diff --git a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteService.java b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteService.java
index 4a406700902da42d9f6150e9337319f52def6079..5829cacba9f23de8c68a53ecf9667835453df742 100644
--- a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteService.java
+++ b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteService.java
@@ -29,7 +29,6 @@ import java.util.Optional;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
-import org.keycloak.representations.idm.RolesRepresentation;
import org.springframework.stereotype.Component;
import de.ozgcloud.operator.keycloak.KeycloakException;
@@ -53,16 +52,15 @@ class KeycloakRealmRemoteService {
keycloak.realm(realm.getRealm()).update(realm);
}
-
public Optional<RoleRepresentation> getRealmRole(String roleName, String realmName) {
- return Optional.ofNullable(keycloak.realm(realmName).roles())
+ return Optional.ofNullable(keycloak.realm(realmName))
.orElseThrow(() -> new KeycloakException("Realm with Name " + realmName + " not found."))
+ .roles()
.list()
.stream().filter(role -> Objects.equals(roleName, role.getName()))
.findFirst();
}
-
public void updateRealmRole(RoleRepresentation role, String realm) {
keycloak.realm(realm).roles().get(role.getName()).update(role);
}
diff --git a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmService.java b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmService.java
index d475d195c55f75b7c6284f5fc61c9715f03bc219..e3677e8e1c55509af87bf796eafbe121e5fa4e19 100644
--- a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmService.java
+++ b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmService.java
@@ -62,7 +62,6 @@ class KeycloakRealmService {
try {
LOG.debug("{}: Updating existing realm...", existingRealm);
var realmRepresentation = mapper.update(existingRealm, spec);
- //LOG.info(realmRepresentation.getRoles() + "realm Spec with roles");
remoteService.updateRealm(realmRepresentation);
} catch (Exception e) {
LOG.warn(existingRealm + ": Updating existing realm failed: ", e);
diff --git a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmMapperTest.java b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmMapperTest.java
index 41087f58d366d15bbfe4de8be9dabea6e8314012..e2de78c1cdbf9fbd5f34933ec95bb28899b45572 100644
--- a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmMapperTest.java
+++ b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmMapperTest.java
@@ -27,13 +27,10 @@ import static org.assertj.core.api.Assertions.*;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
-import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.mapstruct.factory.Mappers;
import org.mockito.Spy;
-import de.ozgcloud.operator.keycloak.client.OzgCloudKeycloakClientSpecTestFactory;
-
class KeycloakRealmMapperTest {
@Spy
@@ -144,12 +141,105 @@ class KeycloakRealmMapperTest {
class TestUpdate {
@Test
- void shouldMapBaseUrl() {
- var realm = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+ void shouldMapDisplayName() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getDisplayName()).isEqualTo(OzgCloudKeycloakRealmSpecTestFactory.DISPLAY_NAME);
+ }
+
+ @Test
+ void shouldBeEnabled() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.isEnabled()).isTrue();
+ }
+
+ @Test
+ void shouldBeResetPasswordAllowed() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.isResetPasswordAllowed()).isTrue();
+ }
+
+ @Test
+ void shouldBeSupportedLocaleDe() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getSupportedLocales()).containsExactly("de");
+ }
+
+ @Test
+ void shouldBeDefaultLocaleDe() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getDefaultLocale()).isEqualTo("de");
+ }
+
+ @Test
+ void shouldBeInternationalizationEnabled() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.isInternationalizationEnabled()).isTrue();
+ }
+
+ @Test
+ void checkPasswordPolicy() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getPasswordPolicy()).isEqualTo("upperCase(1) and lowerCase(1) and length(8) and notUsername");
+ }
+
+ @Test
+ void shouldSetActionTokenGeneratedByUserLifespan() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getActionTokenGeneratedByUserLifespan()).isEqualTo(900);
+ }
+
+ @Test
+ void shouldMapSmtpServer() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getSmtpServer()).hasSize(8);
+ }
+
+ @Test
+ void shouldContainSmtpServerKeysValues() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getSmtpServer())
+ .containsEntry("user", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_USER)
+ .containsEntry("password", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_PASSWORD)
+ .containsEntry("host", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_HOST)
+ .containsEntry("port", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_PORT)
+ .containsEntry("starttls", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_STARTTLS)
+ .containsEntry("auth", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_AUTH)
+ .containsEntry("from", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_FROM)
+ .containsEntry("fromDisplayName", KeycloakRealmSmtpServerTestFactory.SMTP_SERVER_FROM_DISPLAY_NAME);
+ }
+
+ @Test
+ void shouldMapWhenSmtpServerIsNull() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.createBuilder().smtpServer(null).build());
+
+ assertThat(mapped.getSmtpServer()).isEmpty();
+ }
+
+ @Test
+ void shouldMapRealmRoles() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+
+ assertThat(mapped.getRoles().getRealm()).hasSize(2);
+ }
+
+ @Test
+ void shouldContainRealmRolesValues() {
+ var mapped = mapper.update(new RealmRepresentation(), OzgCloudKeycloakRealmSpecTestFactory.create());
+ var mappedRealmRoles = mapped.getRoles();
- assertThat(realm.getDisplayName()).isEqualTo(OzgCloudKeycloakRealmSpecTestFactory.DISPLAY_NAME);
+ assertThat(mappedRealmRoles.getRealm().get(0).getName()).isEqualTo(OzgCloudKeycloakRealmSpecTestFactory.ROLE_NAME_1);
+ assertThat(mappedRealmRoles.getRealm().get(1).getName()).isEqualTo(OzgCloudKeycloakRealmSpecTestFactory.ROLE_NAME_2);
}
-
}
}
diff --git a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmReconcilerTest.java b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmReconcilerTest.java
index 53e1ceb43786d4d931dbf1e1f011e527c2d7990b..06e758f079a0e46cf2b1ceba00381683a700258f 100644
--- a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmReconcilerTest.java
+++ b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmReconcilerTest.java
@@ -23,8 +23,11 @@
*/
package de.ozgcloud.operator.keycloak.realm;
-import static org.assertj.core.api.Assertions.*;
-import static org.mockito.Mockito.*;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
diff --git a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteServiceTest.java b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteServiceTest.java
index 3c0bc0491639216714a5515e6677f2a87ea7cb0e..de184ed14a5c5daff65afb5370b5645bb851a680 100644
--- a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteServiceTest.java
+++ b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/realm/KeycloakRealmRemoteServiceTest.java
@@ -23,7 +23,13 @@
*/
package de.ozgcloud.operator.keycloak.realm;
-import static org.mockito.Mockito.*;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import java.util.List;
+import java.util.Optional;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
@@ -31,10 +37,15 @@ import org.junit.jupiter.api.Test;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RealmsResource;
+import org.keycloak.admin.client.resource.RoleResource;
+import org.keycloak.admin.client.resource.RolesResource;
+import org.keycloak.representations.idm.RoleRepresentation;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
+import de.ozgcloud.operator.keycloak.KeycloakException;
+
class KeycloakRealmRemoteServiceTest {
@Spy
@@ -50,6 +61,18 @@ class KeycloakRealmRemoteServiceTest {
@Mock
private RealmResource realmResource;
+ @Mock
+ private RolesResource rolesResource;
+
+ @Mock
+ private RoleResource roleResource;
+
+ @Mock
+ private RoleRepresentation roleRepresentation;
+
+ private static final String REALM_NAME = "TestRealmName";
+ private static final String ROLE_NAME = "RoleName";
+
@Nested
class TestCreateRealm {
@@ -71,8 +94,6 @@ class KeycloakRealmRemoteServiceTest {
@Nested
class TestDeleteRealm {
- private static final String REALM_NAME = "TestRealmName";
-
@Test
void shouldDeleteRealm() {
when(keycloak.realm(REALM_NAME)).thenReturn(realmResource);
@@ -82,4 +103,75 @@ class KeycloakRealmRemoteServiceTest {
verify(realmResource).remove();
}
}
+
+ @Nested
+ class TestRealmRoles {
+
+ @Nested
+ class TestAddClientRole {
+
+ @BeforeEach
+ void init() {
+ when(keycloak.realm(REALM_NAME)).thenReturn(realmResource);
+ when(realmResource.roles()).thenReturn(rolesResource);
+ }
+
+ @Test
+ void shouldAddClientRole() {
+ remoteService.addRealmRole(roleRepresentation, REALM_NAME);
+
+ verify(rolesResource).create(roleRepresentation);
+ }
+ }
+
+ @Nested
+ class TestUpdateRealmRole {
+
+ @BeforeEach
+ void init() {
+ when(keycloak.realm(REALM_NAME)).thenReturn(realmResource);
+ when(realmResource.roles()).thenReturn(rolesResource);
+ when(rolesResource.get(ROLE_NAME)).thenReturn(roleResource);
+
+ when(roleRepresentation.getName()).thenReturn(ROLE_NAME);
+
+ }
+
+ @Test
+ void shouldUpdateRealmRole() {
+ remoteService.updateRealmRole(roleRepresentation, REALM_NAME);
+
+ verify(roleResource).update(roleRepresentation);
+ }
+ }
+
+ @Nested
+ class TestGetRealmRole {
+
+ @BeforeEach
+ void init() {
+ when(keycloak.realm(REALM_NAME)).thenReturn(realmResource);
+
+ }
+
+ @Test
+ void shouldReturnRealmRole() {
+ when(realmResource.roles()).thenReturn(rolesResource);
+ when(rolesResource.list()).thenReturn(List.of(roleRepresentation));
+ when(roleRepresentation.getName()).thenReturn(ROLE_NAME);
+
+ Optional<RoleRepresentation> role = remoteService.getRealmRole(ROLE_NAME, REALM_NAME);
+
+ assertThat(role).isPresent().contains(roleRepresentation);
+ }
+
+ @Test
+ void shouldThrowOnRealmNotFound() {
+ when(keycloak.realm(REALM_NAME)).thenReturn(null);
+
+ assertThrows(KeycloakException.class,
+ () -> remoteService.getRealmRole(ROLE_NAME, REALM_NAME));
+ }
+ }
+ }
}