Skip to content
Snippets Groups Projects
Commit cb113461 authored by OZGCloud's avatar OZGCloud
Browse files

make keycloakuser add roles nullsafe

parent 791874b5
Branches
Tags
No related merge requests found
...@@ -24,7 +24,10 @@ ...@@ -24,7 +24,10 @@
package de.ozgcloud.operator.keycloak.user; package de.ozgcloud.operator.keycloak.user;
import java.util.Arrays; import java.util.Arrays;
import java.util.Map;
import java.util.Optional; import java.util.Optional;
import java.util.Set;
import java.util.stream.Stream;
import org.keycloak.admin.client.CreatedResponseUtil; import org.keycloak.admin.client.CreatedResponseUtil;
import org.keycloak.admin.client.Keycloak; import org.keycloak.admin.client.Keycloak;
...@@ -79,16 +82,25 @@ class KeycloakUserRemoteService { ...@@ -79,16 +82,25 @@ class KeycloakUserRemoteService {
} }
void addClientRoles(String userId, RealmResource realmResource, String namespace, UserRepresentation user) { void addClientRoles(String userId, RealmResource realmResource, String namespace, UserRepresentation user) {
user.getClientRoles().keySet().forEach(clientId -> { getClientNamesOfUser(user).forEach(clientId -> {
var realmClient = getRealmClient(realmResource, clientId); var realmClient = getRealmClient(realmResource, clientId);
user.getClientRoles().get(clientId).stream() user.getClientRoles().get(clientId).stream()
.map(clientRoleName -> keycloakGenericRemoteService.getClientRole(clientRoleName, realmClient.getId(), namespace) .map(clientRoleName -> getClientRole(namespace, clientId, realmClient, clientRoleName))
.orElseThrow(() -> new KeycloakException(
"Role " + clientRoleName + " not found for client with clientId " + clientId + " in realm " + namespace)))
.forEach(clientRole -> addClientRoleToUser(clientRole, realmResource, userId, realmClient)); .forEach(clientRole -> addClientRoleToUser(clientRole, realmResource, userId, realmClient));
}); });
} }
Stream<String> getClientNamesOfUser(UserRepresentation user) {
return Optional.ofNullable(user.getClientRoles()).map(Map::keySet).map(Set::stream).orElse(Stream.empty());
}
RoleRepresentation getClientRole(String namespace, String clientId, ClientRepresentation realmClient, String clientRoleName) {
return keycloakGenericRemoteService.getClientRole(clientRoleName, realmClient.getId(), namespace)
.orElseThrow(() -> new KeycloakException(
"Role " + clientRoleName + " not found for client with clientId " + clientId + " in realm " + namespace));
}
ClientRepresentation getRealmClient(RealmResource realmResource, String clientId) { ClientRepresentation getRealmClient(RealmResource realmResource, String clientId) {
return realmResource.clients() return realmResource.clients()
.findByClientId(clientId).stream().findFirst() .findByClientId(clientId).stream().findFirst()
......
...@@ -61,6 +61,7 @@ class KeycloakUserRemoteServiceTest { ...@@ -61,6 +61,7 @@ class KeycloakUserRemoteServiceTest {
private final static String REALM = "TestRealm"; private final static String REALM = "TestRealm";
private final static String USERID = "UserId"; private final static String USERID = "UserId";
private final static String CLIENT_ID = "ClientId"; private final static String CLIENT_ID = "ClientId";
private final static String CLIENT_ROLE_NAME = "ClientRoleName";
@Spy @Spy
@InjectMocks @InjectMocks
...@@ -173,7 +174,6 @@ class KeycloakUserRemoteServiceTest { ...@@ -173,7 +174,6 @@ class KeycloakUserRemoteServiceTest {
@Test @Test
void shouldThrowOnMissingClientRole() { void shouldThrowOnMissingClientRole() {
var user = UserRepresentationTestFactory.create(); var user = UserRepresentationTestFactory.create();
userRemoteService.addClientRoles(USERID, realmResource, REALM, userRepresentation);
when(genericRemoteService.getClientRole(any(), any(), any())).thenReturn(Optional.empty()); when(genericRemoteService.getClientRole(any(), any(), any())).thenReturn(Optional.empty());
assertThrows(KeycloakException.class, assertThrows(KeycloakException.class,
...@@ -181,6 +181,69 @@ class KeycloakUserRemoteServiceTest { ...@@ -181,6 +181,69 @@ class KeycloakUserRemoteServiceTest {
} }
} }
@Nested
class TestAddClientRolesUserWithoutRoles {
@Test
void shouldNotThrowOnUserWithoutRoles() {
UserRepresentation user = createUserWithNullRoles();
assertDoesNotThrow(() -> userRemoteService.addClientRoles(USERID, realmResource, REALM, user));
}
private UserRepresentation createUserWithNullRoles() {
UserRepresentation user = UserRepresentationTestFactory.create();
user.setClientRoles(null);
return user;
}
}
@Nested
class TestGetRealmClientNamesOfUser {
@Test
void shouldReturnClientNames() {
UserRepresentation user = UserRepresentationTestFactory.create();
List<String> clientNames = userRemoteService.getClientNamesOfUser(user).toList();
assertThat(clientNames).contains(UserRepresentationTestFactory.CLIENT_NAME);
}
}
@Nested
class TestGetClientRole {
@Spy
@InjectMocks
private KeycloakUserRemoteService userRemoteService;
@Mock
private KeycloakGenericRemoteService keycloakGenericRemoteService;
@BeforeEach
void init() {
when(clientRepresentation.getId()).thenReturn(CLIENT_ID);
}
@Test
void shouldReturnClientRole() {
when(keycloakGenericRemoteService.getClientRole(CLIENT_ROLE_NAME, CLIENT_ID, REALM)).thenReturn(Optional.of(roleRepresentation));
RoleRepresentation role = userRemoteService.getClientRole(REALM, CLIENT_ID, clientRepresentation, CLIENT_ROLE_NAME);
assertThat(role).isEqualTo(roleRepresentation);
}
@Test
void shouldThrowOnMissingRole() {
when(keycloakGenericRemoteService.getClientRole(CLIENT_ROLE_NAME, CLIENT_ID, REALM)).thenReturn(Optional.empty());
assertThrows(KeycloakException.class,
() -> userRemoteService.getClientRole(REALM, CLIENT_ID, clientRepresentation, CLIENT_ROLE_NAME));
}
}
@Nested @Nested
class TestAddClientRoleToUser { class TestAddClientRoleToUser {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment