:value2");
fetchedOrgs.sort(Comparator.comparing(OrganizationRepresentation::getName));
count = managedRealm.admin().organizations().countByAttribute("attr2:value2");
count = realm.admin().organizations().countByAttribute("attr2:value2");
assertThat(fetchedOrgs, hasSize(2));
assertThat(fetchedOrgs, hasSize((int) count));
assertThat(fetchedOrgs.get(0).getName(), is(equalTo(expected.get(1).getName())));
assertThat(fetchedOrgs.get(1).getName(), is(equalTo(expected.get(3).getName())));
// search for "attr3:value3" - should match only testorg.2
fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("attr3:value3");
count = managedRealm.admin().organizations().countByAttribute("attr3:value3");
fetchedOrgs = realm.admin().organizations().searchByAttribute("attr3:value3");
count = realm.admin().organizations().countByAttribute("attr3:value3");
assertThat(fetchedOrgs, hasSize(1));
assertThat(fetchedOrgs, hasSize((int) count));
assertThat(fetchedOrgs.get(0).getName(), is(equalTo(expected.get(2).getName())));
// search for both "attr1:value1 attr2:value2" - should match only testorg.1
fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("attr1:value1 attr2:value2");
count = managedRealm.admin().organizations().countByAttribute("attr1:value1 attr2:value2");
fetchedOrgs = realm.admin().organizations().searchByAttribute("attr1:value1 attr2:value2");
count = realm.admin().organizations().countByAttribute("attr1:value1 attr2:value2");
assertThat(fetchedOrgs, hasSize(1));
assertThat(fetchedOrgs, hasSize((int) count));
assertThat(fetchedOrgs.get(0).getName(), is(equalTo(expected.get(1).getName())));
// search for both "attr2:value2 attr3:value3" - not org has both of these attributes at the same time.
fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("attr2:value2 attr3:value3");
count = managedRealm.admin().organizations().countByAttribute("attr2:value2 attr3:value3");
fetchedOrgs = realm.admin().organizations().searchByAttribute("attr2:value2 attr3:value3");
count = realm.admin().organizations().countByAttribute("attr2:value2 attr3:value3");
assertThat(fetchedOrgs, hasSize(0));
assertThat(fetchedOrgs, hasSize((int) count));
// search for "anything:anyvalue" - should again match no org because no org has this attribute.
fetchedOrgs = managedRealm.admin().organizations().searchByAttribute("anything:anyvalue");
count = managedRealm.admin().organizations().countByAttribute("anything:anyvalue");
fetchedOrgs = realm.admin().organizations().searchByAttribute("anything:anyvalue");
count = realm.admin().organizations().countByAttribute("anything:anyvalue");
assertThat(fetchedOrgs, hasSize(0));
assertThat(fetchedOrgs, hasSize((int) count));
}
@@ -338,14 +367,14 @@ public class OrganizationTest extends AbstractOrganizationTest {
createOrganization("testorg.1");
createOrganization("testorg.2");
assertThat(managedRealm.admin().organizations().count(null), is(equalTo(2L)));
assertThat(managedRealm.admin().organizations().count(".1"), is(equalTo(1L)));
assertThat(realm.admin().organizations().count(null), is(equalTo(2L)));
assertThat(realm.admin().organizations().count(".1"), is(equalTo(1L)));
}
@Test
public void testDelete() {
OrganizationRepresentation expected = createOrganization();
OrganizationResource organization = managedRealm.admin().organizations().get(expected.getId());
OrganizationResource organization = realm.admin().organizations().get(expected.getId());
try (Response response = organization.delete()) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
@@ -363,7 +392,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation org = createOrganization();
org = org.singleAttribute("key", "value");
OrganizationResource organization = managedRealm.admin().organizations().get(org.getId());
OrganizationResource organization = realm.admin().organizations().get(org.getId());
try (Response response = organization.update(org)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
@@ -404,7 +433,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
// test create org with default domain settings
OrganizationRepresentation expected = createOrganization();
OrganizationDomainRepresentation expectedNewOrgDomain = expected.getDomains().iterator().next();
OrganizationResource organization = managedRealm.admin().organizations().get(expected.getId());
OrganizationResource organization = realm.admin().organizations().get(expected.getId());
OrganizationRepresentation existing = organization.toRepresentation();
assertEquals(1, existing.getDomains().size());
OrganizationDomainRepresentation existingNewOrgDomain = existing.getDomain("neworg.org");
@@ -460,16 +489,16 @@ public class OrganizationTest extends AbstractOrganizationTest {
// create another org in the same realm and attempt to set the same internet domain during update - should not be possible.
OrganizationRepresentation anotherOrg = createOrganization("another-org");
anotherOrg.addDomain(expectedNewOrgDomain);
organization = managedRealm.admin().organizations().get(anotherOrg.getId());
organization = realm.admin().organizations().get(anotherOrg.getId());
try (Response response = organization.update(anotherOrg)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// create another org in a different realm with the same internet domain - should be allowed.
createOrganization(adminClient.realm(bc.providerRealmName()), "testorg", "acme.com");
createOrganization(secondRealm.admin(), "testorg", "acme.com");
// try to remove a domain
organization = managedRealm.admin().organizations().get(existing.getId());
organization = realm.admin().organizations().get(existing.getId());
existing.removeDomain(existingNewOrgDomain);
try (Response response = organization.update(existing)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
@@ -484,7 +513,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
public void testDomainWithWildcardSubdomains() {
// Create organization with a domain that has wildcard subdomain matching enabled
OrganizationRepresentation org = createOrganization();
OrganizationResource organization = managedRealm.admin().organizations().get(org.getId());
OrganizationResource organization = realm.admin().organizations().get(org.getId());
// Add a domain with wildcard subdomain matching using *.domain pattern
OrganizationDomainRepresentation wildcardDomain = new OrganizationDomainRepresentation();
@@ -544,12 +573,12 @@ public class OrganizationTest extends AbstractOrganizationTest {
orgWithoutDomains.setDescription("Organization without domains");
String orgWithoutDomainsId;
try (Response response = managedRealm.admin().organizations().create(orgWithoutDomains)) {
try (Response response = realm.admin().organizations().create(orgWithoutDomains)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
orgWithoutDomainsId = ApiUtil.getCreatedId(response);
}
OrganizationRepresentation created = managedRealm.admin().organizations().get(orgWithoutDomainsId).toRepresentation();
OrganizationRepresentation created = realm.admin().organizations().get(orgWithoutDomainsId).toRepresentation();
assertEquals("no-domain-org", created.getName());
assertEquals("no-domain-org", created.getAlias());
assertThat(created.getDomains() == null || created.getDomains().isEmpty(), is(true));
@@ -557,13 +586,13 @@ public class OrganizationTest extends AbstractOrganizationTest {
// verify that the organization can be retrieved
OrganizationRepresentation orgWithDomains = createRepresentation("org-with-domains", "example.com");
String orgWithDomainsId;
try (Response response = managedRealm.admin().organizations().create(orgWithDomains)) {
try (Response response = realm.admin().organizations().create(orgWithDomains)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
orgWithDomainsId = ApiUtil.getCreatedId(response);
}
try {
List<OrganizationRepresentation> allOrgs = managedRealm.admin().organizations().list(-1, -1);
List<OrganizationRepresentation> allOrgs = realm.admin().organizations().list(-1, -1);
assertThat(allOrgs.size(), greaterThanOrEqualTo(2));
Optional<OrganizationRepresentation> foundOrgWithDomains = allOrgs.stream()
@@ -585,46 +614,44 @@ public class OrganizationTest extends AbstractOrganizationTest {
foundOrgWithoutDomains.get().getDomains() == null ||
foundOrgWithoutDomains.get().getDomains().isEmpty(), is(true));
List<OrganizationRepresentation> search = managedRealm.admin().organizations().search("with-domains", false, -1, -1);
List<OrganizationRepresentation> search = realm.admin().organizations().search("with-domains", false, -1, -1);
assertThat(search, hasSize(1));
search = managedRealm.admin().organizations().search("no-domain", false, -1, -1);
search = realm.admin().organizations().search("no-domain", false, -1, -1);
assertThat(search, hasSize(1));
} finally {
managedRealm.admin().organizations().get(orgWithDomainsId).delete().close();
managedRealm.admin().organizations().get(orgWithoutDomainsId).delete().close();
realm.admin().organizations().get(orgWithDomainsId).delete().close();
realm.admin().organizations().get(orgWithoutDomainsId).delete().close();
}
}
@Test
public void testDisabledOrganizationProvider() throws IOException {
public void testDisabledOrganizationProvider() {
OrganizationRepresentation existing = createOrganization("acme", "acme.org", "acme.net");
// disable the organization provider and try to access REST endpoints
try (RealmAttributeUpdater rau = new RealmAttributeUpdater(managedRealm.admin())
.setOrganizationsEnabled(Boolean.FALSE)
.update()) {
OrganizationRepresentation org = createRepresentation("some", "some.com");
realm.updateWithCleanup(r -> r.organizationsEnabled(false));
try (Response response = managedRealm.admin().organizations().create(org)) {
assertEquals(Status.NOT_FOUND.getStatusCode(), response.getStatus());
}
try {
managedRealm.admin().organizations().list(-1, -1);
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
try {
managedRealm.admin().organizations().search("*");
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
try {
managedRealm.admin().organizations().get(existing.getId()).toRepresentation();
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
OrganizationRepresentation org = createRepresentation("some", "some.com");
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.NOT_FOUND.getStatusCode(), response.getStatus());
}
try {
realm.admin().organizations().list(-1, -1);
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
try {
realm.admin().organizations().search("*");
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
try {
realm.admin().organizations().get(existing.getId()).toRepresentation();
fail("Expected NotFoundException");
} catch (NotFoundException expected) {
}
}
@@ -634,12 +661,12 @@ public class OrganizationTest extends AbstractOrganizationTest {
.name(KeycloakModelUtils.generateId())
.organizationsEnabled(true)
.build();
RealmResource realmRes = realmsResouce().realm(realmRep.getRealm());
RealmResource realmRes = adminClient.realms().realm(realmRep.getRealm());
try {
realmRep.setEnabled(true);
realmsResouce().create(realmRep);
realmRes = realmsResouce().realm(realmRep.getRealm());
adminClient.realms().create(realmRep);
realmRes = adminClient.realms().realm(realmRep.getRealm());
realmRes.toRepresentation();
createOrganization(realmRes, "test-org", "test.org");
@@ -647,8 +674,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
List<OrganizationRepresentation> orgs = realmRes.organizations().list(-1, -1);
assertThat(orgs, hasSize(1));
IdentityProviderRepresentation broker = bc.setUpIdentityProvider();
broker.setAlias(KeycloakModelUtils.generateId());
IdentityProviderRepresentation broker = createOrgBroker(KeycloakModelUtils.generateId());
try (Response response = realmRes.identityProviders().create(broker)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
}
@@ -666,11 +692,12 @@ public class OrganizationTest extends AbstractOrganizationTest {
.mapToObj(i -> createOrganization("kc.org." + i).getId())
.collect(Collectors.toList());
getTestingClient().server(TEST_REALM_NAME).run((RunOnServer) session -> {
String firstOrgId = orgIds.get(0);
runOnServer.run(session -> {
OrganizationProvider orgProvider = session.getProvider(OrganizationProvider.class);
assertEquals(10, orgProvider.count());
OrganizationModel org = orgProvider.getById(orgIds.get(0));
OrganizationModel org = orgProvider.getById(firstOrgId);
orgProvider.remove(org);
assertEquals(9, orgProvider.count());
@@ -683,7 +710,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
rep.setAlias("changed");
OrganizationsResource organizations = managedRealm.admin().organizations();
OrganizationsResource organizations = realm.admin().organizations();
OrganizationResource organization = organizations.get(rep.getId());
try (Response response = organization.update(rep)) {
@@ -702,7 +729,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
@Test
public void testFailDuplicatedAlias() {
OrganizationRepresentation rep = createOrganization();
OrganizationsResource organizations = managedRealm.admin().organizations();
OrganizationsResource organizations = realm.admin().organizations();
rep.setId(null);
rep.getDomains().clear();
@@ -724,32 +751,32 @@ public class OrganizationTest extends AbstractOrganizationTest {
org.addDomain(orgDomain);
org.setAlias("acme&@#!");
try (Response response = managedRealm.admin().organizations().create(org)) {
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// blank alias will be replaced with org name, which is valid
org.setAlias("");
try (Response response = managedRealm.admin().organizations().create(org)) {
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
String id = ApiUtil.getCreatedId(response);
getCleanup().addCleanup(() -> managedRealm.admin().organizations().get(id).delete().close());
realm.cleanup().add(r -> r.organizations().get(id).delete().close());
}
org.setAlias(" ");
try (Response response = managedRealm.admin().organizations().create(org)) {
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
org.setAlias("\n");
try (Response response = managedRealm.admin().organizations().create(org)) {
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// when alias is empty, name is used as alias
org.setName("acme@");
org.setAlias("");
try (Response response = managedRealm.admin().organizations().create(org)) {
try (Response response = realm.admin().organizations().create(org)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
@@ -759,7 +786,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation expected = createOrganization();
expected.setRedirectUrl("http://valid.url:8080/");
OrganizationResource organization = managedRealm.admin().organizations().get(expected.getId());
OrganizationResource organization = realm.admin().organizations().get(expected.getId());
try (Response response = organization.update(expected)) {
assertThat(response.getStatus(), equalTo(Status.NO_CONTENT.getStatusCode()));
@@ -801,12 +828,12 @@ public class OrganizationTest extends AbstractOrganizationTest {
duplicateDomain.setName("example.com");
orgB.addDomain(duplicateDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
OrganizationRepresentation orgC = createRepresentation("org-c", "example.com");
try (Response response = managedRealm.admin().organizations().create(orgC)) {
try (Response response = realm.admin().organizations().create(orgC)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
@@ -820,7 +847,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
wildcardDomain.setName("*.example.com");
orgB.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
}
@@ -831,7 +858,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardDomain = new OrganizationDomainRepresentation();
wildcardDomain.setName("*.example.com");
orgA.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -840,16 +867,16 @@ public class OrganizationTest extends AbstractOrganizationTest {
subDomain.setName("sub.example.com");
orgB.addDomain(subDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
orgB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
orgB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
OrganizationDomainRepresentation deepSubDomain = new OrganizationDomainRepresentation();
deepSubDomain.setName("deep.sub.example.com");
orgB.addDomain(deepSubDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -858,7 +885,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
subDomain.setName("*.deep.sub.example.com");
orgC.addDomain(subDomain);
try (Response response = managedRealm.admin().organizations().get(orgC.getId()).update(orgC)) {
try (Response response = realm.admin().organizations().get(orgC.getId()).update(orgC)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -867,7 +894,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
subDomain.setName("some.deep.sub.example.com");
orgD.addDomain(subDomain);
try (Response response = managedRealm.admin().organizations().get(orgD.getId()).update(orgD)) {
try (Response response = realm.admin().organizations().get(orgD.getId()).update(orgD)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
}
@@ -882,19 +909,19 @@ public class OrganizationTest extends AbstractOrganizationTest {
wildcardDomain.setName("*.example.com");
orgC.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgC.getId()).update(orgC)) {
try (Response response = realm.admin().organizations().get(orgC.getId()).update(orgC)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
OrganizationRepresentation orgD = createOrganization("org-d");
orgD.addDomain(new OrganizationDomainRepresentation("*.sub.example.com"));
try (Response response = managedRealm.admin().organizations().get(orgD.getId()).update(orgD)) {
try (Response response = realm.admin().organizations().get(orgD.getId()).update(orgD)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
OrganizationRepresentation orgE = createOrganization("org-e");
orgE.addDomain(new OrganizationDomainRepresentation("sub.example.com"));
try (Response response = managedRealm.admin().organizations().get(orgE.getId()).update(orgE)) {
try (Response response = realm.admin().organizations().get(orgE.getId()).update(orgE)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
@@ -906,7 +933,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardDomain = new OrganizationDomainRepresentation();
wildcardDomain.setName("*.example.com");
orgA.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -915,7 +942,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
duplicateWildcard.setName("*.example.com");
orgB.addDomain(duplicateWildcard);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
@@ -927,7 +954,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardA = new OrganizationDomainRepresentation();
wildcardA.setName("*.example.com");
orgA.addDomain(wildcardA);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -935,14 +962,14 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardB = new OrganizationDomainRepresentation();
wildcardB.setName("*.acme.com");
orgB.addDomain(wildcardB);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
OrganizationRepresentation updatedA = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation updatedA = realm.admin().organizations().get(orgA.getId()).toRepresentation();
assertNotNull(updatedA.getDomain("*.example.com"));
OrganizationRepresentation updatedB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
OrganizationRepresentation updatedB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
assertNotNull(updatedB.getDomain("*.acme.com"));
}
@@ -952,10 +979,10 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation orgA = createOrganization("org-a", "example.com");
OrganizationRepresentation orgB = createOrganization("org-b", "acme.com");
OrganizationRepresentation updatedA = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation updatedA = realm.admin().organizations().get(orgA.getId()).toRepresentation();
assertNotNull(updatedA.getDomain("example.com"));
OrganizationRepresentation updatedB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
OrganizationRepresentation updatedB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
assertNotNull(updatedB.getDomain("acme.com"));
}
@@ -966,25 +993,25 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardDomain = new OrganizationDomainRepresentation();
wildcardDomain.setName("*.example.com");
orgA.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
// Creating org with subdomain of the wildcard should fail
OrganizationRepresentation orgB = createRepresentation("org-b", "sub.example.com");
try (Response response = managedRealm.admin().organizations().create(orgB)) {
try (Response response = realm.admin().organizations().create(orgB)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
}
// Creating org with the exact base domain should also fail
OrganizationRepresentation orgC = createRepresentation("org-c", "example.com");
try (Response response = managedRealm.admin().organizations().create(orgC)) {
try (Response response = realm.admin().organizations().create(orgC)) {
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
}
// Creating org with the same wildcard should fail
OrganizationRepresentation orgD = createRepresentation("org-d", "*.example.com");
try (Response response = managedRealm.admin().organizations().create(orgD)) {
try (Response response = realm.admin().organizations().create(orgD)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
@@ -992,42 +1019,44 @@ public class OrganizationTest extends AbstractOrganizationTest {
@Test
public void testResolveOrganizationByDomain() {
OrganizationRepresentation orgA = createOrganization("org-a", "sub.example.com");
OrganizationResource organization = managedRealm.admin().organizations().get(orgA.getId());
OrganizationIdentityProviderResource broker = organization.identityProviders().get(brokerConfigFunction.apply(orgA.getAlias()).getIDPAlias());
OrganizationResource organization = realm.admin().organizations().get(orgA.getId());
String brokerAliasA = orgA.getAlias() + "-identity-provider";
OrganizationIdentityProviderResource broker = organization.identityProviders().get(brokerAliasA);
IdentityProviderRepresentation brokerRepOrgA = broker.toRepresentation();
brokerRepOrgA.setHideOnLogin(false);
brokerRepOrgA.getConfig().remove(IdentityProviderRedirectMode.EMAIL_MATCH.getKey());
managedRealm.admin().identityProviders().get(brokerRepOrgA.getAlias()).update(brokerRepOrgA);
realm.admin().identityProviders().get(brokerRepOrgA.getAlias()).update(brokerRepOrgA);
loginPage.open(TEST_REALM_NAME);
log.debug("Logging in");
loginPage.loginUsername("user@sub.example.com");
oauth.openLoginForm();
loginPage.fillLoginWithUsernameOnly("user@sub.example.com");
loginPage.submit();
assertTrue(loginPage.isSocialButtonPresent(brokerRepOrgA.getAlias()));
OrganizationRepresentation orgB = createOrganization("org-b", "example.com");
organization = managedRealm.admin().organizations().get(orgB.getId());
broker = organization.identityProviders().get(brokerConfigFunction.apply(orgB.getAlias()).getIDPAlias());
organization = realm.admin().organizations().get(orgB.getId());
String brokerAliasB = orgB.getAlias() + "-identity-provider";
broker = organization.identityProviders().get(brokerAliasB);
IdentityProviderRepresentation brokerRepOrgB = broker.toRepresentation();
brokerRepOrgB.setHideOnLogin(false);
brokerRepOrgB.getConfig().remove(IdentityProviderRedirectMode.EMAIL_MATCH.getKey());
managedRealm.admin().identityProviders().get(brokerRepOrgB.getAlias()).update(brokerRepOrgB);
oauth.client("broker-app");
loginPage.open(TEST_REALM_NAME);
log.debug("Logging in");
loginPage.loginUsername("user@example.com");
realm.admin().identityProviders().get(brokerRepOrgB.getAlias()).update(brokerRepOrgB);
oauth.openLoginForm();
loginPage.fillLoginWithUsernameOnly("user@example.com");
loginPage.submit();
assertTrue(loginPage.isSocialButtonPresent(brokerRepOrgB.getAlias()));
assertFalse(loginPage.isSocialButtonPresent(brokerRepOrgA.getAlias()));
OrganizationRepresentation orgC = createOrganization("org-c", "*.deep.sub.example.com");
organization = managedRealm.admin().organizations().get(orgC.getId());
broker = organization.identityProviders().get(brokerConfigFunction.apply(orgC.getAlias()).getIDPAlias());
organization = realm.admin().organizations().get(orgC.getId());
String brokerAliasC = orgC.getAlias() + "-identity-provider";
broker = organization.identityProviders().get(brokerAliasC);
IdentityProviderRepresentation brokerRepOrgC = broker.toRepresentation();
brokerRepOrgC.setHideOnLogin(false);
brokerRepOrgC.getConfig().remove(IdentityProviderRedirectMode.EMAIL_MATCH.getKey());
managedRealm.admin().identityProviders().get(brokerRepOrgC.getAlias()).update(brokerRepOrgC);
loginPage.open(TEST_REALM_NAME);
log.debug("Logging in");
loginPage.loginUsername("user@deep.sub.example.com");
realm.admin().identityProviders().get(brokerRepOrgC.getAlias()).update(brokerRepOrgC);
oauth.openLoginForm();
loginPage.fillLoginWithUsernameOnly("user@deep.sub.example.com");
loginPage.submit();
assertTrue(loginPage.isSocialButtonPresent(brokerRepOrgC.getAlias()));
assertFalse(loginPage.isSocialButtonPresent(brokerRepOrgA.getAlias()));
assertFalse(loginPage.isSocialButtonPresent(brokerRepOrgB.getAlias()));
@@ -1039,7 +1068,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation wildcardDomain = new OrganizationDomainRepresentation();
wildcardDomain.setName("*.example.com");
orgA.addDomain(wildcardDomain);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
@@ -1048,25 +1077,25 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation exactDomain = new OrganizationDomainRepresentation();
exactDomain.setName("example.com");
orgB.addDomain(exactDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
// Delete Org A
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).delete()) {
try (Response response = realm.admin().organizations().get(orgA.getId()).delete()) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
// Now Org B should be able to claim "example.com"
orgB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
orgB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
exactDomain = new OrganizationDomainRepresentation();
exactDomain.setName("example.com");
orgB.addDomain(exactDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
OrganizationRepresentation updatedB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
OrganizationRepresentation updatedB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
assertNotNull(updatedB.getDomain("example.com"));
}
@@ -1080,29 +1109,29 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationDomainRepresentation exactDomain = new OrganizationDomainRepresentation();
exactDomain.setName("example.com");
orgB.addDomain(exactDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// Remove "example.com" from Org A
orgA = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
orgA = realm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationDomainRepresentation domainToRemove = orgA.getDomain("example.com");
assertNotNull(domainToRemove);
orgA.removeDomain(domainToRemove);
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
// Now Org B should be able to claim "example.com"
orgB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
orgB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
exactDomain = new OrganizationDomainRepresentation();
exactDomain.setName("example.com");
orgB.addDomain(exactDomain);
try (Response response = managedRealm.admin().organizations().get(orgB.getId()).update(orgB)) {
try (Response response = realm.admin().organizations().get(orgB.getId()).update(orgB)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
OrganizationRepresentation updatedB = managedRealm.admin().organizations().get(orgB.getId()).toRepresentation();
OrganizationRepresentation updatedB = realm.admin().organizations().get(orgB.getId()).toRepresentation();
assertNotNull(updatedB.getDomain("example.com"));
}
@@ -1110,7 +1139,7 @@ public class OrganizationTest extends AbstractOrganizationTest {
public void testDomainSameOrgCanUpdateOwnDomains() {
// An organization should be able to update its own domains without self-conflict.
OrganizationRepresentation orgA = createOrganization("org-a", "example.com");
OrganizationResource organization = managedRealm.admin().organizations().get(orgA.getId());
OrganizationResource organization = realm.admin().organizations().get(orgA.getId());
// Re-submit the same domains should succeed (no self-conflict)
orgA = organization.toRepresentation();
@@ -1137,22 +1166,22 @@ public class OrganizationTest extends AbstractOrganizationTest {
String tooLong = "a.b.c.d.e.f.g.h.i.j.com";
OrganizationRepresentation orgA = createOrganization("org-a");
orgA.addDomain(new OrganizationDomainRepresentation(tooLong));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
// the wildcard form of the same over-long domain must also be rejected
orgA = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
orgA = realm.admin().organizations().get(orgA.getId()).toRepresentation();
orgA.addDomain(new OrganizationDomainRepresentation("*." + tooLong));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// a 10-part domain (9 dots) is still allowed
String atLimit = "*.a.b.c.d.e.f.g.h.i.jay";
orgA = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
orgA = realm.admin().organizations().get(orgA.getId()).toRepresentation();
orgA.addDomain(new OrganizationDomainRepresentation(atLimit));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(orgA)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(orgA)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
}
@@ -1163,18 +1192,18 @@ public class OrganizationTest extends AbstractOrganizationTest {
// a wildcard over a bare TLD must also be rejected
for (String wildcardTld : List.of("*.com", "*.org", "*.net", "*.io")) {
OrganizationRepresentation attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation(wildcardTld));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
}
// the minimum valid values (2-part base) must be accepted
for (String valid : List.of("example.com", "*.example.com")) {
OrganizationRepresentation attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation(valid));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
}
}
@@ -1185,49 +1214,49 @@ public class OrganizationTest extends AbstractOrganizationTest {
OrganizationRepresentation orgA = createOrganization("org-a", "example.com");
// bare "*." (no base domain) is rejected
OrganizationRepresentation attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation("*."));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// wildcard in the middle of the pattern is rejected
attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation("sub.*.example.com"));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// multiple wildcards are rejected
attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation("*.*.example.com"));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// an empty domain name is rejected
attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation(""));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// a syntactically invalid base domain is rejected
attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation("*.not valid"));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// a wildcard over a bare TLD is rejected (base domain has only 1 part)
attempt = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt = realm.admin().organizations().get(orgA.getId()).toRepresentation();
attempt.addDomain(new OrganizationDomainRepresentation("*.com"));
try (Response response = managedRealm.admin().organizations().get(orgA.getId()).update(attempt)) {
try (Response response = realm.admin().organizations().get(orgA.getId()).update(attempt)) {
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
}
// sanity: none of the rejected values were persisted
OrganizationRepresentation reloaded = managedRealm.admin().organizations().get(orgA.getId()).toRepresentation();
OrganizationRepresentation reloaded = realm.admin().organizations().get(orgA.getId()).toRepresentation();
assertEquals(1, reloaded.getDomains().size());
assertNotNull(reloaded.getDomain("example.com"));
}