Merge pull request #3225 from vmuzikar/KEYCLOAK-3552

KEYCLOAK-3552 Add some missing tests for OIDC Dynamic Profile

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java

@@ -60,12 +60,7 @@ import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.Assert.*;
 
 /**
  * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -563,6 +558,26 @@ public class RealmTest extends AbstractAdminTest {
         assertEquals(certificate, realm.toRepresentation().getCertificate());
     }
 
+    @Test
+    public void rotateRealmKeys() {
+        RealmRepresentation realmRep = realm.toRepresentation();
+        String publicKey = realmRep.getPublicKey();
+        String cert = realmRep.getCertificate();
+        assertNotNull(publicKey);
+        assertNotNull(cert);
+
+        RealmRepresentation newRealmRep = new RealmRepresentation();
+        newRealmRep.setRealm(REALM_NAME);
+        newRealmRep.setPublicKey("GENERATE");
+        realm.update(newRealmRep);
+
+        realmRep = realm.toRepresentation();
+        assertNotNull(realmRep.getPublicKey());
+        assertNotNull(realmRep.getCertificate());
+        assertNotEquals(publicKey, realmRep.getPublicKey());
+        assertNotEquals(cert, realmRep.getCertificate());
+    }
+
     @Test
     public void clearRealmCache() {
         RealmRepresentation realmRep = realm.toRepresentation();

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java

@@ -36,6 +36,8 @@ import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentatio
 import org.keycloak.protocol.oidc.utils.OIDCResponseType;
 import org.keycloak.representations.IDToken;
 import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.services.clientregistration.ClientRegistrationService;
+import org.keycloak.services.clientregistration.oidc.OIDCClientRegistrationProviderFactory;
 import org.keycloak.services.resources.RealmsResource;
 import org.keycloak.testsuite.AbstractKeycloakTest;
 import org.keycloak.testsuite.Assert;
@@ -79,6 +81,15 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
             Assert.assertEquals(oidcConfig.getUserinfoEndpoint(), OIDCLoginProtocolService.userInfoUrl(UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT)).build("test").toString());
             Assert.assertEquals(oidcConfig.getJwksUri(), oauth.getCertsUrl("test"));
 
+            String registrationUri = UriBuilder
+                    .fromUri(OAuthClient.AUTH_SERVER_ROOT)
+                    .path(RealmsResource.class)
+                    .path(RealmsResource.class, "getClientsService")
+                    .path(ClientRegistrationService.class, "provider")
+                    .build("test", OIDCClientRegistrationProviderFactory.ID)
+                    .toString();
+            Assert.assertEquals(oidcConfig.getRegistrationEndpoint(), registrationUri);
+
             // Support standard + implicit + hybrid flow
             assertContains(oidcConfig.getResponseTypesSupported(), OAuth2Constants.CODE, OIDCResponseType.ID_TOKEN, "id_token token", "code id_token", "code token", "code id_token token");
             assertContains(oidcConfig.getGrantTypesSupported(), OAuth2Constants.AUTHORIZATION_CODE, OAuth2Constants.IMPLICIT);