@Test public void shouldGetPermissionsFromTokenButPermissionIsNotAllowed(TestContext should) { final Async test = should.async(); keycloak.authenticate(new JsonObject().put("username", "test-user").put("password", "tiger"), authn -> { should.assertTrue(authn.succeeded()); should.assertNotNull(authn.result()); // generate a access token from the user AccessToken token = (AccessToken) authn.result(); token.isAuthorized("sudo", authz -> { should.assertTrue(authz.succeeded()); should.assertFalse(authz.result()); test.complete(); }); }); }
token.isAuthorized(role, authz -> { should.assertTrue(authz.succeeded()); should.assertTrue(authz.result());
token.isAuthorized(role, authz -> { should.assertTrue(authz.succeeded()); should.assertTrue(authz.result());
@Test public void itShouldNotFailForMissingGroupsField(TestContext should) { final Async test = should.async(); String accessToken = jwt.sign( new JsonObject( "{\n" + " \"iss\": \"https://server.example.com\",\n" + " \"aud\": \"s6BhdRkqt3\",\n" + " \"jti\": \"a-123\",\n" + " \"exp\": 999999999999,\n" + " \"iat\": 1311280970,\n" + " \"sub\": \"24400320\"\n" + "}"), new JWTOptions().setAlgorithm("RS256")); AccessToken token = new OAuth2TokenImpl( oauth, new JsonObject().put("access_token", accessToken).put("type_type", "Bearer")); // we ensure that the sign/decode is working as espected should.assertNotNull(token.accessToken()); token.isAuthorized("admin", authz -> { should.assertTrue(authz.succeeded()); should.assertFalse(authz.result()); test.complete(); }); }
token.isAuthorized("unknown", authz -> { should.assertTrue(authz.succeeded()); should.assertFalse(authz.result());
token.isAuthorized("profile", res0 -> { if (res0.failed()) { fail(res0.cause().getMessage());
token.isAuthorized("scopeB", res0 -> { if (res0.failed()) { fail(res0.cause().getMessage());