libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-16297 Fix HttpClient stale connections

Browse source
This commit is contained in:
Hynek Mlnarik 2020-11-12 21:36:46 +01:00 committed by Hynek Mlnařík
parent e8cf1dd92f
commit 29e3d89f3a
29 changed files with 188 additions and 209 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java
View file

@ -17,8 +17,6 @@
package org.keycloak.testsuite.client;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
@ -53,7 +51,7 @@ public class KeycloakTestingClient implements AutoCloseable {
// Disable PKIX path validation errors when running tests using SSL
resteasyClientBuilder.disableTrustManager().hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.ANY);
}
resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10));
resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10, null));
client = resteasyClientBuilder.build();
}
target = client.target(serverUrl);

40
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java
View file

@ -44,6 +44,7 @@ import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.models.Constants;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN;
import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
import static org.keycloak.testsuite.utils.io.IOUtil.PROJECT_BUILD_DIRECTORY;
@ -52,6 +53,8 @@ import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
public class AdminClientUtil {
public static final int NUMBER_OF_CONNECTIONS = 10;
public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String authServerContextRoot) throws Exception {
return createAdminClient(ignoreUnknownProperties, authServerContextRoot, MASTER, ADMIN, ADMIN, Constants.ADMIN_CLI_CLIENT_ID, null);
@ -61,7 +64,7 @@ public class AdminClientUtil {
}
public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String authServerContextRoot, String realmName, String username, String password, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties);
ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties, null);
return KeycloakBuilder.builder()
.serverUrl(authServerContextRoot + "/auth")
@ -75,7 +78,7 @@ public class AdminClientUtil {
public static Keycloak createAdminClientWithClientCredentials(String realmName, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
boolean ignoreUnknownProperties = false;
ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties);
ResteasyClient resteasyClient = createResteasyClient(ignoreUnknownProperties, null);
return KeycloakBuilder.builder()
.serverUrl(getAuthServerContextRoot() + "/auth")
@ -94,7 +97,15 @@ public class AdminClientUtil {
return createAdminClient(ignoreUnknownProperties, getAuthServerContextRoot());
}
private static ResteasyClient createResteasyClient(boolean ignoreUnknownProperties) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
public static ResteasyClient createResteasyClient() {
try {
return createResteasyClient(false, null);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static ResteasyClient createResteasyClient(boolean ignoreUnknownProperties, Boolean followRedirects) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
ResteasyClientBuilder resteasyClientBuilder = new ResteasyClientBuilder();
if ("true".equals(System.getProperty("auth.server.ssl.required"))) {
@ -118,8 +129,8 @@ public class AdminClientUtil {
resteasyClientBuilder
.hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.WILDCARD)
.connectionPoolSize(10)
.httpEngine(getCustomClientHttpEngine(resteasyClientBuilder, 1));
.connectionPoolSize(NUMBER_OF_CONNECTIONS)
.httpEngine(getCustomClientHttpEngine(resteasyClientBuilder, 1, followRedirects));
return resteasyClientBuilder.build();
}
@ -135,8 +146,8 @@ public class AdminClientUtil {
return theContext;
}
public static ClientHttpEngine getCustomClientHttpEngine(ResteasyClientBuilder resteasyClientBuilder, int validateAfterInactivity) {
return new CustomClientHttpEngineBuilder43(validateAfterInactivity).resteasyClientBuilder(resteasyClientBuilder).build();
public static ClientHttpEngine getCustomClientHttpEngine(ResteasyClientBuilder resteasyClientBuilder, int validateAfterInactivity, Boolean followRedirects) {
return new CustomClientHttpEngineBuilder43(validateAfterInactivity, followRedirects).resteasyClientBuilder(resteasyClientBuilder).build();
}
/**
@ -146,23 +157,28 @@ public class AdminClientUtil {
private static class CustomClientHttpEngineBuilder43 extends ClientHttpEngineBuilder43 {
private final int validateAfterInactivity;
private final Boolean followRedirects;
private CustomClientHttpEngineBuilder43(int validateAfterInactivity) {
private CustomClientHttpEngineBuilder43(int validateAfterInactivity, Boolean followRedirects) {
this.validateAfterInactivity = validateAfterInactivity;
this.followRedirects = followRedirects;
}
@Override
protected ClientHttpEngine createEngine(final HttpClientConnectionManager cm, final RequestConfig.Builder rcBuilder,
final HttpHost defaultProxy, final int responseBufferSize, final HostnameVerifier verifier, final SSLContext theContext) {
final ClientHttpEngine engine;
if (cm instanceof PoolingHttpClientConnectionManager) {
PoolingHttpClientConnectionManager pcm = (PoolingHttpClientConnectionManager) cm;
pcm.setValidateAfterInactivity(validateAfterInactivity);
return super.createEngine(pcm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext);
engine = super.createEngine(pcm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext);
} else {
return super.createEngine(cm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext);
engine = super.createEngine(cm, rcBuilder, defaultProxy, responseBufferSize, verifier, theContext);
}
if (followRedirects != null) {
((ApacheHttpClient4Engine) engine).setFollowRedirects(followRedirects);
}
return engine;
}
}

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletAuthzCIPAdapterTest.java
View file

@ -17,7 +17,6 @@
package org.keycloak.testsuite.adapter.example.authorization;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
@ -32,6 +31,7 @@ import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
@ -81,7 +81,7 @@ public class ServletAuthzCIPAdapterTest extends AbstractServletAuthzAdapterTest
performTests(() -> {
OAuthClient.AccessTokenResponse response = oauth.realm("servlet-authz").clientId("servlet-authz-app")
.doGrantAccessTokenRequest("secret", "alice", "alice");
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
Map<String, String> body = new HashMap();
body.put("test", "test-value");

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java
View file

@ -63,6 +63,7 @@ import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.WaitUtils;
@ -70,7 +71,6 @@ import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.util.BasicAuthHelper;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -350,7 +350,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
// do exchange
String accessToken = oauth.doGrantAccessTokenRequest(CHILD_IDP, "child", "password", null, ClientApp.DEPLOYMENT_NAME, "password").getAccessToken();
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
try {
WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient);
System.out.println("Exchange url: " + exchangeUrl.getUri().toString());
@ -519,7 +519,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
String accessToken = oauth.doGrantAccessTokenRequest(PARENT_IDP, PARENT2_USERNAME, "password", null, PARENT_CLIENT, "password").getAccessToken();
Assert.assertEquals(0, adminClient.realm(CHILD_IDP).getClientSessionStats().size());
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
try {
WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient);
System.out.println("Exchange url: " + exchangeUrl.getUri().toString());
@ -721,7 +721,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
Assert.assertEquals(0, adminClient.realm(CHILD_IDP).getClientSessionStats().size());
}
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
try {
WebTarget exchangeUrl = childTokenExchangeWebTarget(httpClient);
{

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java
View file

@ -49,12 +49,12 @@ import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.util.JsonSerialization;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.UriBuilder;
import java.net.URL;
import java.util.LinkedList;
@ -402,7 +402,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
OAuthClient.AccessTokenResponse response = oauth.doGrantAccessTokenRequest(CHILD_IDP, "child", "password", null, "client-linking", "password");
Assert.assertNotNull(response.getAccessToken());
Assert.assertNull(response.getError());
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String firstToken = getToken(response, httpClient);
Assert.assertNotNull(firstToken);

109
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java
View file

@ -29,7 +29,6 @@ import org.apache.http.util.EntityUtils;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Before;
@ -84,7 +83,6 @@ import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.console.page.events.Config;
import org.keycloak.testsuite.console.page.events.LoginEvents;
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
import org.keycloak.testsuite.util.FollowRedirectsEngine;
import org.keycloak.testsuite.util.JavascriptBrowser;
import org.keycloak.testsuite.util.Matchers;
import org.keycloak.testsuite.util.URLUtils;
@ -95,7 +93,6 @@ import org.openqa.selenium.Cookie;
import org.openqa.selenium.WebDriver;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -107,7 +104,6 @@ import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
@ -132,6 +128,8 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO;
import static org.keycloak.testsuite.util.AdminClientUtil.NUMBER_OF_CONNECTIONS;
import static org.keycloak.testsuite.util.AdminClientUtil.createResteasyClient;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
@ -449,7 +447,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
}
@Test
public void testSavedPostRequest() throws InterruptedException {
public void testSavedPostRequest() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
inputPortal.navigateTo();
assertCurrentUrlEquals(inputPortal);
@ -472,12 +470,15 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
// test unsecured POST KEYCLOAK-901
Client client = ClientBuilder.newClient();
Form form = new Form();
form.param("parameter", "hello");
String text = client.target(inputPortal + "/unsecured").request().post(Entity.form(form), String.class);
assertThat(text, containsString("parameter=hello"));
client.close();
Client client = createResteasyClient(true, false);
try {
Form form = new Form();
form.param("parameter", "hello");
String text = client.target(inputPortal + "/unsecured").request().post(Entity.form(form), String.class);
assertThat(text, containsString("parameter=hello"));
} finally {
client.close();
}
}
@Test
@ -642,47 +643,48 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
//KEYCLOAK-518
@Test
public void testNullBearerToken() {
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
public void testNullBearerToken() throws Exception {
Client client = createResteasyClient(true, true);
WebTarget target = client.target(customerDb.toString());
Response response = target.request().get();
assertEquals(401, response.getStatus());
response.close();
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
assertEquals(401, response.getStatus());
response.close();
client.close();
try {
try (Response response = target.request().get()) {
assertEquals(401, response.getStatus());
}
try (Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get()) {
assertEquals(401, response.getStatus());
}
} finally {
client.close();
}
}
//KEYCLOAK-1368
@Test
public void testNullBearerTokenCustomErrorPage() {
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
public void testNullBearerTokenCustomErrorPage() throws Exception {
Client client = createResteasyClient(true, true);
WebTarget target = client.target(customerDbErrorPage.toString());
Response response = target.request().get();
try (Response response = target.request().get()) {
assertEquals(401, response.getStatus());
String errorPageResponse = response.readEntity(String.class);
assertThat(errorPageResponse, containsString("Error Page"));
assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN.toString()));
}
assertEquals(401, response.getStatus());
String errorPageResponse = response.readEntity(String.class);
assertThat(errorPageResponse, containsString("Error Page"));
assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN.toString()));
response.close();
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
assertEquals(401, response.getStatus());
errorPageResponse = response.readEntity(String.class);
assertThat(errorPageResponse, containsString("Error Page"));
assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.INVALID_TOKEN.toString()));
response.close();
try (Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get()) {
assertEquals(401, response.getStatus());
String errorPageResponse = response.readEntity(String.class);
assertThat(errorPageResponse, containsString("Error Page"));
assertThat(errorPageResponse, containsString(OIDCAuthenticationError.Reason.INVALID_TOKEN.toString()));
}
client.close();
}
//KEYCLOAK-518
@Test
public void testBadUser() {
Client client = ClientBuilder.newClient();
public void testBadUser() throws Exception {
Client client = createResteasyClient(true, true);
URI uri = OIDCLoginProtocolService.tokenUrl(authServerPage.createUriBuilder()).build("demo");
WebTarget target = client.target(uri);
String header = BasicAuthHelper.createHeader("customer-portal", "password");
@ -690,11 +692,11 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
form.param(OAuth2Constants.GRANT_TYPE, OAuth2Constants.PASSWORD)
.param("username", "monkey@redhat.com")
.param("password", "password");
Response response = target.request()
try (Response response = target.request()
.header(HttpHeaders.AUTHORIZATION, header)
.post(Entity.form(form));
assertEquals(401, response.getStatus());
response.close();
.post(Entity.form(form))) {
assertEquals(401, response.getStatus());
}
client.close();
}
@ -961,9 +963,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
@Test
public void testBasicAuth() {
public void testBasicAuth() throws Exception {
String value = "hello";
Client client = ClientBuilder.newClient();
Client client = createResteasyClient(true, true);
//pause(1000000);
@ -1167,8 +1169,8 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
}
@Test
public void testAutodetectBearerOnly() {
Client client = ClientBuilder.newClient();
public void testAutodetectBearerOnly() throws Exception {
Client client = createResteasyClient(true, false);
// Do not redirect client to login page if it's an XHR
System.out.println(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
@ -1219,15 +1221,14 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
// KEYCLOAK-3016
@Test
public void testBasicAuthErrorHandling() {
int numberOfConnections = 10;
Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).httpEngine(new FollowRedirectsEngine()).build();
public void testBasicAuthErrorHandling() throws Exception {
Client client = createResteasyClient(true, true);
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
Response response = target.request().get();
Assert.assertEquals(401, response.getStatus());
response.close();
final int LIMIT = numberOfConnections + 1;
final int LIMIT = NUMBER_OF_CONNECTIONS + 1;
for (int i = 0; i < LIMIT; i++) {
System.out.println("Testing Basic Auth with bad credentials " + i);
response = target.request().header(HttpHeaders.AUTHORIZATION, "Basic dXNlcm5hbWU6cGFzc3dvcmQ=").get();
@ -1240,8 +1241,8 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
// KEYCLOAK-1733
@Test
public void testNullQueryParameterAccessToken() {
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
public void testNullQueryParameterAccessToken() throws Exception {
Client client = createResteasyClient(true, true);
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
Response response = target.request().get();
@ -1258,9 +1259,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
// KEYCLOAK-1733
@Test
public void testRestCallWithAccessTokenAsQueryParameter() {
public void testRestCallWithAccessTokenAsQueryParameter() throws Exception {
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
Client client = createResteasyClient(true, true);
try {
WebTarget webTarget = client.target(testRealmPage.toString() + "/protocol/openid-connect/token");

27
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java
View file

@ -25,8 +25,6 @@ import static org.keycloak.testsuite.admin.Users.getPasswordOf;
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO;
import static org.keycloak.testsuite.auth.page.AuthRealm.SAMLSERVLETDEMO;
import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PRIVATE_KEY;
import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PUBLIC_KEY;
import static org.keycloak.testsuite.util.Matchers.bodyHC;
import static org.keycloak.testsuite.util.Matchers.statusCodeIsHC;
import static org.keycloak.testsuite.util.UIUtils.getRawPageSource;
@ -59,7 +57,6 @@ import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.client.WebTarget;
@ -122,16 +119,12 @@ import org.keycloak.keys.ImportedRsaKeyProviderFactory;
import org.keycloak.keys.KeyProvider;
import org.keycloak.protocol.saml.SamlConfigAttributes;
import org.keycloak.protocol.saml.SamlProtocol;
import org.keycloak.protocol.saml.mappers.AttributeStatementHelper;
import org.keycloak.protocol.saml.mappers.RoleListMapper;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.saml.SAML2ErrorResponseBuilder;
import org.keycloak.saml.common.constants.JBossSAMLConstants;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.saml.common.util.DocumentUtil;
@ -155,6 +148,7 @@ import org.keycloak.testsuite.saml.AbstractSamlTest;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.updaters.Creator;
import org.keycloak.testsuite.updaters.UserAttributeUpdater;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.SamlClient;
import org.keycloak.testsuite.util.SamlClient.Binding;
import org.keycloak.testsuite.util.SamlClientBuilder;
@ -171,7 +165,6 @@ import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
import static org.keycloak.testsuite.admin.ApiUtil.getCreatedId;
/**
* @author mhajas
@ -1120,7 +1113,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
// test unsecured POST KEYCLOAK-901
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
Form form = new Form();
form.param("parameter", "hello");
String text = client.target(inputPortalPage + "/unsecured").request().post(Entity.form(form), String.class);
@ -1391,7 +1384,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
public void spMetadataValidation() throws Exception {
ClientResource clientResource = ApiUtil.findClientResourceByClientId(testRealmResource(), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST_SIG);
ClientRepresentation representation = clientResource.toRepresentation();
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
WebTarget target = client.target(authServerPage.toString() + "/admin/realms/" + SAMLSERVLETDEMO + "/clients/" + representation.getId() + "/installation/providers/saml-sp-descriptor");
Response response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer " + adminClient.tokenManager().getAccessToken().getToken()).get();
validateXMLWithSchema(response.readEntity(String.class), "/adapter-test/keycloak-saml/metadata-schema/saml-schema-metadata-2.0.xsd");
@ -1536,7 +1529,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
@Test
/* KEYCLOAK-4980 */
public void testAutodetectBearerOnly() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
// Do not redirect client to login page if it's an XHR
WebTarget target = client.target(salesPostAutodetectServletPage.toString() + "/");
@ -1585,7 +1578,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
"Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus")
@Test
public void testSuccessfulEcpFlow() throws Exception {
Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request()
Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request()
.header("Accept", "text/html; application/vnd.paos+xml")
.header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'")
.get();
@ -1622,7 +1615,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
String pair = username + ":" + password;
String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes());
Response authenticationResponse = ClientBuilder.newClient().target(singleSignOnService).request()
Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request()
.header(HttpHeaders.AUTHORIZATION, authHeader)
.post(Entity.entity(DocumentUtil.asString(authenticationRequest), "text/xml"));
@ -1658,12 +1651,12 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
samlResponseRequest.writeTo(os);
Response serviceProviderFinalResponse = ClientBuilder.newClient().target(responseType.getDestination()).request()
Response serviceProviderFinalResponse = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request()
.post(Entity.entity(os.toByteArray(), "application/vnd.paos+xml"));
Map<String, NewCookie> cookies = serviceProviderFinalResponse.getCookies();
Invocation.Builder resourceRequest = ClientBuilder.newClient().target(responseType.getDestination()).request();
Invocation.Builder resourceRequest = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request();
for (NewCookie cookie : cookies.values()) {
resourceRequest.cookie(cookie);
@ -1677,7 +1670,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
"Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus")
@Test
public void testInvalidCredentialsEcpFlow() throws Exception {
Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request()
Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request()
.header("Accept", "text/html; application/vnd.paos+xml")
.header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'")
.get();
@ -1715,7 +1708,7 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
String pair = username + ":" + password;
String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes());
Response authenticationResponse = ClientBuilder.newClient().target(singleSignOnService).request()
Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request()
.header(HttpHeaders.AUTHORIZATION, authHeader)
.post(Entity.entity(DocumentUtil.asString(authenticationRequest), "application/soap+xml"));

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java
View file

@ -245,7 +245,7 @@ public class ImpersonationTest extends AbstractKeycloakTest {
protected Set<Cookie> testSuccessfulImpersonation(String admin, String adminRealm) {
ResteasyClientBuilder resteasyClientBuilder = new ResteasyClientBuilder();
resteasyClientBuilder.connectionPoolSize(10);
resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10));
resteasyClientBuilder.httpEngine(AdminClientUtil.getCustomClientHttpEngine(resteasyClientBuilder, 10, null));
ResteasyClient resteasyClient = resteasyClientBuilder.build();
// Login adminClient

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaDiscoveryDocumentTest.java
View file

@ -22,7 +22,6 @@ import java.net.URI;
import java.util.List;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
@ -38,6 +37,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.OAuthClient;
@AuthServerContainerExclude(AuthServer.REMOTE)
@ -54,7 +54,7 @@ public class UmaDiscoveryDocumentTest extends AbstractKeycloakTest {
@Test
public void testFetchDiscoveryDocument() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT);
URI oidcDiscoveryUri = RealmsResource.wellKnownProviderUrl(builder).build("test", UmaWellKnownProviderFactory.PROVIDER_ID);
WebTarget oidcDiscoveryTarget = client.target(oidcDiscoveryUri);

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UmaGrantTypeTest.java
View file

@ -34,12 +34,10 @@ import java.util.List;
import java.util.Map;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import com.google.common.base.Charsets;
@ -70,6 +68,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.util.BasicAuthHelper;
@ -426,7 +425,7 @@ public class UmaGrantTypeTest extends AbstractResourceServerTest {
assertNotNull(refreshTokenToken.getAuthorization());
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI uri = OIDCLoginProtocolService.tokenUrl(builder).build(REALM_NAME);
WebTarget target = client.target(uri);

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/SocialLoginTest.java
View file

@ -56,7 +56,6 @@ import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -73,6 +72,7 @@ import static org.junit.Assume.assumeTrue;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.BITBUCKET;
import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.FACEBOOK;
import static org.keycloak.testsuite.broker.SocialLoginTest.Provider.FACEBOOK_INCLUDE_BIRTHDAY;
@ -535,7 +535,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
}
private AccessTokenResponse checkFeature(int expectedStatusCode, String username) {
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
Response response = null;
try {
testingClient.server().run(SocialLoginTest::setupClientExchangePermissions);
@ -573,7 +573,7 @@ public class SocialLoginTest extends AbstractKeycloakTest {
assertEquals(200, tokenResp.getStatus());
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse tokenResponse = checkFeature(200, username);

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRedirectTest.java
View file

@ -28,6 +28,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
@ -84,7 +85,7 @@ public class ClientRedirectTest extends AbstractTestRealmKeycloakTest {
String code = oauth.getCurrentQuery().get(OAuth2Constants.CODE);
String token = oauth.doAccessTokenRequest(code, "password").getAccessToken();
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
String redirectUrl = getAuthServerRoot().toString() + "realms/test/clients/launchpad-test/redirect";
Response response = client.target(redirectUrl).request().header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
assertEquals(303, response.getStatus());

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCPairwiseClientRegistrationTest.java
View file

@ -42,6 +42,7 @@ import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.UserInfoClientUtil;
@ -354,7 +355,7 @@ public class OIDCPairwiseClientRegistrationTest extends AbstractClientRegistrati
Assert.assertNotEquals(pairwiseUserId, user.getId());
// Send request to userInfo endpoint
Client jaxrsClient = javax.ws.rs.client.ClientBuilder.newClient();
Client jaxrsClient = AdminClientUtil.createResteasyClient();
try {
// Check that userInfo contains pairwise subjectId as well
Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(jaxrsClient, accessTokenResponse.getAccessToken());

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ClientStorageTest.java
View file

@ -75,6 +75,7 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
/**
* Test that clients can override auth flows
@ -232,7 +233,7 @@ public class ClientStorageTest extends AbstractTestRealmKeycloakTest {
}
private void testDirectGrant(String clientId) {
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ChallengeFlowTest.java
View file

@ -38,7 +38,6 @@ import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.OAuthClient;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -50,6 +49,7 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
/**
* Test that clients can override auth flows
@ -129,7 +129,7 @@ public class ChallengeFlowTest extends AbstractTestRealmKeycloakTest {
public void testChallengeFlow() throws Exception {
oauth.clientId(TEST_APP_FLOW);
String loginFormUrl = oauth.getLoginFormUrl();
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
WebTarget loginTarget = client.target(loginFormUrl);
Response response = loginTarget.request().get();
Assert.assertEquals(401, response.getStatus());
@ -142,7 +142,7 @@ public class ChallengeFlowTest extends AbstractTestRealmKeycloakTest {
// respin Client to make absolutely sure no cookie caching. need to test that it works with null auth_session_id cookie.
client.close();
client = ClientBuilder.newClient();
client = AdminClientUtil.createResteasyClient();
authenticateHeader = authenticateHeader.trim();

13
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/FlowOverrideTest.java
View file

@ -60,6 +60,7 @@ import java.util.List;
import static org.junit.Assert.assertEquals;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
/**
* Test that clients can override auth flows
@ -293,7 +294,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
}
private void testDirectGrantNoOverride(String clientId) {
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);
@ -343,7 +344,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
@Test
public void testGrantAccessTokenWithClientOverride() throws Exception {
String clientId = TEST_APP_DIRECT_OVERRIDE;
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);
@ -365,7 +366,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
@Test
public void testClientOverrideFlowUsingDirectGrantHttpChallenge() {
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);
@ -401,7 +402,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
setupBruteForce();
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);
@ -443,7 +444,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
public void testDirectGrantHttpChallengeUserDisabled() {
setupBruteForce();
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
String grantUri = oauth.getResourceOwnerPasswordCredentialGrantUrl();
WebTarget grantTarget = httpClient.target(grantUri);
@ -489,7 +490,7 @@ public class FlowOverrideTest extends AbstractTestRealmKeycloakTest {
@Test
public void testClientOverrideFlowUsingBrowserHttpChallenge() {
Client httpClient = javax.ws.rs.client.ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
oauth.clientId(TEST_APP_HTTP_CHALLENGE);
String grantUri = oauth.getLoginFormUrl();
WebTarget grantTarget = httpClient.target(grantUri);

9
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
View file

@ -49,6 +49,7 @@ import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.DroneUtils;
import org.keycloak.testsuite.util.JavascriptBrowser;
@ -58,11 +59,9 @@ import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.TokenSignatureUtil;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.NoSuchElementException;
import org.openqa.selenium.WebDriver;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import java.util.Arrays;
@ -160,7 +159,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
@Test
public void testBrowserSecurityHeaders() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
Response response = client.target(oauth.getLoginFormUrl()).request().get();
Assert.assertThat(response.getStatus(), is(equalTo(200)));
for (BrowserSecurityHeaders header : BrowserSecurityHeaders.values()) {
@ -189,7 +188,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
adminClient.realm("test").update(realmRep);
try {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
Response response = client.target(oauth.getLoginFormUrl()).request().get();
String headerValue = response.getHeaderString(cspReportOnlyHeader);
Assert.assertThat(headerValue, is(equalTo(expectedCspReportOnlyValue)));
@ -204,7 +203,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
//KEYCLOAK-5556
@Test
public void testPOSTAuthenticationRequest() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
//POST request to http://localhost:8180/auth/realms/test/protocol/openid-connect/auth;
UriBuilder b = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(AUTH_SERVER_ROOT));

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTotpTest.java
View file

@ -33,13 +33,13 @@ import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.AppPage.RequestType;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginTotpPage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.GreenMailRule;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmRepUtil;
import org.keycloak.testsuite.util.UserBuilder;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -198,7 +198,7 @@ public class LoginTotpTest extends AbstractTestRealmKeycloakTest {
//KEYCLOAK-12908
@Test
public void loginWithTotp_getToken_checkCompatibilityCLI() throws IOException {
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
try {
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/keys/KeyRotationTest.java
View file

@ -22,12 +22,9 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.RSATokenVerifier;
import org.keycloak.TokenVerifier;
import org.keycloak.client.registration.Auth;
import org.keycloak.client.registration.ClientRegistration;
import org.keycloak.client.registration.ClientRegistrationException;
import org.keycloak.common.VerificationException;
import org.keycloak.common.util.KeyUtils;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.PemUtils;
@ -42,7 +39,6 @@ import org.keycloak.representations.idm.ClientInitialAccessCreatePresentation;
import org.keycloak.representations.idm.ClientInitialAccessPresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.KeysMetadataRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
@ -50,6 +46,7 @@ import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.AppPage.RequestType;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.KeycloakModelUtils;
import org.keycloak.testsuite.util.OAuthClient;
@ -327,9 +324,9 @@ public class KeyRotationTest extends AbstractKeycloakTest {
}
private void assertUserInfo(String token, int expectedStatus) {
Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(javax.ws.rs.client.ClientBuilder.newClient(), token);
assertEquals(expectedStatus, userInfoResponse.getStatus());
userInfoResponse.close();
try (Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(AdminClientUtil.createResteasyClient(), token)) {
assertEquals(expectedStatus, userInfoResponse.getStatus());
}
}
private void assertTokenIntrospection(String token, boolean expectActive) {

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/metrics/MetricsRestServiceTest.java
View file

@ -18,7 +18,6 @@ package org.keycloak.testsuite.metrics;
import java.util.List;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
@ -27,6 +26,7 @@ import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ContainerAssume;
import static org.hamcrest.Matchers.containsString;
@ -51,7 +51,7 @@ public class MetricsRestServiceTest extends AbstractKeycloakTest {
@Test
public void testHealthEndpoint() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try (Response response = client.target("http://" + MGMT_HOST + ":" + MGMT_PORT + "/health").request().get()) {
Assert.assertThat(response, statusCodeIs(Status.OK));
@ -63,7 +63,7 @@ public class MetricsRestServiceTest extends AbstractKeycloakTest {
@Test
public void testMetricsEndpoint() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try (Response response = client.target("http://" + MGMT_HOST + ":" + MGMT_PORT + "/metrics").request().get()) {
Assert.assertThat(response, statusCodeIs(Status.OK));

19
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
View file

@ -65,6 +65,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ActionURIUtils;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
@ -394,7 +395,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
Assert.assertEquals(200, response.getStatusCode());
String accessToken = response.getAccessToken();
Client jaxrsClient = javax.ws.rs.client.ClientBuilder.newClient();
Client jaxrsClient = AdminClientUtil.createResteasyClient();
try {
// Check that userInfo can be invoked
Response userInfoResponse = UserInfoClientUtil.executeUserInfoRequest_getMethod(jaxrsClient, accessToken);
@ -492,7 +493,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
@Test
public void testGrantAccessToken() throws Exception {
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -705,7 +706,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
@Test
public void testKeycloak2221() throws Exception {
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -789,7 +790,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
realm.clients().get(clientRep.getId()).update(clientRep);
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -818,7 +819,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
clientScopeResource.getScopeMappings().realmLevel().add(addRole1);
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -843,7 +844,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
realm.clients().get(clientRep.getId()).getScopeMappings().realmLevel().add(addRole2);
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -869,7 +870,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
realm.clients().get(clientRep.getId()).getScopeMappings().realmLevel().remove(addRole2);
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -893,7 +894,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
clientScopeResource.getScopeMappings().realmLevel().add(addRole2);
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);
@ -921,7 +922,7 @@ public class AccessTokenTest extends AbstractKeycloakTest {
clientScopeResource.remove();
{
Client client = javax.ws.rs.client.ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget grantTarget = client.target(grantUri);

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeSAML2Test.java
View file

@ -57,13 +57,13 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.util.BasicAuthHelper;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -525,7 +525,7 @@ public class ClientTokenExchangeSAML2Test extends AbstractKeycloakTest {
@UncaughtServerErrorExpected
public void testDirectImpersonation() throws Exception {
testingClient.server().run(ClientTokenExchangeSAML2Test::setupRealm);
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")

10
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java
View file

@ -51,7 +51,6 @@ import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.util.BasicAuthHelper;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -65,6 +64,7 @@ import static org.junit.Assert.assertNotNull;
import static org.keycloak.models.ImpersonationSessionNote.IMPERSONATOR_ID;
import static org.keycloak.models.ImpersonationSessionNote.IMPERSONATOR_USERNAME;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
/**
@ -261,7 +261,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
oauth.realm(TEST);
oauth.clientId("client-exchanger");
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")
@ -343,7 +343,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
oauth.realm(TEST);
oauth.clientId("client-exchanger");
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")
@ -381,7 +381,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
@UncaughtServerErrorExpected
public void testDirectImpersonation() throws Exception {
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")
@ -520,7 +520,7 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
}
private Response checkTokenExchange() {
Client httpClient = ClientBuilder.newClient();
Client httpClient = AdminClientUtil.createResteasyClient();
WebTarget exchangeUrl = httpClient.target(OAuthClient.AUTH_SERVER_ROOT)
.path("/realms")
.path(TEST)

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java
View file

@ -49,6 +49,7 @@ import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
@ -59,7 +60,6 @@ import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.util.BasicAuthHelper;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -141,7 +141,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
*/
@Test
public void nullRefreshToken() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI uri = OIDCLoginProtocolService.tokenUrl(builder).build("test");
WebTarget target = client.target(uri);
@ -928,7 +928,7 @@ public class RefreshTokenTest extends AbstractKeycloakTest {
@Test
public void testCheckSsl() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_ROOT);
URI grantUri = OIDCLoginProtocolService.tokenUrl(builder).build("test");

9
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/UserInfoEndpointCorsTest.java
View file

@ -1,17 +1,14 @@
package org.keycloak.testsuite.oauth;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.UserInfoClientUtil;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import java.util.List;
@ -41,7 +38,7 @@ public class UserInfoEndpointCorsTest extends AbstractKeycloakTest {
OAuthClient.AccessTokenResponse accessTokenResponse = oauth.doGrantAccessTokenRequest(null, "test-user@localhost", "password");
WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(javax.ws.rs.client.ClientBuilder.newClient());
WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(AdminClientUtil.createResteasyClient());
Response userInfoResponse = userInfoTarget.request()
.header(HttpHeaders.AUTHORIZATION, "bearer " + accessTokenResponse.getAccessToken())
.header("Origin", VALID_CORS_URL) // manually trigger CORS handling
@ -61,7 +58,7 @@ public class UserInfoEndpointCorsTest extends AbstractKeycloakTest {
OAuthClient.AccessTokenResponse accessTokenResponse = oauth.doGrantAccessTokenRequest(null, "test-user@localhost", "password");
WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(javax.ws.rs.client.ClientBuilder.newClient());
WebTarget userInfoTarget = UserInfoClientUtil.getUserInfoWebTarget(AdminClientUtil.createResteasyClient());
Response userInfoResponse = userInfoTarget.request()
.header(HttpHeaders.AUTHORIZATION, "bearer " + accessTokenResponse.getAccessToken())
.header("Origin", INVALID_CORS_URL) // manually trigger CORS handling

13
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java
View file

@ -25,7 +25,6 @@ import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.OAuthErrorException;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ClientScopeResource;
import org.keycloak.admin.client.resource.ProtocolMappersResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.authentication.authenticators.client.JWTClientAuthenticator;
@ -49,9 +48,7 @@ import org.keycloak.representations.idm.CertificateRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientScopeRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.util.CertificateInfoHelper;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.Assert;
@ -69,16 +66,13 @@ import org.keycloak.testsuite.pages.OAuthGrantPage;
import org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.ProtocolMapperUtil;
import org.keycloak.testsuite.util.UserInfoClientUtil;
import org.keycloak.util.JsonSerialization;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -88,10 +82,9 @@ import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsernameId;
import static org.keycloak.testsuite.util.ProtocolMapperUtil.createHardcodedClaim;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.util.AdminClientUtil;
/**
* Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...)
@ -1104,7 +1097,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
assertNull(idToken.getGivenName());
assertEquals("Tom Brady", idToken.getName());
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken());
UserInfo userInfo = response.readEntity(UserInfo.class);
@ -1151,7 +1144,7 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
assertNull(idToken.getGivenName());
assertNull(idToken.getName());
client = ClientBuilder.newClient();
client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken());
UserInfo userInfo = response.readEntity(UserInfo.class);

13
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
View file

@ -42,13 +42,13 @@ import org.keycloak.services.resources.RealmsResource;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.TokenSignatureUtil;
import org.keycloak.util.JsonSerialization;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Response;
@ -58,7 +58,6 @@ import java.net.URI;
import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -101,7 +100,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
@Test
public void testDiscovery() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, OAuthClient.AUTH_SERVER_ROOT);
@ -179,7 +178,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
@Test
public void testHttpDiscovery() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, "http://localhost:8180/auth");
@ -201,7 +200,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
assertEquals(200, response.getStatusCode());
IDToken idToken = oauth.verifyIDToken(response.getIdToken());
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
OIDCConfigurationRepresentation oidcConfig = getOIDCDiscoveryRepresentation(client, OAuthClient.AUTH_SERVER_ROOT);
@ -214,7 +213,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
@Test
public void corsTest() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
UriBuilder builder = UriBuilder.fromUri(OAuthClient.AUTH_SERVER_ROOT);
URI oidcDiscoveryUri = RealmsResource.wellKnownProviderUrl(builder).build("test", OIDCWellKnownProviderFactory.PROVIDER_ID);
WebTarget oidcDiscoveryTarget = client.target(oidcDiscoveryUri);
@ -240,7 +239,7 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
@Test
public void testIntrospectionEndpointClaim() throws IOException {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
ObjectNode oidcConfig = JsonSerialization
.readValue(getOIDCDiscoveryConfiguration(client, OAuthClient.AUTH_SERVER_ROOT), ObjectNode.class);

35
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/UserInfoTest.java
View file

@ -41,7 +41,6 @@ import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.ClientScopeRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.util.KeycloakModelUtils;
import org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
@ -54,6 +53,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
@ -64,7 +64,6 @@ import org.keycloak.util.JsonSerialization;
import org.keycloak.utils.MediaType;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
@ -120,7 +119,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSuccess_getMethod_header() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -136,7 +135,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSuccess_postMethod_header() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -155,7 +154,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSuccess_postMethod_body() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -209,7 +208,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
events.clear();
// Send UserInfo request and ensure it is correct
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken());
@ -221,7 +220,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSuccess_postMethod_header_textEntity() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -247,7 +246,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
clientResource.update(clientRep);
// test signed response
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -305,7 +304,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSessionExpired() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -338,7 +337,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testAccessTokenExpired() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -385,7 +384,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
events.clear();
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessTokenResponse.getAccessToken());
@ -413,7 +412,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testNotBeforeTokens() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -472,7 +471,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testSessionExpiredOfflineAccess() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client, true);
@ -490,7 +489,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testUnsuccessfulUserInfoRequest() throws Exception {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, "bad");
@ -519,7 +518,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
@Test
public void testUnsuccessfulUserInfoRequestWithEmptyAccessToken() {
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, "");
@ -540,7 +539,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
samlClient.setProtocol("saml");
adminClient.realm("test").clients().get(samlClient.getId()).update(samlClient);
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
events.clear();
Response response = UserInfoClientUtil.executeUserInfoRequest_getMethod(client, accessToken);
@ -564,7 +563,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
switchIncludeRolesInUserInfoEndpoint(true);
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);
@ -636,7 +635,7 @@ public class UserInfoTest extends AbstractKeycloakTest {
clientResource.update(clientRep);
// test signed response
Client client = ClientBuilder.newClient();
Client client = AdminClientUtil.createResteasyClient();
try {
AccessTokenResponse accessTokenResponse = executeGrantAccessTokenRequest(client);

17
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/FollowRedirectsEngine.java
View file

@ -1,17 +0,0 @@
package org.keycloak.testsuite.util;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
/**
* A simple wrapper for the HTTP Client Engine to follow redirects.
*
* <p>
* When hitting a Servlet deployed on Jetty without trailing slash, we get a <code>302</code> in return.
* Our testsuite doesn't work well with this. This engine solves this problem.
* </p>
*/
public class FollowRedirectsEngine extends ApacheHttpClient4Engine {
public FollowRedirectsEngine() {
this.followRedirects = true;
}
}