keycloak-admin 0.7.0 → 0.7.5

data/spec/client/client_role_mappings_client_spec.rb

@@ -0,0 +1,82 @@
+RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
+  describe "#available_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id).list_available_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available"
+    end
+  end
+
+  describe "#list_available" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_role_id","name":"test_role_name"}]'
+    end
+
+    it "lists roles" do
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client/available",
+        rest_client_options
+      ).and_call_original
+
+      roles = @client_role_mappings_client.list_available
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+    let(:role_list) { [
+      KeycloakAdmin::RoleRepresentation.from_hash(
+        "name" => "test_role_name",
+        "composite" => false,
+        "clientRole" => false
+      )
+    ] }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
+    end
+
+    it "saves client role mappings" do
+      @client_role_mappings_client.save(role_list)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client", rest_client_options).and_call_original
+
+      @client_role_mappings_client.save(role_list)
+    end
+  end
+end

data/spec/client/group_client_spec.rb

@@ -0,0 +1,125 @@
+RSpec.describe KeycloakAdmin::GroupClient do
+  describe "#groups_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:group_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).groups.groups_url(group_id)
+    end
+
+    context "when group_id is not defined" do
+      let(:group_id) { nil }
+      it "return a proper url without group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups"
+      end
+    end
+
+    context "when group_id is defined" do
+      let(:group_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the group id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_group_id","name":"test_group_name"}]'
+    end
+
+    it "lists groups" do
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      groups = @group_client.list
+      expect(groups.length).to eq 1
+      expect(groups[0].name).to eq "test_group_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:group) { KeycloakAdmin::GroupRepresentation.from_hash(
+      "name" => "test_group_name"
+    )}
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      response = double
+      allow(response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(group.to_json, anything).and_return response
+    end
+
+    it "saves a group" do
+      @group_client.save(group)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/groups", rest_client_options).and_call_original
+
+      @group_client.save(group)
+    end
+  end
+
+  describe "#create" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @group_client = KeycloakAdmin.realm(realm_name).groups
+
+      stub_token_client
+      @response = double
+      allow(@response).to receive(:headers).and_return(
+        { location: 'http://auth.service.io/auth/admin/realms/valid-realm/groups/be061c48-6edd-4783-a726-1a57d4bfa22b' }
+      )
+      allow_any_instance_of(RestClient::Resource).to receive(:post).and_return @response
+    end
+
+    it "creates a group" do
+      stub_net_http_res(Net::HTTPCreated, 201, 'Created')
+
+      group_id = @group_client.create!("test_group_name")
+      expect(group_id).to eq 'be061c48-6edd-4783-a726-1a57d4bfa22b'
+    end
+
+    it "detects unexpected response to create a group" do
+      stub_net_http_res(Net::HTTPOK, 200, 'OK')
+
+      expect{ @group_client.create!("test_group_name") }.to raise_error(
+        'Create method returned status OK (Code: 200); expected status: Created (201)'
+      )
+    end
+
+    def stub_net_http_res(res_class, code, message)
+      net_http_res = double
+      allow(net_http_res).to receive(:message).and_return message
+      allow(net_http_res).to receive(:code).and_return code
+      allow(net_http_res).to receive(:is_a?) do |target_class|
+        target_class == res_class
+      end
+      allow(@response).to receive(:net_http_res).and_return net_http_res
+    end
+  end
+end

data/spec/client/realm_client_spec.rb

@@ -44,4 +44,112 @@ RSpec.describe KeycloakAdmin::RealmClient do
       end
     end
   end
+
+  describe "#list" do
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm('master')
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_realm","realm":"test_realm"}]'
+    end
+
+    it "lists realms" do
+      realms = @realm_client.list
+      expect(realms.length).to eq 1
+      expect(realms[0].realm).to eq "test_realm"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms", rest_client_options).and_call_original
+
+      realms = @realm_client.list
+      expect(realms.length).to eq 1
+      expect(realms[0].realm).to eq "test_realm"
+    end
+  end
+
+  describe "#delete" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(realm_name)
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:delete)
+    end
+
+    it "delete realm" do
+      expect(@realm_client.delete).to be_truthy
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm", rest_client_options).and_call_original
+
+      expect(@realm_client.delete).to be_truthy
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:realm) { KeycloakAdmin::RealmRepresentation.from_hash(
+      "id" => realm_name,
+      "realm" => realm_name
+    )}
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(nil)
+
+      stub_token_client
+
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(realm.to_json, anything)
+    end
+
+    it "saves a realm" do
+      @realm_client.save(realm)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms", rest_client_options).and_call_original
+
+      @realm_client.save(realm)
+    end
+  end
+
+  describe "#update" do
+    let(:realm_name) { "valid-realm" }
+    let(:realm_json) { { smtpServer: { host: 'test_host' } } }
+
+    before(:each) do
+      @realm_client = KeycloakAdmin.realm(realm_name)
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:put).with(realm_json.to_json, anything)
+    end
+
+    it "updates a realm" do
+      @realm_client.update(realm_json)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm", rest_client_options).and_call_original
+
+      @realm_client.update(realm_json)
+    end
+  end
 end

data/spec/client/role_client_spec.rb

@@ -0,0 +1,83 @@
+RSpec.describe KeycloakAdmin::RoleClient do
+  describe "#roles_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:role_id)    { nil }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).roles.roles_url(role_id)
+    end
+
+    context "when role_id is not defined" do
+      let(:role_id) { nil }
+      it "return a proper url without role id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/roles"
+      end
+    end
+
+    context "when role_id is defined" do
+      let(:role_id) { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+      it "return a proper url with the role id" do
+        expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/roles/95985b21-d884-4bbd-b852-cb8cd365afc2"
+      end
+    end
+  end
+
+  describe "#list" do
+    let(:realm_name) { "valid-realm" }
+
+    before(:each) do
+      @role_client = KeycloakAdmin.realm(realm_name).roles
+
+      stub_token_client
+      allow_any_instance_of(RestClient::Resource).to receive(:get).and_return '[{"id":"test_role_id","name":"test_role_name"}]'
+    end
+
+    it "lists roles" do
+      roles = @role_client.list
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/roles", rest_client_options).and_call_original
+
+      roles = @role_client.list
+      expect(roles.length).to eq 1
+      expect(roles[0].name).to eq "test_role_name"
+    end
+  end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:role) { KeycloakAdmin::RoleRepresentation.from_hash(
+      "name" => "test_role_name",
+      "composite" => false,
+      "clientRole" => false
+    )}
+
+    before(:each) do
+      @role_client = KeycloakAdmin.realm(realm_name).roles
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role.to_json, anything)
+    end
+
+    it "saves a role" do
+      @role_client.save(role)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/roles", rest_client_options).and_call_original
+
+      @role_client.save(role)
+    end
+  end
+end

data/spec/client/role_mapper_client_spec.rb

@@ -0,0 +1,47 @@
+RSpec.describe KeycloakAdmin::RoleMapperClient do
+  describe "#available_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper.realm_level_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm"
+    end
+  end
+
+  describe "#save_realm_level" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:role_list) { [
+      KeycloakAdmin::RoleRepresentation.from_hash(
+        "name" => "test_role_name",
+        "composite" => false,
+        "clientRole" => false
+      )
+    ] }
+
+    before(:each) do
+      @role_mapper_client = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
+    end
+
+    it "saves realm-elevel role mappings" do
+      @role_mapper_client.save_realm_level(role_list)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm", rest_client_options).and_call_original
+
+      @role_mapper_client.save_realm_level(role_list)
+    end
+  end
+end