keycloak-api-manager 4.0.0 → 5.0.0

package/test/{enableServerFeatures.js → support/enableServerFeatures.js}

@@ -42,9 +42,9 @@ const path = require('path');
 
 // Ensure NODE_ENV and config path are set before requiring testConfig
 process.env.NODE_ENV = process.env.NODE_ENV || 'test';
-process.env.PROPERTIES_PATH = path.join(__dirname, 'config');
+process.env.PROPERTIES_PATH = path.join(__dirname, '../config');
 
-const keycloakManager = require('../index');
+const keycloakManager = require('../../index');
 const {
     TEST_REALM,
     TEST_CLIENT_ID,
@@ -103,11 +103,21 @@ async function enableServerFeatures() {
                 duplicateEmailsAllowed: false,
                 resetPasswordAllowed: true,
                 editUsernameAllowed: false,
-                bruteForceProtected: false
+                bruteForceProtected: false,
+                organizationsEnabled: true  // Enable Organizations (requires 'organization' feature flag)
             });
             console.log(`   ✓ Test realm created: ${TEST_REALM}`);
         } else {
             console.log(`   ✓ Test realm already exists: ${TEST_REALM}`);
+            // Update existing realm to ensure all required settings are enabled
+            await keycloakManager.realms.update(
+                { realm: TEST_REALM },
+                {
+                    enabled: true,
+                    bruteForceProtected: false,
+                    organizationsEnabled: true
+                }
+            );
         }
 
         // Switch to test realm for all subsequent operations
@@ -201,56 +211,63 @@ async function enableServerFeatures() {
         // 5. Create test group
         console.log('\n5. Setting up test groups...');
         const groups = await keycloakManager.groups.find();
+        let testGroupId;
         if (!groups.some(g => g.name === TEST_GROUP_NAME)) {
-            await keycloakManager.groups.create({
+            const groupResult = await keycloakManager.groups.create({
                 name: TEST_GROUP_NAME,
                 attributes: {
                     description: ['Test group for API testing']
                 }
             });
+            testGroupId = groupResult.id;
             console.log('   ✓ Test group created');
         } else {
+            testGroupId = groups.find(g => g.name === TEST_GROUP_NAME).id;
             console.log('   ✓ Test group already exists');
         }
 
         // 6. Enable fine-grained admin permissions
         console.log('\n6. Enabling fine-grained admin permissions...');
         try {
-            const currentPerms = await keycloakManager.realms.getUsersManagementPermissions({
+            // Enable users management permissions
+            const currentUserPerms = await keycloakManager.realms.getUsersManagementPermissions({
                 realm: TEST_REALM
             });
             
-            if (!currentPerms.enabled) {
+            if (!currentUserPerms.enabled) {
                 await keycloakManager.realms.updateUsersManagementPermissions({
                     realm: TEST_REALM,
                     enabled: true
                 });
-                console.log('   ✓ Fine-grained admin permissions enabled');
+                console.log('   ✓ Users fine-grained admin permissions enabled');
             } else {
-                console.log('   ✓ Fine-grained admin permissions already enabled');
+                console.log('   ✓ Users fine-grained admin permissions already enabled');
             }
-        } catch (err) {
-            console.log(`   ⚠ Fine-grained permissions: ${err.message}`);
-            console.log(`   ℹ This is typically a server configuration setting that requires`);
-            console.log(`     enabling "authorizationServicesEnabled" in realm settings`);
-        }
-
-        // 7. Update realm to enable protocol mappers and installation providers
-        console.log('\n7. Enabling realm features...');
-        try {
-            await keycloakManager.realms.update(
-                { realm: TEST_REALM },
-                {
-                    installationProviders: ['docker-compose', 'docker', 'kubernetes', 'openshift'],
-                    installationProvidersEnabled: true
+            
+            // Enable groups management permissions for the test group
+            if (testGroupId) {
+                try {
+                    const groupPerms = await keycloakManager.groups.listPermissions({ id: testGroupId });
+                    if (!groupPerms.enabled) {
+                        await keycloakManager.groups.setPermissions(
+                            { id: testGroupId },
+                            { enabled: true }
+                        );
+                        console.log('   ✓ Groups fine-grained permissions enabled');
+                    } else {
+                        console.log('   ✓ Groups fine-grained permissions already enabled');
+                    }
+                } catch (groupPermErr) {
+                    console.log(`   ⚠ Groups permissions: ${groupPermErr.message}`);
                 }
-            );
-            console.log('   ✓ Installation providers enabled');
+            }
         } catch (err) {
-            console.log(`   ⚠ Installation providers: ${err.message}`);
+            console.log(`   ⚠ Fine-grained permissions: ${err.message}`);
+            console.log(`   ℹ This feature requires 'admin-fine-grained-authz' to be enabled`);
+            console.log(`     in KC_FEATURES environment variable`);
         }
 
-        // 7. Update realm to enable protocol mappers and installation providers
+        // 7. Realm features requiring server-side configuration
         console.log('\n7. Enabling realm features...');
         try {
             // Note: Some features like installation providers cannot be enabled via API

package/test/{setup.js → support/setup.js}

@@ -31,7 +31,7 @@ const { exec } = require('child_process');
 const path = require('path');
 const fs = require('fs');
 const os = require('os');
-const keycloakManager = require('../index');
+const keycloakManager = require('../../index');
 
 let sshTunnelProcess = null;
 
@@ -92,7 +92,7 @@ before(async function() {
                     console.log(`✓ SSH tunnel created: http://${sshTunnelUrl}\n`);
                     
                     // Update config to use tunnel
-                    const configPath = path.join(__dirname, 'config/local.json');
+                    const configPath = path.join(__dirname, '../config/local.json');
                     let config = {};
                     
                     if (fs.existsSync(configPath)) {
@@ -169,7 +169,7 @@ after(async function() {
         
         // Clean up SSH tunnel config file if it was created
         try {
-            const configPath = path.join(__dirname, 'config/local.json');
+            const configPath = path.join(__dirname, '../config/local.json');
             if (fs.existsSync(configPath)) {
                 const config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
                 // Only delete local.json if it contains SSH tunnel config

package/test/support/testConfig.js

@@ -0,0 +1,69 @@
+const path = require('path');
+
+// Set up environment for propertiesmanager
+process.env.NODE_ENV = process.env.NODE_ENV || 'test';
+process.env.PROPERTIES_PATH = path.join(__dirname, '../config');
+
+const { conf } = require('propertiesmanager');
+
+/**
+ * Shared Test Configuration Module
+ * 
+ * This module centralizes all test configuration using propertiesmanager.
+ * It loads configuration from test/config/ directory with the following merge order:
+ * 
+ * 1. default.json - Base configuration for all environments
+ * 2. secrets.json - Sensitive credentials (gitignored)
+ * 3. local.json - Developer-specific overrides (gitignored, optional)
+ * 
+ * Configuration Structure:
+ * - All files use environment wrappers: { "test": { ... } }
+ * - NODE_ENV determines which section to load (default: "test")
+ * - propertiesmanager automatically merges configs based on NODE_ENV
+ * 
+ * Exports:
+ * - KEYCLOAK_CONFIG: Admin connection settings (baseUrl, username, password, etc.)
+ * - TEST_REALM: Name of the shared test realm
+ * - TEST_CLIENT_*: Client configuration for tests
+ * - TEST_USER_*: Test user credentials and details
+ * - TEST_ROLES: Array of role names to create
+ * - TEST_GROUP_NAME: Name of test group
+ * - TEST_CLIENT_SCOPE: Name of test client scope
+ * - generateUniqueName: Helper to create unique resource names
+ * 
+ * Usage in tests:
+ *   const { KEYCLOAK_CONFIG, TEST_REALM, TEST_USER_USERNAME } = require('./testConfig');
+ */
+
+const realmConfig = conf?.realm || {};
+
+module.exports = {
+    // Keycloak Admin Config (for admin connections)
+    KEYCLOAK_CONFIG: conf?.keycloak || {},
+    
+    // Test Realm Configuration
+    TEST_REALM: realmConfig.name || 'keycloak-api-manager-test-realm',
+    
+    // Test Client Configuration
+    TEST_CLIENT_ID: realmConfig.client?.clientId || 'test-client',
+    TEST_CLIENT_SECRET: realmConfig.client?.clientSecret || 'test-client-secret',
+    
+    // Test User Configuration
+    TEST_USER_USERNAME: realmConfig.user?.username || 'test-user',
+    TEST_USER_PASSWORD: realmConfig.user?.password || 'test-password',
+    TEST_USER_EMAIL: realmConfig.user?.email || 'test-user@test.local',
+    TEST_USER_FIRSTNAME: realmConfig.user?.firstName || 'Test',
+    TEST_USER_LASTNAME: realmConfig.user?.lastName || 'User',
+    
+    // Test Roles
+    TEST_ROLES: realmConfig.roles || ['test-role-1', 'test-role-2', 'test-admin-role'],
+    
+    // Test Group
+    TEST_GROUP_NAME: realmConfig.group?.name || 'test-group',
+    
+    // Test Client Scope
+    TEST_CLIENT_SCOPE: realmConfig.clientScope?.name || 'test-scope',
+    
+    // Helper to generate unique names when needed
+    generateUniqueName: (prefix) => `${prefix}-${Date.now()}`
+};

package/test/testConfig.js

@@ -1,69 +1 @@
-const path = require('path');
-
-// Set up environment for propertiesmanager
-process.env.NODE_ENV = process.env.NODE_ENV || 'test';
-process.env.PROPERTIES_PATH = path.join(__dirname, 'config');
-
-const { conf } = require('propertiesmanager');
-
-/**
- * Shared Test Configuration Module
- * 
- * This module centralizes all test configuration using propertiesmanager.
- * It loads configuration from test/config/ directory with the following merge order:
- * 
- * 1. default.json - Base configuration for all environments
- * 2. secrets.json - Sensitive credentials (gitignored)
- * 3. local.json - Developer-specific overrides (gitignored, optional)
- * 
- * Configuration Structure:
- * - All files use environment wrappers: { "test": { ... } }
- * - NODE_ENV determines which section to load (default: "test")
- * - propertiesmanager automatically merges configs based on NODE_ENV
- * 
- * Exports:
- * - KEYCLOAK_CONFIG: Admin connection settings (baseUrl, username, password, etc.)
- * - TEST_REALM: Name of the shared test realm
- * - TEST_CLIENT_*: Client configuration for tests
- * - TEST_USER_*: Test user credentials and details
- * - TEST_ROLES: Array of role names to create
- * - TEST_GROUP_NAME: Name of test group
- * - TEST_CLIENT_SCOPE: Name of test client scope
- * - generateUniqueName: Helper to create unique resource names
- * 
- * Usage in tests:
- *   const { KEYCLOAK_CONFIG, TEST_REALM, TEST_USER_USERNAME } = require('./testConfig');
- */
-
-const realmConfig = conf?.realm || {};
-
-module.exports = {
-    // Keycloak Admin Config (for admin connections)
-    KEYCLOAK_CONFIG: conf?.keycloak || {},
-    
-    // Test Realm Configuration
-    TEST_REALM: realmConfig.name || 'keycloak-api-manager-test-realm',
-    
-    // Test Client Configuration
-    TEST_CLIENT_ID: realmConfig.client?.clientId || 'test-client',
-    TEST_CLIENT_SECRET: realmConfig.client?.clientSecret || 'test-client-secret',
-    
-    // Test User Configuration
-    TEST_USER_USERNAME: realmConfig.user?.username || 'test-user',
-    TEST_USER_PASSWORD: realmConfig.user?.password || 'test-password',
-    TEST_USER_EMAIL: realmConfig.user?.email || 'test-user@test.local',
-    TEST_USER_FIRSTNAME: realmConfig.user?.firstName || 'Test',
-    TEST_USER_LASTNAME: realmConfig.user?.lastName || 'User',
-    
-    // Test Roles
-    TEST_ROLES: realmConfig.roles || ['test-role-1', 'test-role-2', 'test-admin-role'],
-    
-    // Test Group
-    TEST_GROUP_NAME: realmConfig.group?.name || 'test-group',
-    
-    // Test Client Scope
-    TEST_CLIENT_SCOPE: realmConfig.clientScope?.name || 'test-scope',
-    
-    // Helper to generate unique names when needed
-    generateUniqueName: (prefix) => `${prefix}-${Date.now()}`
-};
+module.exports = require('./support/testConfig');

package/test-output.log

@@ -0,0 +1,72 @@
+
+> keycloak-api-manager@4.1.0 test
+> npm --prefix test install && npm --prefix test test
+
+
+up to date, audited 260 packages in 2s
+
+48 packages are looking for funding
+  run `npm fund` for details
+
+12 vulnerabilities (3 low, 3 moderate, 4 high, 2 critical)
+
+To address all issues possible (including breaking changes), run:
+  npm audit fix --force
+
+Some issues need review, and may require choosing
+a different dependency.
+
+Run `npm audit` for details.
+
+> keycloak-api-manager-tests@1.0.0 test
+> NODE_ENV=test NODE_PATH=./node_modules mocha --exit
+
+
+ Exception during run: /Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/Handlers/userProfileHandler.js:79
+        body: JSON.strasync function(filter) {
+                            ^^^^^^^^
+
+SyntaxError: Unexpected token 'function'
+    at wrapSafe (node:internal/modules/cjs/loader:1515:18)
+    at Module._compile (node:internal/modules/cjs/loader:1537:20)
+    at Object..js (node:internal/modules/cjs/loader:1708:10)
+    at Module.load (node:internal/modules/cjs/loader:1318:32)
+    at Function._load (node:internal/modules/cjs/loader:1128:12)
+    at TracingChannel.traceSync (node:diagnostics_channel:322:14)
+    at wrapModuleLoad (node:internal/modules/cjs/loader:219:24)
+    at Module.require (node:internal/modules/cjs/loader:1340:12)
+    at require (node:internal/modules/helpers:138:16)
+    at Object.<anonymous> (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/index.js:15:24)
+    at Module._compile (node:internal/modules/cjs/loader:1565:14)
+    at Object..js (node:internal/modules/cjs/loader:1708:10)
+    at Module.load (node:internal/modules/cjs/loader:1318:32)
+    at Function._load (node:internal/modules/cjs/loader:1128:12)
+    at TracingChannel.traceSync (node:diagnostics_channel:322:14)
+    at wrapModuleLoad (node:internal/modules/cjs/loader:219:24)
+    at Module.require (node:internal/modules/cjs/loader:1340:12)
+    at require (node:internal/modules/helpers:138:16)
+    at Object.<anonymous> (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/enableServerFeatures.js:47:25)
+    at Module._compile (node:internal/modules/cjs/loader:1565:14)
+    at Object..js (node:internal/modules/cjs/loader:1708:10)
+    at Module.load (node:internal/modules/cjs/loader:1318:32)
+    at Function._load (node:internal/modules/cjs/loader:1128:12)
+    at TracingChannel.traceSync (node:diagnostics_channel:322:14)
+    at wrapModuleLoad (node:internal/modules/cjs/loader:219:24)
+    at Module.require (node:internal/modules/cjs/loader:1340:12)
+    at require (node:internal/modules/helpers:138:16)
+    at Object.<anonymous> (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/setup.js:29:30)
+    at Module._compile (node:internal/modules/cjs/loader:1565:14)
+    at Object..js (node:internal/modules/cjs/loader:1708:10)
+    at Module.load (node:internal/modules/cjs/loader:1318:32)
+    at Function._load (node:internal/modules/cjs/loader:1128:12)
+    at TracingChannel.traceSync (node:diagnostics_channel:322:14)
+    at wrapModuleLoad (node:internal/modules/cjs/loader:219:24)
+    at cjsLoader (node:internal/modules/esm/translators:263:5)
+    at ModuleWrap.<anonymous> (node:internal/modules/esm/translators:196:7)
+    at ModuleJob.run (node:internal/modules/esm/module_job:271:25)
+    at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:547:26)
+    at async formattedImport (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/node_modules/mocha/lib/nodejs/esm-utils.js:9:14)
+    at async exports.requireOrImport (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/node_modules/mocha/lib/nodejs/esm-utils.js:42:28)
+    at async exports.loadFilesAsync (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/node_modules/mocha/lib/nodejs/esm-utils.js:100:20)
+    at async singleRun (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/node_modules/mocha/lib/cli/run-helpers.js:162:3)
+    at async exports.handler (/Users/Alessandro/Src/WorkSpace/WorkspaceDemo/Idealia/Keyclock/keycloak-api-manager/test/node_modules/mocha/lib/cli/run.js:375:5)