README
¶
This project is written as a unit test and must be configured to hit an instance of keycloak-bridge. Its aim is to call each method of the management API with all possible profiles to check the configured authorizations.
Expected authorizations should be stored in JSON files in the conf folder, each file is considered to describe a specific Keycloak group. Each group should be configured in the bridge-validation.conf file (its ID and one of its users)
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthValidator ¶
type AuthValidator struct {
Configuration Configuration
Bridge bridge.Client
AdminToken keycloak.OidcTokenProvider
MgmtActions map[string]string
Groups []string
Logger log.Logger
AnyValue int
}
AuthValidator struct
func NewAuthValidator ¶
func NewAuthValidator() (AuthValidator, error)
NewAuthValidator creates a new AuthValidator
func (*AuthValidator) CheckGroup ¶
func (v *AuthValidator) CheckGroup(t *testing.T, group string, authz Authorizations) error
CheckGroup checks authorizations for a given group
func (*AuthValidator) Cleanup ¶
func (v *AuthValidator) Cleanup()
Cleanup is the final application cleanup
func (*AuthValidator) GetActions ¶
func (v *AuthValidator) GetActions() (map[string]string, error)
GetActions load available actions in Bridge/Management
func (*AuthValidator) GetOIDCToken ¶
func (v *AuthValidator) GetOIDCToken(realm, username, password string) (string, error)
GetOIDCToken returns an OIDC token for the given user
type Authorizations ¶
Authorizations type
func NewAuthorizations ¶
func NewAuthorizations(confJSON []byte) (Authorizations, error)
NewAuthorizations creates a new Authorizations from its JSON representation
func (Authorizations) ExpectedAuthorization ¶
func (a Authorizations) ExpectedAuthorization(action, realm, targetGroup string) bool
ExpectedAuthorization tells if an action is allowed
type Configuration ¶
type Configuration struct {
AddrBridge string `json:"addr_bridge"`
AddrTokenProvider string `json:"addr_token_provider"`
TokenProviderTimeout string `json:"timeout,omitempty"`
AuthzFilesFolder string `json:"authz_files_folder"`
TargetRealm string `json:"target_realm"`
SampleClientID string `json:"sample_client_id"`
TechnicalRealm string `json:"technical_realm"`
TechnicalUsername string `json:"technical_username"`
TechnicalPassword string `json:"technical_password"`
TechnicalClientID string `json:"technical_client_id,omitempty"`
Groups map[string]GroupConfiguration `json:"groups"`
}
Configuration struct
func LoadConfiguration ¶
func LoadConfiguration() (Configuration, error)
LoadConfiguration loads the application configuration
func (*Configuration) ToKeycloakConfig ¶
func (c *Configuration) ToKeycloakConfig() keycloak.Config
ToKeycloakConfig returns a config for keycloak-client
type GroupConfiguration ¶
type GroupConfiguration struct {
GroupID string `json:"group_id"`
Username string `json:"username"`
Password string `json:"password"`
}
GroupConfiguration struct
Source Files
Directories