Fix LDAP tests and teststuite on windows. Set initial password directly in code as import from LDIF is problematic on windows

2014-03-27 12:54:44 +01:00 · 2014-03-27 12:54:44 +01:00 · 129eb6a3be
commit 129eb6a3be
parent 4711dd083f
6 changed files with 59 additions and 24 deletions
--- a/model/tests/src/main/java/org/keycloak/model/test/LdapTestUtils.java
+++ b/model/tests/src/main/java/org/keycloak/model/test/LdapTestUtils.java
@ -0,0 +1,33 @@
+package org.keycloak.model.test;
+
+import org.jboss.resteasy.spi.ResteasyProviderFactory;
+import org.keycloak.models.RealmModel;
+import org.keycloak.spi.authentication.picketlink.PicketlinkAuthenticationProvider;
+import org.keycloak.util.KeycloakRegistry;
+import org.picketlink.idm.IdentityManager;
+import org.picketlink.idm.credential.Password;
+import org.picketlink.idm.model.basic.BasicModel;
+import org.picketlink.idm.model.basic.User;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class LdapTestUtils {
+
+    public static void setLdapPassword(RealmModel realm, String username, String password) {
+        // TODO: Workaround... should be improved once we have KeycloakSession with available application-scoped components
+        KeycloakRegistry registry = ResteasyProviderFactory.getContextData(KeycloakRegistry.class);
+        if (registry == null) {
+            ResteasyProviderFactory.pushContext(KeycloakRegistry.class, new KeycloakRegistry());
+        }
+
+        // Update password directly in ldap. It's workaround, but LDIF import doesn't seem to work on windows for ApacheDS
+        try {
+            IdentityManager identityManager = new PicketlinkAuthenticationProvider().getIdentityManager(realm);
+            User user = BasicModel.getUser(identityManager, username);
+            identityManager.updateCredential(user, new Password(password.toCharArray()));
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+}
--- a/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersLDAPTest.java
+++ b/model/tests/src/test/java/org/keycloak/model/test/AuthProvidersLDAPTest.java
@ -71,17 +71,20 @@ public class AuthProvidersLDAPTest extends AbstractModelTest {
    public void testLdapAuthentication() {
        MultivaluedMap<String, String> formData = AuthProvidersExternalModelTest.createFormData("john", "password");

-        // Verify that user doesn't exists in realm2 and can't authenticate here
-        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_USER, am.authenticateForm(realm, formData));
-        Assert.assertNull(realm.getUser("john"));
-
-        // Add ldap authenticationProvider
-        setupAuthenticationProviders();
-
        try {
            // this is needed for Picketlink model provider
            ResteasyProviderFactory.pushContext(KeycloakRegistry.class, new KeycloakRegistry());

+            // Set password of user in LDAP
+            LdapTestUtils.setLdapPassword(realm, "john", "password");
+
+            // Verify that user doesn't exists in realm2 and can't authenticate here
+            Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_USER, am.authenticateForm(realm, formData));
+            Assert.assertNull(realm.getUser("john"));
+
+            // Add ldap authenticationProvider
+            setupAuthenticationProviders();
+
            // Authenticate john and verify that now he exists in realm
            Assert.assertEquals(AuthenticationManager.AuthenticationStatus.SUCCESS, am.authenticateForm(realm, formData));
            UserModel john = realm.getUser("john");
--- a/model/tests/src/test/resources/ldap/users.ldif
+++ b/model/tests/src/test/resources/ldap/users.ldif
@ -9,16 +9,6 @@ objectclass: top
 objectclass: organizationalUnit
 ou: People

-dn: ou=Roles,dc=keycloak,dc=org
-objectclass: top
-objectclass: organizationalUnit
-ou: Roles
-
-dn: ou=Groups,dc=keycloak,dc=org
-objectclass: top
-objectclass: organizationalUnit
-ou: Groups
-
 dn: uid=john,ou=People,dc=keycloak,dc=org
 objectclass: top
 objectclass: uidObject
@ -28,4 +18,13 @@ uid: john
 cn: John
 sn: Doe
 mail: john@email.org
-userPassword: password
+
+dn: ou=Roles,dc=keycloak,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,dc=keycloak,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
--- a/spi/authentication-picketlink/src/main/java/org/keycloak/spi/authentication/picketlink/PicketlinkAuthenticationProvider.java
+++ b/spi/authentication-picketlink/src/main/java/org/keycloak/spi/authentication/picketlink/PicketlinkAuthenticationProvider.java
@ -48,7 +48,6 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
        credential.setUsername(username);
        credential.setPassword(new Password(password.toCharArray()));
        identityManager.validateCredentials(credential);
-
        if (credential.getStatus() == Credentials.Status.VALID) {
            AuthResult result = new AuthResult(AuthProviderStatus.SUCCESS);

@ -76,7 +75,7 @@ public class PicketlinkAuthenticationProvider implements AuthenticationProvider
        return true;
    }

-    protected IdentityManager getIdentityManager(RealmModel realm) throws AuthenticationProviderException {
+    public IdentityManager getIdentityManager(RealmModel realm) throws AuthenticationProviderException {
        IdentityManager identityManager = ResteasyProviderFactory.getContextData(IdentityManager.class);
        if (identityManager == null) {
            Iterable<PartitionManagerProvider> providers = ProviderLoader.load(PartitionManagerProvider.class);
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/AuthProvidersIntegrationTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/forms/AuthProvidersIntegrationTest.java
@ -14,6 +14,7 @@ import org.junit.rules.RuleChain;
 import org.junit.rules.TestRule;
 import org.junit.runners.MethodSorters;
 import org.keycloak.OAuth2Constants;
+import org.keycloak.model.test.LdapTestUtils;
 import org.keycloak.models.AuthenticationProviderModel;
 import org.keycloak.models.PasswordPolicy;
 import org.keycloak.models.RealmModel;
@ -51,15 +52,16 @@ public class AuthProvidersIntegrationTest {
            AuthenticationProviderModel modelProvider = new AuthenticationProviderModel(AuthProviderConstants.PROVIDER_NAME_MODEL, false, Collections.EMPTY_MAP);
            AuthenticationProviderModel picketlinkProvider = new AuthenticationProviderModel(AuthProviderConstants.PROVIDER_NAME_PICKETLINK, true, Collections.EMPTY_MAP);

-            // Configure LDAP
-            ldapRule.getEmbeddedServer().setupLdapInRealm(appRealm);
-
            // Delegate authentication to admin realm
            Map<String,String> config = new HashMap<String,String>();
            config.put(AuthProviderConstants.EXTERNAL_REALM_ID, adminstrationRealm.getId());
            AuthenticationProviderModel externalModelProvider = new AuthenticationProviderModel(AuthProviderConstants.PROVIDER_NAME_EXTERNAL_MODEL, true, config);

            appRealm.setAuthenticationProviders(Arrays.asList(modelProvider, picketlinkProvider, externalModelProvider));
+
+            // Configure LDAP
+            ldapRule.getEmbeddedServer().setupLdapInRealm(appRealm);
+            LdapTestUtils.setLdapPassword(appRealm, "john", "password");
        }
    });

--- a/testsuite/integration/src/test/resources/ldap/users.ldif
+++ b/testsuite/integration/src/test/resources/ldap/users.ldif
@ -28,4 +28,3 @@ uid: john
 cn: John
 sn: Doe
 mail: john@email.org
-userPassword: password