def test_create_group_with_attributes_dict_and_attributes_list(self): toCreate = {"auth_username": "******", "auth_password": "******", "realm": "master", "auth_keycloak_url": "http://localhost:18081/auth", "name": "test_create_group_with_attributes_dict_and_attributes_list", "attributes": {"attr1": ["value1"], "attr2": ["value2"]}, "attributes_list": [{"name": "attr3", "value": ["value3"]}, {"name": "attr4", "value": ["value4"]}], "realmRoles": ["uma_authorization"], "clientRoles": [{"clientid": "master-realm", "roles": ["manage-users", "view-identity-providers"]}], "state": "present", "force": False} attributes_dict = { "attr1": ["value1"], "attr2": ["value2"], "attr3": ["value3"], "attr4": ["value4"] } self.module = keycloak_group set_module_args(toCreate) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertEqual( results.exception.args[0]["group"]["name"], toCreate["name"], "name: " + results.exception.args[0]["group"]["name"] + " : " + toCreate["name"]) self.assertTrue( isDictEquals( attributes_dict, results.exception.args[0]["group"]["attributes"]), "attributes: " + str( results.exception.args[0]["group"]["attributes"]) + " : " + str(attributes_dict)) self.assertTrue( isDictEquals( toCreate["clientRoles"], results.exception.args[0]["group"]["clientRoles"]), "clientRoles: " + str( results.exception.args[0]["group"]["clientRoles"]) + " : " + str( toCreate["clientRoles"])) self.assertTrue( isDictEquals( toCreate["realmRoles"], results.exception.args[0]["group"]["realmRoles"]), "realmRoles: " + str( results.exception.args[0]["group"]["realmRoles"]) + " : " + str( toCreate["realmRoles"]))
def test_create_realm(self): toCreate = self.toCreateRealm.copy() toCreate["state"] = "present" set_module_args(toCreate) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) del toCreate["smtpServer"]["fromDisplayName"] self.assertTrue( isDictEquals(toCreate, results.exception.args[0]['realm'], self.realmExcudes), 'Realm created does not comply to specifications.') self.assertTrue( results.exception.args[0]["eventsConfig"]["eventsEnabled"], "eventsEnabled: " + str(results.exception.args[0]["eventsConfig"]["eventsEnabled"])) self.assertTrue( results.exception.args[0]["eventsConfig"]["adminEventsEnabled"], "adminEventsEnabled: " + str(results.exception.args[0]["eventsConfig"] ["adminEventsEnabled"])) self.assertTrue( results.exception.args[0]["eventsConfig"] ["adminEventsDetailsEnabled"], "adminEventsDetailsEnabled: " + str(results.exception.args[0]["eventsConfig"] ["adminEventsDetailsEnabled"])) self.assertTrue( isDictEquals(toCreate['eventsConfig'], results.exception.args[0]['eventsConfig']), "Events configuration has not been modified")
def test_modify_role_two_client_role_with_same_name(self): newToChangeTwoRoles = self.testRoles[5].copy() newToChangeTwoRoles["description"] = newToChangeTwoRoles["description"] + " modified" newToChangeTwoRoles["composites"] = [ { "clientId": "test2", "name": "admin" }, { "clientId": "test2", "name": "manager" } ] set_module_args(newToChangeTwoRoles) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( newToChangeTwoRoles, results.exception.args[0]['role'], self.roleExcudes), 'Realm role modified two client roles does not comply to specifications.') newComposites = [] for composite in self.testRoles[5]["composites"]: newComposites.append(composite) for composite in newToChangeTwoRoles["composites"]: newComposites.append(composite) self.assertTrue( isDictEquals( newComposites, results.exception.args[0]['composites'], self.roleExcudes), 'Realm role composites modified two client roles does not comply to specifications.')
def test_group_not_changed(self): self.module = keycloak_group set_module_args(self.groupNotChanged) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertFalse(results.exception.args[0]['changed']) self.assertEqual( results.exception.args[0]["group"]["name"], self.groupNotChanged["name"], "name: " + results.exception.args[0]["group"]["name"] + " : " + self.groupNotChanged["name"]) self.assertTrue( isDictEquals( self.groupNotChanged["attributes"], results.exception.args[0]["group"]["attributes"]), "attributes: " + str( results.exception.args[0]["group"]["attributes"]) + " : " + str( self.groupNotChanged["attributes"])) self.assertTrue( isDictEquals( self.groupNotChanged["clientRoles"], results.exception.args[0]["group"]["clientRoles"]), "clientRoles: " + str( results.exception.args[0]["group"]["clientRoles"]) + " : " + str( self.groupNotChanged["clientRoles"])) self.assertTrue( isDictEquals( self.groupNotChanged["realmRoles"], results.exception.args[0]["group"]["realmRoles"]), "realmRoles: " + str( results.exception.args[0]["group"]["realmRoles"]) + " : " + str( self.groupNotChanged["realmRoles"]))
def test_modify_realm(self): toModify = self.toModifyRealm.copy() toModify["displayNameHtml"] = "New name" toModify["actionTokenGeneratedByAdminLifespan"] = 360 toModify["actionTokenGeneratedByUserLifespan"] = 240 toModify['eventsConfig'] = { "eventsEnabled": True, "eventsListeners": ["jboss-logging"], "enabledEventTypes": [ "SEND_RESET_PASSWORD", "UPDATE_TOTP", "REMOVE_TOTP", "REVOKE_GRANT", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "IMPERSONATE_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "UPDATE_PROFILE_ERROR", "IMPERSONATE", "LOGIN", "UPDATE_PASSWORD_ERROR", "REGISTER", "LOGOUT", "CLIENT_REGISTER", "UPDATE_PASSWORD", "FEDERATED_IDENTITY_LINK_ERROR", "CLIENT_DELETE", "IDENTITY_PROVIDER_FIRST_LOGIN", "VERIFY_EMAIL", "CLIENT_DELETE_ERROR", "CLIENT_LOGIN_ERROR", "REMOVE_FEDERATED_IDENTITY_ERROR", "EXECUTE_ACTIONS", "SEND_IDENTITY_PROVIDER_LINK_ERROR", "SEND_VERIFY_EMAIL", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "IDENTITY_PROVIDER_POST_LOGIN", "UPDATE_EMAIL", "REGISTER_ERROR", "REVOKE_GRANT_ERROR", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "CLIENT_UPDATE_ERROR", "UPDATE_PROFILE", "FEDERATED_IDENTITY_LINK", "CLIENT_REGISTER_ERROR", "SEND_VERIFY_EMAIL_ERROR", "SEND_IDENTITY_PROVIDER_LINK", "RESET_PASSWORD", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "SEND_RESET_PASSWORD_ERROR", "CLIENT_UPDATE", "IDENTITY_PROVIDER_POST_LOGIN_ERROR", "CUSTOM_REQUIRED_ACTION_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN", "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" ], "adminEventsEnabled": True, "adminEventsDetailsEnabled": True, } set_module_args(toModify) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals(toModify, results.exception.args[0]['realm'], self.realmExcudes), 'Realm modified does not comply to specifications.') self.assertTrue( isDictEquals(toModify['eventsConfig'], results.exception.args[0]['eventsConfig']), "Events configuration has not been modified")
def test_role_not_changed(self): toDoNotChange = self.testRoles[1].copy() set_module_args(toDoNotChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertFalse(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( toDoNotChange, results.exception.args[0]['role'], self.roleExcudes), 'Realm role not modified does not comply to specifications.') self.assertTrue( isDictEquals( toDoNotChange["composites"], results.exception.args[0]['composites'], self.roleExcudes), 'Realm role composites not modified does not comply to specifications.')
def test_modify_role(self): newToChange = self.testRoles[3].copy() newToChange["description"] = newToChange["description"] + " modified" set_module_args(newToChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( newToChange, results.exception.args[0]['role'], self.roleExcudes), 'Realm role modified does not comply to specifications.') self.assertTrue( isDictEquals( newToChange["composites"], results.exception.args[0]['composites'], self.roleExcudes), 'Realm role composites modified does not comply to specifications.')
def test_create_role(self): toCreate = self.testRoles[0].copy() toCreate["state"] = "present" set_module_args(toCreate) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( toCreate, results.exception.args[0]['role'], self.roleExcudes), 'Realm role created does not comply to specifications.') self.assertTrue( isDictEquals( toCreate["composites"], results.exception.args[0]['composites'], self.roleExcudes), 'Realm role composites created does not comply to specifications.')
def test_do_not_change_realm(self): set_module_args(self.toDoNotChangeRealm) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertFalse(results.exception.args[0]['changed'], "Realm is not supposed to be changed") self.assertTrue( isDictEquals(self.toDoNotChangeRealm, results.exception.args[0]['realm'], self.realmExcudes), 'Realm not changed does not comply to specifications.')
def test_do_not_change_realm_force(self): toDoNotChange = self.toDoNotChangeRealmForce.copy() toDoNotChange["force"] = True set_module_args(toDoNotChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed'], "Realm is supposed to be changed") self.assertTrue( isDictEquals(toDoNotChange, results.exception.args[0]['realm'], self.realmExcudes), 'Realm not changed force does not comply to specifications.')
def test_group_modify_force(self): set_module_args(self.groupModifyForce) with self.assertRaises(AnsibleExitJson) as results: self.module.main() toDoNotChange = self.groupModifyForce.copy() toDoNotChange["force"] = True set_module_args(toDoNotChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertEqual( results.exception.args[0]["group"]["name"], toDoNotChange["name"], "name: " + results.exception.args[0]["group"]["name"] + " : " + toDoNotChange["name"]) self.assertTrue( isDictEquals( toDoNotChange["attributes"], results.exception.args[0]["group"]["attributes"]), "attributes: " + str( results.exception.args[0]["group"]["attributes"]) + " : " + str( toDoNotChange["attributes"])) self.assertTrue( isDictEquals( toDoNotChange["clientRoles"], results.exception.args[0]["group"]["clientRoles"]), "clientRoles: " + str( results.exception.args[0]["group"]["clientRoles"]) + " : " + str( toDoNotChange["clientRoles"])) self.assertTrue( isDictEquals( toDoNotChange["realmRoles"], results.exception.args[0]["group"]["realmRoles"]), "realmRoles: " + str( results.exception.args[0]["group"]["realmRoles"]) + " : " + str( toDoNotChange["realmRoles"]))
def test_create_user_without_realm_role(self): toCreate = self.testUsers[6].copy() toCreate["state"] = "present" set_module_args(toCreate) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( toCreate, results.exception.args[0]["user"], self.compareExcludes), "user: "******" : " + str( results.exception.args[0]["user"]))
def test_user_not_changed(self): toDoNotChange = self.testUsers[1].copy() set_module_args(toDoNotChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertFalse(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( toDoNotChange, results.exception.args[0]["user"], self.compareExcludes), "user: "******" : " + str( results.exception.args[0]["user"]))
def test_modify_user(self): toChange = self.testUsers[3].copy() toChange["lastName"] = "Modified" toChange["clientRoles"] = [ {"clientId": "master-realm", "roles": ["manage-clients", "query-groups"]}] toChange["realmRoles"] = ["testUserRole1", "testUserRole2"] set_module_args(toChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals( toChange, results.exception.args[0]["user"], self.compareExcludes), "user: "******" : " + str( results.exception.args[0]["user"]))
def test_bearer_only_client_to_confidential_with_service_accounts_enabled( self): toModifyClient = self.testClients[9].copy() toModifyClient["baseUrl"] = "http://test7.com:8080" toModifyClient["clientAuthenticatorType"] = "client-secret" toModifyClient["redirectUris"] = ["http://test7.com:8080/secure"] toModifyClient["webOrigins"] = ["http://test6.com:8080/secure"] toModifyClient["fullScopeAllowed"] = False toModifyClient["serviceAccountsEnabled"] = True toModifyClient["bearerOnly"] = False toModifyClient["publicClient"] = False toModifyClient["directAccessGrantsEnabled"] = True set_module_args(toModifyClient) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['end_state']['enabled']) self.assertTrue(results.exception.args[0]['changed']) self.assertTrue( isDictEquals(toModifyClient, results.exception.args[0]['end_state'], exclude=self.compareExcludes))
def test_not_equals_with_dict2_bigger_than_dict1(self): self.assertFalse(isDictEquals(self.dict2, self.dict1))
def test_NewClientScopeFromModule(self): module_params = { 'auth_keycloak_url': 'http://localhost:8080/auth', 'auth_sername': 'admin', 'auth_password': '******', 'auth_realm': 'master', 'realm': 'master', 'name': 'testclientscope', 'description': 'Client scope', 'protocol': 'openid-connect', 'attributes': { 'include.in.token.scope': 'true', 'display.on.consent.screen': 'true' }, 'protocolMappers': [ { 'name': 'test-audience', 'protocol': 'openid-connect', 'protocolMapper': 'oidc-audience-mapper', 'consentRequired': 'false', 'config': { 'included.client.audience': 'admin-cli', 'id.token.claim': 'true' }, 'access.token.claim': 'true' } ], 'state': 'present' } scope = ClientScope(module_params=module_params) self.assertEqual( scope.name, module_params['name'], "Incorrect client scope name. {0} != {1}".format( scope.name, module_params['name'])) self.assertEqual( scope.description, module_params['description'], "Incorrect client scope description. {0} != {1}".format( scope.description, module_params['description'])) self.assertEqual( scope.protocol, module_params['protocol'], "Incorrect client scope protocol. {0} != {1}".format( scope.protocol, module_params['protocol'])) self.assertEqual(scope.attributes, module_params['attributes'], "Incorrect client scope attributes. {0} != {1}".format(str(scope.attributes), str(module_params['attributes']))) self.assertTrue( isDictEquals( scope.protocolMappers[0].getRepresentation(), module_params['protocolMappers'][0]), "Incorrect client scope protocolMappers. {0} != {1}".format( str( scope.protocolMappers[0].getRepresentation()), str( module_params['protocolMappers'][0])))
def test_not_equals_dict7_dict8_compare_dict7_with_list_bigger_than_dict8_but_reverse_equals( self): self.assertFalse(isDictEquals(self.dict7, self.dict8)) self.assertTrue(isDictEquals(self.dict8, self.dict7))
def test_equals_with_dict5_contain_bool_and_dict6_contain_true_string( self): self.assertFalse(isDictEquals(self.dict5, self.dict6)) self.assertFalse(isDictEquals(self.dict6, self.dict5))
def test_equals_with_dict2_bigger_than_dict1(self): self.assertTrue(isDictEquals(self.dict1, self.dict2))
def test_trivial(self): self.assertTrue(isDictEquals(self.dict1, self.dict1))
def test_modify_group(self): newToChange = self.modifyGroup.copy() newToChange["attributes"] = { "added": ["thisAttributeBeenAdded"] } newToChange["realmRoles"] = [ "uma_authorization", "offline_access" ] newToChange["clientRoles"] = [{ "clientid": "master-realm", "roles": [ "view-clients", "query-realms", "view-users" ] }, { "clientid": "account", "roles": [ "manage-account-links", "view-profile", "manage-account" ] } ] set_module_args(newToChange) with self.assertRaises(AnsibleExitJson) as results: self.module.main() self.assertTrue(results.exception.args[0]['changed']) self.assertEqual( results.exception.args[0]["group"]["name"], self.modifyGroup["name"], "name: " + results.exception.args[0]["group"]["name"] + " : " + self.modifyGroup["name"]) self.assertFalse( isDictEquals( self.modifyGroup["attributes"], results.exception.args[0]["group"]["attributes"]), "attributes: " + str( results.exception.args[0]["group"]["attributes"]) + " : " + str( self.modifyGroup["attributes"])) self.assertTrue( isDictEquals( newToChange["attributes"], results.exception.args[0]["group"]["attributes"]), "attributes: " + str( results.exception.args[0]["group"]["attributes"]) + " : " + str( newToChange["attributes"])) self.assertTrue( isDictEquals( newToChange["clientRoles"], results.exception.args[0]["group"]["clientRoles"]), "clientRoles: " + str( results.exception.args[0]["group"]["clientRoles"]) + " : " + str( newToChange["clientRoles"])) self.assertTrue( isDictEquals( newToChange["realmRoles"], results.exception.args[0]["group"]["realmRoles"]), "realmRoles: " + str( results.exception.args[0]["group"]["realmRoles"]) + " : " + str( newToChange["realmRoles"]))
def test_not_equals_with_dict1_different_than_dict3(self): self.assertFalse(isDictEquals(self.dict1, self.dict3))