diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java index b1423eb294..2dff1203d6 100755 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java @@ -17,8 +17,6 @@ package org.keycloak.testsuite.client; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.SSLSession; import javax.ws.rs.core.Response; import org.jboss.resteasy.client.jaxrs.ResteasyClient; @@ -53,7 +51,7 @@ public class KeycloakTestingClient implements AutoCloseable { // Disable PKIX path validation errors when running tests using SSL resteasyClientBuilder.disableTrustManager().hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.ANY); } - resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10)); + resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10, null)); client = resteasyClientBuilder.build(); } target = client.target(serverUrl); diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java index 4eb2b2e91f..3fde9aa553 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java @@ -44,6 +44,7 @@ import org.keycloak.admin.client.Keycloak; import org.keycloak.admin.client.KeycloakBuilder; import org.keycloak.models.Constants; +import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine; import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN; import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER; import static org.keycloak.testsuite.utils.io.IOUtil.PROJECT_BUILD_DIRECTORY; @@ -52,6 +53,8 @@ import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot; public class AdminClientUtil { + public static final int NUMBER_OF_CONNECTIONS = 10; + public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String authServerContextRoot) throws Exception { return createAdminClient(ignoreUnknownProperties, authServerContextRoot, MASTER, ADMIN, ADMIN, Constants.ADMIN_CLI_CLIENT_ID, null); @@ -61,7 +64,7 @@ public class AdminClientUtil { } public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String authServerContextRoot, String realmName, String username, String password, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException { - ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties); + ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties, null); return KeycloakBuilder.builder() .serverUrl(authServerContextRoot + "/auth") @@ -75,7 +78,7 @@ public class AdminClientUtil { public static Keycloak createAdminClientWithClientCredentials(String realmName, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException { boolean ignoreUnknownProperties = false; - ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties); + ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties, null); return KeycloakBuilder.builder() .serverUrl(getAuthServerContextRoot() + "/auth") @@ -94,7 +97,15 @@ public class AdminClientUtil { return createAdminClient(ignoreUnknownProperties, getAuthServerContextRoot()); } - private static ResteasyClient createResteasyClient(boolean ignoreUnknownProperties) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException { + public static ResteasyClient createResteasyClient() { + try { + return createResteasyClient(false, null); + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public static ResteasyClient createResteasyClient(boolean ignoreUnknownProperties, Boolean followRedirects) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException { ResteasyClientBuilder resteasyClientBuilder = new ResteasyClientBuilder(); if ("true".equals(System.getProperty("auth.server.ssl.required"))) { @@ -118,8 +129,8 @@ public class AdminClientUtil { resteasyClientBuilder .hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.WILDCARD) - .connectionPoolSize(10) - .httpEngine(getCustomClientHttpEngine(resteasyClientBuilder, 1)); + .connectionPoolSize(NUMBER_OF_CONNECTIONS) + .httpEngine(getCustomClientHttpEngine(resteasyClientBuilder, 1, followRedirects)); return resteasyClientBuilder.build(); } @@ -135,8 +146,8 @@ public class AdminClientUtil { return theContext; } - public static ClientHttpEngine getCustomClientHttpEngine(ResteasyClientBuilder resteasyClientBuilder, int validateAfterInactivity) { - return new CustomClientHttpEngineBuilder43(validateAfterInactivity).resteasyClientBuilder(resteasyClientBuilder).build(); + public static ClientHttpEngine getCustomClientHttpEngine(ResteasyClientBuilder resteasyClientBuilder, int validateAfterInactivity, Boolean followRedirects) { + return new CustomClientHttpEngineBuilder43(validateAfterInactivity, followRedirects).resteasyClientBuilder(resteasyClientBuilder).build(); } /** @@ -146,23 +157,28 @@ public class AdminClientUtil { private static class CustomClientHttpEngineBuilder43 extends ClientHttpEngineBuilder43 { private final int validateAfterInactivity; + private final Boolean followRedirects; - private CustomClientHttpEngineBuilder43(int validateAfterInactivity) { + private CustomClientHttpEngineBuilder43(int validateAfterInactivity, Boolean followRedirects) { this.validateAfterInactivity = validateAfterInactivity; + this.followRedirects = followRedirects; } @Override protected ClientHttpEngine createEngine(final HttpClientConnectionManager cm, final RequestConfig.Builder rcBuilder, final HttpHost defaultProxy, final int responseBufferSize, final HostnameVerifier verifier, final SSLContext theContext) { - + final ClientHttpEngine engine; if (cm instanceof PoolingHttpClientConnectionManager) { PoolingHttpClientConnectionManager pcm = (PoolingHttpClientConnectionManager) cm; pcm.setValidateAfterInactivity(validateAfterInactivity); - - return super.createEngine(pcm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext); + engine = super.createEngine(pcm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext); } else { - return super.createEngine(cm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext); + engine = super.createEngine(cm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext); } + if (followRedirects != null) { + ((ApacheHttpClient4Engine) engine).setFollowRedirects(followRedirects); + } + return engine; } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletAuthzCIPAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletAuthzCIPAdapterTest.java index 92ab22d73f..74ec87cdec 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletAuthzCIPAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletAuthzCIPAdapterTest.java @@ -17,7 +17,6 @@ package org.keycloak.testsuite.adapter.example.authorization; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; @@ -32,6 +31,7 @@ import org.jboss.shrinkwrap.api.spec.WebArchive; import org.junit.Assert; import org.junit.Test; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.utils.arquillian.ContainerConstants; @@ -81,7 +81,7 @@ public class ServletAuthzCIPAdapterTest extends AbstractServletAuthzAdapterTest performTests(() -> { OAuthClient.AccessTokenResponse response = oauth.realm("servlet-authz").clientId("servlet-authz-app") .doGrantAccessTokenRequest("secret", "alice", "alice"); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); Map body = new HashMap(); body.put("test", "test-value"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java index 355d29f4bc..a221c9bc90 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java @@ -63,6 +63,7 @@ import org.keycloak.testsuite.pages.AccountUpdateProfilePage; import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginUpdateProfilePage; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ContainerAssume; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.WaitUtils; @@ -70,7 +71,6 @@ import org.keycloak.testsuite.utils.arquillian.ContainerConstants; import org.keycloak.util.BasicAuthHelper; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -350,7 +350,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest // do exchange String accessToken = oauth.doGrantAccessTokenRequest(CHILD_IDP, "child", "password", null, ClientApp.DEPLOYMENT_NAME, "password").getAccessToken(); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); try { WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient); System.out.println("Exchange url: " + exchangeUrl.getUri().toString()); @@ -519,7 +519,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest String accessToken = oauth.doGrantAccessTokenRequest(PARENT_IDP, PARENT2_USERNAME, "password", null, PARENT_CLIENT, "password").getAccessToken(); Assert.assertEquals(0, adminClient.realm(CHILD_IDP).getClientSessionStats().size()); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); try { WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient); System.out.println("Exchange url: " + exchangeUrl.getUri().toString()); @@ -721,7 +721,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest Assert.assertEquals(0, adminClient.realm(CHILD_IDP).getClientSessionStats().size()); } - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); try { WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient); { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java index 77c90b1fa2..c2041b0f31 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java @@ -49,12 +49,12 @@ import org.keycloak.testsuite.pages.AccountUpdateProfilePage; import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginUpdateProfilePage; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.WaitUtils; import org.keycloak.util.JsonSerialization; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.core.UriBuilder; import java.net.URL; import java.util.LinkedList; @@ -402,7 +402,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest(CHILD_IDP, "child", "password", null, "client-linking", "password"); Assert.assertNotNull(response.getAccessToken()); Assert.assertNull(response.getError()); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String firstToken = getToken(response, httpClient); Assert.assertNotNull(firstToken); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java index cfb4c77a8c..7f99113b9a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java @@ -29,7 +29,6 @@ import org.apache.http.util.EntityUtils; import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.drone.api.annotation.Drone; import org.jboss.arquillian.graphene.page.Page; -import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder; import org.jboss.shrinkwrap.api.spec.WebArchive; import org.junit.Assert; import org.junit.Before; @@ -84,7 +83,6 @@ import org.keycloak.testsuite.auth.page.login.OIDCLogin; import org.keycloak.testsuite.console.page.events.Config; import org.keycloak.testsuite.console.page.events.LoginEvents; import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl; -import org.keycloak.testsuite.util.FollowRedirectsEngine; import org.keycloak.testsuite.util.JavascriptBrowser; import org.keycloak.testsuite.util.Matchers; import org.keycloak.testsuite.util.URLUtils; @@ -95,7 +93,6 @@ import org.openqa.selenium.Cookie; import org.openqa.selenium.WebDriver; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -107,7 +104,6 @@ import java.io.File; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; -import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Map; @@ -132,6 +128,8 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO; +import static org.keycloak.testsuite.util.AdminClientUtil.NUMBER_OF_CONNECTIONS; +import static org.keycloak.testsuite.util.AdminClientUtil.createResteasyClient; import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals; import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith; import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf; @@ -449,7 +447,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { } @Test - public void testSavedPostRequest() throws InterruptedException { + public void testSavedPostRequest() throws Exception { // test login to customer-portal which does a bearer request to customer-db inputPortal.navigateTo(); assertCurrentUrlEquals(inputPortal); @@ -472,12 +470,15 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); // test unsecured POST KEYCLOAK-901 - Client client = ClientBuilder.newClient(); - Form form = new Form(); - form.param("parameter", "hello"); - String text = client.target(inputPortal + "/unsecured").request().post(Entity.form(form), String.class); - assertThat(text, containsString("parameter=hello")); - client.close(); + Client client = createResteasyClient(true, false); + try { + Form form = new Form(); + form.param("parameter", "hello"); + String text = client.target(inputPortal + "/unsecured").request().post(Entity.form(form), String.class); + assertThat(text, containsString("parameter=hello")); + } finally { + client.close(); + } } @Test @@ -642,47 +643,48 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { //KEYCLOAK-518 @Test - public void testNullBearerToken() { - Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build(); + public void testNullBearerToken() throws Exception { + Client client = createResteasyClient(true, true); WebTarget target = client.target(customerDb.toString()); - Response response = target.request().get(); - assertEquals(401, response.getStatus()); - response.close(); - response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get(); - assertEquals(401, response.getStatus()); - response.close(); - client.close(); + try { + try (Response response = target.request().get()) { + assertEquals(401, response.getStatus()); + } + try (Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get()) { + assertEquals(401, response.getStatus()); + } + } finally { + client.close(); + } } //KEYCLOAK-1368 @Test - public void testNullBearerTokenCustomErrorPage() { - Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build(); + public void testNullBearerTokenCustomErrorPage() throws Exception { + Client client = createResteasyClient(true, true); WebTarget target = client.target(customerDbErrorPage.toString()); - Response response = target.request().get(); + try (Response response = target.request().get()) { + assertEquals(401, response.getStatus()); + String errorPageResponse = response.readEntity(String.class); + assertThat(errorPageResponse, containsString("Error Page")); + assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN.toString())); + } - assertEquals(401, response.getStatus()); - String errorPageResponse = response.readEntity(String.class); - assertThat(errorPageResponse, containsString("Error Page")); - assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN.toString())); - response.close(); - - response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get(); - - assertEquals(401, response.getStatus()); - errorPageResponse = response.readEntity(String.class); - assertThat(errorPageResponse, containsString("Error Page")); - assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.INVALID_TOKEN.toString())); - response.close(); + try (Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get()) { + assertEquals(401, response.getStatus()); + String errorPageResponse = response.readEntity(String.class); + assertThat(errorPageResponse, containsString("Error Page")); + assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.INVALID_TOKEN.toString())); + } client.close(); } //KEYCLOAK-518 @Test - public void testBadUser() { - Client client = ClientBuilder.newClient(); + public void testBadUser() throws Exception { + Client client = createResteasyClient(true, true); URI uri = OIDCLoginProtocolService.tokenUrl(authServerPage.createUriBuilder()).build("demo"); WebTarget target = client.target(uri); String header = BasicAuthHelper.createHeader("customer-portal", "password"); @@ -690,11 +692,11 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { form.param(OAuth2Constants.GRANT_TYPE, OAuth2Constants.PASSWORD) .param("username", "monkey@redhat.com") .param("password", "password"); - Response response = target.request() + try (Response response = target.request() .header(HttpHeaders.AUTHORIZATION, header) - .post(Entity.form(form)); - assertEquals(401, response.getStatus()); - response.close(); + .post(Entity.form(form))) { + assertEquals(401, response.getStatus()); + } client.close(); } @@ -961,9 +963,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { @Test - public void testBasicAuth() { + public void testBasicAuth() throws Exception { String value = "hello"; - Client client = ClientBuilder.newClient(); + Client client = createResteasyClient(true, true); //pause(1000000); @@ -1167,8 +1169,8 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { } @Test - public void testAutodetectBearerOnly() { - Client client = ClientBuilder.newClient(); + public void testAutodetectBearerOnly() throws Exception { + Client client = createResteasyClient(true, false); // Do not redirect client to login page if it's an XHR System.out.println(productPortalAutodetectBearerOnly.getInjectedUrl().toString()); @@ -1219,15 +1221,14 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { // KEYCLOAK-3016 @Test - public void testBasicAuthErrorHandling() { - int numberOfConnections = 10; - Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).httpEngine(new FollowRedirectsEngine()).build(); + public void testBasicAuthErrorHandling() throws Exception { + Client client = createResteasyClient(true, true); WebTarget target = client.target(customerDb.getInjectedUrl().toString()); Response response = target.request().get(); Assert.assertEquals(401, response.getStatus()); response.close(); - final int LIMIT = numberOfConnections + 1; + final int LIMIT = NUMBER_OF_CONNECTIONS + 1; for (int i = 0; i < LIMIT; i++) { System.out.println("Testing Basic Auth with bad credentials " + i); response = target.request().header(HttpHeaders.AUTHORIZATION, "Basic dXNlcm5hbWU6cGFzc3dvcmQ=").get(); @@ -1240,8 +1241,8 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { // KEYCLOAK-1733 @Test - public void testNullQueryParameterAccessToken() { - Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build(); + public void testNullQueryParameterAccessToken() throws Exception { + Client client = createResteasyClient(true, true); WebTarget target = client.target(customerDb.getInjectedUrl().toString()); Response response = target.request().get(); @@ -1258,9 +1259,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest { // KEYCLOAK-1733 @Test - public void testRestCallWithAccessTokenAsQueryParameter() { + public void testRestCallWithAccessTokenAsQueryParameter() throws Exception { - Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build(); + Client client = createResteasyClient(true, true); try { WebTarget webTarget = client.target(testRealmPage.toString() + "/protocol/openid-connect/token"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java index 8bc007c28e..2c05a9ecc7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java @@ -25,8 +25,6 @@ import static org.keycloak.testsuite.admin.Users.getPasswordOf; import static org.keycloak.testsuite.admin.Users.setPasswordFor; import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO; import static org.keycloak.testsuite.auth.page.AuthRealm.SAMLSERVLETDEMO; -import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PRIVATE_KEY; -import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PUBLIC_KEY; import static org.keycloak.testsuite.util.Matchers.bodyHC; import static org.keycloak.testsuite.util.Matchers.statusCodeIsHC; import static org.keycloak.testsuite.util.UIUtils.getRawPageSource; @@ -59,7 +57,6 @@ import java.util.regex.Pattern; import java.util.stream.Collectors; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.Invocation; import javax.ws.rs.client.WebTarget; @@ -122,16 +119,12 @@ import org.keycloak.keys.ImportedRsaKeyProviderFactory; import org.keycloak.keys.KeyProvider; import org.keycloak.protocol.saml.SamlConfigAttributes; import org.keycloak.protocol.saml.SamlProtocol; -import org.keycloak.protocol.saml.mappers.AttributeStatementHelper; -import org.keycloak.protocol.saml.mappers.RoleListMapper; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ComponentRepresentation; import org.keycloak.representations.idm.GroupRepresentation; -import org.keycloak.representations.idm.ProtocolMapperRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; -import org.keycloak.saml.SAML2ErrorResponseBuilder; import org.keycloak.saml.common.constants.JBossSAMLConstants; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; import org.keycloak.saml.common.util.DocumentUtil; @@ -155,6 +148,7 @@ import org.keycloak.testsuite.saml.AbstractSamlTest; import org.keycloak.testsuite.updaters.ClientAttributeUpdater; import org.keycloak.testsuite.updaters.Creator; import org.keycloak.testsuite.updaters.UserAttributeUpdater; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.SamlClient; import org.keycloak.testsuite.util.SamlClient.Binding; import org.keycloak.testsuite.util.SamlClientBuilder; @@ -171,7 +165,6 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.SAXException; -import static org.keycloak.testsuite.admin.ApiUtil.getCreatedId; /** * @author mhajas @@ -1120,7 +1113,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { // test unsecured POST KEYCLOAK-901 - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); Form form = new Form(); form.param("parameter", "hello"); String text = client.target(inputPortalPage + "/unsecured").request().post(Entity.form(form), String.class); @@ -1391,7 +1384,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { public void spMetadataValidation() throws Exception { ClientResource clientResource = ApiUtil.findClientResourceByClientId(testRealmResource(), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST_SIG); ClientRepresentation representation = clientResource.toRepresentation(); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); WebTarget target = client.target(authServerPage.toString() + "/admin/realms/" + SAMLSERVLETDEMO + "/clients/" + representation.getId() + "/installation/providers/saml-sp-descriptor"); Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessToken().getToken()).get(); validateXMLWithSchema(response.readEntity(String.class), "/adapter-test/keycloak-saml/metadata-schema/saml-schema-metadata-2.0.xsd"); @@ -1536,7 +1529,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { @Test /* KEYCLOAK-4980 */ public void testAutodetectBearerOnly() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); // Do not redirect client to login page if it's an XHR WebTarget target = client.target(salesPostAutodetectServletPage.toString() + "/"); @@ -1585,7 +1578,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { "Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus") @Test public void testSuccessfulEcpFlow() throws Exception { - Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request() + Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request() .header("Accept", "text/html; application/vnd.paos+xml") .header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'") .get(); @@ -1622,7 +1615,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { String pair = username + ":" + password; String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes()); - Response authenticationResponse = ClientBuilder.newClient().target(singleSignOnService).request() + Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request() .header(HttpHeaders.AUTHORIZATION, authHeader) .post(Entity.entity(DocumentUtil.asString(authenticationRequest), "text/xml")); @@ -1658,12 +1651,12 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { samlResponseRequest.writeTo(os); - Response serviceProviderFinalResponse = ClientBuilder.newClient().target(responseType.getDestination()).request() + Response serviceProviderFinalResponse = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request() .post(Entity.entity(os.toByteArray(), "application/vnd.paos+xml")); Map cookies = serviceProviderFinalResponse.getCookies(); - Invocation.Builder resourceRequest = ClientBuilder.newClient().target(responseType.getDestination()).request(); + Invocation.Builder resourceRequest = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request(); for (NewCookie cookie : cookies.values()) { resourceRequest.cookie(cookie); @@ -1677,7 +1670,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { "Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus") @Test public void testInvalidCredentialsEcpFlow() throws Exception { - Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request() + Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request() .header("Accept", "text/html; application/vnd.paos+xml") .header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'") .get(); @@ -1715,7 +1708,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest { String pair = username + ":" + password; String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes()); - Response authenticationResponse = ClientBuilder.newClient().target(singleSignOnService).request() + Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request() .header(HttpHeaders.AUTHORIZATION, authHeader) .post(Entity.entity(DocumentUtil.asString(authenticationRequest), "application/soap+xml")); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java index 87d7d13fcc..572f8672e9 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java @@ -245,7 +245,7 @@ public class ImpersonationTest extends AbstractKeycloakTest { protected Set testSuccessfulImpersonation(String admin, String adminRealm) { ResteasyClientBuilder resteasyClientBuilder = new ResteasyClientBuilder(); resteasyClientBuilder.connectionPoolSize(10); - resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10)); + resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10, null)); ResteasyClient resteasyClient = resteasyClientBuilder.build(); // Login adminClient diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaDiscoveryDocumentTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaDiscoveryDocumentTest.java index e1b1295029..deb5ba3b01 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaDiscoveryDocumentTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaDiscoveryDocumentTest.java @@ -22,7 +22,6 @@ import java.net.URI; import java.util.List; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; @@ -38,6 +37,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.admin.AbstractAdminTest; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.OAuthClient; @AuthServerContainerExclude(AuthServer.REMOTE) @@ -54,7 +54,7 @@ public class UmaDiscoveryDocumentTest extends AbstractKeycloakTest { @Test public void testFetchDiscoveryDocument() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT); URI oidcDiscoveryUri = RealmsResource.wellKnownProviderUrl(builder).build("test", UmaWellKnownProviderFactory.PROVIDER_ID); WebTarget oidcDiscoveryTarget = client.target(oidcDiscoveryUri); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java index 52bc35dd4e..cdda9be1db 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java @@ -34,12 +34,10 @@ import java.util.List; import java.util.Map; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import com.google.common.base.Charsets; @@ -70,6 +68,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation; import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.UserBuilder; import org.keycloak.util.BasicAuthHelper; @@ -426,7 +425,7 @@ public class UmaGrantTypeTest extends AbstractResourceServerTest { assertNotNull(refreshTokenToken.getAuthorization()); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI uri = OIDCLoginProtocolService.tokenUrl(builder).build(REALM_NAME); WebTarget target = client.target(uri); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java index 969e638ed8..cd7a3c6b8d 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java @@ -56,7 +56,6 @@ import org.openqa.selenium.By; import org.openqa.selenium.WebElement; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -73,6 +72,7 @@ import static org.junit.Assume.assumeTrue; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.BITBUCKET; import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.FACEBOOK; import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.FACEBOOK_INCLUDE_BIRTHDAY; @@ -535,7 +535,7 @@ public class SocialLoginTest extends AbstractKeycloakTest { } private AccessTokenResponse checkFeature(int expectedStatusCode, String username) { - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); Response response = null; try { testingClient.server().run(SocialLoginTest::setupClientExchangePermissions); @@ -573,7 +573,7 @@ public class SocialLoginTest extends AbstractKeycloakTest { assertEquals(200, tokenResp.getStatus()); ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse tokenResponse = checkFeature(200, username); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java index c42140caf6..c4b770c7cf 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java @@ -28,6 +28,7 @@ import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.RealmBuilder; @@ -84,7 +85,7 @@ public class ClientRedirectTest extends AbstractTestRealmKeycloakTest { String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE); String token = oauth.doAccessTokenRequest(code, "password").getAccessToken(); - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); String redirectUrl = getAuthServerRoot().toString() + "realms/test/clients/launchpad-test/redirect"; Response response = client.target(redirectUrl).request().header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get(); assertEquals(303, response.getStatus()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCPairwiseClientRegistrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCPairwiseClientRegistrationTest.java index 3edc3e2346..fa25ac1dac 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCPairwiseClientRegistrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCPairwiseClientRegistrationTest.java @@ -42,6 +42,7 @@ import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls; import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.UserInfoClientUtil; @@ -354,7 +355,7 @@ public class OIDCPairwiseClientRegistrationTest extends AbstractClientRegistrati Assert.assertNotEquals(pairwiseUserId, user.getId()); // Send request to userInfo endpoint - Client jaxrsClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client jaxrsClient = AdminClientUtil.createResteasyClient(); try { // Check that userInfo contains pairwise subjectId as well Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(jaxrsClient, accessTokenResponse.getAccessToken()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java index 49266ecf6e..af845ae686 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java @@ -75,6 +75,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertThat; import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; /** * Test that clients can override auth flows @@ -232,7 +233,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest { } private void testDirectGrant(String clientId) { - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ChallengeFlowTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ChallengeFlowTest.java index 018915114e..8311bdfe7a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ChallengeFlowTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ChallengeFlowTest.java @@ -38,7 +38,6 @@ import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.util.OAuthClient; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -50,6 +49,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; /** * Test that clients can override auth flows @@ -129,7 +129,7 @@ public class ChallengeFlowTest extends AbstractTestRealmKeycloakTest { public void testChallengeFlow() throws Exception { oauth.clientId(TEST_APP_FLOW); String loginFormUrl = oauth.getLoginFormUrl(); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); WebTarget loginTarget = client.target(loginFormUrl); Response response = loginTarget.request().get(); Assert.assertEquals(401, response.getStatus()); @@ -142,7 +142,7 @@ public class ChallengeFlowTest extends AbstractTestRealmKeycloakTest { // respin Client to make absolutely sure no cookie caching. need to test that it works with null auth_session_id cookie. client.close(); - client = ClientBuilder.newClient(); + client = AdminClientUtil.createResteasyClient(); authenticateHeader = authenticateHeader.trim(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/FlowOverrideTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/FlowOverrideTest.java index bebf98c88e..23267f2e29 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/FlowOverrideTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/FlowOverrideTest.java @@ -60,6 +60,7 @@ import java.util.List; import static org.junit.Assert.assertEquals; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; /** * Test that clients can override auth flows @@ -293,7 +294,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { } private void testDirectGrantNoOverride(String clientId) { - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); @@ -343,7 +344,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { @Test public void testGrantAccessTokenWithClientOverride() throws Exception { String clientId = TEST_APP_DIRECT_OVERRIDE; - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); @@ -365,7 +366,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { @Test public void testClientOverrideFlowUsingDirectGrantHttpChallenge() { - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); @@ -401,7 +402,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { setupBruteForce(); - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); @@ -443,7 +444,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { public void testDirectGrantHttpChallengeUserDisabled() { setupBruteForce(); - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl(); WebTarget grantTarget = httpClient.target(grantUri); @@ -489,7 +490,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest { @Test public void testClientOverrideFlowUsingBrowserHttpChallenge() { - Client httpClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); oauth.clientId(TEST_APP_HTTP_CHALLENGE); String grantUri = oauth.getLoginFormUrl(); WebTarget grantTarget = httpClient.target(grantUri); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java index b603be2923..4978f02209 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java @@ -49,6 +49,7 @@ import org.keycloak.testsuite.pages.ErrorPage; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginPasswordUpdatePage; import org.keycloak.testsuite.updaters.RealmAttributeUpdater; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ContainerAssume; import org.keycloak.testsuite.util.DroneUtils; import org.keycloak.testsuite.util.JavascriptBrowser; @@ -58,11 +59,9 @@ import org.keycloak.testsuite.util.RealmBuilder; import org.keycloak.testsuite.util.TokenSignatureUtil; import org.keycloak.testsuite.util.UserBuilder; import org.keycloak.testsuite.util.WaitUtils; -import org.openqa.selenium.NoSuchElementException; import org.openqa.selenium.WebDriver; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import java.util.Arrays; @@ -160,7 +159,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest { @Test public void testBrowserSecurityHeaders() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); Response response = client.target(oauth.getLoginFormUrl()).request().get(); Assert.assertThat(response.getStatus(), is(equalTo(200))); for (BrowserSecurityHeaders header : BrowserSecurityHeaders.values()) { @@ -189,7 +188,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest { adminClient.realm("test").update(realmRep); try { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); Response response = client.target(oauth.getLoginFormUrl()).request().get(); String headerValue = response.getHeaderString(cspReportOnlyHeader); Assert.assertThat(headerValue, is(equalTo(expectedCspReportOnlyValue))); @@ -204,7 +203,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest { //KEYCLOAK-5556 @Test public void testPOSTAuthenticationRequest() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); //POST request to http://localhost:8180/auth/realms/test/protocol/openid-connect/auth; UriBuilder b = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(AUTH_SERVER_ROOT)); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java index 3b47a1f98c..49bbaa5d60 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java @@ -33,13 +33,13 @@ import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.AppPage.RequestType; import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginTotpPage; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.GreenMailRule; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.RealmRepUtil; import org.keycloak.testsuite.util.UserBuilder; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -198,7 +198,7 @@ public class LoginTotpTest extends AbstractTestRealmKeycloakTest { //KEYCLOAK-12908 @Test public void loginWithTotp_getToken_checkCompatibilityCLI() throws IOException { - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); try { WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/keys/KeyRotationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/keys/KeyRotationTest.java index d3d0419e0a..b723772901 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/keys/KeyRotationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/keys/KeyRotationTest.java @@ -22,12 +22,9 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.jboss.arquillian.graphene.page.Page; import org.junit.Rule; import org.junit.Test; -import org.keycloak.RSATokenVerifier; -import org.keycloak.TokenVerifier; import org.keycloak.client.registration.Auth; import org.keycloak.client.registration.ClientRegistration; import org.keycloak.client.registration.ClientRegistrationException; -import org.keycloak.common.VerificationException; import org.keycloak.common.util.KeyUtils; import org.keycloak.common.util.MultivaluedHashMap; import org.keycloak.common.util.PemUtils; @@ -42,7 +39,6 @@ import org.keycloak.representations.idm.ClientInitialAccessCreatePresentation; import org.keycloak.representations.idm.ClientInitialAccessPresentation; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ComponentRepresentation; -import org.keycloak.representations.idm.KeysMetadataRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.AssertEvents; @@ -50,6 +46,7 @@ import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.AppPage.RequestType; import org.keycloak.testsuite.pages.LoginPage; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.KeycloakModelUtils; import org.keycloak.testsuite.util.OAuthClient; @@ -327,9 +324,9 @@ public class KeyRotationTest extends AbstractKeycloakTest { } private void assertUserInfo(String token, int expectedStatus) { - Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(javax.ws.rs.client.ClientBuilder.newClient(), token); - assertEquals(expectedStatus, userInfoResponse.getStatus()); - userInfoResponse.close(); + try (Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(AdminClientUtil.createResteasyClient(), token)) { + assertEquals(expectedStatus, userInfoResponse.getStatus()); + } } private void assertTokenIntrospection(String token, boolean expectActive) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/metrics/MetricsRestServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/metrics/MetricsRestServiceTest.java index 66911a940c..0d586ab924 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/metrics/MetricsRestServiceTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/metrics/MetricsRestServiceTest.java @@ -18,7 +18,6 @@ package org.keycloak.testsuite.metrics; import java.util.List; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; @@ -27,6 +26,7 @@ import org.junit.BeforeClass; import org.junit.Test; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ContainerAssume; import static org.hamcrest.Matchers.containsString; @@ -51,7 +51,7 @@ public class MetricsRestServiceTest extends AbstractKeycloakTest { @Test public void testHealthEndpoint() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try (Response response = client.target("http://" + MGMT_HOST + ":" + MGMT_PORT + "/health").request().get()) { Assert.assertThat(response, statusCodeIs(Status.OK)); @@ -63,7 +63,7 @@ public class MetricsRestServiceTest extends AbstractKeycloakTest { @Test public void testMetricsEndpoint() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try (Response response = client.target("http://" + MGMT_HOST + ":" + MGMT_PORT + "/metrics").request().get()) { Assert.assertThat(response, statusCodeIs(Status.OK)); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java index 17d1554021..b91e579cda 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java @@ -65,6 +65,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.ActionURIUtils; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; @@ -394,7 +395,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { Assert.assertEquals(200, response.getStatusCode()); String accessToken = response.getAccessToken(); - Client jaxrsClient = javax.ws.rs.client.ClientBuilder.newClient(); + Client jaxrsClient = AdminClientUtil.createResteasyClient(); try { // Check that userInfo can be invoked Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(jaxrsClient, accessToken); @@ -492,7 +493,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { @Test public void testGrantAccessToken() throws Exception { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -705,7 +706,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { @Test public void testKeycloak2221() throws Exception { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -789,7 +790,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { realm.clients().get(clientRep.getId()).update(clientRep); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -818,7 +819,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { clientScopeResource.getScopeMappings().realmLevel().add(addRole1); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -843,7 +844,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { realm.clients().get(clientRep.getId()).getScopeMappings().realmLevel().add(addRole2); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -869,7 +870,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { realm.clients().get(clientRep.getId()).getScopeMappings().realmLevel().remove(addRole2); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -893,7 +894,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { clientScopeResource.getScopeMappings().realmLevel().add(addRole2); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); @@ -921,7 +922,7 @@ public class AccessTokenTest extends AbstractKeycloakTest { clientScopeResource.remove(); { - Client client = javax.ws.rs.client.ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget grantTarget = client.target(grantUri); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeSAML2Test.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeSAML2Test.java index cd10312f4e..710fc529ed 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeSAML2Test.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeSAML2Test.java @@ -57,13 +57,13 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; import org.keycloak.testsuite.arquillian.annotation.EnableFeature; import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.util.BasicAuthHelper; import org.w3c.dom.Document; import org.w3c.dom.Element; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -525,7 +525,7 @@ public class ClientTokenExchangeSAML2Test extends AbstractKeycloakTest { @UncaughtServerErrorExpected public void testDirectImpersonation() throws Exception { testingClient.server().run(ClientTokenExchangeSAML2Test::setupRealm); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java index 072df6d0d2..d3310087af 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java @@ -51,7 +51,6 @@ import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.util.BasicAuthHelper; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -65,6 +64,7 @@ import static org.junit.Assert.assertNotNull; import static org.keycloak.models.ImpersonationSessionNote.IMPERSONATOR_ID; import static org.keycloak.models.ImpersonationSessionNote.IMPERSONATOR_USERNAME; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; import static org.keycloak.testsuite.auth.page.AuthRealm.TEST; /** @@ -261,7 +261,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest { oauth.realm(TEST); oauth.clientId("client-exchanger"); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") @@ -343,7 +343,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest { oauth.realm(TEST); oauth.clientId("client-exchanger"); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") @@ -381,7 +381,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest { @UncaughtServerErrorExpected public void testDirectImpersonation() throws Exception { testingClient.server().run(ClientTokenExchangeTest::setupRealm); - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") @@ -520,7 +520,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest { } private Response checkTokenExchange() { - Client httpClient = ClientBuilder.newClient(); + Client httpClient = AdminClientUtil.createResteasyClient(); WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT) .path("/realms") .path(TEST) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java index 4a77c5180e..9a8b3c2799 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java @@ -49,6 +49,7 @@ import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude; import org.keycloak.testsuite.pages.LoginPage; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.RealmBuilder; @@ -59,7 +60,6 @@ import org.keycloak.testsuite.util.WaitUtils; import org.keycloak.util.BasicAuthHelper; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -141,7 +141,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest { */ @Test public void nullRefreshToken() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI uri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); WebTarget target = client.target(uri); @@ -928,7 +928,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest { @Test public void testCheckSsl() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT); URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test"); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/UserInfoEndpointCorsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/UserInfoEndpointCorsTest.java index e0020b949b..2a859c1ccc 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/UserInfoEndpointCorsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/UserInfoEndpointCorsTest.java @@ -1,17 +1,14 @@ package org.keycloak.testsuite.oauth; import org.junit.Test; -import org.keycloak.OAuth2Constants; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.testsuite.AbstractKeycloakTest; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientBuilder; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.UserInfoClientUtil; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.Form; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import java.util.List; @@ -41,7 +38,7 @@ public class UserInfoEndpointCorsTest extends AbstractKeycloakTest { OAuthClient.AccessTokenResponse accessTokenResponse = oauth.doGrantAccessTokenRequest(null, "test-user@localhost", "password"); - WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(javax.ws.rs.client.ClientBuilder.newClient()); + WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(AdminClientUtil.createResteasyClient()); Response userInfoResponse = userInfoTarget.request() .header(HttpHeaders.AUTHORIZATION, "bearer " + accessTokenResponse.getAccessToken()) .header("Origin", VALID_CORS_URL) // manually trigger CORS handling @@ -61,7 +58,7 @@ public class UserInfoEndpointCorsTest extends AbstractKeycloakTest { OAuthClient.AccessTokenResponse accessTokenResponse = oauth.doGrantAccessTokenRequest(null, "test-user@localhost", "password"); - WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(javax.ws.rs.client.ClientBuilder.newClient()); + WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(AdminClientUtil.createResteasyClient()); Response userInfoResponse = userInfoTarget.request() .header(HttpHeaders.AUTHORIZATION, "bearer " + accessTokenResponse.getAccessToken()) .header("Origin", INVALID_CORS_URL) // manually trigger CORS handling diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java index 83b425fef8..1b538a56d3 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java @@ -25,7 +25,6 @@ import org.junit.Test; import org.keycloak.OAuth2Constants; import org.keycloak.OAuthErrorException; import org.keycloak.admin.client.resource.ClientResource; -import org.keycloak.admin.client.resource.ClientScopeResource; import org.keycloak.admin.client.resource.ProtocolMappersResource; import org.keycloak.admin.client.resource.UserResource; import org.keycloak.authentication.authenticators.client.JWTClientAuthenticator; @@ -49,9 +48,7 @@ import org.keycloak.representations.idm.CertificateRepresentation; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientScopeRepresentation; import org.keycloak.representations.idm.EventRepresentation; -import org.keycloak.representations.idm.ProtocolMapperRepresentation; import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.util.CertificateInfoHelper; import org.keycloak.testsuite.AbstractTestRealmKeycloakTest; import org.keycloak.testsuite.Assert; @@ -69,16 +66,13 @@ import org.keycloak.testsuite.pages.OAuthGrantPage; import org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; -import org.keycloak.testsuite.util.ProtocolMapperUtil; import org.keycloak.testsuite.util.UserInfoClientUtil; import org.keycloak.util.JsonSerialization; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import java.io.IOException; -import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -88,10 +82,9 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId; -import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsernameId; -import static org.keycloak.testsuite.util.ProtocolMapperUtil.createHardcodedClaim; import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer; +import org.keycloak.testsuite.util.AdminClientUtil; /** * Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...) @@ -1104,7 +1097,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest assertNull(idToken.getGivenName()); assertEquals("Tom Brady", idToken.getName()); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken()); UserInfo userInfo = response.readEntity(UserInfo.class); @@ -1151,7 +1144,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest assertNull(idToken.getGivenName()); assertNull(idToken.getName()); - client = ClientBuilder.newClient(); + client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken()); UserInfo userInfo = response.readEntity(UserInfo.class); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java index 07dca2f392..c798ee0335 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java @@ -42,13 +42,13 @@ import org.keycloak.services.resources.RealmsResource; import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.admin.AbstractAdminTest; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.TokenSignatureUtil; import org.keycloak.util.JsonSerialization; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Invocation; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Response; @@ -58,7 +58,6 @@ import java.net.URI; import java.util.List; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNull; /** * @author Marek Posolda @@ -101,7 +100,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest { @Test public void testDiscovery() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, OAuthClient.AUTH_SERVER_ROOT); @@ -179,7 +178,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest { @Test public void testHttpDiscovery() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, "http://localhost:8180/auth"); @@ -201,7 +200,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest { assertEquals(200, response.getStatusCode()); IDToken idToken = oauth.verifyIDToken(response.getIdToken()); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, OAuthClient.AUTH_SERVER_ROOT); @@ -214,7 +213,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest { @Test public void corsTest() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); UriBuilder builder = UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT); URI oidcDiscoveryUri = RealmsResource.wellKnownProviderUrl(builder).build("test", OIDCWellKnownProviderFactory.PROVIDER_ID); WebTarget oidcDiscoveryTarget = client.target(oidcDiscoveryUri); @@ -240,7 +239,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest { @Test public void testIntrospectionEndpointClaim() throws IOException { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { ObjectNode oidcConfig = JsonSerialization .readValue(getOIDCDiscoveryConfiguration(client, OAuthClient.AUTH_SERVER_ROOT), ObjectNode.class); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/UserInfoTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/UserInfoTest.java index bc7fb7cf2b..a2dac8a45a 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/UserInfoTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/UserInfoTest.java @@ -41,7 +41,6 @@ import org.keycloak.representations.AccessToken; import org.keycloak.representations.idm.ClientScopeRepresentation; import org.keycloak.representations.idm.ProtocolMapperRepresentation; import org.keycloak.representations.idm.RoleRepresentation; -import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.testsuite.util.KeycloakModelUtils; import org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; @@ -54,6 +53,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest; import org.keycloak.testsuite.Assert; import org.keycloak.testsuite.AssertEvents; import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.util.AdminClientUtil; import org.keycloak.testsuite.util.ClientManager; import org.keycloak.testsuite.util.OAuthClient; import org.keycloak.testsuite.util.RealmBuilder; @@ -64,7 +64,6 @@ import org.keycloak.util.JsonSerialization; import org.keycloak.utils.MediaType; import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.Entity; import javax.ws.rs.client.WebTarget; import javax.ws.rs.core.Form; @@ -120,7 +119,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSuccess_getMethod_header() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -136,7 +135,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSuccess_postMethod_header() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -155,7 +154,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSuccess_postMethod_body() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -209,7 +208,7 @@ public class UserInfoTest extends AbstractKeycloakTest { events.clear(); // Send UserInfo request and ensure it is correct - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken()); @@ -221,7 +220,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSuccess_postMethod_header_textEntity() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -247,7 +246,7 @@ public class UserInfoTest extends AbstractKeycloakTest { clientResource.update(clientRep); // test signed response - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -305,7 +304,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSessionExpired() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -338,7 +337,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testAccessTokenExpired() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -385,7 +384,7 @@ public class UserInfoTest extends AbstractKeycloakTest { events.clear(); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken()); @@ -413,7 +412,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testNotBeforeTokens() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -472,7 +471,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testSessionExpiredOfflineAccess() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client, true); @@ -490,7 +489,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testUnsuccessfulUserInfoRequest() throws Exception { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, "bad"); @@ -519,7 +518,7 @@ public class UserInfoTest extends AbstractKeycloakTest { @Test public void testUnsuccessfulUserInfoRequestWithEmptyAccessToken() { - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, ""); @@ -540,7 +539,7 @@ public class UserInfoTest extends AbstractKeycloakTest { samlClient.setProtocol("saml"); adminClient.realm("test").clients().get(samlClient.getId()).update(samlClient); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { events.clear(); Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessToken); @@ -564,7 +563,7 @@ public class UserInfoTest extends AbstractKeycloakTest { switchIncludeRolesInUserInfoEndpoint(true); - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); @@ -636,7 +635,7 @@ public class UserInfoTest extends AbstractKeycloakTest { clientResource.update(clientRep); // test signed response - Client client = ClientBuilder.newClient(); + Client client = AdminClientUtil.createResteasyClient(); try { AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/FollowRedirectsEngine.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/FollowRedirectsEngine.java deleted file mode 100644 index 87feb58666..0000000000 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/FollowRedirectsEngine.java +++ /dev/null @@ -1,17 +0,0 @@ -package org.keycloak.testsuite.util; - -import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine; - -/** - * A simple wrapper for the HTTP Client Engine to follow redirects. - * - *

- * When hitting a Servlet deployed on Jetty without trailing slash, we get a 302 in return. - * Our testsuite doesn't work well with this. This engine solves this problem. - *

- */ -public class FollowRedirectsEngine extends ApacheHttpClient4Engine { - public FollowRedirectsEngine() { - this.followRedirects = true; - } -}