From f92c598b0bb2fea0f74f63f2322c3276fc5196b4 Mon Sep 17 00:00:00 2001 From: Sourabh Mandal <39632788+sourabhmandal@users.noreply.github.com> Date: Tue, 27 Jun 2023 18:33:24 +0530 Subject: [PATCH] Response code (#4) * add response code as response * update respcode in client * remove unnecesary test * remove unnecesary test * update create client scope * refactor response code and create client API --- test/admin_test.go => admin_test.go | 0 ...tection_test.go => attackdetection_test.go | 0 client.go | 2 +- client.model.go | 15 ++++ ...chmark_test.go => client_benchmark_test.go | 0 test/client_test.go => client_test.go | 68 ++++++------------- test/oidc_test.go => oidc_test.go | 2 +- test/realm_test.go => realm_test.go | 0 test/utils_test.go => utils_test.go | 0 9 files changed, 36 insertions(+), 51 deletions(-) rename test/admin_test.go => admin_test.go (100%) rename test/attackdetection_test.go => attackdetection_test.go (100%) rename test/client_benchmark_test.go => client_benchmark_test.go (100%) rename test/client_test.go => client_test.go (98%) rename test/oidc_test.go => oidc_test.go (99%) rename test/realm_test.go => realm_test.go (100%) rename test/utils_test.go => utils_test.go (100%) diff --git a/test/admin_test.go b/admin_test.go similarity index 100% rename from test/admin_test.go rename to admin_test.go diff --git a/test/attackdetection_test.go b/attackdetection_test.go similarity index 100% rename from test/attackdetection_test.go rename to attackdetection_test.go diff --git a/client.go b/client.go index 10ec5ef..bf4f983 100644 --- a/client.go +++ b/client.go @@ -220,7 +220,7 @@ func (g *GoKeycloak) CreateComponent(ctx context.Context, token, realm string, c } // CreateClient creates the given g. -func (g *GoKeycloak) CreateClient(ctx context.Context, clientInitialAccessToken, realm string, newClient Client) (int, CreateClientResponse, error) { +func (g *GoKeycloak) CreateClient(ctx context.Context, clientInitialAccessToken, realm string, newClient CreateClientRequest) (int, CreateClientResponse, error) { const errMessage = "could not create client" var result CreateClientResponse diff --git a/client.model.go b/client.model.go index ff23220..4ade34f 100644 --- a/client.model.go +++ b/client.model.go @@ -32,4 +32,19 @@ type CreateClientResponse struct { BackchannelLogoutSessionRequired bool `json:"backchannel_logout_session_required,omitempty"` RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty"` FrontchannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required,omitempty"` +} + +type CreateClientRequest struct { + RedirectUris []string `json:"redirect_uris,omitempty"` + TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"` + GrantTypes []string `json:"grant_types,omitempty"` + ResponseTypes []string `json:"response_types,omitempty"` + Scope string `json:"scope,omitempty"` + SubjectType string `json:"subject_type,omitempty"` + RequestUris []any `json:"request_uris,omitempty"` + TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty"` + ClientSecretExpiresAt int `json:"client_secret_expires_at,omitempty"` + BackchannelLogoutSessionRequired bool `json:"backchannel_logout_session_required,omitempty"` + RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty"` + FrontchannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required,omitempty"` } \ No newline at end of file diff --git a/test/client_benchmark_test.go b/client_benchmark_test.go similarity index 100% rename from test/client_benchmark_test.go rename to client_benchmark_test.go diff --git a/test/client_test.go b/client_test.go similarity index 98% rename from test/client_test.go rename to client_test.go index cd37ddc..47776a9 100644 --- a/test/client_test.go +++ b/client_test.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "crypto/rsa" - "encoding/base64" "fmt" "io" "math/rand" @@ -321,12 +320,10 @@ func CreatePermission(t *testing.T, client *gokeycloak.GoKeycloak, idOfClient st return tearDown, *createdPermission.ID } -func CreateClient(t *testing.T, client *gokeycloak.GoKeycloak, newClient *gokeycloak.Client) (func(), string) { +func CreateClient(t *testing.T, client *gokeycloak.GoKeycloak, newClient *gokeycloak.CreateClientRequest) (func(), string) { if newClient == nil { - newClient = &gokeycloak.Client{ - ClientID: GetRandomNameP("ClientID"), - Name: GetRandomNameP("Name"), - BaseURL: gokeycloak.StringP("http://example.com"), + newClient = &gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://127.0.0.1/"}, } } cfg := GetConfig(t) @@ -782,32 +779,20 @@ func Test_LoginSignedJWT(t *testing.T) { }() pfxData, err := io.ReadAll(f) require.NoError(t, err) - pKey, cert, err := pkcs12.Decode(pfxData, "secret") + pKey, _, err := pkcs12.Decode(pfxData, "secret") require.NoError(t, err) rsaKey, ok := pKey.(*rsa.PrivateKey) require.True(t, ok) client := NewClientWithDebug(t) - testClient := gokeycloak.Client{ - ID: GetRandomNameP("client-id-"), - ClientID: GetRandomNameP("client-signed-jwt-client-id-"), - ClientAuthenticatorType: gokeycloak.StringP("client-jwt"), - RedirectURIs: &[]string{"localhost"}, - StandardFlowEnabled: gokeycloak.BoolP(true), - ServiceAccountsEnabled: gokeycloak.BoolP(true), - Enabled: gokeycloak.BoolP(true), - FullScopeAllowed: gokeycloak.BoolP(true), - Protocol: gokeycloak.StringP("openid-connect"), - PublicClient: gokeycloak.BoolP(false), - Attributes: &map[string]string{ - "jwt.credential.certificate": base64.StdEncoding.EncodeToString(cert.Raw), - }, + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"localhost"}, } - tearDown, _ := CreateClient(t, client, &testClient) + tearDown, testClientID := CreateClient(t, client, &testClient) defer tearDown() _, _, err = client.LoginClientSignedJWT( context.Background(), - *testClient.ClientID, + testClientID, cfg.GoKeycloak.Realm, rsaKey, jwt.SigningMethodRS256, @@ -1458,10 +1443,8 @@ func Test_ClientScopeMappingsClientRoles(t *testing.T) { cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) - testClient := gokeycloak.Client{ - ClientID: GetRandomNameP("ClientID"), - BaseURL: gokeycloak.StringP("https://example.com"), - FullScopeAllowed: gokeycloak.BoolP(false), + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://localhost:8080"}, } // Creating client tearDownClient, idOfClient := CreateClient(t, client, &testClient) @@ -1536,10 +1519,8 @@ func Test_ClientScopeMappingsRealmRoles(t *testing.T) { cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) - testClient := gokeycloak.Client{ - ClientID: GetRandomNameP("ClientID"), - BaseURL: gokeycloak.StringP("http://example.com"), - FullScopeAllowed: gokeycloak.BoolP(false), + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://localhost:8080"}, } // Creating client tearDownClient, idOfClient := CreateClient(t, client, &testClient) @@ -1718,9 +1699,8 @@ func Test_CreateListGetUpdateDeleteClient(t *testing.T) { client := NewClientWithDebug(t) token := GetAdminToken(t, client) clientID := GetRandomNameP("ClientID") - testClient := gokeycloak.Client{ - ClientID: clientID, - BaseURL: gokeycloak.StringP("http://example.com"), + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://localhost:8080"}, } t.Logf("Client ID: %s", *clientID) @@ -3421,22 +3401,13 @@ func Test_ClientSecret(t *testing.T) { client := NewClientWithDebug(t) token := GetAdminToken(t, client) - testClient := gokeycloak.Client{ - ID: GetRandomNameP("gocloak-client-id-"), - ClientID: GetRandomNameP("gocloak-client-secret-client-id-"), - Secret: gokeycloak.StringP("initial-secret-key"), - ServiceAccountsEnabled: gokeycloak.BoolP(true), - StandardFlowEnabled: gokeycloak.BoolP(true), - Enabled: gokeycloak.BoolP(true), - FullScopeAllowed: gokeycloak.BoolP(true), - Protocol: gokeycloak.StringP("openid-connect"), - RedirectURIs: &[]string{"localhost"}, - ClientAuthenticatorType: gokeycloak.StringP("client-secret"), + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://localhost:8080"}, } tearDown, idOfClient := CreateClient(t, client, &testClient) defer tearDown() - require.Equal(t, *testClient.ID, idOfClient) + // require.Equal(t, *testClient.ID, idOfClient) // Keycloak does not support setting the secret while creating the client _, _, err := client.GetClientSecret( @@ -6041,9 +6012,8 @@ func Test_GetClientsWithPagination(t *testing.T) { token := GetAdminToken(t, client) clientID := GetRandomNameP("ClientID") - testClient := gokeycloak.Client{ - ClientID: clientID, - BaseURL: gokeycloak.StringP("http://example.com"), + testClient := gokeycloak.CreateClientRequest{ + RedirectUris: []string{"http://localhost:8080"}, } t.Logf("Client ID: %s", *clientID) diff --git a/test/oidc_test.go b/oidc_test.go similarity index 99% rename from test/oidc_test.go rename to oidc_test.go index e70f172..91ba7f1 100644 --- a/test/oidc_test.go +++ b/oidc_test.go @@ -26,7 +26,7 @@ func Test_GetUserInfo(t *testing.T) { context.Background(), token.AccessToken, cfg.GoKeycloak.Realm) - require.Error(t, err, "") + require.Error(t, err, nil) } func Test_GetRawUserInfo(t *testing.T) { diff --git a/test/realm_test.go b/realm_test.go similarity index 100% rename from test/realm_test.go rename to realm_test.go diff --git a/test/utils_test.go b/utils_test.go similarity index 100% rename from test/utils_test.go rename to utils_test.go