Merge pull request #3504 from vramik/KEYCLOAK-3907

KEYCLOAK-3907 Test backwards compatibility of realm import
This commit is contained in:
Marek Posolda 2016-11-18 09:10:59 +01:00 committed by GitHub
commit 2c6e9be8e5
8 changed files with 99 additions and 345 deletions

View file

@ -36,7 +36,9 @@ import static org.keycloak.exportimport.ExportImportConfig.DIR;
import static org.keycloak.exportimport.ExportImportConfig.FILE;
import static org.keycloak.exportimport.ExportImportConfig.PROVIDER;
import static org.keycloak.exportimport.ExportImportConfig.REALM_NAME;
import static org.keycloak.exportimport.ExportImportConfig.STRATEGY;
import static org.keycloak.exportimport.ExportImportConfig.USERS_PER_FILE;
import org.keycloak.exportimport.Strategy;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -97,6 +99,13 @@ public class TestingExportImportResource {
return System.setProperty(DIR, dir);
}
@PUT
@Path("/set-import-strategy")
@Consumes(MediaType.APPLICATION_JSON)
public void setStrategy(@QueryParam("importStrategy") Strategy strategy) {
System.setProperty(STRATEGY, strategy.name());
}
@PUT
@Path("/export-import-provider")
@Consumes(MediaType.APPLICATION_JSON)

View file

@ -25,6 +25,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.keycloak.exportimport.Strategy;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -64,6 +65,11 @@ public interface TestingExportImportResource {
@Produces(MediaType.APPLICATION_JSON)
public String setDir(@QueryParam("dir") String dir);
@PUT
@Path("/set-import-strategy")
@Consumes(MediaType.APPLICATION_JSON)
public void setStrategy(@QueryParam("importStrategy") Strategy strategy);
@PUT
@Path("/export-import-provider")
@Consumes(MediaType.APPLICATION_JSON)

View file

@ -257,39 +257,22 @@ public abstract class AbstractKeycloakTest {
adminClient.realms().create(realm);
}
public void removeRealm(RealmRepresentation realm) {
public void removeRealm(String realmName) {
log.info("removing realm: " + realmName);
try {
adminClient.realms().realm(realm.getRealm()).remove();
adminClient.realms().realm(realmName).remove();
} catch (NotFoundException e) {
}
}
public void removeRealm(RealmRepresentation realm) {
removeRealm(realm.getRealm());
}
public RealmsResource realmsResouce() {
return adminClient.realms();
}
public void createRealm(String realm) {
try {
RealmResource realmResource = adminClient.realms().realm(realm);
// Throws NotFoundException in case the realm does not exist! Ugly but there
// does not seem to be a way to this just by asking.
RealmRepresentation realmRepresentation = realmResource.toRepresentation();
} catch (NotFoundException ex) {
RealmRepresentation realmRepresentation = new RealmRepresentation();
realmRepresentation.setRealm(realm);
realmRepresentation.setEnabled(true);
realmRepresentation.setRegistrationAllowed(true);
adminClient.realms().create(realmRepresentation);
// List<RequiredActionProviderRepresentation> requiredActions = adminClient.realm(realm).flows().getRequiredActions();
// for (RequiredActionProviderRepresentation a : requiredActions) {
// a.setEnabled(false);
// a.setDefaultAction(false);
// adminClient.realm(realm).flows().updateRequiredAction(a.getAlias(), a);
// }
}
}
/**
* Creates a user in the given realm and returns its ID.
* @param realm Realm name

View file

@ -141,11 +141,7 @@ public class ExportImportTest extends AbstractExportImportTest {
ExportImportUtil.assertDataImportedInRealm(adminClient, testingClient, testRealmRealm.toRepresentation());
}
private void removeRealm(String realmName) {
adminClient.realm(realmName).remove();
}
private void testFullExportImport() throws LifecycleException {
testingClient.testing().exportImport().setAction(ExportImportConfig.ACTION_EXPORT);
testingClient.testing().exportImport().setRealmName("");

View file

@ -20,7 +20,6 @@ package org.keycloak.testsuite.exportimport;
import org.jboss.arquillian.container.spi.client.container.LifecycleException;
import org.junit.After;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.Config;
import org.keycloak.admin.client.resource.ClientResource;
@ -39,6 +38,11 @@ import java.net.URL;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import static org.junit.Assert.assertNotNull;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.exportimport.Strategy;
import static org.keycloak.testsuite.Assert.assertNames;
import static org.keycloak.testsuite.migration.MigrationTest.MIGRATION;
/**
* Test importing JSON files exported from previous adminClient versions
@ -57,46 +61,82 @@ public class LegacyImportTest extends AbstractExportImportTest {
public void addTestRealms(List<RealmRepresentation> testRealms) {
}
@Test
public void importPreviousProject() throws Exception {
@Ignore // TODO: Restart and set system properties doesn't work on wildfly ATM. Figure and re-enable
String projectVersion = System.getProperty("migration.project.version");
assertNotNull(projectVersion);
testLegacyImport(projectVersion);
}
@Test
public void importPreviousProduct() throws Exception {
String productVersion = System.getProperty("migration.product.version");
assertNotNull(productVersion);
testLegacyImport(productVersion);
}
private void testLegacyImport(String version) {
String file = "/migration-test/migration-realm-" + version + ".json";
URL url = LegacyImportTest.class.getResource(file);
String targetFilePath = new File(url.getFile()).getAbsolutePath();
testingClient.testing().exportImport().setFile(targetFilePath);
testingClient.testing().exportImport().setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
testingClient.testing().exportImport().setAction(ExportImportConfig.ACTION_IMPORT);
testingClient.testing().exportImport().setRealmName(MIGRATION);
testingClient.testing().exportImport().setStrategy(Strategy.IGNORE_EXISTING);
try {
testingClient.testing().exportImport().runImport();
RealmResource imported = adminClient.realm(MIGRATION);
assertNames(imported.roles().list(), "offline_access", "uma_authorization", "migration-test-realm-role");
assertNames(imported.clients().findAll(), "account", "admin-cli", "broker", "migration-test-client", "realm-management", "security-admin-console");
String id = imported.clients().findByClientId("migration-test-client").get(0).getId();
assertNames(imported.clients().get(id).roles().list(), "migration-test-client-role");
assertNames(imported.users().search("", 0, 5), "migration-test-user");
assertNames(imported.groups().groups(), "migration-test-group");
} finally {
removeRealm(MIGRATION);
}
}
//KEYCLOAK-1982
@Test
public void importFrom11() throws LifecycleException {
// Setup system properties for import ( TODO: Set properly with external-container )
ExportImportConfig.setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
URL url = LegacyImportTest.class.getResource("/exportimport-test/kc11-exported-realm.json");
String targetFilePath = new File(url.getFile()).getAbsolutePath();
ExportImportConfig.setFile(targetFilePath);
ExportImportConfig.setAction(ExportImportConfig.ACTION_IMPORT);
testingClient.testing().exportImport().setFile(targetFilePath);
testingClient.testing().exportImport().setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
testingClient.testing().exportImport().setAction(ExportImportConfig.ACTION_IMPORT);
// Restart to enforce full import
restartServer();
try {
testingClient.testing().exportImport().runImport();
// Assert "locale" mapper available in security-admin-console client
ClientResource foo11AdminConsoleClient = adminClient.realm("foo11").clients().get("a9ca4217-74a8-4658-92c8-c2f9ed48a474");
assertLocaleMapperPresent(foo11AdminConsoleClient);
// Assert "locale" mapper available in security-admin-console client for both master and foo11 realm
ClientResource foo11AdminConsoleClient = adminClient.realm("foo11").clients().get("a9ca4217-74a8-4658-92c8-c2f9ed48a474");
assertLocaleMapperPresent(foo11AdminConsoleClient);
// Assert "realm-management" role correctly set and contains all admin roles.
ClientResource foo11RealmManagementClient = adminClient.realm("foo11").clients().get("c7a9cf59-feeb-44a4-a467-e008e157efa2");
List<RoleRepresentation> roles = foo11RealmManagementClient.roles().list();
assertRolesAvailable(roles);
ClientResource masterAdminConsoleClient = adminClient.realm(Config.getAdminRealm()).clients().get("22ed594d-8c21-43f0-a080-c8879a411f94");
assertLocaleMapperPresent(masterAdminConsoleClient);
// Assert all admin roles are also available as composites of "realm-admin"
Set<RoleRepresentation> realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getRoleComposites();
assertRolesAvailable(realmAdminComposites);
// Assert "realm-management" role correctly set and contains all admin roles.
ClientResource foo11RealmManagementClient = adminClient.realm("foo11").clients().get("c7a9cf59-feeb-44a4-a467-e008e157efa2");
List<RoleRepresentation> roles = foo11RealmManagementClient.roles().list();
assertRolesAvailable(roles);
// Assert all admin roles are also available as composites of "realm-admin"
Set<RoleRepresentation> realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getRoleComposites();
assertRolesAvailable(realmAdminComposites);
// Assert "foo11-master" client correctly set and contains all admin roles.
ClientResource foo11MasterAdminClient = adminClient.realm(Config.getAdminRealm()).clients().get("c9c3bd5f-b69d-4640-8b27-45d4f3866a36");
roles = foo11MasterAdminClient.roles().list();
assertRolesAvailable(roles);
// Assert all admin roles are also available as composites of "admin" role
Set<RoleRepresentation> masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getRoleComposites();
assertRolesAvailable(masterAdminComposites);
// Assert all admin roles are also available as composites of "admin" role
Set<RoleRepresentation> masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getRoleComposites();
assertRolesAvailable(masterAdminComposites);
} finally {
removeRealm("foo11");
}
}

View file

@ -52,7 +52,7 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
*/
public class MigrationTest extends AbstractKeycloakTest {
private final String MIGRATION = "Migration";
public static final String MIGRATION = "Migration";
private RealmResource migrationRealm;
private RealmResource masterRealm;

View file

@ -1,286 +1,4 @@
[ {
"id" : "master",
"realm" : "master",
"notBefore" : 0,
"accessTokenLifespan" : 60,
"ssoSessionIdleTimeout" : 1800,
"ssoSessionMaxLifespan" : 36000,
"accessCodeLifespan" : 60,
"accessCodeLifespanUserAction" : 300,
"enabled" : true,
"sslRequired" : "external",
"passwordCredentialGrantAllowed" : false,
"registrationAllowed" : false,
"rememberMe" : false,
"verifyEmail" : false,
"resetPasswordAllowed" : false,
"social" : false,
"updateProfileOnInitialSocialLogin" : false,
"bruteForceProtected" : false,
"maxFailureWaitSeconds" : 900,
"minimumQuickLoginWaitSeconds" : 60,
"waitIncrementSeconds" : 60,
"quickLoginCheckMilliSeconds" : 1000,
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"privateKey" : "MIICXQIBAAKBgQC5lddWO92keqWg+QmMUj/jxA2kwH22UZ0iE9454Ail9JnOvwOTXSP8M92JN7D7DSJM/J45E2Kju5RrQ/QM8bBwYPk/vZlQkJcKbnrkQFtUdBrjoaMQlDvoaqIx1u4irSj2phRPR8teT72A867JGnW2clIwScl2dznZs2Br+jCN3QIDAQABAoGBAKdfFMqnyRfKqM+JaewMTaR7rxZTp8yixET0iCnH++S3uXM03+OqT4bnu7dB67IuwS2Pcp7k9cPWq18l9NcrrcPQCS5knpoNzDO2RuLfXDUCGG/N3MMmthRAeILHun8/CBSfBbcdJESn67g4RV5AldWf8dSgwUcwN4RxbnfUdIbdAkEA9ko38bhfszg9VRea/XVNIpUBQZXpsHt951GoL1Sz0u5iUADyDc/lLgV+eNA9mclvBpg+S+2jcAWMY1rN34wU5wJBAMDm78sYQK8ert+bJV8OSl+6Rpu3cLSdBWNnHZWBpDUHO9JlD2GQblDR3MoL+2j0W/F+7MLhT/LZPQkvMCM+KpsCQGoS+RlQcVc9B51Yd1ZmaPxV9J6MtINgDI/OKYOJFZHpPcp7PcUZHvm9QAVEmuNbUEgk1d/Zz6R1n0tDVpvLN00CQQCH0tNq3DPHWkJlXXdN2+EQUDehMuOfuKPvns5c08CMOgCsHs5asviJ3YqplRA7kTsf6m/ItB637rAkRF6PohkbAkBi9CUTSy32o0AKBuhPDVJOgTqfvlNqmraa/0V65IDhactJ3hmgJXpUI7F0u42NU0uXgU5QMFwHet1sSWxnGcaa",
"publicKey" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5lddWO92keqWg+QmMUj/jxA2kwH22UZ0iE9454Ail9JnOvwOTXSP8M92JN7D7DSJM/J45E2Kju5RrQ/QM8bBwYPk/vZlQkJcKbnrkQFtUdBrjoaMQlDvoaqIx1u4irSj2phRPR8teT72A867JGnW2clIwScl2dznZs2Br+jCN3QIDAQAB",
"certificate" : "MIIBlTCB/wIGAVPnGdy9MA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMTBm1hc3RlcjAeFw0xNjA0MDUxNTQ0MDVaFw0yNjA0MDUxNTQ1NDVaMBExDzANBgNVBAMTBm1hc3RlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuZXXVjvdpHqloPkJjFI/48QNpMB9tlGdIhPeOeAIpfSZzr8Dk10j/DPdiTew+w0iTPyeORNio7uUa0P0DPGwcGD5P72ZUJCXCm565EBbVHQa46GjEJQ76GqiMdbuIq0o9qYUT0fLXk+9gPOuyRp1tnJSMEnJdnc52bNga/owjd0CAwEAATANBgkqhkiG9w0BAQsFAAOBgQBqQFaqBy50CddfEHPhlf5YDUmTwZIoX/rh74vTESl7thzRQpQ6LhKVI3hfBNI91Xcr58J1WEA3Lm93T7yC5/ShsGbDJi8RJTDhQYY6LBhxT2ZSq+RLFaWyloFLa5V7hTY4F73yml4IM5mKLMmvcxr4xIZvPkKsvR0C+y9yb4dEzg==",
"codeSecret" : "8669f9cf-6715-48f0-929d-ec5d66a6efcf",
"roles" : {
"realm" : [ {
"id" : "db49ad9b-6784-4eb8-bedd-07ff716098c0",
"name" : "admin",
"composite" : true,
"composites" : {
"realm" : [ "create-realm" ],
"application" : {
"foo11-realm" : [ "view-events", "view-realm", "manage-events", "manage-clients", "manage-realm", "view-clients", "view-users", "manage-applications", "manage-users", "view-applications" ],
"master-realm" : [ "view-realm", "manage-applications", "manage-realm", "manage-users", "view-events", "manage-events", "view-applications", "view-users", "view-clients", "manage-clients" ]
}
}
}, {
"id" : "f6b11ea0-0287-4631-9ce1-df4c5998f840",
"name" : "create-realm",
"composite" : false
} ],
"application" : {
"security-admin-console" : [ ],
"foo11-realm" : [ {
"id" : "90a00c88-2ad5-4b38-81b2-3ba4583c67c9",
"name" : "manage-clients",
"composite" : false
}, {
"id" : "d103fd4a-55f2-409f-8357-5f9645463ac3",
"name" : "view-events",
"composite" : false
}, {
"id" : "76952522-6671-4abb-90a9-e6256386b8d3",
"name" : "manage-realm",
"composite" : false
}, {
"id" : "973ebcfb-37b2-43ce-af5a-acbc48429c86",
"name" : "view-clients",
"composite" : false
}, {
"id" : "b32deca4-a345-4fb6-a6ce-f8666e653c16",
"name" : "view-users",
"composite" : false
}, {
"id" : "f030bd3b-3ef8-496c-9c75-f370f19f7a56",
"name" : "manage-applications",
"composite" : false
}, {
"id" : "b196345c-07ca-4dea-8a35-84f5aa41f177",
"name" : "view-realm",
"composite" : false
}, {
"id" : "747c7af4-60a0-4be4-9c7a-33969572f3e1",
"name" : "manage-users",
"composite" : false
}, {
"id" : "ff468d9b-4d5a-4a03-9640-24b0a94a238f",
"name" : "manage-events",
"composite" : false
}, {
"id" : "61f9766c-44c2-4195-b9b8-c23d63409c16",
"name" : "view-applications",
"composite" : false
} ],
"master-realm" : [ {
"id" : "21866bbb-60de-4248-879f-ceb11a75f4e6",
"name" : "view-applications",
"composite" : false
}, {
"id" : "267071a5-170f-4438-b333-3d00a0ec268f",
"name" : "view-realm",
"composite" : false
}, {
"id" : "53a53160-92b3-43a4-9ba1-a0c19eaf1ad9",
"name" : "manage-applications",
"composite" : false
}, {
"id" : "2ce8b8ba-5e15-4a04-bedb-96d74784fd54",
"name" : "manage-realm",
"composite" : false
}, {
"id" : "d7045c16-29cb-4e88-bd61-7d6fd77e6c7d",
"name" : "manage-users",
"composite" : false
}, {
"id" : "6f933ebd-bbf5-4fea-b4e1-ace854667b9b",
"name" : "view-events",
"composite" : false
}, {
"id" : "3588ffcb-96cc-4263-8244-1b71d441202a",
"name" : "view-users",
"composite" : false
}, {
"id" : "5a4bcd8f-8cc9-4a01-94d1-3b8a86e228af",
"name" : "view-clients",
"composite" : false
}, {
"id" : "5c42606c-f3ec-4abd-aad0-9ec98d6fa39f",
"name" : "manage-events",
"composite" : false
}, {
"id" : "678d5c25-b5b0-4447-95c1-b3dc14fa0e3f",
"name" : "manage-clients",
"composite" : false
} ],
"account" : [ {
"id" : "700d3f40-8e11-47d7-b3f1-14d07a7da647",
"name" : "manage-account",
"composite" : false
}, {
"id" : "a9d81246-ec6c-4b71-912a-7a1518ec64d5",
"name" : "view-profile",
"composite" : false
} ]
}
},
"requiredCredentials" : [ "password" ],
"users" : [ {
"id" : "d678f579-29f4-46d5-a124-8bcdbeeeb55d",
"username" : "admin",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"credentials" : [ {
"type" : "password",
"hashedSaltedValue" : "VIw4dTFMrU8aw3xvsI6Kqh2gA5Y0P2TJEyEmgplkColwuXUC2G+RTsahsOgqwG9yIgyrFS9Fe+GlPNUQWxO1Sw==",
"salt" : "5IsVTxiv9At7xTHoTN17+g==",
"hashIterations" : 1,
"temporary" : false
} ],
"requiredActions" : [ ],
"realmRoles" : [ "admin" ],
"applicationRoles" : {
"account" : [ "manage-account", "view-profile" ]
}
} ],
"scopeMappings" : [ {
"client" : "security-admin-console",
"roles" : [ "admin" ]
} ],
"applications" : [ {
"id" : "4fe35549-1d84-440e-83c6-48cad624aba4",
"name" : "master-realm",
"surrogateAuthRequired" : false,
"enabled" : true,
"secret" : "0da9f8c5-ee7a-4d4b-9c93-944ac72b7ef0",
"redirectUris" : [ ],
"webOrigins" : [ ],
"claims" : {
"name" : true,
"username" : true,
"profile" : true,
"picture" : true,
"website" : true,
"email" : true,
"gender" : true,
"locale" : true,
"address" : true,
"phone" : true
},
"notBefore" : 0,
"bearerOnly" : true,
"publicClient" : false,
"attributes" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0
}, {
"id" : "5b2a2ae8-f0b9-40cc-a586-4adf46379a49",
"name" : "account",
"baseUrl" : "/auth/realms/master/account",
"surrogateAuthRequired" : false,
"enabled" : true,
"secret" : "f055644e-e59e-462f-98fd-9a5b7c22e03a",
"defaultRoles" : [ "view-profile", "manage-account" ],
"redirectUris" : [ "/auth/realms/master/account/*" ],
"webOrigins" : [ ],
"claims" : {
"name" : true,
"username" : true,
"profile" : true,
"picture" : true,
"website" : true,
"email" : true,
"gender" : true,
"locale" : true,
"address" : true,
"phone" : true
},
"notBefore" : 0,
"bearerOnly" : false,
"publicClient" : false,
"attributes" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0
}, {
"id" : "22ed594d-8c21-43f0-a080-c8879a411f94",
"name" : "security-admin-console",
"baseUrl" : "/auth/admin/master/console/index.html",
"surrogateAuthRequired" : false,
"enabled" : true,
"secret" : "bf9b9f8b-0a85-42da-bc14-befab4305298",
"redirectUris" : [ "/auth/admin/master/console/*" ],
"webOrigins" : [ ],
"claims" : {
"name" : true,
"username" : true,
"profile" : true,
"picture" : true,
"website" : true,
"email" : true,
"gender" : true,
"locale" : true,
"address" : true,
"phone" : true
},
"notBefore" : 0,
"bearerOnly" : false,
"publicClient" : true,
"attributes" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0
}, {
"id" : "c9c3bd5f-b69d-4640-8b27-45d4f3866a36",
"name" : "foo11-realm",
"surrogateAuthRequired" : false,
"enabled" : true,
"secret" : "aba746f8-fafd-4d6d-af65-e0bb669b1afc",
"redirectUris" : [ ],
"webOrigins" : [ ],
"claims" : {
"name" : true,
"username" : true,
"profile" : true,
"picture" : true,
"website" : true,
"email" : true,
"gender" : true,
"locale" : true,
"address" : true,
"phone" : true
},
"notBefore" : 0,
"bearerOnly" : true,
"publicClient" : false,
"attributes" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : 0
} ],
"oauthClients" : [ ],
"browserSecurityHeaders" : {
"xFrameOptions" : "SAMEORIGIN",
"contentSecurityPolicy" : "frame-src 'self'"
},
"socialProviders" : { },
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ ]
}, {
{
"id" : "14e6923c-f5fb-44aa-8982-35d4976c56c5",
"realm" : "foo11",
"notBefore" : 0,
@ -491,4 +209,4 @@
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ ]
} ]
}

View file

@ -182,6 +182,8 @@
<firefox_binary>${firefox_binary}</firefox_binary>
<project.version>${project.version}</project.version>
<migration.project.version>${migration.project.version}</migration.project.version>
<migration.product.version>${migration.product.version}</migration.product.version>
</systemPropertyVariables>
<properties>
<property>