libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Logout confirm page is failing to log the user out on auth-server-wildfly

Browse source 
Fixes #11753
This commit is contained in:
Martin Bartoš 2022-06-09 14:04:08 +02:00 committed by Marek Posolda
parent 3aefb59d40
commit 0fef4305b6
2 changed files with 66 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AbstractPage.java
View file

@ -23,7 +23,7 @@ import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.testsuite.arquillian.SuiteContext;
import org.keycloak.testsuite.util.DroneUtils;
import org.keycloak.testsuite.util.OAuthClient;
import org.openqa.selenium.By;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.WebDriver;
import java.net.URI;
@ -44,6 +44,7 @@ public abstract class AbstractPage {
protected OAuthClient oauth;
public void assertCurrent() {
WaitUtils.waitForPageToLoad();
String name = getClass().getSimpleName();
Assert.assertTrue("Expected " + name + " but was " + DroneUtils.getCurrentDriver().getTitle() + " (" + DroneUtils.getCurrentDriver().getCurrentUrl() + ")",
isCurrent());

82
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractBaseBrokerTest.java
View file

@ -17,7 +17,6 @@
package org.keycloak.testsuite.broker;
import org.apache.commons.lang.StringUtils;
import org.hamcrest.Matchers;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.After;
@ -65,9 +64,11 @@ import javax.ws.rs.core.UriBuilderException;
import java.net.URI;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
import static org.keycloak.testsuite.admin.ApiUtil.resetUserPassword;
import static org.keycloak.testsuite.broker.BrokerTestConstants.USER_EMAIL;
@ -75,6 +76,8 @@ import static org.keycloak.testsuite.broker.BrokerTestTools.encodeUrl;
import static org.keycloak.testsuite.broker.BrokerTestTools.getConsumerRoot;
import static org.keycloak.testsuite.broker.BrokerTestTools.getProviderRoot;
import static org.keycloak.testsuite.broker.BrokerTestTools.waitForPage;
import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
* No test methods there. Just some useful common functionality
@ -314,28 +317,71 @@ public abstract class AbstractBaseBrokerTest extends AbstractKeycloakTest {
}
protected void logoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint) {
OAuthClient.LogoutUrlBuilder builder = oauth.realm(realm)
.getLogoutUrl()
.initiatingIdp(initiatingIdp);
logoutFromRealm(contextRoot, realm, initiatingIdp, idTokenHint, null);
}
if (idTokenHint != null) {
builder
.postLogoutRedirectUri(encodeUrl(getAccountUrl(contextRoot, realm)))
.idTokenHint(idTokenHint);
protected void logoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint, String clientId) {
logoutFromRealm(contextRoot, realm, initiatingIdp, idTokenHint, clientId, null);
}
// Completely logout from realm and confirm logout if present
protected void logoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint, String clientId, String redirectUri) {
final String defaultRedirectUri = redirectUri != null ? redirectUri : getAccountUrl(contextRoot, realm);
final String defaultClientId = (idTokenHint == null && clientId == null) ? ACCOUNT_MANAGEMENT_CLIENT_ID : clientId;
executeLogoutFromRealm(contextRoot, realm, initiatingIdp, idTokenHint, defaultClientId, defaultRedirectUri);
checkLogoutConfirmation(realm, idTokenHint, defaultClientId);
}
// Only execute the logout without logout confirmation
protected void executeLogoutFromRealm(String contextRoot, String realm, String initiatingIdp, String idTokenHint, String clientId, String redirectUri) {
final boolean isDifferentContext = !Objects.equals(OAuthClient.SERVER_ROOT, removeDefaultPorts(contextRoot));
try {
if (isDifferentContext) {
OAuthClient.updateURLs(contextRoot);
OAuthClient.updateAppRootRealm(realm);
oauth.init(driver);
}
final OAuthClient.LogoutUrlBuilder builder = oauth.realm(realm)
.getLogoutUrl()
.idTokenHint(idTokenHint)
.clientId(clientId)
.initiatingIdp(initiatingIdp);
if (clientId != null || idTokenHint != null) {
builder.postLogoutRedirectUri(encodeUrl(redirectUri));
}
String logoutUrl = builder.build();
driver.navigate().to(logoutUrl);
} finally {
if (isDifferentContext) {
OAuthClient.updateURLs(getAuthServerContextRoot());
oauth.init(driver);
}
}
}
String logoutUrl = builder.build();
driver.navigate().to(logoutUrl);
// Needs to confirm logout if id_token_hint was not provided
if (idTokenHint == null) {
logoutConfirmPage.assertCurrent();
logoutConfirmPage.confirmLogout();
infoPage.assertCurrent();
driver.navigate().to(getAccountUrl(contextRoot, realm));
// Check whether the logout confirmation is present; if yes, confirm the logout and verify the current page
private void checkLogoutConfirmation(String realm, String idTokenHint, String clientId) {
if (logoutConfirmPage.isCurrent()) {
confirmLogout();
if (idTokenHint != null || clientId != null) {
assertLoginPage(realm);
} else {
infoPage.assertCurrent();
}
}
}
protected void confirmLogout() {
logoutConfirmPage.assertCurrent();
logoutConfirmPage.confirmLogout();
}
protected void assertLoginPage(String realm) {
try {
Retry.execute(() -> {
try {