keycloak-api-manager 4.0.0 → 5.0.0

package/test/specs/matrix/matrix-realms-components-idp.test.js

@@ -0,0 +1,111 @@
+const path = require('path');
+const { expect } = require('chai');
+
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '..', '..', 'config');
+
+const keycloakManager = require('keycloak-api-manager');
+const { KEYCLOAK_CONFIG } = require('../../testConfig');
+const { loadMatrix, uniqueName } = require('../../helpers/matrix');
+
+function shouldSkipFeature(err) {
+  if (!err || !err.message) {
+    return false;
+  }
+  const text = err.message.toLowerCase();
+  return (
+    (text.includes('provider') && text.includes('not found')) ||
+    text.includes('feature not enabled') ||
+    text.includes('not supported') ||
+    text.includes('http 404') ||
+    text.includes('unknown_error')
+  );
+}
+
+describe('Matrix - Realms, Components, Identity Providers', function () {
+  this.timeout(60000);
+
+  const matrix = loadMatrix('realms-components-idp');
+
+  before(async function () {
+    await keycloakManager.configure({
+      baseUrl: KEYCLOAK_CONFIG.baseUrl,
+      realmName: KEYCLOAK_CONFIG.realmName,
+      clientId: KEYCLOAK_CONFIG.clientId,
+      clientSecret: KEYCLOAK_CONFIG.clientSecret,
+      username: KEYCLOAK_CONFIG.username,
+      password: KEYCLOAK_CONFIG.password,
+      grantType: KEYCLOAK_CONFIG.grantType,
+      tokenLifeSpan: KEYCLOAK_CONFIG.tokenLifeSpan,
+      scope: KEYCLOAK_CONFIG.scope,
+    });
+  });
+
+  matrix.realms.forEach((testCase) => {
+    it(`realm case: ${testCase.name}`, async function () {
+      const realmName = uniqueName(`matrix-realm-${testCase.name}`);
+
+      await keycloakManager.realms.create({
+        realm: realmName,
+        enabled: true,
+        ...testCase.realmConfig,
+      });
+
+      const realms = await keycloakManager.realms.find();
+      expect(realms.map((r) => r.realm)).to.include(realmName);
+
+      await keycloakManager.realms.update(
+        { realm: realmName },
+        {
+          ...testCase.realmConfig,
+          displayName: `Updated ${realmName}`,
+        }
+      );
+
+      const updated = await keycloakManager.realms.findOne({ realm: realmName });
+      expect(updated.displayName).to.equal(`Updated ${realmName}`);
+
+      await keycloakManager.realms.del({ realm: realmName });
+    });
+  });
+
+  it('components: find and check components exist', async function () {
+    const components = await keycloakManager.components.find();
+    expect(components).to.be.an('array');
+  });
+
+  matrix.identityProviders.forEach((testCase) => {
+    it(`idp case: ${testCase.name}`, async function () {
+      const realmName = uniqueName(`matrix-idp-realm-${testCase.name}`);
+      const alias = uniqueName(`matrix-idp-${testCase.name}`);
+
+      await keycloakManager.realms.create({ realm: realmName, enabled: true });
+      keycloakManager.setConfig({ realmName });
+
+      try {
+        await keycloakManager.identityProviders.create({
+          alias,
+          providerId: testCase.providerId,
+          enabled: true,
+          trustEmail: false,
+          storeToken: false,
+          addReadTokenRoleOnCreate: false,
+          authenticateByDefault: false,
+          config: testCase.config,
+        });
+      } catch (err) {
+        if (shouldSkipFeature(err)) {
+          this.skip();
+          return;
+        }
+        throw err;
+      }
+
+      const idps = await keycloakManager.identityProviders.find();
+      expect(idps.map((i) => i.alias)).to.include(alias);
+
+      await keycloakManager.identityProviders.del({ alias });
+      await keycloakManager.realms.del({ realm: realmName });
+    });
+  });
+});

package/test/specs/matrix/matrix-users-roles-groups.test.js

@@ -0,0 +1,68 @@
+const path = require('path');
+const { expect } = require('chai');
+
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '..', '..', 'config');
+
+const keycloakManager = require('keycloak-api-manager');
+const { TEST_REALM } = require('../../testConfig');
+const { loadMatrix, uniqueName } = require('../../helpers/matrix');
+
+describe('Matrix - Users, Roles, Groups', function () {
+  this.timeout(30000);
+
+  const matrix = loadMatrix('users-roles-groups');
+
+  before(function () {
+    keycloakManager.setConfig({ realmName: TEST_REALM });
+  });
+
+  matrix.cases.forEach((testCase) => {
+    it(`user-role-group case: ${testCase.name}`, async function () {
+      const roleName = uniqueName(`matrix-role-${testCase.name}`);
+      const groupName = uniqueName(`matrix-group-${testCase.name}`);
+      const username = uniqueName(`matrix-user-${testCase.name}`);
+      const email = `${username}@example.test`;
+
+      await keycloakManager.roles.create({
+        name: roleName,
+        description: `Role for ${testCase.name}`,
+      });
+
+      const group = await keycloakManager.groups.create({
+        name: groupName,
+        attributes: { description: ['Matrix group'] },
+      });
+
+      const user = await keycloakManager.users.create({
+        username,
+        email,
+        enabled: testCase.user.enabled,
+        emailVerified: testCase.user.emailVerified,
+        firstName: 'Matrix',
+        lastName: 'User',
+      });
+
+      await keycloakManager.users.addToGroup({
+        id: user.id,
+        groupId: group.id,
+      });
+
+      const role = await keycloakManager.roles.findOneByName({ name: roleName });
+      await keycloakManager.users.addRealmRoleMappings({
+        id: user.id,
+        roles: [role],
+      });
+
+      const userGroups = await keycloakManager.users.listGroups({ id: user.id });
+      expect(userGroups.map((g) => g.id)).to.include(group.id);
+
+      const roleMappings = await keycloakManager.users.listRealmRoleMappings({ id: user.id });
+      expect(roleMappings.map((r) => r.name)).to.include(roleName);
+
+      await keycloakManager.users.del({ id: user.id });
+      await keycloakManager.groups.del({ id: group.id });
+      await keycloakManager.roles.delByName({ name: roleName });
+    });
+  });
+});

package/test/specs/organizations.test.js

@@ -0,0 +1,183 @@
+const path = require('path');
+const { expect } = require('chai');
+
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '..', 'config');
+
+const { conf } = require('propertiesmanager');
+const KeycloakManager = require('../../index');
+const { TEST_REALM, generateUniqueName } = require('../testConfig');
+
+const config = {
+    baseUrl: conf.keycloak.baseUrl,
+    realmName: conf.keycloak.realmName,
+    clientId: conf.keycloak.clientId,
+    clientSecret: conf.keycloak.clientSecret,
+    grantType: conf.keycloak.grantType,
+    username: conf.keycloak.username,
+    password: conf.keycloak.password,
+    tokenLifeSpan: conf.keycloak.tokenLifeSpan
+};
+
+/**
+ * Integration tests for Organizations Handler
+ * Tests organization CRUD, members, identity providers (Keycloak 25+)
+ */
+describe('Organizations Handler Tests', function () {
+    this.timeout(10000);
+
+    const testOrgData = {
+        name: `test-org-${Date.now()}`,
+        domains: [],
+        attributes: {
+            customAttr: ['value1']
+        }
+    };
+
+    let createdOrgId;
+    let testUserId;
+
+    before(async function () {
+        await KeycloakManager.configure(config);
+        
+        // Switch to test realm for operations
+        KeycloakManager.setConfig({ realmName: TEST_REALM });
+        
+        // Create a test user for member operations in test realm
+        const userResult = await KeycloakManager.users.create({
+            username: `org-test-user-${Date.now()}`,
+            email: 'orguser@test.com',
+            enabled: true
+        });
+        testUserId = userResult.id;
+    });
+
+    after(async function () {
+        // Clean up
+        if (createdOrgId) {
+            try {
+                await KeycloakManager.organizations.del({ id: createdOrgId });
+            } catch (e) {
+                // Org might already be deleted
+            }
+        }
+        if (testUserId) {
+            try {
+                await KeycloakManager.users.del({ id: testUserId });
+            } catch (e) {
+                // User might already be deleted
+            }
+        }
+        KeycloakManager.stop();
+    });
+
+    describe('Organization CRUD Operations', function () {
+        it('should create an organization', async function () {
+            const result = await KeycloakManager.organizations.create(testOrgData);
+            expect(result).to.have.property('id');
+            createdOrgId = result.id;
+        });
+
+        it('should find all organizations', async function () {
+            if (!createdOrgId) this.skip();
+            
+            const orgs = await KeycloakManager.organizations.find({});
+            expect(orgs).to.be.an('array');
+            expect(orgs.length).to.be.greaterThan(0);
+        });
+
+        it('should find one organization by ID', async function () {
+            if (!createdOrgId) this.skip();
+            
+            const org = await KeycloakManager.organizations.findOne({ id: createdOrgId });
+            expect(org).to.have.property('id', createdOrgId);
+            expect(org).to.have.property('name', testOrgData.name);
+        });
+
+        it('should update an organization', async function () {
+            if (!createdOrgId) this.skip();
+            
+            const updatedData = {
+                attributes: {
+                    customAttr: ['updatedValue']
+                }
+            };
+            
+            await KeycloakManager.organizations.update({ id: createdOrgId }, updatedData);
+            
+            const org = await KeycloakManager.organizations.findOne({ id: createdOrgId });
+            expect(org.attributes.customAttr).to.deep.equal(['updatedValue']);
+        });
+    });
+
+    describe('Organization Members', function () {
+        it('should add a member to organization', async function () {
+            if (!createdOrgId || !testUserId) this.skip();
+            
+            await KeycloakManager.organizations.addMember({
+                id: createdOrgId,
+                userId: testUserId
+            });
+            
+            expect(true).to.be.true;
+        });
+
+        it('should list organization members', async function () {
+            if (!createdOrgId) this.skip();
+            
+            const members = await KeycloakManager.organizations.listMembers({
+                id: createdOrgId
+            });
+            
+            expect(members).to.be.an('array');
+        });
+
+        it('should remove a member from organization', async function () {
+            if (!createdOrgId || !testUserId) this.skip();
+            
+            await KeycloakManager.organizations.delMember({
+                id: createdOrgId,
+                userId: testUserId
+            });
+            
+            expect(true).to.be.true;
+        });
+    });
+
+    describe('Organization Identity Providers', function () {
+        it('should list identity providers for organization', async function () {
+            if (!createdOrgId) this.skip();
+            
+            try {
+                const idps = await KeycloakManager.organizations.listIdentityProviders({
+                    id: createdOrgId
+                });
+                
+                expect(idps).to.be.an('array');
+            } catch (error) {
+                // Method might not be available
+                if (error.response?.status === 404) {
+                    this.skip();
+                }
+                throw error;
+            }
+        });
+    });
+
+    describe('Organization Deletion', function () {
+        it('should delete an organization', async function () {
+            if (!createdOrgId) this.skip();
+            
+            await KeycloakManager.organizations.del({ id: createdOrgId });
+            
+            try {
+                await KeycloakManager.organizations.findOne({ id: createdOrgId });
+                throw new Error('Organization should have been deleted');
+            } catch (error) {
+                expect(error.response?.status).to.equal(404);
+            }
+            
+            createdOrgId = null; // Prevent cleanup attempt
+        });
+    });
+});

package/test/specs/serverInfo.test.js

@@ -0,0 +1,140 @@
+const path = require('path');
+const { expect } = require('chai');
+
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '..', 'config');
+
+const { conf } = require('propertiesmanager');
+const KeycloakManager = require('../../index');
+const { TEST_REALM, generateUniqueName } = require('../testConfig');
+
+const config = {
+    baseUrl: conf.keycloak.baseUrl,
+    realmName: conf.keycloak.realmName,
+    clientId: conf.keycloak.clientId,
+    clientSecret: conf.keycloak.clientSecret,
+    grantType: conf.keycloak.grantType,
+    username: conf.keycloak.username,
+    password: conf.keycloak.password,
+    tokenLifeSpan: conf.keycloak.tokenLifeSpan
+};
+
+/**
+ * Integration tests for Server Info Handler
+ * Tests server information and metadata retrieval
+ */
+describe('Server Info Handler Tests', function () {
+    this.timeout(10000);
+
+    before(async function () {
+        await KeycloakManager.configure(config);
+    });
+
+    after(async function () {
+        KeycloakManager.stop();
+    });
+
+    describe('Server Information', function () {
+        let serverInfo;
+
+        it('should get comprehensive server information', async function () {
+            serverInfo = await KeycloakManager.serverInfo.getInfo();
+            
+            expect(serverInfo).to.exist;
+            expect(serverInfo).to.be.an('object');
+        });
+
+        it('should contain system information', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('systemInfo');
+            expect(serverInfo.systemInfo).to.be.an('object');
+            
+            // System info typically includes version, uptime, etc.
+            if (serverInfo.systemInfo.version) {
+                expect(serverInfo.systemInfo.version).to.be.a('string');
+            }
+        });
+
+        it('should contain memory information', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('memoryInfo');
+            expect(serverInfo.memoryInfo).to.be.an('object');
+        });
+
+        it('should contain profile information', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('profileInfo');
+            expect(serverInfo.profileInfo).to.be.an('object');
+        });
+
+        it('should contain available themes', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('themes');
+            expect(serverInfo.themes).to.be.an('object');
+            
+            // Themes should include login, account, admin, etc.
+            const themeTypes = Object.keys(serverInfo.themes);
+            expect(themeTypes.length).to.be.greaterThan(0);
+        });
+
+        it('should contain available providers', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('providers');
+            expect(serverInfo.providers).to.be.an('object');
+            
+            // Providers should include various SPIs
+            const providerTypes = Object.keys(serverInfo.providers);
+            expect(providerTypes.length).to.be.greaterThan(0);
+        });
+
+        it('should contain protocol mapper types', async function () {
+            if (!serverInfo) this.skip();
+            
+            expect(serverInfo).to.have.property('protocolMapperTypes');
+            expect(serverInfo.protocolMapperTypes).to.be.an('object');
+        });
+
+        it('should contain component types', async function () {
+            if (!serverInfo) this.skip();
+            
+            if (serverInfo.componentTypes) {
+                expect(serverInfo.componentTypes).to.be.an('object');
+            }
+        });
+
+        it('should contain password policies', async function () {
+            if (!serverInfo) this.skip();
+            
+            if (serverInfo.passwordPolicies) {
+                expect(serverInfo.passwordPolicies).to.be.an('array');
+            }
+        });
+
+        it('should contain enums', async function () {
+            if (!serverInfo) this.skip();
+            
+            if (serverInfo.enums) {
+                expect(serverInfo.enums).to.be.an('object');
+            }
+        });
+
+        it('should verify specific provider categories exist', async function () {
+            if (!serverInfo || !serverInfo.providers) this.skip();
+            
+            const providers = serverInfo.providers;
+            
+            // Check for common provider categories
+            // Note: These may vary by Keycloak version
+            const commonProviders = ['login-protocol', 'realm-cache', 'user-storage'];
+            const foundProviders = commonProviders.filter(p => providers[p]);
+            
+            // At least some common providers should exist
+            expect(foundProviders.length).to.be.greaterThan(0);
+        });
+    });
+});

package/test/specs/userProfile.test.js

@@ -0,0 +1,135 @@
+const path = require('path');
+const { expect } = require('chai');
+
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '..', 'config');
+
+const { conf } = require('propertiesmanager');
+const KeycloakManager = require('../../index');
+const { TEST_REALM, generateUniqueName } = require('../testConfig');
+
+const config = {
+    baseUrl: conf.keycloak.baseUrl,
+    realmName: conf.keycloak.realmName,
+    clientId: conf.keycloak.clientId,
+    clientSecret: conf.keycloak.clientSecret,
+    grantType: conf.keycloak.grantType,
+    username: conf.keycloak.username,
+    password: conf.keycloak.password,
+    tokenLifeSpan: conf.keycloak.tokenLifeSpan
+};
+
+/**
+ * Integration tests for User Profile Handler
+ * Tests user profile configuration and metadata (Keycloak 15+)
+ */
+describe('User Profile Handler Tests', function () {
+    this.timeout(10000);
+
+    before(async function () {
+        await KeycloakManager.configure(config);
+    });
+
+    after(async function () {
+        KeycloakManager.stop();
+    });
+
+    describe('User Profile Configuration', function () {
+        let originalConfig;
+
+        it('should get user profile configuration', async function () {
+            try {
+                const profileConfig = await KeycloakManager.userProfile.getConfiguration({});
+                
+                expect(profileConfig).to.exist;
+                expect(profileConfig).to.have.property('attributes');
+                expect(profileConfig.attributes).to.be.an('array');
+                
+                // Save original config for restoration
+                originalConfig = profileConfig;
+            } catch (error) {
+                // User Profile API only available in Keycloak 15+
+                if (error.response?.status === 404 || error.message?.includes('getProfile')) {
+                    this.skip();
+                }
+                throw error;
+            }
+        });
+
+        it('should verify standard attributes exist in profile', async function () {
+            if (!originalConfig) this.skip();
+            
+            const attributeNames = originalConfig.attributes.map(attr => attr.name);
+            
+            // Standard attributes that should exist
+            expect(attributeNames).to.include('username');
+            expect(attributeNames).to.include('email');
+        });
+
+        it('should update user profile configuration', async function () {
+            if (!originalConfig) this.skip();
+            if (!originalConfig.attributes || !Array.isArray(originalConfig.attributes)) this.skip();
+            
+            // Add a custom attribute to the configuration
+            const updatedConfig = JSON.parse(JSON.stringify(originalConfig));
+            
+            // Check if test attribute already exists
+            const testAttrIndex = updatedConfig.attributes.findIndex(
+                attr => attr.name === 'testCustomAttribute'
+            );
+            
+            if (testAttrIndex === -1) {
+                // Add new test attribute
+                updatedConfig.attributes.push({
+                    name: 'testCustomAttribute',
+                    displayName: 'Test Custom Attribute',
+                    validations: {},
+                    permissions: {
+                        view: ['admin', 'user'],
+                        edit: ['admin']
+                    },
+                    multivalued: false
+                });
+            }
+
+            try {
+                await KeycloakManager.userProfile.updateConfiguration({}, updatedConfig);
+                
+                // Verify the update
+                const verifyConfig = await KeycloakManager.userProfile.getConfiguration({});
+                const customAttrExists = verifyConfig.attributes.some(
+                    attr => attr.name === 'testCustomAttribute'
+                );
+                
+                expect(customAttrExists).to.be.true;
+                
+                // Restore original configuration
+                await KeycloakManager.userProfile.updateConfiguration({}, originalConfig);
+            } catch (error) {
+                // Restore on error
+                if (originalConfig) {
+                    await KeycloakManager.userProfile.updateConfiguration({}, originalConfig);
+                }
+                throw error;
+            }
+        });
+    });
+
+    describe('User Profile Metadata', function () {
+        it('should get user profile metadata', async function () {
+            try {
+                const metadata = await KeycloakManager.userProfile.getMetadata({});
+                
+                expect(metadata).to.exist;
+                // Metadata typically contains validators, attribute types, etc.
+                // Structure may vary by Keycloak version
+            } catch (error) {
+                // Metadata endpoint might not be available in all versions
+                if (error.response?.status === 404 || error.message?.includes('getProfileMetadata')) {
+                    this.skip();
+                }
+                throw error;
+            }
+        });
+    });
+});