libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-15399: Wrong token type in token response. bearer vs Bearer

Browse source
This commit is contained in:
Johannes Knutsen 2020-08-31 12:55:40 +02:00 committed by Pedro Igor
parent 24f90ca6cb
commit 23c575c236
7 changed files with 25 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/protocol/oidc/TokenManager.java
View file

@ -962,7 +962,7 @@ public class TokenManager {
if (accessToken != null) {
String encodedToken = session.tokens().encode(accessToken);
res.setToken(encodedToken);
res.setTokenType("bearer");
res.setTokenType(TokenUtil.TOKEN_TYPE_BEARER);
res.setSessionState(accessToken.getSessionState());
if (accessToken.getExpiration() != 0) {
res.setExpiresIn(accessToken.getExpiration() - Time.currentTime());

10
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/composites/CompositeImportRoleTest.java
View file

@ -59,7 +59,7 @@ public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -83,7 +83,7 @@ public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -106,7 +106,7 @@ public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -128,7 +128,7 @@ public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -149,7 +149,7 @@ public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());

10
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/composites/CompositeRoleTest.java
View file

@ -231,7 +231,7 @@ public class CompositeRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -258,7 +258,7 @@ public class CompositeRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -282,7 +282,7 @@ public class CompositeRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -307,7 +307,7 @@ public class CompositeRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());
@ -331,7 +331,7 @@ public class CompositeRoleTest extends AbstractCompositeKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
Assert.assertEquals("bearer", response.getTokenType());
Assert.assertEquals("Bearer", response.getTokenType());
AccessToken token = oauth.verifyToken(response.getAccessToken());

12
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/hok/HoKTest.java
View file

@ -213,7 +213,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
Assert.assertThat(response.getExpiresIn(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
Assert.assertThat(response.getRefreshExpiresIn(), allOf(greaterThanOrEqualTo(1750), lessThanOrEqualTo(1800)));
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
String expectedKid = oauth.doCertsRequest("test").getKeys()[0].getKeyId();
@ -319,7 +319,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
EventRepresentation tokenEvent = events.expectCodeToToken(codeId, sessionId).assertEvent();
Assert.assertNotNull(refreshTokenString);
assertEquals("bearer", tokenResponse.getTokenType());
assertEquals("Bearer", tokenResponse.getTokenType());
Assert.assertThat(token.getExpiration() - getCurrentTime(), allOf(greaterThanOrEqualTo(200), lessThanOrEqualTo(350)));
int actual = refreshToken.getExpiration() - getCurrentTime();
Assert.assertThat(actual, allOf(greaterThanOrEqualTo(1799 - RefreshTokenTest.ALLOWED_CLOCK_SKEW), lessThanOrEqualTo(1800 + RefreshTokenTest.ALLOWED_CLOCK_SKEW)));
@ -356,7 +356,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
RefreshToken refreshToken = oauth.parseRefreshToken(refreshTokenString);
Assert.assertNotNull(refreshTokenString);
assertEquals("bearer", tokenResponse.getTokenType());
assertEquals("Bearer", tokenResponse.getTokenType());
Assert.assertThat(token.getExpiration() - getCurrentTime(), allOf(greaterThanOrEqualTo(200), lessThanOrEqualTo(350)));
int actual = refreshToken.getExpiration() - getCurrentTime();
Assert.assertThat(actual, allOf(greaterThanOrEqualTo(1799 - RefreshTokenTest.ALLOWED_CLOCK_SKEW), lessThanOrEqualTo(1800 + RefreshTokenTest.ALLOWED_CLOCK_SKEW)));
@ -403,7 +403,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
Assert.assertNotEquals(token.getId(), refreshedToken.getId());
Assert.assertNotEquals(refreshToken.getId(), refreshedRefreshToken.getId());
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
assertEquals(findUserByUsername(adminClient.realm("test"), username).getId(), refreshedToken.getSubject());
Assert.assertNotEquals(username, refreshedToken.getSubject());
@ -452,7 +452,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
Response response = null;
try {
userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(client);
response = userInfoTarget.request().header(HttpHeaders.AUTHORIZATION, "bearer " + tokenResponse.getAccessToken()).get();
response = userInfoTarget.request().header(HttpHeaders.AUTHORIZATION, "Bearer " + tokenResponse.getAccessToken()).get();
testSuccessfulUserInfoResponse(response);
} finally {
response.close();
@ -487,7 +487,7 @@ public class HoKTest extends AbstractTestRealmKeycloakTest {
Response response = null;
try {
userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(client);
response = userInfoTarget.request().header(HttpHeaders.AUTHORIZATION, "bearer " + tokenResponse.getAccessToken()).get();
response = userInfoTarget.request().header(HttpHeaders.AUTHORIZATION, "Bearer " + tokenResponse.getAccessToken()).get();
assertEquals(401, response.getStatus());
} finally {
response.close();

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
View file

@ -192,7 +192,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
Assert.assertThat(response.getExpiresIn(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
Assert.assertThat(response.getRefreshExpiresIn(), allOf(greaterThanOrEqualTo(1750), lessThanOrEqualTo(1800)));
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
String expectedKid = oauth.doCertsRequest("test").getKeys()[0].getKeyId();
@ -1307,7 +1307,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
assertEquals(200, response.getStatusCode());
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
JWSHeader header = new JWSInput(response.getAccessToken()).getHeader();
assertEquals(expectedAccessAlg, header.getAlgorithm().name());

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthProofKeyForCodeExchangeTest.java
View file

@ -417,7 +417,7 @@ public class OAuthProofKeyForCodeExchangeTest extends AbstractKeycloakTest {
assertEquals(200, response.getStatusCode());
Assert.assertThat(response.getExpiresIn(), allOf(greaterThanOrEqualTo(250), lessThanOrEqualTo(300)));
Assert.assertThat(response.getRefreshExpiresIn(), allOf(greaterThanOrEqualTo(1750), lessThanOrEqualTo(1800)));
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
String expectedKid = oauth.doCertsRequest("test").getKeys()[0].getKeyId();
@ -485,7 +485,7 @@ public class OAuthProofKeyForCodeExchangeTest extends AbstractKeycloakTest {
Assert.assertNotEquals(token.getId(), refreshedToken.getId());
Assert.assertNotEquals(refreshToken.getId(), refreshedRefreshToken.getId());
assertEquals("bearer", refreshResponse.getTokenType());
assertEquals("Bearer", refreshResponse.getTokenType());
assertEquals(findUserByUsername(adminClient.realm("test"), "test-user@localhost").getId(), refreshedToken.getSubject());
Assert.assertNotEquals("test-user@localhost", refreshedToken.getSubject());

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java
View file

@ -218,7 +218,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
assertNotNull(refreshTokenString);
assertEquals("bearer", tokenResponse.getTokenType());
assertEquals("Bearer", tokenResponse.getTokenType());
Assert.assertThat(token.getExpiration() - getCurrentTime(), allOf(greaterThanOrEqualTo(200), lessThanOrEqualTo(350)));
int actual = refreshToken.getExpiration() - getCurrentTime();
@ -250,7 +250,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
Assert.assertNotEquals(token.getId(), refreshedToken.getId());
Assert.assertNotEquals(refreshToken.getId(), refreshedRefreshToken.getId());
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
assertEquals(findUserByUsername(adminClient.realm("test"), "test-user@localhost").getId(), refreshedToken.getSubject());
Assert.assertNotEquals("test-user@localhost", refreshedToken.getSubject());
@ -1247,7 +1247,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
assertNotNull(refreshTokenString);
assertEquals("bearer", tokenResponse.getTokenType());
assertEquals("Bearer", tokenResponse.getTokenType());
assertEquals(sessionId, refreshToken.getSessionState());
@ -1269,7 +1269,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
Assert.assertNotEquals(token.getId(), refreshedToken.getId());
Assert.assertNotEquals(refreshToken.getId(), refreshedRefreshToken.getId());
assertEquals("bearer", response.getTokenType());
assertEquals("Bearer", response.getTokenType());
assertEquals(findUserByUsername(adminClient.realm("test"), "test-user@localhost").getId(), refreshedToken.getSubject());
Assert.assertNotEquals("test-user@localhost", refreshedToken.getSubject());