Prosoft Git

keycloak-uncached

Merge pull request #267 from patriot1burke/master client

3/6/2014 12:27:10 PM
Bill Burke

Bill Burke

Commit: 3c46341

Tree: d679e49

Parents: 6f752e6
dd292c1

Changes

admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js 27(+27 -0)

admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js 21(+21 -0)

admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html 18(+9 -9)

admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html 12(+9 -3)

core/src/main/java/org/keycloak/representations/AccessScope.java 13(+0 -13)

core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java 2(+1 -1)

core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java 13(+1 -12)

core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java 51(+0 -51)

examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json 3(+0 -3)

examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json 3(+0 -3)

integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java 16(+0 -16)

integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java 4(+0 -4)

services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java 14(+7 -7)

services/src/main/java/org/keycloak/services/managers/TokenManager.java 53(+3 -50)

testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java 2(+0 -2)

testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java 25(+0 -25)

testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java 25(+0 -25)

Details

admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js 27(+27 -0) 

diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js
index d7416a0..800c7e3 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/applications.js
@@ -217,16 +217,43 @@ module.controller('ApplicationInstallationCtrl', function($scope, realm, applica
 module.controller('ApplicationDetailCtrl', function($scope, realm, application, Application, $location, Dialog, Notifications) {
     console.log('ApplicationDetailCtrl');
 
+    $scope.clientTypes = [
+        "confidential",
+        "public",
+        "bearer-only"
+    ];
+
     $scope.realm = realm;
     $scope.create = !application.name;
     if (!$scope.create) {
         $scope.application= angular.copy(application);
+        $scope.clientType = $scope.clientTypes[0];
+        if (application.bearerOnly) {
+            $scope.clientType = $scope.clientTypes[2];
+        } else if (application.publicClient) {
+            $scope.clientType = $scope.clientTypes[1];
+        }
     } else {
         $scope.application = {};
         $scope.application.webOrigins = [];
         $scope.application.redirectUris = [];
+        $scope.clientType = $scope.clientTypes[0];
     }
 
+    $scope.changeClientType = function() {
+        console.log('Client Type: ' + $scope.clientType);
+        if ($scope.clientType == "confidential") {
+            $scope.application.bearerOnly = false;
+            $scope.application.publicClient = false;
+        } else if ($scope.clientType == "public") {
+            $scope.application.bearerOnly = false;
+            $scope.application.publicClient = true;
+        } else if ($scope.clientType == "bearer-only") {
+            $scope.application.bearerOnly = true;
+            $scope.application.publicClient = false;
+        }
+    };
+
     $scope.$watch(function() {
         return $location.path();
     }, function() {

admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js 21(+21 -0) 

diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js
index 5279f15..54ca912 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/oauth-clients.js
@@ -76,12 +76,33 @@ module.controller('OAuthClientListCtrl', function($scope, realm, oauthClients, O
 module.controller('OAuthClientDetailCtrl', function($scope, realm, oauth, OAuthClient, $location, Dialog, Notifications) {
     $scope.realm = realm;
     $scope.create = !oauth.id;
+
+    $scope.clientTypes = [
+        "confidential",
+        "public"
+    ];
+
+    $scope.changeClientType = function() {
+        console.log('Client Type: ' + $scope.clientType);
+        if ($scope.clientType == "confidential") {
+            $scope.oauth.publicClient = false;
+        } else if ($scope.clientType == "public") {
+            $scope.oauth.publicClient = true;
+        }
+    };
+
+
     if (!$scope.create) {
         $scope.oauth= angular.copy(oauth);
+        $scope.clientType = $scope.clientTypes[0];
+        if (oauth.publicClient) {
+            $scope.clientType = $scope.clientTypes[1];
+        }
     } else {
         $scope.oauth = {};
         $scope.oauth.webOrigins = [];
         $scope.oauth.redirectUris = [];
+        $scope.clientType = $scope.clientTypes[0];
     }
 
     $scope.$watch(function() {

admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html 18(+9 -9) 

diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html b/admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html
index 6cde4cd..09ff0d1 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/partials/application-detail.html
@@ -39,16 +39,16 @@
                         <input ng-model="application.enabled" name="enabled" id="enabled" onoffswitch />
                     </div>
                 </div>
-                <div class="form-group clearfix block" data-ng-show="!application.publicClient">
-                    <label class="col-sm-2 control-label" for="bearerOnly">Bearer Only</label>
-                    <div class="col-sm-4">
-                        <input ng-model="application.bearerOnly" name="bearerOnly" id="bearerOnly" onoffswitch />
-                    </div>
-                </div>
-                <div class="form-group clearfix block">
-                    <label class="col-sm-2 control-label" for="publicClient">Public Client</label>
+                <div class="form-group">
+                    <label class="col-sm-2 control-label" for="clientType">Client Type</label>
                     <div class="col-sm-4">
-                        <input ng-model="application.publicClient" name="publicClient" id="publicClient" onoffswitch />
+                        <div class="select-kc">
+                            <select id="clientType"
+                                    ng-change="changeClientType()"
+                                    ng-model="clientType"
+                                    ng-options="cType for cType in clientTypes">
+                            </select>
+                        </div>
                     </div>
                 </div>
                 <div class="form-group" data-ng-show="!application.bearerOnly">

admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html 12(+9 -3) 

diff --git a/admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html b/admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html
index a279e7c..5fe0e99 100755
--- a/admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html
+++ b/admin-ui/src/main/resources/META-INF/resources/admin/partials/oauth-client-detail.html
@@ -40,10 +40,16 @@
                         <input ng-model="oauth.enabled" name="enabled" id="enabled" onoffswitch />
                     </div>
                 </div>
-                <div class="form-group clearfix block">
-                    <label class="col-sm-2 control-label" for="publicClient">Public Client</label>
+                <div class="form-group">
+                    <label class="col-sm-2 control-label" for="clientType">Client Type</label>
                     <div class="col-sm-4">
-                        <input ng-model="oauth.publicClient" name="publicClient" id="publicClient" onoffswitch />
+                        <div class="select-kc">
+                            <select id="clientType"
+                                    ng-change="changeClientType()"
+                                    ng-model="clientType"
+                                    ng-options="cType for cType in clientTypes">
+                            </select>
+                        </div>
                     </div>
                 </div>
                 <div class="form-group">

core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java 2(+1 -1) 

diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
index b51e429..3833a16 100755
--- a/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
+++ b/core/src/main/java/org/keycloak/representations/adapters/config/AdapterConfig.java
@@ -13,7 +13,7 @@ import org.codehaus.jackson.annotate.JsonPropertyOrder;
         "resource", "credentials",
         "use-resource-role-mappings",
         "enable-cors", "cors-max-age", "cors-allowed-methods",
-        "expose-token", "bearer-only", "scope",
+        "expose-token", "bearer-only",
         "connection-pool-size",
         "allow-any-hostname", "disable-trust-manager", "truststore", "truststore-password",
         "client-keystore", "client-keystore-password", "client-key-password"

core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java 13(+1 -12) 

diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java
index 7e01e45..8c383e5 100755
--- a/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java
+++ b/core/src/main/java/org/keycloak/representations/adapters/config/BaseAdapterConfig.java
@@ -2,7 +2,6 @@ package org.keycloak.representations.adapters.config;
 
 import org.codehaus.jackson.annotate.JsonProperty;
 import org.codehaus.jackson.annotate.JsonPropertyOrder;
-import org.keycloak.representations.AccessScope;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -17,7 +16,7 @@ import java.util.Map;
         "resource", "public-client", "credentials",
         "use-resource-role-mappings",
         "enable-cors", "cors-max-age", "cors-allowed-methods",
-        "expose-token", "bearer-only", "scope"})
+        "expose-token", "bearer-only"})
 public class BaseAdapterConfig extends BaseRealmConfig {
     @JsonProperty("resource")
     protected String resource;
@@ -39,8 +38,6 @@ public class BaseAdapterConfig extends BaseRealmConfig {
     protected boolean publicClient;
     @JsonProperty("credentials")
     protected Map<String, String> credentials = new HashMap<String, String>();
-    @JsonProperty("scope")
-    protected AccessScope scope;
 
 
     public boolean isUseResourceRoleMappings() {
@@ -115,14 +112,6 @@ public class BaseAdapterConfig extends BaseRealmConfig {
         this.credentials = credentials;
     }
 
-    public AccessScope getScope() {
-        return scope;
-    }
-
-    public void setScope(AccessScope scope) {
-        this.scope = scope;
-    }
-
     public boolean isPublicClient() {
         return publicClient;
     }

core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java 51(+0 -51) 

diff --git a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
index 9717b20..f3ed75a 100755
--- a/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
+++ b/core/src/test/java/org/keycloak/SkeletonKeyTokenTest.java
@@ -5,11 +5,9 @@ import org.junit.Test;
 import org.keycloak.jose.jws.JWSBuilder;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.crypto.RSAProvider;
-import org.keycloak.representations.AccessScope;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.util.JsonSerialization;
 
-import java.io.IOException;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 
@@ -18,55 +16,6 @@ import java.security.KeyPairGenerator;
  * @version $Revision: 1 $
  */
 public class SkeletonKeyTokenTest {
-    private static class Parser implements Runnable {
-        private String json;
-
-        private Parser(String json) {
-            this.json = json;
-        }
-
-        @Override
-        public void run() {
-            for (int i = 0; i < 10000; i++) {
-                try {
-                    AccessScope scope = JsonSerialization.readValue(json.getBytes(), AccessScope.class);
-                } catch (IOException e) {
-
-                }
-            }
-        }
-    }
-
-    @Test
-    public void testScope() throws Exception {
-        AccessScope scope2 = new AccessScope();
-
-        scope2.add("one", "admin");
-        scope2.add("one", "buyer");
-        scope2.add("two", "seller");
-        String json = JsonSerialization.writeValueAsString(scope2);
-        System.out.println(json);
-
-        /*
-
-        Thread[] threads = new Thread[1000];
-        for (int i = 0; i < 1000; i++) {
-            threads[i] = new Thread(new Parser(json));
-        }
-        long start = System.currentTimeMillis();
-        for (Thread thread : threads) {
-            thread.start();
-        }
-        for (Thread thread : threads) {
-            thread.join();
-        }
-        long end = System.currentTimeMillis() - start;
-        System.out.println("Time took: " + end);
-        */
-
-
-    }
-
     @Test
     public void testToken() throws Exception {
         AccessToken token = new AccessToken();

examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json 3(+0 -3) 

diff --git a/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
index 7e9ddc4..f7da55e 100755
--- a/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/third-party/src/main/webapp/WEB-INF/keycloak.json
@@ -5,8 +5,5 @@
   "ssl-not-required" : true,
    "credentials" : {
        "secret": "password"
-   },
-   "scope": {
-      "realm": [ "user" ]
    }
 }
\ No newline at end of file

examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json 3(+0 -3) 

diff --git a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
index 7e9ddc4..f7da55e 100755
--- a/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
+++ b/examples/demo-template/third-party-cdi/src/main/webapp/WEB-INF/keycloak.json
@@ -5,8 +5,5 @@
   "ssl-not-required" : true,
    "credentials" : {
        "secret": "password"
-   },
-   "scope": {
-      "realm": [ "user" ]
    }
 }
\ No newline at end of file

integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java 16(+0 -16) 

diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java
index 95a3dda..ae1bc64 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/AdapterConfigLoader.java
@@ -2,10 +2,7 @@ package org.keycloak.adapters.config;
 
 import org.codehaus.jackson.map.ObjectMapper;
 import org.codehaus.jackson.map.annotate.JsonSerialize;
-import org.keycloak.representations.AccessScope;
-import org.keycloak.util.Base64Url;
 import org.keycloak.util.EnvUtil;
-import org.keycloak.util.JsonSerialization;
 import org.keycloak.util.PemUtils;
 import org.keycloak.adapters.ResourceMetadata;
 import org.keycloak.representations.adapters.config.AdapterConfig;
@@ -67,11 +64,6 @@ public class AdapterConfigLoader {
         resourceMetadata.setClientKeyPassword(clientKeyPassword);
         resourceMetadata.setTruststore(this.truststore);
 
-        if (adapterConfig.getScope() != null) {
-            String scope = encodeScope(adapterConfig.getScope());
-            resourceMetadata.setScope(scope);
-        }
-
     }
 
     public AdapterConfig getAdapterConfig() {
@@ -128,12 +120,4 @@ public class AdapterConfigLoader {
         }
     }
 
-    protected String encodeScope(AccessScope scope) {
-        try {
-            byte[] scopeBytes = JsonSerialization.writeValueAsBytes(scope);
-            return Base64Url.encode(scopeBytes);
-        } catch (Exception e) {
-            throw new RuntimeException(e);
-        }
-    }
 }

integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java 4(+0 -4) 

diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java
index 10ee4b6..5f3add7 100755
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/config/OAuthClientConfigLoader.java
@@ -41,9 +41,5 @@ public abstract class OAuthClientConfigLoader extends RealmConfigurationLoader {
         oauthClient.setCodeUrl(tokenUrl);
         oauthClient.setRefreshUrl(refreshUrl);
         oauthClient.setTruststore(truststore);
-        if (adapterConfig.getScope() != null) {
-            String scope = encodeScope(adapterConfig.getScope());
-            oauthClient.setScope(scope);
-        }
     }
 }

services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java 14(+7 -7) 

diff --git a/services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java b/services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java
index b808089..184de4e 100755
--- a/services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/OAuthClientManager.java
@@ -44,13 +44,6 @@ public class OAuthClientManager {
     public OAuthClientModel create(OAuthClientRepresentation rep) {
         OAuthClientModel model = create(rep.getName());
         update(rep, model);
-        model.setSecret(rep.getSecret());
-        if (rep.getClaims() != null) {
-            ClaimManager.setClaims(model, rep.getClaims());
-        }
-        if (rep.getNotBefore() != null) {
-            model.setNotBefore(rep.getNotBefore());
-        }
         return model;
     }
 
@@ -58,6 +51,13 @@ public class OAuthClientManager {
         if (rep.getName() != null) model.setClientId(rep.getName());
         if (rep.isEnabled() != null) model.setEnabled(rep.isEnabled());
         if (rep.isPublicClient() != null) model.setPublicClient(rep.isPublicClient());
+        if (rep.getClaims() != null) {
+            ClaimManager.setClaims(model, rep.getClaims());
+        }
+        if (rep.getNotBefore() != null) {
+            model.setNotBefore(rep.getNotBefore());
+        }
+        if (rep.getSecret() != null) model.setSecret(rep.getSecret());
         List<String> redirectUris = rep.getRedirectUris();
         if (redirectUris != null) {
             model.setRedirectUris(new HashSet<String>(redirectUris));

services/src/main/java/org/keycloak/services/managers/TokenManager.java 53(+3 -50) 

diff --git a/services/src/main/java/org/keycloak/services/managers/TokenManager.java b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
index b617bb9..e1ecc0b 100755
--- a/services/src/main/java/org/keycloak/services/managers/TokenManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/TokenManager.java
@@ -12,13 +12,10 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.models.RoleModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.representations.AccessScope;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.representations.AccessTokenResponse;
 import org.keycloak.representations.IDToken;
 import org.keycloak.representations.RefreshToken;
-import org.keycloak.util.Base64Url;
-import org.keycloak.util.JsonSerialization;
 
 import javax.ws.rs.core.MultivaluedHashMap;
 import javax.ws.rs.core.MultivaluedMap;
@@ -54,23 +51,6 @@ public class TokenManager {
         return accessCodeMap.remove(key);
     }
 
-    protected boolean desiresScope(AccessScope scope, String key, String roleName) {
-        if (scope == null || scope.isEmpty()) return true;
-        List<String> val = scope.get(key);
-        if (val == null) return false;
-        return val.contains(roleName);
-
-    }
-
-    protected boolean desiresScopeGroup(AccessScope scope, String key) {
-        if (scope == null || scope.isEmpty()) return true;
-        return scope.containsKey(key);
-    }
-
-    protected boolean isEmpty(AccessScope scope) {
-        return scope == null || scope.isEmpty();
-    }
-
     public static void applyScope(RoleModel role, RoleModel scope, Set<RoleModel> visited, Set<RoleModel> requested) {
         if (visited.contains(scope)) return;
         visited.add(scope);
@@ -205,9 +185,7 @@ public class TokenManager {
     }
 
     public AccessToken createClientAccessToken(String scopeParam, RealmModel realm, ClientModel client, UserModel user, List<RoleModel> realmRolesRequested, MultivaluedMap<String, RoleModel> resourceRolesRequested) {
-        AccessScope scopeMap = null;
-        if (scopeParam != null) scopeMap = decodeScope(scopeParam);
-
+        // todo scopeParam is ignored until we figure out a scheme that fits with openid connect
 
         Set<RoleModel> roleMappings = realm.getRoleMappings(user);
         Set<RoleModel> scopeMappings = realm.getScopeMappings(client);
@@ -226,14 +204,11 @@ public class TokenManager {
         }
 
         for (RoleModel role : requestedRoles) {
-            if (role.getContainer() instanceof RealmModel && desiresScope(scopeMap, "realm", role.getName())) {
+            if (role.getContainer() instanceof RealmModel) {
                 realmRolesRequested.add(role);
             } else if (role.getContainer() instanceof ApplicationModel) {
                 ApplicationModel app = (ApplicationModel)role.getContainer();
-                if (desiresScope(scopeMap, app.getName(), role.getName())) {
-                    resourceRolesRequested.add(app.getName(), role);
-
-                }
+                resourceRolesRequested.add(app.getName(), role);
             }
         }
 
@@ -337,28 +312,6 @@ public class TokenManager {
 
     }
 
-    public String encodeScope(AccessScope scope) {
-        String token = null;
-        try {
-            token = JsonSerialization.writeValueAsString(scope);
-        } catch (Exception e) {
-            throw new RuntimeException(e);
-        }
-        return Base64Url.encode(token.getBytes());
-    }
-
-    public AccessScope decodeScope(String scopeParam) {
-        AccessScope scope = null;
-        byte[] bytes = Base64Url.decode(scopeParam);
-        try {
-            scope = JsonSerialization.readValue(bytes, AccessScope.class);
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        }
-        return scope;
-    }
-
-
     public String encodeToken(RealmModel realm, Object token) {
         String encodedToken = new JWSBuilder()
                 .jsonContent(token)

testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java 2(+0 -2) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
index 95e9e9b..b388bb3 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/ProfileTest.java
@@ -175,7 +175,6 @@ public class ProfileTest {
 
     @Test
     public void getProfileOAuthClient() throws Exception {
-        oauth.addScope(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_APP, AccountRoles.VIEW_PROFILE);
         oauth.clientId("third-party");
         oauth.doLoginGrant("test-user@localhost", "password");
 
@@ -192,7 +191,6 @@ public class ProfileTest {
 
     @Test
     public void getProfileOAuthClientNoScope() throws Exception {
-        oauth.addScope(org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_APP);
         oauth.clientId("third-party");
         oauth.doLoginGrant("test-user@localhost", "password");

testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java 25(+0 -25) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java
index d7e39a8..54195cf 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthGrantTest.java
@@ -90,31 +90,6 @@ public class OAuthGrantTest {
     }
 
     @Test
-    public void oauthGrantAcceptTestWithScope() throws IOException {
-        oauth.addScope("test-app", "customer-user");
-        oauth.clientId("third-party");
-        oauth.doLoginGrant("test-user@localhost", "password");
-
-        grantPage.assertCurrent();
-        Assert.assertTrue(driver.getPageSource().contains(ROLE_CUSTOMER));
-
-        grantPage.accept();
-
-        Assert.assertTrue(oauth.getCurrentQuery().containsKey("code"));
-        OAuthClient.AccessTokenResponse accessToken = oauth.doAccessTokenRequest(oauth.getCurrentQuery().get("code"), "password");
-
-        AccessToken token = oauth.verifyToken(accessToken.getAccessToken());
-
-        AccessToken.Access realmAccess = token.getRealmAccess();
-        Assert.assertNull(realmAccess);
-
-        Map<String,AccessToken.Access> resourceAccess = token.getResourceAccess();
-        Assert.assertEquals(1, resourceAccess.size());
-        Assert.assertEquals(1, resourceAccess.get("test-app").getRoles().size());
-        Assert.assertTrue(resourceAccess.get("test-app").isUserInRole("customer-user"));
-    }
-
-    @Test
     public void oauthGrantCancelTest() throws IOException {
         oauth.clientId("third-party");
         oauth.doLoginGrant("test-user@localhost", "password");

testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java 25(+0 -25) 

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java
index 18fb97d..5b262bb 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/OAuthClient.java
@@ -22,15 +22,12 @@
 package org.keycloak.testsuite;
 
 import org.apache.commons.io.IOUtils;
-import org.apache.http.HttpHeaders;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
-import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.utils.URLEncodedUtils;
-import org.apache.http.entity.ContentType;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.message.BasicNameValuePair;
 import org.jboss.resteasy.security.PemUtils;
@@ -40,12 +37,8 @@ import org.keycloak.RSATokenVerifier;
 import org.keycloak.VerificationException;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.crypto.RSAProvider;
-import org.keycloak.representations.AccessScope;
 import org.keycloak.representations.AccessToken;
-import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.util.BasicAuthHelper;
-import org.keycloak.util.JsonSerialization;
-import org.keycloak.util.Base64Url;
 import org.openqa.selenium.By;
 import org.openqa.selenium.WebDriver;
 
@@ -78,8 +71,6 @@ public class OAuthClient {
 
     private String redirectUri = "http://localhost:8081/app/auth";
 
-    private AccessScope scope;
-
     private String state;
 
     private PublicKey realmPublicKey;
@@ -216,14 +207,6 @@ public class OAuthClient {
         if (redirectUri != null) {
             b.queryParam("redirect_uri", redirectUri);
         }
-        if (scope != null) {
-            try {
-
-                b.queryParam("scope", Base64Url.encode(JsonSerialization.writeValueAsBytes(scope)));
-            } catch (Exception e) {
-                throw new RuntimeException("Failed to serialize scope", e);
-            }
-        }
         if (state != null) {
             b.queryParam("state", state);
         }
@@ -259,14 +242,6 @@ public class OAuthClient {
         return this;
     }
 
-    public OAuthClient addScope(String resource, String... roles) {
-        if (scope == null) {
-            scope = new AccessScope();
-        }
-        scope.addAll(resource, roles);
-        return this;
-    }
-
     public OAuthClient state(String state) {
         this.state = state;
         return this;

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github