KEYCLOAK-2993 Fix integration-arquillian tests failing with -Pauth-server-wildfly

testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java

@@ -30,7 +30,9 @@ import org.keycloak.services.managers.ClientSessionCode;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.resource.RealmResourceProvider;
 import org.keycloak.testsuite.events.EventsListenerProvider;
-
+import org.keycloak.testsuite.forms.PassThroughAuthenticator;
+import org.keycloak.testsuite.forms.PassThroughClientAuthenticator;
+import org.keycloak.testsuite.rest.representation.AuthenticatorState;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.NotFoundException;
@@ -184,4 +186,21 @@ public class TestingResourceProvider implements RealmResourceProvider {
             throw new AssertionError("Failed to parse code", t);
         }
     }
+
+    @POST
+    @Path("/update-pass-through-auth-state")
+    @Produces(MediaType.APPLICATION_JSON)
+    public AuthenticatorState updateAuthenticator(AuthenticatorState state) {
+        if (state.getClientId() != null) {
+            PassThroughClientAuthenticator.clientId = state.getClientId();
+        }
+        if (state.getUsername() != null) {
+            PassThroughAuthenticator.username = state.getUsername();
+        }
+
+        AuthenticatorState result = new AuthenticatorState();
+        result.setClientId(PassThroughClientAuthenticator.clientId);
+        result.setUsername(PassThroughAuthenticator.username);
+        return result;
+    }
 }

testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/representation/AuthenticatorState.java

@@ -0,0 +1,42 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.rest.representation;
+
+/**
+ * @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
+ */
+public class AuthenticatorState {
+    private String clientId;
+    private String username;
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+}

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/resources/TestingResource.java

@@ -18,6 +18,7 @@
 package org.keycloak.testsuite.client.resources;
 
 import org.keycloak.representations.idm.EventRepresentation;
+import org.keycloak.testsuite.rest.representation.AuthenticatorState;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
@@ -84,4 +85,9 @@ public interface TestingResource {
     @Path("/verify-code")
     @Produces(MediaType.APPLICATION_JSON)
     String verifyCode(@QueryParam("realm") String realmName, @QueryParam("code") String code);
+
+    @POST
+    @Path("/update-pass-through-auth-state")
+    @Produces(MediaType.APPLICATION_JSON)
+    AuthenticatorState updateAuthenticator(AuthenticatorState state);
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java

@@ -19,6 +19,7 @@ package org.keycloak.testsuite;
 import org.apache.commons.configuration.ConfigurationException;
 import org.apache.commons.configuration.PropertiesConfiguration;
 import org.keycloak.common.util.KeycloakUriBuilder;
+import org.keycloak.common.util.Time;
 import org.keycloak.testsuite.arquillian.TestContext;
 
 import java.net.URI;
@@ -319,7 +320,13 @@ public abstract class AbstractKeycloakTest {
         log.debugv("Reset time offset, response {0}", response);
     }
 
+    public int getCurrentTime() {
+        return Time.currentTime();
+    }
+
     private String invokeTimeOffset(int offset) {
+        // adminClient depends on Time.offset for auto-refreshing tokens
+        Time.setOffset(offset);
         Map result = testingClient.testing().setTimeOffset(Collections.singletonMap("offset", String.valueOf(offset)));
         return String.valueOf(result);
     }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/CustomFlowTest.java

@@ -16,36 +16,31 @@
  */
 package org.keycloak.testsuite.forms;
 
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
 import org.jboss.arquillian.graphene.page.Page;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.keycloak.OAuth2Constants;
-import org.keycloak.admin.client.resource.AuthenticationManagementResource;
 import org.keycloak.authentication.AuthenticationFlow;
 import org.keycloak.events.Details;
 import org.keycloak.events.Errors;
 import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.representations.RefreshToken;
-import org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation;
 import org.keycloak.representations.idm.AuthenticationExecutionRepresentation;
 import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.testsuite.AssertEvents;
-import org.keycloak.testsuite.TestRealmKeycloakTest;
 import org.keycloak.testsuite.pages.AppPage;
 import org.keycloak.testsuite.pages.AppPage.RequestType;
 import org.keycloak.testsuite.pages.ErrorPage;
 import org.keycloak.testsuite.pages.LoginPage;
 import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
 import org.keycloak.testsuite.pages.RegisterPage;
+import org.keycloak.testsuite.rest.representation.AuthenticatorState;
 import org.keycloak.testsuite.util.ClientBuilder;
 import org.keycloak.testsuite.util.ExecutionBuilder;
 import org.keycloak.testsuite.util.FlowBuilder;
@@ -185,8 +180,9 @@ public class CustomFlowTest extends AbstractFlowTest {
 
     @Test
     public void loginSuccess() {
-
-        PassThroughAuthenticator.username = "login-test";
+        AuthenticatorState state = new AuthenticatorState();
+        state.setUsername("login-test");
+        testingClient.testing().updateAuthenticator(state);
 
         oauth.openLoginForm();
 
@@ -198,20 +194,28 @@ public class CustomFlowTest extends AbstractFlowTest {
 
     @Test
     public void grantTest() throws Exception {
-        PassThroughAuthenticator.username = "login-test";
+        AuthenticatorState state = new AuthenticatorState();
+        state.setUsername("login-test");
+        testingClient.testing().updateAuthenticator(state);
+
         grantAccessToken("test-app", "login-test");
     }
 
     @Test
     public void clientAuthTest() throws Exception {
-        PassThroughClientAuthenticator.clientId = "dummy-client";
-        PassThroughAuthenticator.username = "login-test";
+        AuthenticatorState state = new AuthenticatorState();
+        state.setClientId("dummy-client");
+        state.setUsername("login-test");
+        testingClient.testing().updateAuthenticator(state);
         grantAccessToken("dummy-client", "login-test");
 
-        PassThroughClientAuthenticator.clientId = "test-app";
+        state.setClientId("test-app");
+        testingClient.testing().updateAuthenticator(state);
         grantAccessToken("test-app", "login-test");
 
-        PassThroughClientAuthenticator.clientId = "unknown";
+        state.setClientId("unknown");
+        testingClient.testing().updateAuthenticator(state);
+
         OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest("password", "test-user", "password");
         assertEquals(400, response.getStatusCode());
         assertEquals("unauthorized_client", response.getError());

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java

@@ -222,7 +222,7 @@ public class OfflineTokenTest extends AbstractKeycloakTest {
         String newRefreshTokenString = testRefreshWithOfflineToken(token, offlineToken, offlineTokenString, sessionId, userId);
 
         // Change offset to very big value to ensure offline session expires
-        Time.setOffset(3000000);
+        setTimeOffset(3000000);
 
         OAuthClient.AccessTokenResponse response = oauth.doRefreshTokenRequest(newRefreshTokenString, "secret1");
         Assert.assertEquals(400, response.getStatusCode());
@@ -236,13 +236,13 @@ public class OfflineTokenTest extends AbstractKeycloakTest {
                 .assertEvent();
 
 
-        Time.setOffset(0);
+        setTimeOffset(0);
     }
 
     private String testRefreshWithOfflineToken(AccessToken oldToken, RefreshToken offlineToken, String offlineTokenString,
                                                final String sessionId, String userId) {
         // Change offset to big value to ensure userSession expired
-        Time.setOffset(99999);
+        setTimeOffset(99999);
         Assert.assertFalse(oldToken.isActive());
         Assert.assertTrue(offlineToken.isActive());
 
@@ -277,7 +277,7 @@ public class OfflineTokenTest extends AbstractKeycloakTest {
                 .assertEvent();
         Assert.assertNotEquals(oldToken.getId(), refreshEvent.getDetails().get(Details.TOKEN_ID));
 
-        Time.setOffset(0);
+        setTimeOffset(0);
         return newRefreshToken;
     }
 

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java

@@ -149,13 +149,13 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
         assertEquals("bearer", tokenResponse.getTokenType());
 
-        Assert.assertThat(token.getExpiration() - Time.currentTime(), allOf(greaterThanOrEqualTo(200), lessThanOrEqualTo(350)));
-        int actual = refreshToken.getExpiration() - Time.currentTime();
+        Assert.assertThat(token.getExpiration() - getCurrentTime(), allOf(greaterThanOrEqualTo(200), lessThanOrEqualTo(350)));
+        int actual = refreshToken.getExpiration() - getCurrentTime();
         Assert.assertThat(actual, allOf(greaterThanOrEqualTo(1799), lessThanOrEqualTo(1800)));
 
         assertEquals(sessionId, refreshToken.getSessionState());
 
-        Time.setOffset(2);
+        setTimeOffset(2);
 
         OAuthClient.AccessTokenResponse response = oauth.doRefreshTokenRequest(refreshTokenString, "password");
         AccessToken refreshedToken = oauth.verifyToken(response.getAccessToken());
@@ -167,7 +167,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         assertEquals(sessionId, refreshedRefreshToken.getSessionState());
 
         Assert.assertThat(response.getExpiresIn(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
-        Assert.assertThat(refreshedToken.getExpiration() - Time.currentTime(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
+        Assert.assertThat(refreshedToken.getExpiration() - getCurrentTime(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
 
         Assert.assertThat(refreshedToken.getExpiration() - token.getExpiration(), allOf(greaterThanOrEqualTo(1), lessThanOrEqualTo(10)));
         Assert.assertThat(refreshedRefreshToken.getExpiration() - refreshToken.getExpiration(), allOf(greaterThanOrEqualTo(1), lessThanOrEqualTo(10)));
@@ -190,7 +190,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         Assert.assertNotEquals(tokenEvent.getDetails().get(Details.TOKEN_ID), refreshEvent.getDetails().get(Details.TOKEN_ID));
         Assert.assertNotEquals(tokenEvent.getDetails().get(Details.REFRESH_TOKEN_ID), refreshEvent.getDetails().get(Details.UPDATED_REFRESH_TOKEN_ID));
 
-        Time.setOffset(0);
+        setTimeOffset(0);
     }
 
     @Test
@@ -210,7 +210,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
             events.expectCodeToToken(codeId, sessionId).assertEvent();
 
-            Time.setOffset(2);
+            setTimeOffset(2);
 
             OAuthClient.AccessTokenResponse response2 = oauth.doRefreshTokenRequest(response1.getRefreshToken(), "password");
             assertEquals(200, response2.getStatusCode());
@@ -223,7 +223,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
             events.expectRefresh(refreshToken1.getId(), sessionId).assertEvent();
         } finally {
-            Time.setOffset(0);
+            setTimeOffset(0);
         }
     }
 
@@ -247,7 +247,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
             events.expectCodeToToken(codeId, sessionId).assertEvent();
 
-            Time.setOffset(2);
+            setTimeOffset(2);
 
             OAuthClient.AccessTokenResponse response2 = oauth.doRefreshTokenRequest(response1.getRefreshToken(), "password");
             RefreshToken refreshToken2 = oauth.verifyRefreshToken(response2.getRefreshToken());
@@ -266,7 +266,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
             events.expectRefresh(refreshToken2.getId(), sessionId).assertEvent();
         } finally {
-            Time.setOffset(0);
+            setTimeOffset(0);
             RealmManager.realm(adminClient.realm("test")).revokeRefreshToken(false);
         }
     }
@@ -381,9 +381,8 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         String refreshId = oauth.verifyRefreshToken(tokenResponse.getRefreshToken()).getId();
 
         int last = testingClient.testing().getLastSessionRefresh("test", sessionId);
-        ;
 
-        Time.setOffset(2);
+        setTimeOffset(2);
 
         tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "password");
 
@@ -393,7 +392,6 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         assertEquals(200, tokenResponse.getStatusCode());
 
         int next = testingClient.testing().getLastSessionRefresh("test", sessionId);
-        ;
 
         Assert.assertNotEquals(last, next);
 
@@ -401,7 +399,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         int lastAccessTokenLifespan = realmResource.toRepresentation().getAccessTokenLifespan();
         RealmManager.realm(realmResource).accessTokenLifespan(100000);
 
-        Time.setOffset(4);
+        setTimeOffset(4);
         tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "password");
 
         next = testingClient.testing().getLastSessionRefresh("test", sessionId);
@@ -413,7 +411,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         RealmManager.realm(realmResource).ssoSessionIdleTimeout(1);
 
         events.clear();
-        Time.setOffset(6);
+        setTimeOffset(6);
         tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "password");
 
         // test idle timeout
@@ -427,7 +425,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
         events.clear();
 
-        Time.setOffset(0);
+        setTimeOffset(0);
     }
 
     @Test
@@ -449,7 +447,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
         Integer maxLifespan = realmResource.toRepresentation().getSsoSessionMaxLifespan();
         RealmManager.realm(realmResource).ssoSessionMaxLifespan(1);
 
-        Time.setOffset(1);
+        setTimeOffset(1);
 
         tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "password");
 
@@ -463,7 +461,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
 
         events.clear();
 
-        Time.setOffset(0);
+        setTimeOffset(0);
     }
 
     @Test