libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Merge pull request #3868 from zschwarz/12-16-failing-ssl-tests-z

Browse source 
KEYCLOAK-4084 Fix ssl adapter tests
This commit is contained in:
Pavel Drozd 2017-02-20 15:42:19 +01:00 committed by GitHub
commit 284ef5992d
9 changed files with 42 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
testsuite/integration-arquillian/test-apps/js-console/src/main/webapp/index.html
View file

@ -191,7 +191,7 @@ TimeSkew: <div id="timeSkew"></div>
function sendBearerToKeycloak() {
var url = 'http://localhost:8180/auth/admin/realms/example/roles';
if (window.location.href.indexOf("8543") > -1) {
if (window.location.href.indexOf("8643") > -1) {
url = url.replace("8180","8543");
url = url.replace("http","https");
}
@ -218,7 +218,7 @@ TimeSkew: <div id="timeSkew"></div>
function cert() {
var url = 'http://localhost:8180/auth/realms/example/protocol/openid-connect/certs';
if (window.location.href.indexOf("8543") > -1) {
if (window.location.href.indexOf("8643") > -1) {
url = url.replace("8180","8543");
url = url.replace("http","https");
}
@ -244,7 +244,7 @@ TimeSkew: <div id="timeSkew"></div>
var user = JSON.parse('{"emailVerified" : false, "enabled" : true, "username": "mhajas", "firstName" :"First", "lastName":"Last","email":"email@redhat.com", "attributes": {}}');
var url = "http://localhost:8180/auth/admin/realms/example/users";
if (window.location.href.indexOf("8543") > -1) {
if (window.location.href.indexOf("8643") > -1) {
url = url.replace("8180","8543");
url = url.replace("http","https");
}

11
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/SamlSPFacade.java
View file

@ -50,8 +50,7 @@ public class SamlSPFacade extends HttpServlet {
System.out.println("ParameterMap is empty, redirecting to keycloak server ");
resp.setStatus(302);
// Redirect
// UriBuilder builder = UriBuilder.fromUri("http://localhost:8081/auth/realms/demo/protocol/saml?SAMLRequest=jVLRTsIwFP2Vpe%2BjG4wxG0YyWYxL0BBAH3wx3XYnTbp29nYof%2B8YEvEBNOlD03vOveec2ynyWjYsae1WreC9BbTOZy0Vsr4Qk9YopjkKZIrXgMwWbJ08LNhw4LHGaKsLLcmRch3MEcFYoRVxktN1rhW2NZg1mJ0o4Gm1iMnW2oZRKnXB5VajZZEX%2BRTqRuo9ACVO2mkUih%2F4l9C8s0MNcFkjLaHW9KSUHlwR506bAnrPMam4RCBOlsYkS1%2BD3MvLcDJxAx9KN4jCkXszrG5cP%2BCVH4y8IM8PYFx2dsQOfuiILWQKLVc2JkPPH7te6HrRxh%2BzUdidwSSIXoiz%2FBZyK1Qp1Nv1yPIjCNn9ZrN0V1AKA4UlzjMY7N13IDKbHjyxXoA5291%2FtzH7I%2FApPet%2FHNawx65hli61FMXeSaTUH%2FMubtvlYU0LfcA1t5cl%2BAO%2FfxGlW%2FVQ1ipsoBCVgJLQ2XHo7385%2BwI%3D");
UriBuilder builder = UriBuilder.fromUri("http://localhost:8180/auth/realms/demo/protocol/saml?SAMLRequest=jZJdS8MwFIbvBf9DyX2XNG62hnUwHeLAj7JNL7yRmJ65QJrUnNSPf29WHQp%2BIOQiJM%2FJed%2F3ZIyyMa2YdmFjF%2FDYAYbkpTEWRX9Rks5b4SRqFFY2gCIosZxenAs%2BYKL1LjjlDHkv%2BRuWiOCDdpYk0932xFnsGvBL8E9awfXivCSbEFpBqXFKmo3DIApeMApNa9wrACXJLGrUVm7rf6KzSMtoh3qQpkFaQ%2BPoTinduiLJqfMKes8lWUuDQJL5rCTz2d2wLmCkgKc5Z4fpMOf3qSyO8pTXxUHOjphibBRhrKId%2FQSf5YgdzC0GaUNJOMtGKTtI2eGKcxFXlg%2BK0fCWJNWHkGNta20f%2Fo7s%2Fh1CcbZaVWl1tVyR5AY89s4jQCb7e%2BOtI9G3918m999ZTL4HyIrsM%2B4x%2FfL%2Brl0rLuOT81nljFavydQY93wS4w4xj%2BA76ANuZPhdRDbI%2BhNdp%2BseFZ3FFpRea6gJ3Tai33%2Fm5A0%3D");
UriBuilder builder = UriBuilder.fromUri(ServletTestUtils.getAuthServerUrlBase() + "/auth/realms/demo/protocol/saml?SAMLRequest=" + getSamlRequest());
builder.queryParam("RelayState", RELAY_STATE);
resp.setHeader("Location", builder.build().toString());
return;
@ -66,4 +65,12 @@ public class SamlSPFacade extends HttpServlet {
pw.println("SAML response: " + samlResponse);
pw.flush();
}
private String getSamlRequest() {
if (System.getProperty("auth.server.ssl.required", "false").equals("true")) {
return "jZJJT8MwEIXvSPyHyPfUTrokWE2lQoWoxBLRwoELMs6UWnLs4HFY%2Fj1OoALEIiQfLPt55r1vPEVR64bPW781l%2FDQAvroudYGeX9RkNYZbgUq5EbUgNxLvpqfnfJ0wHjjrLfSavL25G%2BxQATnlTUkmu%2B2R9ZgW4NbgXtUEq4uTwuy9b5BTqm2UuitRc%2FzyWhIoW60fQGgJFoEk8qIrsCP8nGQixCIOhC6RlpBbenOK%2B1ykejYOgl96oJshEYg0XJRkOXidlTlMJaQxlnKJvEoS%2B9ikR9kcVrlw4wdMMnYOIixDIHUI3w8R2xhadAL4wuSsmQcs2HMJus05WEl2SAYuyFR%2BW7kUJlKmfu%2Fod29iZCfrNdlXF6s1iS6Bod99CAgs%2F29aZeI9%2B3dp9n9dxqzjuBXgCxPPnhP6af6u3YNPw8ll4vSaiVfornW9uko4PaBh3ct9IBr4X83kQyS%2FkRV8aaX8tZgA1JtFFSEdo3o9785ewU%3D\n";
}
return "jZJdS8MwFIbvBf9DyX2XNG62hnUwHeLAj7JNL7yRmJ65QJrUnNSPf29WHQp%2BIOQiJM%2FJed%2F3ZIyyMa2YdmFjF%2FDYAYbkpTEWRX9Rks5b4SRqFFY2gCIosZxenAs%2BYKL1LjjlDHkv%2BRuWiOCDdpYk0932xFnsGvBL8E9awfXivCSbEFpBqXFKmo3DIApeMApNa9wrACXJLGrUVm7rf6KzSMtoh3qQpkFaQ%2BPoTinduiLJqfMKes8lWUuDQJL5rCTz2d2wLmCkgKc5Z4fpMOf3qSyO8pTXxUHOjphibBRhrKId%2FQSf5YgdzC0GaUNJOMtGKTtI2eGKcxFXlg%2BK0fCWJNWHkGNta20f%2Fo7s%2Fh1CcbZaVWl1tVyR5AY89s4jQCb7e%2BOtI9G3918m999ZTL4HyIrsM%2B4x%2FfL%2Brl0rLuOT81nljFavydQY93wS4w4xj%2BA76ANuZPhdRDbI%2BhNdp%2BseFZ3FFpRea6gJ3Tai33%2Fm5A0%3D";
}
}

8
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/ServletTestUtils.java
View file

@ -45,4 +45,12 @@ public class ServletTestUtils {
return urlBase;
}
public static String getAuthServerUrlBase() {
if (System.getProperty("auth.server.ssl.required", "false").equals("true")) {
return System.getProperty("auth.server.ssl.base.url", "https://localhost:8543");
}
return System.getProperty("auth.server.base.url");
}
}

12
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
View file

@ -19,14 +19,19 @@ package org.keycloak.testsuite;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.configuration.PropertiesConfiguration;
import org.apache.http.ssl.SSLContexts;
import org.h2.util.IOUtils;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.common.util.Time;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.arquillian.TestContext;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
@ -77,6 +82,7 @@ import org.openqa.selenium.WebDriver;
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN;
import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
import static org.keycloak.testsuite.util.IOUtil.PROJECT_BUILD_DIRECTORY;
/**
*
@ -134,8 +140,12 @@ public abstract class AbstractKeycloakTest {
public void beforeAbstractKeycloakTest() throws Exception {
SSLContext ssl = null;
if ("true".equals(System.getProperty("auth.server.ssl.required"))) {
ssl = getSSLContextWithTrustore(new File("src/test/resources/keystore/keycloak.truststore"), "secret");
File trustore = new File(PROJECT_BUILD_DIRECTORY, "dependency/keystore/keycloak.truststore");
ssl = getSSLContextWithTrustore(trustore, "secret");
System.setProperty("javax.net.ssl.trustStore", trustore.getAbsolutePath());
}
adminClient = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
MASTER, ADMIN, ADMIN, Constants.ADMIN_CLI_CLIENT_ID, null, ssl);

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
View file

@ -70,7 +70,7 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
modifyClientUrls(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
modifyClientWebOrigins(tr, "8080", System.getProperty("app.server.http.port", null));
modifySamlMasterURLs(tr, "8080", System.getProperty("auth.server.http.port", null));
modifySAMLClientsAttributes(tr, "8080", System.getProperty("app.server.http.port", "8280"));
modifySAMLClientsAttributes(tr, "http://localhost:8080", appServerContextRootPage.toString());
modifyClientJWKSUrl(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
}
if ("true".equals(System.getProperty("auth.server.ssl.required"))) {

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSAMLServletsAdapterTest.java
View file

@ -322,7 +322,7 @@ public abstract class AbstractSAMLServletsAdapterTest extends AbstractServletsAd
@Deployment(name = EmployeeServlet.DEPLOYMENT_NAME)
protected static WebArchive employeeServlet() {
return samlServletDeployment(EmployeeServlet.DEPLOYMENT_NAME, "employee/WEB-INF/web.xml", SamlSPFacade.class);
return samlServletDeployment(EmployeeServlet.DEPLOYMENT_NAME, "employee/WEB-INF/web.xml", SamlSPFacade.class, ServletTestUtils.class);
}
@Override

6
testsuite/integration-arquillian/tests/other/adapters/jboss/pom.xml
View file

@ -36,6 +36,7 @@
<properties>
<common.resources>${project.parent.basedir}/common</common.resources>
<app.server.type>managed</app.server.type>
<auth.server.actual.protocol>http</auth.server.actual.protocol>
<auth.server.actual.http.port>${auth.server.http.port}</auth.server.actual.http.port>
<keycloak.subsystem.xsl>keycloak-subsystem.xsl</keycloak.subsystem.xsl>
</properties>
@ -64,7 +65,7 @@
<parameters>
<parameter>
<name>auth-server-host</name>
<value>http://localhost:${auth.server.actual.http.port}</value>
<value>${auth.server.actual.protocol}://localhost:${auth.server.actual.http.port}</value>
</parameter>
</parameters>
</transformationSet>
@ -81,12 +82,13 @@
<id>ssl</id>
<activation>
<property>
<name>app.server.ssl.required</name>
<name>auth.server.ssl.required</name>
<value>true</value>
</property>
</activation>
<properties>
<!-- one realm definition for each secure-deployment -->
<auth.server.actual.protocol>https</auth.server.actual.protocol>
<auth.server.actual.http.port>${auth.server.https.port}</auth.server.actual.http.port>
</properties>
</profile>

5
testsuite/integration-arquillian/tests/other/adapters/pom.xml
View file

@ -73,7 +73,7 @@
<app.server.home>${containers.home}/app-server-${app.server}</app.server.home>
<adapter.config.bundled>true</adapter.config.bundled>
<examples.basedir>${main.basedir}/examples</examples.basedir>
<exclude.test>-</exclude.test>
</properties>
<modules>
@ -362,6 +362,9 @@
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<excludes>
<exclude>${exclude.test}</exclude>
</excludes>
<systemPropertyVariables>
<examples.home>${examples.home}</examples.home>
<examples.version.suffix>${project.version}</examples.version.suffix>

2
testsuite/integration-arquillian/tests/other/pom.xml
View file

@ -60,7 +60,7 @@
<artifactId>integration-arquillian-tests-base</artifactId>
<version>${project.version}</version>
<type>test-jar</type>
<includes>arquillian.xml,keycloak-add-user.json,test-constants.properties,kerberos/*</includes>
<includes>arquillian.xml,keycloak-add-user.json,test-constants.properties,kerberos/*,keystore/keycloak.truststore</includes>
</artifactItem>
</artifactItems>
</configuration>