KEYCLOAK-6749 Jetty App Server
This commit is contained in:
parent
2e7eb92f43
commit
406097a508
308 changed files with 2102 additions and 14279 deletions
|
@ -32,7 +32,6 @@
|
||||||
<maven.compiler.target>1.7</maven.compiler.target>
|
<maven.compiler.target>1.7</maven.compiler.target>
|
||||||
<maven.compiler.source>1.7</maven.compiler.source>
|
<maven.compiler.source>1.7</maven.compiler.source>
|
||||||
|
|
||||||
<jetty9.version>8.1.17.v20150415</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.core.*
|
org.keycloak.adapters.jetty.core.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -89,21 +88,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
|
@ -22,6 +22,7 @@ import org.jboss.logging.Logger;
|
||||||
import org.keycloak.KeycloakPrincipal;
|
import org.keycloak.KeycloakPrincipal;
|
||||||
import org.keycloak.KeycloakSecurityContext;
|
import org.keycloak.KeycloakSecurityContext;
|
||||||
import org.keycloak.adapters.AdapterTokenStore;
|
import org.keycloak.adapters.AdapterTokenStore;
|
||||||
|
import org.keycloak.adapters.AdapterUtils;
|
||||||
import org.keycloak.adapters.CookieTokenStore;
|
import org.keycloak.adapters.CookieTokenStore;
|
||||||
import org.keycloak.adapters.KeycloakDeployment;
|
import org.keycloak.adapters.KeycloakDeployment;
|
||||||
import org.keycloak.adapters.OidcKeycloakAccount;
|
import org.keycloak.adapters.OidcKeycloakAccount;
|
||||||
|
@ -71,6 +72,10 @@ public class JettyCookieTokenStore implements AdapterTokenStore {
|
||||||
securityContext.setCurrentRequestInfo(deployment, this);
|
securityContext.setCurrentRequestInfo(deployment, this);
|
||||||
|
|
||||||
request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
|
request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
|
||||||
|
|
||||||
|
JettyRequestAuthenticator jettyAuthenticator = (JettyRequestAuthenticator) authenticator;
|
||||||
|
KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = AdapterUtils.createPrincipal(deployment, securityContext);
|
||||||
|
jettyAuthenticator.principal = principal;
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -31,8 +31,6 @@
|
||||||
<properties>
|
<properties>
|
||||||
<maven.compiler.target>1.7</maven.compiler.target>
|
<maven.compiler.target>1.7</maven.compiler.target>
|
||||||
<maven.compiler.source>1.7</maven.compiler.source>
|
<maven.compiler.source>1.7</maven.compiler.source>
|
||||||
|
|
||||||
<jetty9.version>8.1.17.v20150415</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.*
|
org.keycloak.adapters.jetty.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -88,21 +86,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty81.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,6 @@
|
||||||
<artifactId>keycloak-jetty91-adapter</artifactId>
|
<artifactId>keycloak-jetty91-adapter</artifactId>
|
||||||
<name>Keycloak Jetty 9.1.x Integration</name>
|
<name>Keycloak Jetty 9.1.x Integration</name>
|
||||||
<properties>
|
<properties>
|
||||||
<jetty9.version>9.1.5.v20140505</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.*
|
org.keycloak.adapters.jetty.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -96,21 +95,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty91.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty91.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty91.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
|
@ -31,8 +31,6 @@
|
||||||
<properties>
|
<properties>
|
||||||
<maven.compiler.target>1.7</maven.compiler.target>
|
<maven.compiler.target>1.7</maven.compiler.target>
|
||||||
<maven.compiler.source>1.7</maven.compiler.source>
|
<maven.compiler.source>1.7</maven.compiler.source>
|
||||||
|
|
||||||
<jetty9.version>9.2.4.v20141103</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.*
|
org.keycloak.adapters.jetty.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -85,21 +83,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty92.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty92.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty92.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,6 @@
|
||||||
<artifactId>keycloak-jetty93-adapter</artifactId>
|
<artifactId>keycloak-jetty93-adapter</artifactId>
|
||||||
<name>Keycloak Jetty 9.3.x Integration</name>
|
<name>Keycloak Jetty 9.3.x Integration</name>
|
||||||
<properties>
|
<properties>
|
||||||
<jetty9.version>9.3.9.v20160517</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.*
|
org.keycloak.adapters.jetty.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -82,21 +81,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty93.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty93.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty93.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,6 @@
|
||||||
<artifactId>keycloak-jetty94-adapter</artifactId>
|
<artifactId>keycloak-jetty94-adapter</artifactId>
|
||||||
<name>Keycloak Jetty 9.4.x Integration</name>
|
<name>Keycloak Jetty 9.4.x Integration</name>
|
||||||
<properties>
|
<properties>
|
||||||
<jetty9.version>9.4.2.v20170220</jetty9.version>
|
|
||||||
<keycloak.osgi.export>
|
<keycloak.osgi.export>
|
||||||
org.keycloak.adapters.jetty.*
|
org.keycloak.adapters.jetty.*
|
||||||
</keycloak.osgi.export>
|
</keycloak.osgi.export>
|
||||||
|
@ -82,21 +81,21 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty94.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-util</artifactId>
|
<artifactId>jetty-util</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty94.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-security</artifactId>
|
<artifactId>jetty-security</artifactId>
|
||||||
<version>${jetty9.version}</version>
|
<version>${jetty94.version}</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
10
pom.xml
10
pom.xml
|
@ -87,6 +87,11 @@
|
||||||
<undertow.version>2.0.15.Final</undertow.version>
|
<undertow.version>2.0.15.Final</undertow.version>
|
||||||
<elytron.version>1.7.0.Final</elytron.version>
|
<elytron.version>1.7.0.Final</elytron.version>
|
||||||
<elytron.undertow-server.version>1.3.0.Final</elytron.undertow-server.version>
|
<elytron.undertow-server.version>1.3.0.Final</elytron.undertow-server.version>
|
||||||
|
<jetty81.version>8.1.17.v20150415</jetty81.version>
|
||||||
|
<jetty91.version>9.1.5.v20140505</jetty91.version>
|
||||||
|
<jetty92.version>9.2.4.v20141103</jetty92.version>
|
||||||
|
<jetty93.version>9.3.9.v20160517</jetty93.version>
|
||||||
|
<jetty94.version>9.4.2.v20170220</jetty94.version>
|
||||||
<woodstox.version>5.0.3</woodstox.version>
|
<woodstox.version>5.0.3</woodstox.version>
|
||||||
<xmlsec.version>2.1.2</xmlsec.version>
|
<xmlsec.version>2.1.2</xmlsec.version>
|
||||||
<glassfish.json.version>1.1.2</glassfish.json.version>
|
<glassfish.json.version>1.1.2</glassfish.json.version>
|
||||||
|
@ -300,6 +305,11 @@
|
||||||
<artifactId>resteasy-jackson2-provider</artifactId>
|
<artifactId>resteasy-jackson2-provider</artifactId>
|
||||||
<version>${resteasy.version}</version>
|
<version>${resteasy.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
|
<artifactId>resteasy-jaxb-provider</artifactId>
|
||||||
|
<version>${resteasy.version}</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
<artifactId>resteasy-client</artifactId>
|
<artifactId>resteasy-client</artifactId>
|
||||||
|
|
|
@ -85,6 +85,21 @@ TODO: Add info about Wildfly logging
|
||||||
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
|
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
|
||||||
-Dtest=org.keycloak.testsuite.adapter.**.*Test
|
-Dtest=org.keycloak.testsuite.adapter.**.*Test
|
||||||
|
|
||||||
|
### Jetty
|
||||||
|
|
||||||
|
At the moment we can run the testsuite with Jetty `9.1`, `9.2` and `9.4`.
|
||||||
|
Each version has its corresponding profile:
|
||||||
|
|
||||||
|
* Jetty `9.1`: `app-server-jetty91`
|
||||||
|
* Jetty `9.2`: `app-server-jetty92`
|
||||||
|
* Jetty `9.4`: `app-server-jetty94`
|
||||||
|
|
||||||
|
Here's how to run the tests with Jetty `9.4`:
|
||||||
|
|
||||||
|
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
|
||||||
|
-Papp-server-jetty94 \
|
||||||
|
-Dtest=org.keycloak.testsuite.adapter.**.*Test
|
||||||
|
|
||||||
### Wildfly
|
### Wildfly
|
||||||
|
|
||||||
# Run tests
|
# Run tests
|
||||||
|
|
|
@ -61,6 +61,7 @@
|
||||||
<arquillian-graphene.version>2.3.2</arquillian-graphene.version>
|
<arquillian-graphene.version>2.3.2</arquillian-graphene.version>
|
||||||
<arquillian-wildfly-container.version>2.1.1.Final</arquillian-wildfly-container.version>
|
<arquillian-wildfly-container.version>2.1.1.Final</arquillian-wildfly-container.version>
|
||||||
<arquillian-wls-container.version>1.0.1.Final</arquillian-wls-container.version>
|
<arquillian-wls-container.version>1.0.1.Final</arquillian-wls-container.version>
|
||||||
|
<arquillian-jetty9-container.version>1.0.0.CR3</arquillian-jetty9-container.version>
|
||||||
<arquillian-container-karaf.version>2.2.0.Final</arquillian-container-karaf.version>
|
<arquillian-container-karaf.version>2.2.0.Final</arquillian-container-karaf.version>
|
||||||
<arquillian-infinispan-container.version>1.2.0.Beta2</arquillian-infinispan-container.version>
|
<arquillian-infinispan-container.version>1.2.0.Beta2</arquillian-infinispan-container.version>
|
||||||
<undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>
|
<undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>
|
||||||
|
|
|
@ -0,0 +1,87 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
~ and other contributors as indicated by the @author tags.
|
||||||
|
~
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing, software
|
||||||
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
~ See the License for the specific language governing permissions and
|
||||||
|
~ limitations under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
|
||||||
|
<version>5.0.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-92</artifactId>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-jetty92-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-saml-jetty92-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.arquillian.container</groupId>
|
||||||
|
<artifactId>arquillian-jetty-embedded-9</artifactId>
|
||||||
|
<version>${arquillian-jetty9-container.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Server support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-server</artifactId>
|
||||||
|
<version>${jetty92.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Deployer support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-deploy</artifactId>
|
||||||
|
<version>${jetty92.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- KeycloakJettyAuthenticator support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-jaas</artifactId>
|
||||||
|
<version>${jetty92.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Web application annotations support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-annotations</artifactId>
|
||||||
|
<version>${jetty92.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>junit</groupId>
|
||||||
|
<artifactId>junit</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<classifier>tests</classifier>
|
||||||
|
<type>test-jar</type>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<name>App Server - Jetty 9.2</name>
|
||||||
|
|
||||||
|
</project>
|
|
@ -0,0 +1,5 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
public class Jetty92AppServerTest extends AbstractJettyAppServerTest {
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,87 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
~ and other contributors as indicated by the @author tags.
|
||||||
|
~
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing, software
|
||||||
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
~ See the License for the specific language governing permissions and
|
||||||
|
~ limitations under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
|
||||||
|
<version>5.0.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-93</artifactId>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-jetty93-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-saml-jetty93-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.arquillian.container</groupId>
|
||||||
|
<artifactId>arquillian-jetty-embedded-9</artifactId>
|
||||||
|
<version>${arquillian-jetty9-container.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Server support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-server</artifactId>
|
||||||
|
<version>${jetty93.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Deployer support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-deploy</artifactId>
|
||||||
|
<version>${jetty93.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- KeycloakJettyAuthenticator support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-jaas</artifactId>
|
||||||
|
<version>${jetty93.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Web application annotations support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-annotations</artifactId>
|
||||||
|
<version>${jetty93.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>junit</groupId>
|
||||||
|
<artifactId>junit</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<classifier>tests</classifier>
|
||||||
|
<type>test-jar</type>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<name>App Server - Jetty 9.3</name>
|
||||||
|
|
||||||
|
</project>
|
|
@ -0,0 +1,5 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
public class Jetty93AppServerTest extends AbstractJettyAppServerTest {
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,87 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
~ and other contributors as indicated by the @author tags.
|
||||||
|
~
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing, software
|
||||||
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
~ See the License for the specific language governing permissions and
|
||||||
|
~ limitations under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
|
||||||
|
<version>5.0.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-94</artifactId>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-jetty94-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-saml-jetty94-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.arquillian.container</groupId>
|
||||||
|
<artifactId>arquillian-jetty-embedded-9</artifactId>
|
||||||
|
<version>${arquillian-jetty9-container.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Server support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-server</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Deployer support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-deploy</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- KeycloakJettyAuthenticator support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-jaas</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- Web application annotations support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-annotations</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>junit</groupId>
|
||||||
|
<artifactId>junit</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<classifier>tests</classifier>
|
||||||
|
<type>test-jar</type>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<name>App Server - Jetty 9.4</name>
|
||||||
|
|
||||||
|
</project>
|
|
@ -0,0 +1,5 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
public class Jetty94AppServerTest extends AbstractJettyAppServerTest {
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,137 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
~ and other contributors as indicated by the @author tags.
|
||||||
|
~
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing, software
|
||||||
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
~ See the License for the specific language governing permissions and
|
||||||
|
~ limitations under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
|
||||||
|
<version>5.0.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-jetty94-adapter</artifactId>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-saml-jetty94-adapter</artifactId>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak</groupId>
|
||||||
|
<artifactId>keycloak-saml-servlet-filter-adapter</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-spi</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-util</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.arquillian.container</groupId>
|
||||||
|
<artifactId>arquillian-jetty-embedded-9</artifactId>
|
||||||
|
<version>${arquillian-jetty9-container.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
|
<artifactId>resteasy-jaxrs</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
|
<artifactId>resteasy-jaxb-provider</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.resteasy</groupId>
|
||||||
|
<artifactId>resteasy-client</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<!-- Server support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-server</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<!-- Deployer support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-deploy</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<!-- KeycloakJettyAuthenticator support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-jaas</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<!-- Web application annotations support -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-plus</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
|
<artifactId>jetty-annotations</artifactId>
|
||||||
|
<version>${jetty94.version}</version>
|
||||||
|
<optional>true</optional>
|
||||||
|
</dependency>
|
||||||
|
<!-- JSP Support -->
|
||||||
|
<!-- We can't use Jetty built-in support for JSPs since it conflicts with Undertow -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.jboss.spec.javax.servlet.jsp</groupId>
|
||||||
|
<artifactId>jboss-jsp-api_2.3_spec</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<!-- Test dependiencies -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>junit</groupId>
|
||||||
|
<artifactId>junit</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
|
||||||
|
<name>App Server - Jetty Common</name>
|
||||||
|
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-jar-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<goals>
|
||||||
|
<goal>test-jar</goal>
|
||||||
|
</goals>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
|
||||||
|
</project>
|
|
@ -0,0 +1,187 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.eclipse.jetty.deploy.App;
|
||||||
|
import org.eclipse.jetty.deploy.AppProvider;
|
||||||
|
import org.eclipse.jetty.deploy.DeploymentManager;
|
||||||
|
import org.eclipse.jetty.deploy.util.FileID;
|
||||||
|
import org.eclipse.jetty.server.handler.ContextHandler;
|
||||||
|
import org.eclipse.jetty.util.URIUtil;
|
||||||
|
import org.eclipse.jetty.util.component.AbstractLifeCycle;
|
||||||
|
import org.eclipse.jetty.util.resource.Resource;
|
||||||
|
import org.eclipse.jetty.webapp.WebAppContext;
|
||||||
|
import org.jboss.logging.Logger;
|
||||||
|
import org.jboss.shrinkwrap.api.Archive;
|
||||||
|
import org.jboss.shrinkwrap.api.exporter.ZipExporter;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.lang.invoke.MethodHandles;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.security.AccessController;
|
||||||
|
import java.security.PrivilegedAction;
|
||||||
|
import java.util.Locale;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Most of the bits of this class have been copied from <code>org.jboss.arquillian.container.jetty.embedded_9.ArquillianAppProvider</code>.
|
||||||
|
*
|
||||||
|
* Unfortunately Arquillian extension for Jetty 8 and 9 uses totally different mechanism, so we need to implement
|
||||||
|
* all the bits ourselves.
|
||||||
|
*
|
||||||
|
* @author Sebastian Łaskawiec
|
||||||
|
*/
|
||||||
|
class JettyAppProvider extends AbstractLifeCycle implements AppProvider {
|
||||||
|
|
||||||
|
private static final Logger log = Logger.getLogger(MethodHandles.lookup().lookupClass());
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The prefix assigned to the temporary file where the archive is exported
|
||||||
|
*/
|
||||||
|
private static final String EXPORT_FILE_PREFIX = "export";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Directory into which we'll extract export the war files
|
||||||
|
*/
|
||||||
|
private static final File EXPORT_DIR;
|
||||||
|
|
||||||
|
static {
|
||||||
|
/*
|
||||||
|
* Use of java.io.tmpdir Should be a last-resort fallback for temp directory.
|
||||||
|
*
|
||||||
|
* Use of java.io.tmpdir on CI systems is dangerous (overwrite possibility is extremely high)
|
||||||
|
*
|
||||||
|
* Use of java.io.tmpdir on Unix systems is unreliable (due to common /tmp dir cleanup processes)
|
||||||
|
*/
|
||||||
|
File systemDefaultTmpDir = new File(AccessController.doPrivileged(new PrivilegedAction<String>() {
|
||||||
|
@Override
|
||||||
|
public String run() {
|
||||||
|
return System.getProperty("java.io.tmpdir");
|
||||||
|
}
|
||||||
|
}));
|
||||||
|
|
||||||
|
// If running under maven + surefire, use information provided by surefire.
|
||||||
|
String baseDirVal = AccessController.doPrivileged(new PrivilegedAction<String>() {
|
||||||
|
@Override
|
||||||
|
public String run() {
|
||||||
|
return System.getProperty("basedir");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
File mavenTmpDir = null;
|
||||||
|
if (baseDirVal != null) {
|
||||||
|
File baseDir = new File(baseDirVal);
|
||||||
|
if (baseDir.exists() && baseDir.isDirectory()) {
|
||||||
|
File targetDir = new File(baseDir, "target");
|
||||||
|
if (targetDir.exists() && targetDir.isDirectory()) {
|
||||||
|
mavenTmpDir = new File(targetDir, "arquillian-jetty-temp");
|
||||||
|
mavenTmpDir.mkdirs();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((mavenTmpDir != null) && mavenTmpDir.exists() && mavenTmpDir.isDirectory()) {
|
||||||
|
EXPORT_DIR = mavenTmpDir;
|
||||||
|
} else {
|
||||||
|
EXPORT_DIR = systemDefaultTmpDir;
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the temp location doesn't exist or isn't a directory
|
||||||
|
if (!EXPORT_DIR.exists() || !EXPORT_DIR.isDirectory()) {
|
||||||
|
throw new IllegalStateException("Could not obtain export directory \"" + EXPORT_DIR.getAbsolutePath() + "\"");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private final JettyAppServerConfiguration config;
|
||||||
|
private DeploymentManager deploymentManager;
|
||||||
|
|
||||||
|
public JettyAppProvider(JettyAppServerConfiguration config) {
|
||||||
|
this.config = config;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected KeycloakAdapterApp createApp(final Archive<?> archive) {
|
||||||
|
String name = archive.getName();
|
||||||
|
int extOff = name.lastIndexOf('.');
|
||||||
|
if (extOff <= 0) {
|
||||||
|
throw new RuntimeException("Not a valid Web Archive filename: " + name);
|
||||||
|
}
|
||||||
|
String ext = name.substring(extOff).toLowerCase();
|
||||||
|
if (!ext.equals(".war")) {
|
||||||
|
throw new RuntimeException("Not a recognized Web Archive: " + name);
|
||||||
|
}
|
||||||
|
name = name.substring(0, extOff);
|
||||||
|
|
||||||
|
final File exported;
|
||||||
|
try {
|
||||||
|
// If this method returns successfully then it is guaranteed that:
|
||||||
|
// 1. The file denoted by the returned abstract pathname did not exist before this method was invoked, and
|
||||||
|
// 2. Neither this method nor any of its variants will return the same abstract pathname again in the current invocation of the virtual machine.
|
||||||
|
exported = File.createTempFile(EXPORT_FILE_PREFIX, archive.getName(), EXPORT_DIR);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new RuntimeException("Could not create temporary File in " + EXPORT_DIR + " to write exported archive", e);
|
||||||
|
}
|
||||||
|
// We are overwriting the temporary file placeholder reserved by File#createTemplateFile()
|
||||||
|
archive.as(ZipExporter.class).exportTo(exported, true);
|
||||||
|
|
||||||
|
// Mark to delete when we come down
|
||||||
|
// exported.deleteOnExit();
|
||||||
|
|
||||||
|
// Add the context
|
||||||
|
URI uri = exported.toURI();
|
||||||
|
log.debug("Webapp archive location: " + uri.toASCIIString());
|
||||||
|
|
||||||
|
return new KeycloakAdapterApp(new App(deploymentManager, this, uri.toASCIIString()), archive);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ContextHandler createContextHandler(final App app) throws Exception {
|
||||||
|
Resource resource = Resource.newResource(app.getOriginId());
|
||||||
|
File file = resource.getFile();
|
||||||
|
if (!resource.exists())
|
||||||
|
throw new IllegalStateException("App resouce does not exist " + resource);
|
||||||
|
|
||||||
|
String context = file.getName();
|
||||||
|
|
||||||
|
if (FileID.isWebArchiveFile(file)) {
|
||||||
|
// Context Path is the same as the archive.
|
||||||
|
context = context.substring(0, context.length() - 4);
|
||||||
|
} else {
|
||||||
|
throw new IllegalStateException("unable to create ContextHandler for " + app);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Ensure "/" is Not Trailing in context paths.
|
||||||
|
if (context.endsWith("/") && context.length() > 0) {
|
||||||
|
context = context.substring(0, context.length() - 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Start building the webapplication
|
||||||
|
WebAppContext webAppContext = new WebAppContext();
|
||||||
|
webAppContext.setDisplayName(context);
|
||||||
|
webAppContext.setLogUrlOnStart(true);
|
||||||
|
|
||||||
|
// special case of archive (or dir) named "root" is / context
|
||||||
|
if (context.equalsIgnoreCase("root")) {
|
||||||
|
context = URIUtil.SLASH;
|
||||||
|
} else if (context.toLowerCase(Locale.ENGLISH).startsWith("root-")) {
|
||||||
|
int dash = context.toLowerCase(Locale.ENGLISH).indexOf('-');
|
||||||
|
String virtual = context.substring(dash + 1);
|
||||||
|
webAppContext.setVirtualHosts(new String[]{virtual});
|
||||||
|
context = URIUtil.SLASH;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Ensure "/" is Prepended to all context paths.
|
||||||
|
if (context.charAt(0) != '/') {
|
||||||
|
context = "/" + context;
|
||||||
|
}
|
||||||
|
|
||||||
|
webAppContext.setContextPath(context);
|
||||||
|
webAppContext.setWar(file.getAbsolutePath());
|
||||||
|
webAppContext.setExtractWAR(true);
|
||||||
|
webAppContext.setParentLoaderPriority(true);
|
||||||
|
|
||||||
|
return webAppContext;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void setDeploymentManager(DeploymentManager deploymentManager) {
|
||||||
|
this.deploymentManager = deploymentManager;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,323 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.eclipse.jetty.annotations.AnnotationConfiguration;
|
||||||
|
import org.eclipse.jetty.deploy.App;
|
||||||
|
import org.eclipse.jetty.deploy.AppLifeCycle;
|
||||||
|
import org.eclipse.jetty.deploy.DeploymentManager;
|
||||||
|
import org.eclipse.jetty.server.Connector;
|
||||||
|
import org.eclipse.jetty.server.HttpConfiguration;
|
||||||
|
import org.eclipse.jetty.server.HttpConnectionFactory;
|
||||||
|
import org.eclipse.jetty.server.Server;
|
||||||
|
import org.eclipse.jetty.server.ServerConnector;
|
||||||
|
import org.eclipse.jetty.server.SslConnectionFactory;
|
||||||
|
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
|
||||||
|
import org.eclipse.jetty.server.handler.DefaultHandler;
|
||||||
|
import org.eclipse.jetty.server.handler.HandlerCollection;
|
||||||
|
import org.eclipse.jetty.servlet.ServletHandler;
|
||||||
|
import org.eclipse.jetty.servlet.ServletHolder;
|
||||||
|
import org.eclipse.jetty.servlet.ServletMapping;
|
||||||
|
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||||
|
import org.eclipse.jetty.webapp.WebAppContext;
|
||||||
|
import org.jboss.arquillian.container.spi.client.container.DeployableContainer;
|
||||||
|
import org.jboss.arquillian.container.spi.client.container.DeploymentException;
|
||||||
|
import org.jboss.arquillian.container.spi.client.container.LifecycleException;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.ProtocolDescription;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.metadata.HTTPContext;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.metadata.ProtocolMetaData;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.metadata.Servlet;
|
||||||
|
import org.jboss.logging.Logger;
|
||||||
|
import org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher;
|
||||||
|
import org.jboss.resteasy.spi.ResteasyDeployment;
|
||||||
|
import org.jboss.shrinkwrap.api.Archive;
|
||||||
|
import org.jboss.shrinkwrap.api.asset.ClassAsset;
|
||||||
|
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||||
|
import org.jboss.shrinkwrap.descriptor.api.Descriptor;
|
||||||
|
import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
|
||||||
|
import org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator;
|
||||||
|
import org.keycloak.testsuite.arquillian.jetty.saml.util.RestSamlApplicationConfig;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
|
import javax.ws.rs.Path;
|
||||||
|
import java.lang.invoke.MethodHandles;
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
import java.util.Set;
|
||||||
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
public class JettyAppServer implements DeployableContainer<JettyAppServerConfiguration> {
|
||||||
|
|
||||||
|
private static final Logger log = Logger.getLogger(MethodHandles.lookup().lookupClass());
|
||||||
|
|
||||||
|
private JettyAppServerConfiguration configuration;
|
||||||
|
private JettyAppProvider appProvider;
|
||||||
|
private DeploymentManager deployer;
|
||||||
|
private Server server;
|
||||||
|
|
||||||
|
Map<String, KeycloakAdapterApp> deployedApps = new ConcurrentHashMap<>();
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Class<JettyAppServerConfiguration> getConfigurationClass() {
|
||||||
|
return JettyAppServerConfiguration.class;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void setup(JettyAppServerConfiguration configuration) {
|
||||||
|
this.configuration = configuration;
|
||||||
|
appProvider = new JettyAppProvider(this.configuration);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void start() throws LifecycleException {
|
||||||
|
if (configuration == null) {
|
||||||
|
log.warn("Starting Jetty with default setup.");
|
||||||
|
setup(new JettyAppServerConfiguration());
|
||||||
|
}
|
||||||
|
|
||||||
|
long start = System.currentTimeMillis();
|
||||||
|
|
||||||
|
server = new Server(configuration.getBindHttpPort());
|
||||||
|
setupSSL();
|
||||||
|
|
||||||
|
ContextHandlerCollection contexts = new ContextHandlerCollection();
|
||||||
|
|
||||||
|
deployer = new DeploymentManager();
|
||||||
|
deployer.setContexts(contexts);
|
||||||
|
deployer.addAppProvider(appProvider);
|
||||||
|
server.addBean(deployer);
|
||||||
|
|
||||||
|
HandlerCollection handlers = new HandlerCollection();
|
||||||
|
handlers.addHandler(contexts);
|
||||||
|
handlers.addHandler(new DefaultHandler());
|
||||||
|
server.setHandler(handlers);
|
||||||
|
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new LifecycleException("Unable to start Jetty", e);
|
||||||
|
}
|
||||||
|
log.infof("App server started in %dms on http://%s:%d/", (System.currentTimeMillis() - start), configuration.getBindAddress(), configuration.getBindHttpPort());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setupSSL() {
|
||||||
|
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||||
|
sslContextFactory.setSslContext(TLSUtils.initializeTLS());
|
||||||
|
ServerConnector connector = new ServerConnector(server);
|
||||||
|
connector.setPort(configuration.getBindHttpPort());
|
||||||
|
HttpConfiguration https = new HttpConfiguration();
|
||||||
|
ServerConnector sslConnector = new ServerConnector(server,
|
||||||
|
new SslConnectionFactory(sslContextFactory, "http/1.1"),
|
||||||
|
new HttpConnectionFactory(https));
|
||||||
|
sslConnector.setPort(configuration.getBindHttpsPort());
|
||||||
|
server.setConnectors(new Connector[] { connector, sslConnector });
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void stop() throws LifecycleException {
|
||||||
|
try {
|
||||||
|
server.stop();
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new LifecycleException("Unable to stop Jetty", e);
|
||||||
|
}
|
||||||
|
log.info("App Server stopped.");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolDescription getDefaultProtocol() {
|
||||||
|
return new ProtocolDescription("Servlet 3.1");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public ProtocolMetaData deploy(Archive<?> archive) throws DeploymentException {
|
||||||
|
log.info("Deploying archive " + archive.getName());
|
||||||
|
|
||||||
|
if (!(archive instanceof WebArchive)) {
|
||||||
|
throw new IllegalArgumentException("JettyContainer only supports WebArchives.");
|
||||||
|
}
|
||||||
|
|
||||||
|
WebArchive webArchive = (WebArchive) archive;
|
||||||
|
|
||||||
|
try {
|
||||||
|
KeycloakAdapterApp app = appProvider.createApp(webArchive);
|
||||||
|
WebAppContext webAppContext = (WebAppContext) app.getContextHandler();
|
||||||
|
|
||||||
|
|
||||||
|
addAdditionalConfigurations(webAppContext);
|
||||||
|
|
||||||
|
setContextRoot(webArchive, app, webAppContext);
|
||||||
|
|
||||||
|
if (app.usesOIDCAuthenticator()) {
|
||||||
|
addOIDCAuthenticator(webAppContext);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (app.usesSAMLAuthenticator()) {
|
||||||
|
addSAMLAuthenticator(webAppContext);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (app.usesJaxrs()) {
|
||||||
|
addRestEasyServlet(webArchive, webAppContext);
|
||||||
|
}
|
||||||
|
|
||||||
|
setEmbeddedClassloaderForDeployment(webAppContext);
|
||||||
|
|
||||||
|
deployer.addApp(app);
|
||||||
|
deployer.requestAppGoal(app, AppLifeCycle.STARTED);
|
||||||
|
|
||||||
|
deployedApps.put(archive.getId(), app);
|
||||||
|
|
||||||
|
HTTPContext httpContext = new HTTPContext(configuration.getBindAddress(), configuration.getBindHttpPort());
|
||||||
|
ServletHandler servletHandler = webAppContext.getServletHandler();
|
||||||
|
|
||||||
|
for (ServletHolder servlet : servletHandler.getServlets()) {
|
||||||
|
log.debugf("Servlet context mapping: %s => %s", servlet.getName(), servlet.getContextPath());
|
||||||
|
httpContext.add(new Servlet(servlet.getName(), servlet.getContextPath()));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (log.isInfoEnabled()) {
|
||||||
|
for (ServletMapping mapping : server.getChildHandlerByClass(ServletHandler.class).getServletMappings()) {
|
||||||
|
log.debugf("Servlet mapping: %s => %s", mapping.getServletName(), Arrays.toString(mapping.getPathSpecs()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return new ProtocolMetaData().addContext(httpContext);
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new DeploymentException("Unable to deploy archive", e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void addAdditionalConfigurations(WebAppContext webAppContext) {
|
||||||
|
List<String> configurations = new ArrayList<>();
|
||||||
|
configurations.add(AnnotationConfiguration.class.getName());
|
||||||
|
//due to Jetty incompatibility between 8 and 9, we need to use reflections here
|
||||||
|
try {
|
||||||
|
Method m = webAppContext.getClass().getDeclaredMethod("getDefaultConfigurationClasses", null);
|
||||||
|
configurations.addAll(Arrays.asList((String[]) m.invoke(webAppContext)));
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new IllegalStateException("Critical Jetty incompatibility detected", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
webAppContext.setConfigurationClasses(configurations.toArray(new String[0]));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setContextRoot(WebArchive archive, KeycloakAdapterApp app, WebAppContext webAppContext) {
|
||||||
|
if ("ROOT.war".equals(archive.getName())) {
|
||||||
|
webAppContext.setContextPath("/");
|
||||||
|
} else {
|
||||||
|
webAppContext.setContextPath("/" + app.getApplicationName());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void addRestEasyServlet(WebArchive archive, WebAppContext webAppContext) {
|
||||||
|
log.debug("Starting Resteasy deployment");
|
||||||
|
boolean addServlet = true;
|
||||||
|
ServletHolder resteasyServlet = new ServletHolder("javax.ws.rs.core.Application", new HttpServlet30Dispatcher());
|
||||||
|
|
||||||
|
String jaxrsApplication = getJaxRsApplication(archive);
|
||||||
|
Set<Class<?>> pathAnnotatedClasses = getPathAnnotatedClasses(archive);
|
||||||
|
|
||||||
|
if (jaxrsApplication != null) {
|
||||||
|
log.debug("App has an Application.class: " + jaxrsApplication);
|
||||||
|
resteasyServlet.setInitParameter("javax.ws.rs.Application", jaxrsApplication);
|
||||||
|
} else if (!pathAnnotatedClasses.isEmpty()) {
|
||||||
|
log.debug("App has @Path annotated classes: " + pathAnnotatedClasses);
|
||||||
|
ResteasyDeployment deployment = new ResteasyDeployment();
|
||||||
|
deployment.setApplication(new RestSamlApplicationConfig(pathAnnotatedClasses));
|
||||||
|
webAppContext.setAttribute(ResteasyDeployment.class.getName(), deployment);
|
||||||
|
} else {
|
||||||
|
log.debug("An application doesn't have Application.class, nor @Path annotated classes. Skipping Resteasy initialization.");
|
||||||
|
addServlet = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (addServlet) {
|
||||||
|
// this should be /* in general. However Jetty 9.2 (this is bug specific to this version),
|
||||||
|
// can not merge two instances of javax.ws.rs.Application together (one from web.xml
|
||||||
|
// and the other one added here). In 9.1 and 9.4 this works fine.
|
||||||
|
// Once we stop supporting 9.2, this should replaced with /* and this comment should be removed.
|
||||||
|
webAppContext.addServlet(resteasyServlet, "/");
|
||||||
|
}
|
||||||
|
log.debug("Finished Resteasy deployment");
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getJaxRsApplication(WebArchive archive) {
|
||||||
|
return archive.getContent(archivePath ->
|
||||||
|
archivePath.get().startsWith("/WEB-INF/classes/") && archivePath.get().endsWith("Application.class"))
|
||||||
|
.values().stream().findFirst().map(node -> node.getPath().get()).orElse(null);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void addSAMLAuthenticator(WebAppContext webAppContext) {
|
||||||
|
webAppContext.getSecurityHandler().setAuthenticator(new KeycloakSamlAuthenticator());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void addOIDCAuthenticator(WebAppContext webAppContext) {
|
||||||
|
webAppContext.getSecurityHandler().setAuthenticator(new KeycloakJettyAuthenticator());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setEmbeddedClassloaderForDeployment(WebAppContext webAppContext) {
|
||||||
|
ClassLoader parentCl = Thread.currentThread().getContextClassLoader();
|
||||||
|
webAppContext.setClassLoader(parentCl);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Set<Class<?>> getPathAnnotatedClasses(WebArchive webArchive) {
|
||||||
|
return webArchive.getContent(archivePath ->
|
||||||
|
archivePath.get().startsWith("/WEB-INF/classes/") &&
|
||||||
|
archivePath.get().endsWith(".class")
|
||||||
|
).values().stream()
|
||||||
|
.filter(node -> node.getAsset() instanceof ClassAsset)
|
||||||
|
.map(node -> ((ClassAsset)node.getAsset()).getSource())
|
||||||
|
.filter(clazz -> clazz.isAnnotationPresent(Path.class))
|
||||||
|
.collect(Collectors.toSet());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void undeploy(Archive<?> archive) {
|
||||||
|
log.info("Undeploying archive " + archive.getName());
|
||||||
|
|
||||||
|
App app = deployedApps.get(archive.getId());
|
||||||
|
if (app != null) {
|
||||||
|
deployer.requestAppGoal(app, AppLifeCycle.UNDEPLOYED);
|
||||||
|
} else {
|
||||||
|
log.warnf("Deployment '%s' (name=%s) not found", archive.getId(), archive.getName());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void deploy(Descriptor descriptor) {
|
||||||
|
throw new UnsupportedOperationException("Not implemented");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void undeploy(Descriptor descriptor) {
|
||||||
|
throw new UnsupportedOperationException("Not implemented");
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getJettyVersion() {
|
||||||
|
return Server.getVersion();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is a non-public method that should not be used. Only for testing.
|
||||||
|
*/
|
||||||
|
protected Server getServer() {
|
||||||
|
return server;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,36 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.container.spi.client.container.DeployableContainer;
|
||||||
|
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||||
|
import org.jboss.arquillian.core.spi.LoadableExtension;
|
||||||
|
import org.keycloak.testsuite.arquillian.jetty.container.JettyDeploymentArchiveProcessor;
|
||||||
|
|
||||||
|
public class JettyAppServerArquillianExtension implements LoadableExtension {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void register(ExtensionBuilder builder) {
|
||||||
|
builder
|
||||||
|
.service(DeployableContainer.class, JettyAppServer.class)
|
||||||
|
.service(ApplicationArchiveProcessor.class, JettyDeploymentArchiveProcessor.class);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,76 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.container.spi.ConfigurationException;
|
||||||
|
import org.jboss.arquillian.container.spi.client.container.ContainerConfiguration;
|
||||||
|
|
||||||
|
public class JettyAppServerConfiguration implements ContainerConfiguration {
|
||||||
|
|
||||||
|
private int bindHttpPortOffset = 0;
|
||||||
|
private int bindHttpsPortOffset = 0;
|
||||||
|
private int bindHttpPort = 8280;
|
||||||
|
private int bindHttpsPort = 8643;
|
||||||
|
private String bindAddress = "localhost";
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void validate() throws ConfigurationException {
|
||||||
|
setBindHttpPort(bindHttpPort + bindHttpPortOffset);
|
||||||
|
setBindHttpsPort(bindHttpsPort + bindHttpsPortOffset);
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getBindHttpPortOffset() {
|
||||||
|
return bindHttpPortOffset;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBindHttpPortOffset(int bindHttpPortOffset) {
|
||||||
|
this.bindHttpPortOffset = bindHttpPortOffset;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getBindHttpsPortOffset() {
|
||||||
|
return bindHttpsPortOffset;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBindHttpsPortOffset(int bindHttpsPortOffset) {
|
||||||
|
this.bindHttpsPortOffset = bindHttpsPortOffset;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getBindHttpPort() {
|
||||||
|
return bindHttpPort;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBindHttpPort(int bindHttpPort) {
|
||||||
|
this.bindHttpPort = bindHttpPort;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getBindHttpsPort() {
|
||||||
|
return bindHttpsPort;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBindHttpsPort(int bindHttpsPort) {
|
||||||
|
this.bindHttpsPort = bindHttpsPort;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getBindAddress() {
|
||||||
|
return bindAddress;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBindAddress(String bindAddress) {
|
||||||
|
this.bindAddress = bindAddress;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,92 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.apache.commons.io.IOUtils;
|
||||||
|
import org.eclipse.jetty.deploy.App;
|
||||||
|
import org.jboss.shrinkwrap.api.Archive;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.InputStream;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.regex.Matcher;
|
||||||
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
public class KeycloakAdapterApp extends App {
|
||||||
|
|
||||||
|
public static final String WEB_XML_PATH = "/WEB-INF/web.xml";
|
||||||
|
|
||||||
|
private static final Pattern modulePattern = Pattern.compile("<module-name>(.*)</module-name>");
|
||||||
|
private static final Pattern authMethodPattern = Pattern.compile("<auth-method>(.*)</auth-method>");
|
||||||
|
|
||||||
|
private final boolean usesOIDCAuthenticator;
|
||||||
|
private final boolean usesSAMLAuthenticator;
|
||||||
|
private final boolean usesJaxrs;
|
||||||
|
private final String applicationName;
|
||||||
|
|
||||||
|
public KeycloakAdapterApp(App app, Archive<?> archive) {
|
||||||
|
super(app.getDeploymentManager(), app.getAppProvider(), app.getOriginId());
|
||||||
|
boolean usesJaxRS = false;
|
||||||
|
boolean usesOIDCAuthenticator = false;
|
||||||
|
boolean usesSAMLAuthenticator = false;
|
||||||
|
String applicationName = archive.getName();
|
||||||
|
if (archive.contains(WEB_XML_PATH)) {
|
||||||
|
try {
|
||||||
|
try (InputStream is = archive.get(WEB_XML_PATH).getAsset().openStream()) {
|
||||||
|
String webXml = IOUtils.toString(is, StandardCharsets.UTF_8);
|
||||||
|
|
||||||
|
usesJaxRS = webXml.contains("javax.ws.rs.core.Application");
|
||||||
|
|
||||||
|
for(String line : webXml.split("\n")) {
|
||||||
|
line = line.trim();
|
||||||
|
if (!usesOIDCAuthenticator && !usesSAMLAuthenticator) {
|
||||||
|
Matcher m = authMethodPattern.matcher(line);
|
||||||
|
if (m.find()) {
|
||||||
|
String authMethod = m.group(1);
|
||||||
|
switch (authMethod) {
|
||||||
|
case "KEYCLOAK": {
|
||||||
|
usesOIDCAuthenticator = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case "KEYCLOAK-SAML": {
|
||||||
|
usesSAMLAuthenticator = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
default: {
|
||||||
|
throw new IllegalArgumentException("Unknown auth-method" + authMethod);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Matcher m = modulePattern.matcher(line.trim());
|
||||||
|
if (m.find()) {
|
||||||
|
applicationName = m.group(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (IOException ignored) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
this.applicationName = applicationName;
|
||||||
|
this.usesJaxrs = usesJaxRS;
|
||||||
|
this.usesOIDCAuthenticator = usesOIDCAuthenticator;
|
||||||
|
this.usesSAMLAuthenticator = usesSAMLAuthenticator;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean usesOIDCAuthenticator() {
|
||||||
|
return usesOIDCAuthenticator;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean usesJaxrs() {
|
||||||
|
return usesJaxrs;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean usesSAMLAuthenticator() {
|
||||||
|
return usesSAMLAuthenticator;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getApplicationName() {
|
||||||
|
return applicationName;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,25 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty.container;
|
||||||
|
|
||||||
|
import org.eclipse.jetty.util.Jetty;
|
||||||
|
|
||||||
|
import java.util.regex.Matcher;
|
||||||
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
public enum AppServerVersion {
|
||||||
|
INSTANCE;
|
||||||
|
|
||||||
|
private String appServerVersion;
|
||||||
|
|
||||||
|
AppServerVersion() {
|
||||||
|
Pattern versionExtraction = Pattern.compile("(\\d\\.\\d).*");
|
||||||
|
Matcher m = versionExtraction.matcher(Jetty.VERSION);
|
||||||
|
if (!m.find()) {
|
||||||
|
throw new IllegalStateException("Could not parse Jetty version: " + Jetty.VERSION);
|
||||||
|
}
|
||||||
|
appServerVersion = m.group(1).replaceAll("\\.", "");
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getAppServerVersion() {
|
||||||
|
return appServerVersion;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,83 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty.container;
|
||||||
|
|
||||||
|
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
|
||||||
|
import org.keycloak.testsuite.arquillian.container.AppServerContainerProvider;
|
||||||
|
import org.keycloak.testsuite.arquillian.jetty.JettyAppServer;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
public class JettyAppServerProvider implements AppServerContainerProvider {
|
||||||
|
|
||||||
|
private Node configuration;
|
||||||
|
private static final String containerName = "jetty" + AppServerVersion.INSTANCE.getAppServerVersion();
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getName() {
|
||||||
|
return containerName;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public List<Node> getContainers() {
|
||||||
|
List<Node> containers = new ArrayList<>();
|
||||||
|
|
||||||
|
containers.add(standaloneContainer());
|
||||||
|
|
||||||
|
//not supported yet
|
||||||
|
// containers.add(haNodeContainer(1));
|
||||||
|
// containers.add(haNodeContainer(2));
|
||||||
|
|
||||||
|
return containers;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void createChild(String name, String text) {
|
||||||
|
configuration.createChild("property").attribute("name", name).text(text);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Node standaloneContainer() {
|
||||||
|
Node container = new Node("container");
|
||||||
|
container.attribute("mode", "manual");
|
||||||
|
container.attribute("qualifier", AppServerContainerProvider.APP_SERVER + "-" + containerName);
|
||||||
|
|
||||||
|
configuration = container.createChild("configuration");
|
||||||
|
createChild("enabled", "true");
|
||||||
|
createChild("bindAddress", "0.0.0.0");
|
||||||
|
createChild("bindHttpPort", "8280");
|
||||||
|
createChild("adapterImplClass", JettyAppServer.class.getName());
|
||||||
|
|
||||||
|
return container;
|
||||||
|
}
|
||||||
|
|
||||||
|
private Node haNodeContainer(int number) {
|
||||||
|
Node container = new Node("container");
|
||||||
|
container.attribute("mode", "manual");
|
||||||
|
container.attribute("qualifier", AppServerContainerProvider.APP_SERVER + "-" + containerName + "-ha-node-" + number);
|
||||||
|
|
||||||
|
configuration = container.createChild("configuration");
|
||||||
|
createChild("enabled", "true");
|
||||||
|
createChild("bindAddress", "localhost");
|
||||||
|
createChild("bindHttpPort", "8280");
|
||||||
|
createChild("bindHttpPortOffset", Integer.toString(number));
|
||||||
|
createChild("adapterImplClass", JettyAppServer.class.getName());
|
||||||
|
|
||||||
|
return container;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,68 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty.container;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||||
|
import org.jboss.arquillian.test.spi.TestClass;
|
||||||
|
import org.jboss.logging.Logger;
|
||||||
|
import org.jboss.shrinkwrap.api.Archive;
|
||||||
|
import org.keycloak.testsuite.utils.annotation.UseServletFilter;
|
||||||
|
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
|
||||||
|
|
||||||
|
public class JettyDeploymentArchiveProcessor implements ApplicationArchiveProcessor {
|
||||||
|
|
||||||
|
private final Logger log = Logger.getLogger(JettyDeploymentArchiveProcessor.class);
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void process(Archive<?> archive, TestClass testClass) {
|
||||||
|
if (DeploymentArchiveProcessorUtils.checkRunOnServerDeployment(archive)) return;
|
||||||
|
if (!System.getProperty("app.server", "jetty").contains("jetty")) return;
|
||||||
|
|
||||||
|
modifyWebXML(archive, testClass);
|
||||||
|
|
||||||
|
modifyOIDCAdapterConfig(archive, DeploymentArchiveProcessorUtils.ADAPTER_CONFIG_PATH);
|
||||||
|
|
||||||
|
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH);
|
||||||
|
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH_TENANT1);
|
||||||
|
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH_TENANT2);
|
||||||
|
|
||||||
|
modifyOIDCAdapterConfig(archive, DeploymentArchiveProcessorUtils.ADAPTER_CONFIG_PATH_JS);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void modifyWebXML(Archive<?> archive, TestClass testClass) {
|
||||||
|
if (!archive.contains(DeploymentArchiveProcessorUtils.WEBXML_PATH)) return;
|
||||||
|
if (!testClass.getJavaClass().isAnnotationPresent(UseServletFilter.class)) return;
|
||||||
|
|
||||||
|
log.debug("Modifying WEB.XML in " + archive.getName() + " for Servlet Filter.");
|
||||||
|
DeploymentArchiveProcessorUtils.modifyWebXMLForServletFilter(archive, testClass);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void modifyOIDCAdapterConfig(Archive<?> archive, String adapterConfigPath) {
|
||||||
|
if (!archive.contains(adapterConfigPath)) return;
|
||||||
|
|
||||||
|
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
|
||||||
|
|
||||||
|
DeploymentArchiveProcessorUtils.modifyOIDCAdapterConfig(archive, adapterConfigPath);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void modifySAMLAdapterConfig(Archive<?> archive, String adapterConfigPath) {
|
||||||
|
if (!archive.contains(adapterConfigPath)) return;
|
||||||
|
|
||||||
|
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
|
||||||
|
DeploymentArchiveProcessorUtils.modifySAMLAdapterConfig(archive, adapterConfigPath);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,47 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2019 Red Hat, Inc. and/or its affiliates
|
||||||
|
* and other contributors as indicated by the @author tags.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty.saml.util;
|
||||||
|
|
||||||
|
import javax.ws.rs.ApplicationPath;
|
||||||
|
import javax.ws.rs.core.Application;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Wildfly JAX-RS Integration has support for scanning deployment for annotations.
|
||||||
|
*
|
||||||
|
* https://github.com/wildfly/wildfly/blob/14.0.1.Final/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/JaxrsAnnotationProcessor.java
|
||||||
|
*
|
||||||
|
* On undertow we have to set Application Class manually:
|
||||||
|
*
|
||||||
|
* ResteasyDeployment deployment = new ResteasyDeployment();
|
||||||
|
* deployment.setApplication(application);
|
||||||
|
*/
|
||||||
|
@ApplicationPath("/")
|
||||||
|
public class RestSamlApplicationConfig extends Application {
|
||||||
|
|
||||||
|
private final Set<Class<?>> classes;
|
||||||
|
|
||||||
|
public RestSamlApplicationConfig(Set<Class<?>> classes) {
|
||||||
|
this.classes = classes;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Set<Class<?>> getClasses() {
|
||||||
|
return classes;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
org.keycloak.testsuite.arquillian.jetty.JettyAppServerArquillianExtension
|
|
@ -0,0 +1 @@
|
||||||
|
org.keycloak.testsuite.arquillian.jetty.container.JettyAppServerProvider
|
|
@ -0,0 +1,248 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.jetty;
|
||||||
|
|
||||||
|
import org.eclipse.jetty.deploy.DeploymentManager;
|
||||||
|
import org.eclipse.jetty.security.Authenticator;
|
||||||
|
import org.eclipse.jetty.security.SecurityHandler;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.metadata.HTTPContext;
|
||||||
|
import org.jboss.arquillian.container.spi.client.protocol.metadata.ProtocolMetaData;
|
||||||
|
import org.jboss.shrinkwrap.api.ShrinkWrap;
|
||||||
|
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||||
|
import org.junit.Assert;
|
||||||
|
import org.junit.Test;
|
||||||
|
import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
|
||||||
|
import org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator;
|
||||||
|
import org.keycloak.testsuite.arquillian.jetty.container.JettyAppServerProvider;
|
||||||
|
|
||||||
|
import javax.servlet.annotation.WebServlet;
|
||||||
|
import javax.servlet.http.HttpServlet;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import javax.ws.rs.GET;
|
||||||
|
import javax.ws.rs.Path;
|
||||||
|
import javax.ws.rs.client.Client;
|
||||||
|
import javax.ws.rs.client.ClientBuilder;
|
||||||
|
import javax.ws.rs.core.Response;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
import java.net.Socket;
|
||||||
|
import java.net.SocketAddress;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.net.URL;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is a basic set of sanity tests for checking Jetty server compatibility.
|
||||||
|
* If this test suite is green, it is OK to integrate it with the Arquillian testsuite.
|
||||||
|
*/
|
||||||
|
public abstract class AbstractJettyAppServerTest {
|
||||||
|
|
||||||
|
public static final String TEST_SERVLET_NAME = "TestServlet";
|
||||||
|
public static final String TEST_SERVLET_URL_MAPPING = "test-servlet";
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testServerStartupAndShutdown() throws Exception {
|
||||||
|
// given
|
||||||
|
int httpPort = 8081;
|
||||||
|
int httpsPort = 8082;
|
||||||
|
|
||||||
|
JettyAppServerConfiguration configuration = new JettyAppServerConfiguration();
|
||||||
|
configuration.setBindHttpPort(httpPort);
|
||||||
|
configuration.setBindHttpsPort(httpsPort);
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
server.setup(configuration);
|
||||||
|
|
||||||
|
// when
|
||||||
|
server.start();
|
||||||
|
boolean wasFreeOnHTTPPortWhenServerStarted = isFree("localhost", httpPort);
|
||||||
|
boolean wasFreeOnHTTPSPortWhenServerStarted = isFree("localhost", httpsPort);
|
||||||
|
server.stop();
|
||||||
|
boolean wasFreeOnHTTPWhenServerStopped = isFree("localhost", httpPort);
|
||||||
|
boolean wasFreeOnHTTPSWhenServerStopped = isFree("localhost", httpsPort);
|
||||||
|
|
||||||
|
// then
|
||||||
|
Assert.assertFalse(wasFreeOnHTTPPortWhenServerStarted);
|
||||||
|
Assert.assertTrue(wasFreeOnHTTPWhenServerStopped);
|
||||||
|
Assert.assertFalse(wasFreeOnHTTPSPortWhenServerStarted);
|
||||||
|
Assert.assertTrue(wasFreeOnHTTPSWhenServerStopped);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testDeployingServletApp() throws Exception {
|
||||||
|
// given
|
||||||
|
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
|
||||||
|
.addClasses(ExampleServlet.class);
|
||||||
|
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
Response responseFromTheApp = null;
|
||||||
|
|
||||||
|
// when
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
ProtocolMetaData data = server.deploy(archive);
|
||||||
|
|
||||||
|
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
|
||||||
|
URI appURI = servletContext.getServletByName(TEST_SERVLET_NAME).getBaseURI().resolve(TEST_SERVLET_URL_MAPPING);
|
||||||
|
|
||||||
|
Client client = ClientBuilder.newClient();
|
||||||
|
responseFromTheApp = client.target(appURI).request().get();
|
||||||
|
} finally {
|
||||||
|
server.stop();
|
||||||
|
}
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertNotNull(responseFromTheApp);
|
||||||
|
Assert.assertEquals(200, responseFromTheApp.getStatus());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testDeployingRESTApp() throws Exception {
|
||||||
|
// given
|
||||||
|
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
|
||||||
|
.addClasses(ExampleRest.class);
|
||||||
|
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
Response responseFromTheApp = null;
|
||||||
|
|
||||||
|
// when
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
ProtocolMetaData data = server.deploy(archive);
|
||||||
|
|
||||||
|
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
|
||||||
|
URI appURI = servletContext.getServlets().get(0).getBaseURI();
|
||||||
|
|
||||||
|
Client client = ClientBuilder.newClient();
|
||||||
|
responseFromTheApp = client.target(appURI).request().get();
|
||||||
|
} finally {
|
||||||
|
server.stop();
|
||||||
|
}
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertNotNull(responseFromTheApp);
|
||||||
|
Assert.assertEquals(200, responseFromTheApp.getStatus());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testDeployingAndUndeploying() throws Exception {
|
||||||
|
// given
|
||||||
|
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
|
||||||
|
.addClasses(ExampleRest.class);
|
||||||
|
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
Response responseFromTheApp = null;
|
||||||
|
|
||||||
|
// when
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
ProtocolMetaData data = server.deploy(archive);
|
||||||
|
|
||||||
|
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
|
||||||
|
URI appURI = servletContext.getServlets().get(0).getBaseURI();
|
||||||
|
|
||||||
|
server.undeploy(archive);
|
||||||
|
|
||||||
|
Client client = ClientBuilder.newClient();
|
||||||
|
responseFromTheApp = client.target(appURI).request().get();
|
||||||
|
} finally {
|
||||||
|
server.stop();
|
||||||
|
}
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertNotNull(responseFromTheApp);
|
||||||
|
Assert.assertEquals(404, responseFromTheApp.getStatus());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testDetectingSAML() throws Exception {
|
||||||
|
// given
|
||||||
|
URL webXml = AbstractJettyAppServerTest.class.getResource("/web-saml.xml");
|
||||||
|
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
|
||||||
|
.addAsWebInfResource(webXml, "web.xml");
|
||||||
|
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
|
||||||
|
// when
|
||||||
|
Authenticator installedAuthenticator = null;
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
server.deploy(archive);
|
||||||
|
|
||||||
|
installedAuthenticator = server.getServer()
|
||||||
|
.getBean(DeploymentManager.class).getApps().iterator().next()
|
||||||
|
.getContextHandler().getChildHandlerByClass(SecurityHandler.class).getAuthenticator();
|
||||||
|
} finally {
|
||||||
|
server.stop();
|
||||||
|
}
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertTrue(installedAuthenticator instanceof KeycloakSamlAuthenticator);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testDetectingOIDC() throws Exception {
|
||||||
|
// given
|
||||||
|
URL webXml = AbstractJettyAppServerTest.class.getResource("/web-oidc.xml");
|
||||||
|
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
|
||||||
|
.addAsWebInfResource(webXml, "web.xml");
|
||||||
|
|
||||||
|
JettyAppServer server = new JettyAppServer();
|
||||||
|
|
||||||
|
// when
|
||||||
|
Authenticator installedAuthenticator = null;
|
||||||
|
try {
|
||||||
|
server.start();
|
||||||
|
server.deploy(archive);
|
||||||
|
|
||||||
|
installedAuthenticator = server.getServer()
|
||||||
|
.getBean(DeploymentManager.class).getApps().iterator().next()
|
||||||
|
.getContextHandler().getChildHandlerByClass(SecurityHandler.class).getAuthenticator();
|
||||||
|
} finally {
|
||||||
|
server.stop();
|
||||||
|
}
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertTrue(installedAuthenticator instanceof KeycloakJettyAuthenticator);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testJettyVersion() throws Exception {
|
||||||
|
// given
|
||||||
|
String versionRegexp = "jetty\\d\\d";
|
||||||
|
|
||||||
|
// when
|
||||||
|
String appServerName = new JettyAppServerProvider().getName();
|
||||||
|
|
||||||
|
// assert
|
||||||
|
Assert.assertTrue(appServerName.matches(versionRegexp));
|
||||||
|
}
|
||||||
|
|
||||||
|
@WebServlet(name = TEST_SERVLET_NAME, urlPatterns = "/" + TEST_SERVLET_URL_MAPPING)
|
||||||
|
public static class ExampleServlet extends HttpServlet {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
|
||||||
|
resp.getWriter().println("ok");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Path("/")
|
||||||
|
public static class ExampleRest extends HttpServlet {
|
||||||
|
|
||||||
|
@GET
|
||||||
|
public Response doGet() {
|
||||||
|
return Response.ok().build();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean isFree(String hostName, int port) {
|
||||||
|
SocketAddress socketAddress = new InetSocketAddress(hostName, port);
|
||||||
|
Socket socket = new Socket();
|
||||||
|
try {
|
||||||
|
socket.connect(socketAddress, 2000);
|
||||||
|
socket.close();
|
||||||
|
return false;
|
||||||
|
} catch (Exception exception) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
log4j.rootLogger=info, stdout
|
||||||
|
|
||||||
|
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
|
||||||
|
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
|
||||||
|
log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p %t [%c] %m%n
|
|
@ -0,0 +1,12 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>KEYCLOAK</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
</web-app>
|
|
@ -0,0 +1,12 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
|
version="3.0">
|
||||||
|
|
||||||
|
<login-config>
|
||||||
|
<auth-method>KEYCLOAK-SAML</auth-method>
|
||||||
|
<realm-name>demo</realm-name>
|
||||||
|
</login-config>
|
||||||
|
|
||||||
|
</web-app>
|
|
@ -0,0 +1,73 @@
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<!--
|
||||||
|
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||||
|
~ and other contributors as indicated by the @author tags.
|
||||||
|
~
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
~
|
||||||
|
~ Unless required by applicable law or agreed to in writing, software
|
||||||
|
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
~ See the License for the specific language governing permissions and
|
||||||
|
~ limitations under the License.
|
||||||
|
-->
|
||||||
|
|
||||||
|
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||||
|
<parent>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server</artifactId>
|
||||||
|
<version>5.0.0-SNAPSHOT</version>
|
||||||
|
</parent>
|
||||||
|
|
||||||
|
<modelVersion>4.0.0</modelVersion>
|
||||||
|
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
|
||||||
|
<packaging>pom</packaging>
|
||||||
|
|
||||||
|
<name>App Server - Jetty Parent</name>
|
||||||
|
|
||||||
|
<profiles>
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty94</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty94</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<modules>
|
||||||
|
<module>common</module>
|
||||||
|
<module>94</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty93</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty93</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<modules>
|
||||||
|
<module>common</module>
|
||||||
|
<module>93</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty92</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty92</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<modules>
|
||||||
|
<module>common</module>
|
||||||
|
<module>92</module>
|
||||||
|
</modules>
|
||||||
|
</profile>
|
||||||
|
</profiles>
|
||||||
|
|
||||||
|
</project>
|
|
@ -41,6 +41,7 @@
|
||||||
<module>karaf</module>
|
<module>karaf</module>
|
||||||
<module>tomcat</module>
|
<module>tomcat</module>
|
||||||
<module>undertow</module>
|
<module>undertow</module>
|
||||||
|
<module>jetty</module>
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
</project>
|
</project>
|
||||||
|
|
|
@ -134,7 +134,7 @@ public class UndertowAppServer implements DeployableContainer<UndertowAppServerC
|
||||||
|
|
||||||
if (isJaxrsApp(webArchive)) {
|
if (isJaxrsApp(webArchive)) {
|
||||||
di = new UndertowDeployerHelper().getDeploymentInfo(configuration, webArchive,
|
di = new UndertowDeployerHelper().getDeploymentInfo(configuration, webArchive,
|
||||||
undertow.undertowDeployment(getCustomResteasyDeployment(webArchive)));
|
undertow.undertowDeployment(discoverPathAnnotatedClasses(webArchive)));
|
||||||
} else if (applicationClassNode.isPresent()) {
|
} else if (applicationClassNode.isPresent()) {
|
||||||
String applicationPath = applicationClassNode.get().getPath().get();
|
String applicationPath = applicationClassNode.get().getPath().get();
|
||||||
|
|
||||||
|
@ -237,7 +237,7 @@ public class UndertowAppServer implements DeployableContainer<UndertowAppServerC
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private ResteasyDeployment getCustomResteasyDeployment(WebArchive webArchive) {
|
private ResteasyDeployment discoverPathAnnotatedClasses(WebArchive webArchive) {
|
||||||
//take all classes from war and add those with @Path annotation to RestSamlApplicationConfig
|
//take all classes from war and add those with @Path annotation to RestSamlApplicationConfig
|
||||||
Set<Class<?>> classes = webArchive.getContent(archivePath ->
|
Set<Class<?>> classes = webArchive.getContent(archivePath ->
|
||||||
archivePath.get().startsWith("/WEB-INF/classes/") &&
|
archivePath.get().startsWith("/WEB-INF/classes/") &&
|
||||||
|
|
|
@ -49,23 +49,15 @@ import org.keycloak.services.filters.KeycloakSessionServletFilter;
|
||||||
import org.keycloak.services.managers.ApplianceBootstrap;
|
import org.keycloak.services.managers.ApplianceBootstrap;
|
||||||
import org.keycloak.services.resources.KeycloakApplication;
|
import org.keycloak.services.resources.KeycloakApplication;
|
||||||
import org.keycloak.testsuite.KeycloakServer;
|
import org.keycloak.testsuite.KeycloakServer;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
import org.keycloak.testsuite.utils.undertow.UndertowDeployerHelper;
|
import org.keycloak.testsuite.utils.undertow.UndertowDeployerHelper;
|
||||||
import org.keycloak.testsuite.utils.undertow.UndertowWarClassLoader;
|
import org.keycloak.testsuite.utils.undertow.UndertowWarClassLoader;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.net.ssl.KeyManager;
|
|
||||||
import javax.net.ssl.KeyManagerFactory;
|
|
||||||
import javax.net.ssl.SSLContext;
|
|
||||||
import javax.net.ssl.TrustManager;
|
|
||||||
import javax.net.ssl.TrustManagerFactory;
|
|
||||||
import javax.net.ssl.X509TrustManager;
|
|
||||||
import javax.servlet.DispatcherType;
|
import javax.servlet.DispatcherType;
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.lang.reflect.Field;
|
import java.lang.reflect.Field;
|
||||||
import java.security.KeyStore;
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.concurrent.ConcurrentHashMap;
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
|
|
|
@ -40,7 +40,7 @@ import io.undertow.util.Headers;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.common.util.reflections.Reflections;
|
import org.keycloak.common.util.reflections.Reflections;
|
||||||
import org.keycloak.services.managers.AuthenticationSessionManager;
|
import org.keycloak.services.managers.AuthenticationSessionManager;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import java.util.LinkedHashMap;
|
import java.util.LinkedHashMap;
|
||||||
import java.util.StringTokenizer;
|
import java.util.StringTokenizer;
|
||||||
|
|
|
@ -43,7 +43,7 @@
|
||||||
<fuse61.version>6.1.0.redhat-379</fuse61.version>
|
<fuse61.version>6.1.0.redhat-379</fuse61.version>
|
||||||
<!--<fuse62.version>6.2.0.redhat-133</fuse62.version>-->
|
<!--<fuse62.version>6.2.0.redhat-133</fuse62.version>-->
|
||||||
<fuse62.version>6.2.1.redhat-084</fuse62.version>
|
<fuse62.version>6.2.1.redhat-084</fuse62.version>
|
||||||
|
|
||||||
<!-- cache server versions -->
|
<!-- cache server versions -->
|
||||||
<!--<infinispan.version>8.2.8.Final</infinispan.version>--><!-- Use same infinspan-server version as our version -->
|
<!--<infinispan.version>8.2.8.Final</infinispan.version>--><!-- Use same infinspan-server version as our version -->
|
||||||
<jdg.version>9.4.6.Final-redhat-00002</jdg.version><!-- JDG 7.3.0 -->
|
<jdg.version>9.4.6.Final-redhat-00002</jdg.version><!-- JDG 7.3.0 -->
|
||||||
|
|
|
@ -413,6 +413,94 @@
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
</profile>
|
</profile>
|
||||||
|
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty94</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty94</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<properties>
|
||||||
|
<app.server>jetty94</app.server> <!--in case the profile is called directly-->
|
||||||
|
<app.server.skip.unpack>true</app.server.skip.unpack>
|
||||||
|
</properties>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-94</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<scope>runtime</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.commonjava.maven.plugins</groupId>
|
||||||
|
<artifactId>directory-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty93</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty93</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<properties>
|
||||||
|
<app.server>jetty93</app.server> <!--in case the profile is called directly-->
|
||||||
|
<app.server.skip.unpack>true</app.server.skip.unpack>
|
||||||
|
</properties>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-93</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<scope>runtime</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.commonjava.maven.plugins</groupId>
|
||||||
|
<artifactId>directory-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</profile>
|
||||||
|
<profile>
|
||||||
|
<id>app-server-jetty92</id>
|
||||||
|
<activation>
|
||||||
|
<property>
|
||||||
|
<name>app.server</name>
|
||||||
|
<value>jetty92</value>
|
||||||
|
</property>
|
||||||
|
</activation>
|
||||||
|
<properties>
|
||||||
|
<app.server>jetty92</app.server> <!--in case the profile is called directly-->
|
||||||
|
<app.server.skip.unpack>true</app.server.skip.unpack>
|
||||||
|
</properties>
|
||||||
|
<dependencies>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.keycloak.testsuite</groupId>
|
||||||
|
<artifactId>integration-arquillian-servers-app-server-jetty-92</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
<scope>runtime</scope>
|
||||||
|
</dependency>
|
||||||
|
</dependencies>
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.commonjava.maven.plugins</groupId>
|
||||||
|
<artifactId>directory-maven-plugin</artifactId>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
|
</profile>
|
||||||
<profile>
|
<profile>
|
||||||
<id>app-server-wildfly</id>
|
<id>app-server-wildfly</id>
|
||||||
<activation>
|
<activation>
|
||||||
|
|
|
@ -35,11 +35,7 @@ public class CustomerCookiePortalRoot extends AbstractPageWithInjectedUrl {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public URL getInjectedUrl() {
|
public URL getInjectedUrl() {
|
||||||
try {
|
return url;
|
||||||
return new URL(url.toString() + "/");
|
|
||||||
} catch (MalformedURLException e) {
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public String logoutURL() {
|
public String logoutURL() {
|
||||||
|
|
|
@ -21,6 +21,8 @@ import org.jboss.arquillian.container.test.api.OperateOnDeployment;
|
||||||
import org.jboss.arquillian.test.api.ArquillianResource;
|
import org.jboss.arquillian.test.api.ArquillianResource;
|
||||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||||
|
|
||||||
|
import javax.ws.rs.core.UriBuilder;
|
||||||
|
import java.net.URI;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -40,18 +42,18 @@ public class CustomerPortal extends AbstractPageWithInjectedUrl {
|
||||||
return url;
|
return url;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String logout() {
|
public URI logout() {
|
||||||
return url + "/logout";
|
return getUriBuilder().clone().path("logout").build();
|
||||||
}
|
}
|
||||||
|
|
||||||
public String callCustomerDbAudienceRequiredUrl(boolean attachAudienceScope) {
|
public URI callCustomerDbAudienceRequiredUrl(boolean attachAudienceScope) {
|
||||||
String url = this.url + "/call-customer-db-audience-required";
|
UriBuilder builder = getUriBuilder().clone().path("call-customer-db-audience-required");
|
||||||
|
|
||||||
if (attachAudienceScope) {
|
if (attachAudienceScope) {
|
||||||
url = url + "?scope=customer-db-audience-required";
|
builder.queryParam("scope", "customer-db-audience-required");
|
||||||
}
|
}
|
||||||
|
|
||||||
return url;
|
return builder.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,7 +37,7 @@ public class MultiTenant1Saml extends SAMLServlet {
|
||||||
@Override
|
@Override
|
||||||
public URL getInjectedUrl() {
|
public URL getInjectedUrl() {
|
||||||
try {
|
try {
|
||||||
return new URL(url + "/?realm=tenant1");
|
return new URL(url + "?realm=tenant1");
|
||||||
} catch (MalformedURLException e) {
|
} catch (MalformedURLException e) {
|
||||||
throw new IllegalStateException(e);
|
throw new IllegalStateException(e);
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,7 +37,7 @@ public class MultiTenant2Saml extends SAMLServlet {
|
||||||
@Override
|
@Override
|
||||||
public URL getInjectedUrl() {
|
public URL getInjectedUrl() {
|
||||||
try {
|
try {
|
||||||
return new URL(url + "/?realm=tenant2");
|
return new URL(url + "?realm=tenant2");
|
||||||
} catch (MalformedURLException e) {
|
} catch (MalformedURLException e) {
|
||||||
throw new IllegalStateException(e);
|
throw new IllegalStateException(e);
|
||||||
}
|
}
|
||||||
|
|
|
@ -294,7 +294,7 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void navigateTo() {
|
public void navigateTo() {
|
||||||
driver.navigate().to(toString() + "/");
|
driver.navigate().to(toString());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -35,42 +35,34 @@ import org.keycloak.testsuite.arquillian.annotation.AppServerContainers;
|
||||||
public class AdapterTestExecutionDecider implements TestExecutionDecider {
|
public class AdapterTestExecutionDecider implements TestExecutionDecider {
|
||||||
|
|
||||||
private final Logger log = Logger.getLogger(AdapterTestExecutionDecider.class);
|
private final Logger log = Logger.getLogger(AdapterTestExecutionDecider.class);
|
||||||
private static final Map<Method, CachedRecord> cache = new HashMap<>();
|
|
||||||
|
|
||||||
@Inject private Instance<TestContext> testContextInstance;
|
@Inject private Instance<TestContext> testContextInstance;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public ExecutionDecision decide(Method method) {
|
public ExecutionDecision decide(Method method) {
|
||||||
ExecutionDecision decision = getFromCache(method);
|
|
||||||
if (decision != null) {
|
|
||||||
return decision;
|
|
||||||
}
|
|
||||||
|
|
||||||
TestContext testContext = testContextInstance.get();
|
TestContext testContext = testContextInstance.get();
|
||||||
if (!testContext.isAdapterTest()) {
|
if (!testContext.isAdapterTest()) {
|
||||||
return execute(method, Boolean.TRUE, null);
|
return ExecutionDecision.execute();
|
||||||
}
|
}
|
||||||
if (testContext.isAdapterContainerEnabled() || testContext.isAdapterContainerEnabledCluster()) {
|
if (testContext.isAdapterContainerEnabled() || testContext.isAdapterContainerEnabledCluster()) {
|
||||||
|
|
||||||
if (method.isAnnotationPresent(AppServerContainer.class)) { // taking method level annotation first as it has higher priority
|
if (method.isAnnotationPresent(AppServerContainer.class)) { // taking method level annotation first as it has higher priority
|
||||||
if (getCorrespondingAnnotation(method) == null) { //no corresponding annotation - taking class level annotation
|
if (getCorrespondingAnnotation(method) == null) { //no corresponding annotation - taking class level annotation
|
||||||
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
|
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
|
||||||
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer class level annotation.");
|
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer class level annotation.");
|
||||||
}
|
}
|
||||||
} else if (getCorrespondingAnnotation(method).skip()) { //corresponding annotation
|
} else if (getCorrespondingAnnotation(method).skip()) { //corresponding annotation
|
||||||
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer method level annotation.");
|
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer method level annotation.");
|
||||||
}
|
}
|
||||||
} else { //taking class level annotation
|
} else { //taking class level annotation
|
||||||
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
|
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
|
||||||
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer class level annotation.");
|
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer class level annotation.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// execute otherwise
|
// execute otherwise
|
||||||
return execute(method, Boolean.TRUE, null);
|
return ExecutionDecision.execute();
|
||||||
|
|
||||||
} else {
|
|
||||||
return execute(method, Boolean.FALSE, "Not enabled by @AppServerContainer annotations.");
|
|
||||||
}
|
}
|
||||||
|
return ExecutionDecision.dontExecute("Not enabled by @AppServerContainer annotations.");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -113,38 +105,4 @@ public class AdapterTestExecutionDecider implements TestExecutionDecider {
|
||||||
.findFirst()
|
.findFirst()
|
||||||
.orElse(null);
|
.orElse(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
private ExecutionDecision execute(Method method, Boolean execute, String message) {
|
|
||||||
if (execute) {
|
|
||||||
cache.put(method, new CachedRecord(Boolean.TRUE, ""));
|
|
||||||
return ExecutionDecision.execute();
|
|
||||||
} else {
|
|
||||||
cache.put(method, new CachedRecord(Boolean.FALSE, message));
|
|
||||||
log.debug(method.getName() + " " + message);
|
|
||||||
return ExecutionDecision.dontExecute(message);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private ExecutionDecision getFromCache(Method method) {
|
|
||||||
if (cache.containsKey(method)) {
|
|
||||||
CachedRecord cachedRecord = cache.get(method);
|
|
||||||
|
|
||||||
if (cachedRecord.execute) {
|
|
||||||
return ExecutionDecision.execute(cachedRecord.message);
|
|
||||||
} else {
|
|
||||||
return ExecutionDecision.dontExecute(cachedRecord.message);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
private class CachedRecord {
|
|
||||||
private final Boolean execute;
|
|
||||||
private final String message;
|
|
||||||
|
|
||||||
public CachedRecord(Boolean execute, String message) {
|
|
||||||
this.execute = execute;
|
|
||||||
this.message = message;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,44 +16,40 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.testsuite.arquillian;
|
package org.keycloak.testsuite.arquillian;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import org.apache.commons.io.FileUtils;
|
import org.apache.commons.io.FileUtils;
|
||||||
import static org.hamcrest.Matchers.lessThan;
|
import org.jboss.arquillian.container.spi.event.StopContainer;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
||||||
import org.jboss.arquillian.container.test.api.ContainerController;
|
import org.jboss.arquillian.container.test.api.ContainerController;
|
||||||
|
import org.jboss.arquillian.core.api.Event;
|
||||||
import org.jboss.arquillian.core.api.Instance;
|
import org.jboss.arquillian.core.api.Instance;
|
||||||
import org.jboss.arquillian.core.spi.Validate;
|
|
||||||
import org.jboss.arquillian.core.api.annotation.Inject;
|
import org.jboss.arquillian.core.api.annotation.Inject;
|
||||||
import org.jboss.arquillian.core.api.annotation.Observes;
|
import org.jboss.arquillian.core.api.annotation.Observes;
|
||||||
|
import org.jboss.arquillian.core.spi.Validate;
|
||||||
import org.jboss.arquillian.test.spi.event.suite.After;
|
import org.jboss.arquillian.test.spi.event.suite.After;
|
||||||
|
import org.jboss.arquillian.test.spi.event.suite.AfterSuite;
|
||||||
import org.jboss.arquillian.test.spi.event.suite.Before;
|
import org.jboss.arquillian.test.spi.event.suite.Before;
|
||||||
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
|
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import static org.junit.Assert.assertThat;
|
|
||||||
import org.keycloak.admin.client.Keycloak;
|
import org.keycloak.admin.client.Keycloak;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.InitialDcState;
|
import org.keycloak.testsuite.arquillian.annotation.InitialDcState;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||||
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
||||||
import org.keycloak.testsuite.crossdc.DC;
|
import org.keycloak.testsuite.crossdc.DC;
|
||||||
import org.keycloak.testsuite.crossdc.ServerSetup;
|
import org.keycloak.testsuite.crossdc.ServerSetup;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
import java.util.function.Consumer;
|
import java.util.function.Consumer;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
import org.jboss.arquillian.container.spi.Container;
|
|
||||||
import org.jboss.arquillian.container.spi.event.StopContainer;
|
import static org.hamcrest.Matchers.lessThan;
|
||||||
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
import static org.junit.Assert.assertThat;
|
||||||
import org.jboss.arquillian.core.api.Event;
|
|
||||||
import org.jboss.arquillian.test.spi.event.suite.AfterSuite;
|
|
||||||
import org.wildfly.extras.creaper.core.ManagementClient;
|
|
||||||
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
|
|
||||||
import org.wildfly.extras.creaper.core.online.OnlineOptions;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
|
|
@ -38,4 +38,8 @@ public interface ContainerConstants {
|
||||||
public static final String APP_SERVER_FUSE63 = APP_SERVER_PREFIX + "fuse63";
|
public static final String APP_SERVER_FUSE63 = APP_SERVER_PREFIX + "fuse63";
|
||||||
public static final String APP_SERVER_FUSE7X = APP_SERVER_PREFIX + "fuse7x";
|
public static final String APP_SERVER_FUSE7X = APP_SERVER_PREFIX + "fuse7x";
|
||||||
|
|
||||||
|
public static final String APP_SERVER_JETTY94 = APP_SERVER_PREFIX + "jetty94";
|
||||||
|
public static final String APP_SERVER_JETTY93 = APP_SERVER_PREFIX + "jetty93";
|
||||||
|
public static final String APP_SERVER_JETTY92 = APP_SERVER_PREFIX + "jetty92";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -38,6 +38,7 @@ import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import org.keycloak.testsuite.arquillian.ContainerInfo;
|
import org.keycloak.testsuite.arquillian.ContainerInfo;
|
||||||
|
import org.keycloak.testsuite.util.URLUtils;
|
||||||
|
|
||||||
public class URLProvider extends URLResourceProvider {
|
public class URLProvider extends URLResourceProvider {
|
||||||
|
|
||||||
|
@ -82,7 +83,6 @@ public class URLProvider extends URLResourceProvider {
|
||||||
try {
|
try {
|
||||||
url = fixLocalhost(url);
|
url = fixLocalhost(url);
|
||||||
url = fixBoundToAll(url);
|
url = fixBoundToAll(url);
|
||||||
url = removeTrailingSlash(url);
|
|
||||||
if (appServerSslRequired) {
|
if (appServerSslRequired) {
|
||||||
url = fixSsl(url);
|
url = fixSsl(url);
|
||||||
}
|
}
|
||||||
|
@ -153,13 +153,4 @@ public class URLProvider extends URLResourceProvider {
|
||||||
return new URL(urlString);
|
return new URL(urlString);
|
||||||
}
|
}
|
||||||
|
|
||||||
public URL removeTrailingSlash(URL url) throws MalformedURLException {
|
|
||||||
URL urlWithoutSlash = url;
|
|
||||||
String urlS = url.toExternalForm();
|
|
||||||
if (urlS.endsWith("/")) {
|
|
||||||
urlWithoutSlash = new URL(urlS.substring(0, urlS.length() - 1));
|
|
||||||
}
|
|
||||||
return urlWithoutSlash;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,10 +8,12 @@ import org.openqa.selenium.ie.InternetExplorerDriver;
|
||||||
import org.openqa.selenium.support.ui.ExpectedCondition;
|
import org.openqa.selenium.support.ui.ExpectedCondition;
|
||||||
import org.openqa.selenium.support.ui.WebDriverWait;
|
import org.openqa.selenium.support.ui.WebDriverWait;
|
||||||
|
|
||||||
|
import java.net.URI;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.keycloak.testsuite.util.DroneUtils.getCurrentDriver;
|
import static org.keycloak.testsuite.util.DroneUtils.getCurrentDriver;
|
||||||
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
||||||
import static org.openqa.selenium.support.ui.ExpectedConditions.not;
|
import static org.openqa.selenium.support.ui.ExpectedConditions.not;
|
||||||
|
|
|
@ -206,6 +206,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testErrorConditions() throws Exception {
|
public void testErrorConditions() throws Exception {
|
||||||
|
String helloUrl = appPage.getUriBuilder().clone().path("hello").build().toASCIIString();
|
||||||
|
|
||||||
RealmResource realm = adminClient.realms().realm(CHILD_IDP);
|
RealmResource realm = adminClient.realms().realm(CHILD_IDP);
|
||||||
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
|
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
|
||||||
|
@ -239,10 +240,11 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
||||||
|
|
||||||
// now log in
|
// now log in
|
||||||
|
|
||||||
navigateTo( appPage.getInjectedUrl() + "/hello");
|
|
||||||
|
navigateTo(helloUrl);
|
||||||
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
|
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
|
||||||
loginPage.login("child", "password");
|
loginPage.login("child", "password");
|
||||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(appPage.getInjectedUrl() + "/hello"));
|
Assert.assertTrue(driver.getCurrentUrl().startsWith(helloUrl));
|
||||||
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
|
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
|
||||||
|
|
||||||
// now test CSRF with bad hash.
|
// now test CSRF with bad hash.
|
||||||
|
@ -268,10 +270,10 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
||||||
roles.add(userRole);
|
roles.add(userRole);
|
||||||
clientResource.getScopeMappings().realmLevel().add(roles);
|
clientResource.getScopeMappings().realmLevel().add(roles);
|
||||||
|
|
||||||
navigateTo( appPage.getInjectedUrl() + "/hello");
|
navigateTo(helloUrl);
|
||||||
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
|
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
|
||||||
loginPage.login("child", "password");
|
loginPage.login("child", "password");
|
||||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(appPage.getInjectedUrl() + "/hello"));
|
Assert.assertTrue(driver.getCurrentUrl().startsWith(helloUrl));
|
||||||
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
|
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
|
||||||
|
|
||||||
|
|
||||||
|
@ -375,12 +377,6 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
||||||
Assert.assertTrue(links.isEmpty());
|
Assert.assertTrue(links.isEmpty());
|
||||||
|
|
||||||
logoutAll();
|
logoutAll();
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
@ -16,44 +16,20 @@
|
||||||
*/
|
*/
|
||||||
package org.keycloak.testsuite.adapter.servlet;
|
package org.keycloak.testsuite.adapter.servlet;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.net.URI;
|
|
||||||
import java.net.URISyntaxException;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Set;
|
|
||||||
import java.util.concurrent.TimeUnit;
|
|
||||||
import java.util.stream.Collectors;
|
|
||||||
import java.util.stream.Stream;
|
|
||||||
import javax.ws.rs.client.Client;
|
|
||||||
import javax.ws.rs.client.ClientBuilder;
|
|
||||||
import javax.ws.rs.client.Entity;
|
|
||||||
import javax.ws.rs.client.WebTarget;
|
|
||||||
import javax.ws.rs.core.Form;
|
|
||||||
import javax.ws.rs.core.HttpHeaders;
|
|
||||||
import javax.ws.rs.core.Response;
|
|
||||||
import javax.ws.rs.core.Response.Status;
|
|
||||||
import javax.ws.rs.core.UriBuilder;
|
|
||||||
|
|
||||||
import org.apache.commons.io.FileUtils;
|
import org.apache.commons.io.FileUtils;
|
||||||
import org.apache.http.client.utils.URLEncodedUtils;
|
import org.apache.http.client.utils.URLEncodedUtils;
|
||||||
import org.apache.http.conn.params.ConnManagerParams;
|
|
||||||
import org.jboss.arquillian.container.test.api.Deployment;
|
import org.jboss.arquillian.container.test.api.Deployment;
|
||||||
import org.jboss.arquillian.drone.api.annotation.Drone;
|
import org.jboss.arquillian.drone.api.annotation.Drone;
|
||||||
import org.jboss.arquillian.graphene.page.Page;
|
import org.jboss.arquillian.graphene.page.Page;
|
||||||
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||||
import org.jboss.shrinkwrap.api.ShrinkWrap;
|
|
||||||
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||||
import org.junit.Assert;
|
import org.junit.Assert;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Rule;
|
import org.junit.Rule;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
|
||||||
import org.keycloak.OAuth2Constants;
|
import org.keycloak.OAuth2Constants;
|
||||||
import org.keycloak.admin.client.resource.ClientResource;
|
|
||||||
import org.keycloak.adapters.OIDCAuthenticationError;
|
import org.keycloak.adapters.OIDCAuthenticationError;
|
||||||
|
import org.keycloak.admin.client.resource.ClientResource;
|
||||||
import org.keycloak.common.util.Time;
|
import org.keycloak.common.util.Time;
|
||||||
import org.keycloak.constants.AdapterConstants;
|
import org.keycloak.constants.AdapterConstants;
|
||||||
import org.keycloak.events.Details;
|
import org.keycloak.events.Details;
|
||||||
|
@ -96,6 +72,7 @@ import org.keycloak.testsuite.auth.page.login.OAuthGrant;
|
||||||
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
|
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
|
||||||
import org.keycloak.testsuite.console.page.events.Config;
|
import org.keycloak.testsuite.console.page.events.Config;
|
||||||
import org.keycloak.testsuite.console.page.events.LoginEvents;
|
import org.keycloak.testsuite.console.page.events.LoginEvents;
|
||||||
|
import org.keycloak.testsuite.util.FollowRedirectsEngine;
|
||||||
import org.keycloak.testsuite.util.JavascriptBrowser;
|
import org.keycloak.testsuite.util.JavascriptBrowser;
|
||||||
import org.keycloak.testsuite.util.Matchers;
|
import org.keycloak.testsuite.util.Matchers;
|
||||||
import org.keycloak.testsuite.util.URLUtils;
|
import org.keycloak.testsuite.util.URLUtils;
|
||||||
|
@ -105,6 +82,27 @@ import org.openqa.selenium.By;
|
||||||
import org.openqa.selenium.Cookie;
|
import org.openqa.selenium.Cookie;
|
||||||
import org.openqa.selenium.WebDriver;
|
import org.openqa.selenium.WebDriver;
|
||||||
|
|
||||||
|
import javax.ws.rs.client.Client;
|
||||||
|
import javax.ws.rs.client.ClientBuilder;
|
||||||
|
import javax.ws.rs.client.Entity;
|
||||||
|
import javax.ws.rs.client.WebTarget;
|
||||||
|
import javax.ws.rs.core.Form;
|
||||||
|
import javax.ws.rs.core.HttpHeaders;
|
||||||
|
import javax.ws.rs.core.Response;
|
||||||
|
import javax.ws.rs.core.Response.Status;
|
||||||
|
import javax.ws.rs.core.UriBuilder;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.net.URISyntaxException;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
import java.util.Set;
|
||||||
|
import java.util.concurrent.TimeUnit;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
import java.util.stream.Stream;
|
||||||
|
|
||||||
import static org.hamcrest.Matchers.allOf;
|
import static org.hamcrest.Matchers.allOf;
|
||||||
import static org.hamcrest.Matchers.anyOf;
|
import static org.hamcrest.Matchers.anyOf;
|
||||||
import static org.hamcrest.Matchers.containsString;
|
import static org.hamcrest.Matchers.containsString;
|
||||||
|
@ -198,7 +196,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
protected static WebArchive customerCookiePortal() {
|
protected static WebArchive customerCookiePortal() {
|
||||||
return servletDeployment(CustomerCookiePortal.DEPLOYMENT_NAME, AdapterActionsFilter.class, CustomerServlet.class, ErrorServlet.class, ServletTestUtils.class);
|
return servletDeployment(CustomerCookiePortal.DEPLOYMENT_NAME, AdapterActionsFilter.class, CustomerServlet.class, ErrorServlet.class, ServletTestUtils.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Deployment(name = CustomerPortalNoConf.DEPLOYMENT_NAME)
|
@Deployment(name = CustomerPortalNoConf.DEPLOYMENT_NAME)
|
||||||
protected static WebArchive customerPortalNoConf() {
|
protected static WebArchive customerPortalNoConf() {
|
||||||
return servletDeployment(CustomerPortalNoConf.DEPLOYMENT_NAME, CustomerServletNoConf.class, ErrorServlet.class);
|
return servletDeployment(CustomerPortalNoConf.DEPLOYMENT_NAME, CustomerServletNoConf.class, ErrorServlet.class);
|
||||||
|
@ -238,7 +236,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
protected static WebArchive productPortal() {
|
protected static WebArchive productPortal() {
|
||||||
return servletDeployment(ProductPortal.DEPLOYMENT_NAME, ProductServlet.class);
|
return servletDeployment(ProductPortal.DEPLOYMENT_NAME, ProductServlet.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Deployment(name = ProductPortalAutodetectBearerOnly.DEPLOYMENT_NAME)
|
@Deployment(name = ProductPortalAutodetectBearerOnly.DEPLOYMENT_NAME)
|
||||||
protected static WebArchive productPortalAutodetectBearerOnly() {
|
protected static WebArchive productPortalAutodetectBearerOnly() {
|
||||||
return servletDeployment(ProductPortalAutodetectBearerOnly.DEPLOYMENT_NAME, ProductServlet.class);
|
return servletDeployment(ProductPortalAutodetectBearerOnly.DEPLOYMENT_NAME, ProductServlet.class);
|
||||||
|
@ -248,7 +246,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
protected static WebArchive inputPortal() {
|
protected static WebArchive inputPortal() {
|
||||||
return servletDeployment(InputPortal.DEPLOYMENT_NAME, "keycloak.json", InputServlet.class, ServletTestUtils.class);
|
return servletDeployment(InputPortal.DEPLOYMENT_NAME, "keycloak.json", InputServlet.class, ServletTestUtils.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Deployment(name = InputPortalNoAccessToken.DEPLOYMENT_NAME)
|
@Deployment(name = InputPortalNoAccessToken.DEPLOYMENT_NAME)
|
||||||
protected static WebArchive inputPortalNoAccessToken() {
|
protected static WebArchive inputPortalNoAccessToken() {
|
||||||
return servletDeployment(InputPortalNoAccessToken.DEPLOYMENT_NAME, "keycloak.json", InputServlet.class, ServletTestUtils.class);
|
return servletDeployment(InputPortalNoAccessToken.DEPLOYMENT_NAME, "keycloak.json", InputServlet.class, ServletTestUtils.class);
|
||||||
|
@ -343,7 +341,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlEquals(customerPortal);
|
assertCurrentUrlEquals(customerPortal);
|
||||||
assertLogged();
|
assertLogged();
|
||||||
|
|
||||||
driver.navigate().to(customerPortal.logout());
|
driver.navigate().to(customerPortal.logout().toASCIIString());
|
||||||
WaitUtils.waitUntilElement(By.id("customer_portal_logout")).is().present();
|
WaitUtils.waitUntilElement(By.id("customer_portal_logout")).is().present();
|
||||||
customerPortal.navigateTo();
|
customerPortal.navigateTo();
|
||||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||||
|
@ -427,7 +425,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||||
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
||||||
assertCurrentUrlEquals(inputPortal + "/secured/post");
|
assertCurrentUrlEquals(inputPortal.getUriBuilder().clone().path("secured").path("post").build());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
assertPageContains("parameter=hello");
|
assertPageContains("parameter=hello");
|
||||||
|
|
||||||
|
@ -585,7 +583,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
@Test
|
@Test
|
||||||
public void testLoginSSOMax() throws InterruptedException {
|
public void testLoginSSOMax() throws InterruptedException {
|
||||||
// Delete cookies
|
// Delete cookies
|
||||||
driver.navigate().to(customerPortal + "/error.html");
|
driver.navigate().to(customerPortal.getUriBuilder().clone().path("error.html").build().toASCIIString());
|
||||||
driver.manage().deleteAllCookies();
|
driver.manage().deleteAllCookies();
|
||||||
|
|
||||||
// test login to customer-portal which does a bearer request to customer-db
|
// test login to customer-portal which does a bearer request to customer-db
|
||||||
|
@ -613,7 +611,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
//KEYCLOAK-518
|
//KEYCLOAK-518
|
||||||
@Test
|
@Test
|
||||||
public void testNullBearerToken() {
|
public void testNullBearerToken() {
|
||||||
Client client = ClientBuilder.newClient();
|
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
|
||||||
WebTarget target = client.target(customerDb.toString());
|
WebTarget target = client.target(customerDb.toString());
|
||||||
Response response = target.request().get();
|
Response response = target.request().get();
|
||||||
assertEquals(401, response.getStatus());
|
assertEquals(401, response.getStatus());
|
||||||
|
@ -627,7 +625,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
//KEYCLOAK-1368
|
//KEYCLOAK-1368
|
||||||
@Test
|
@Test
|
||||||
public void testNullBearerTokenCustomErrorPage() {
|
public void testNullBearerTokenCustomErrorPage() {
|
||||||
Client client = ClientBuilder.newClient();
|
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
|
||||||
WebTarget target = client.target(customerDbErrorPage.toString());
|
WebTarget target = client.target(customerDbErrorPage.toString());
|
||||||
|
|
||||||
Response response = target.request().get();
|
Response response = target.request().get();
|
||||||
|
@ -855,7 +853,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testVerifyTokenAudience() {
|
public void testVerifyTokenAudience() throws Exception {
|
||||||
// Generate audience client scope
|
// Generate audience client scope
|
||||||
String clientScopeId = testingClient.testing().generateAudienceClientScope("demo", "customer-db-audience-required");
|
String clientScopeId = testingClient.testing().generateAudienceClientScope("demo", "customer-db-audience-required");
|
||||||
|
|
||||||
|
@ -863,7 +861,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
client.addOptionalClientScope(clientScopeId);
|
client.addOptionalClientScope(clientScopeId);
|
||||||
|
|
||||||
// Login without audience scope. Invoke service should end with failure
|
// Login without audience scope. Invoke service should end with failure
|
||||||
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(false));
|
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(false).toURL());
|
||||||
assertTrue(testRealmLoginPage.form().isUsernamePresent());
|
assertTrue(testRealmLoginPage.form().isUsernamePresent());
|
||||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||||
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
||||||
|
@ -874,11 +872,11 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
Assert.assertFalse(pageSource.contains("Stian Thorgersen"));
|
Assert.assertFalse(pageSource.contains("Stian Thorgersen"));
|
||||||
|
|
||||||
// Logout TODO: will be good to not request logout to force adapter to use additional scope (and other request parameters)
|
// Logout TODO: will be good to not request logout to force adapter to use additional scope (and other request parameters)
|
||||||
driver.navigate().to(customerPortal.logout());
|
driver.navigate().to(customerPortal.logout().toURL());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
|
|
||||||
// Login with requested audience
|
// Login with requested audience
|
||||||
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(true));
|
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(true).toURL());
|
||||||
assertTrue(testRealmLoginPage.form().isUsernamePresent());
|
assertTrue(testRealmLoginPage.form().isUsernamePresent());
|
||||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||||
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
||||||
|
@ -955,7 +953,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
.user(userId)
|
.user(userId)
|
||||||
.detail(Details.USERNAME, "bburke@redhat.com")
|
.detail(Details.USERNAME, "bburke@redhat.com")
|
||||||
.detail(Details.CONSENT, Details.CONSENT_VALUE_CONSENT_GRANTED)
|
.detail(Details.CONSENT, Details.CONSENT_VALUE_CONSENT_GRANTED)
|
||||||
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
|
.detail(Details.REDIRECT_URI,
|
||||||
|
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
|
||||||
|
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
|
||||||
.removeDetail(Details.CODE_ID)
|
.removeDetail(Details.CODE_ID)
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
|
@ -1012,7 +1012,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
.user(userId)
|
.user(userId)
|
||||||
.detail(Details.USERNAME, "bburke@redhat.com")
|
.detail(Details.USERNAME, "bburke@redhat.com")
|
||||||
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
||||||
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
|
.detail(Details.REDIRECT_URI,
|
||||||
|
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
|
||||||
|
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
|
||||||
.removeDetail(Details.CODE_ID)
|
.removeDetail(Details.CODE_ID)
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
|
@ -1032,7 +1034,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
.realm(realm.getId())
|
.realm(realm.getId())
|
||||||
.user(userId)
|
.user(userId)
|
||||||
.session(AssertEvents.isUUID())
|
.session(AssertEvents.isUUID())
|
||||||
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
|
.detail(Details.REDIRECT_URI,
|
||||||
|
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
|
||||||
|
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
assertEvents.assertEmpty();
|
assertEvents.assertEmpty();
|
||||||
|
@ -1109,7 +1113,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
// Do not redirect client to login page if it's an XHR
|
// Do not redirect client to login page if it's an XHR
|
||||||
System.out.println(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
|
System.out.println(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
|
||||||
WebTarget target = client.target(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
|
WebTarget target = client.target(productPortalAutodetectBearerOnly.getInjectedUrl().toString() + "/");
|
||||||
Response response = target.request().header("X-Requested-With", "XMLHttpRequest").get();
|
Response response = target.request().header("X-Requested-With", "XMLHttpRequest").get();
|
||||||
Assert.assertEquals(401, response.getStatus());
|
Assert.assertEquals(401, response.getStatus());
|
||||||
response.close();
|
response.close();
|
||||||
|
@ -1158,7 +1162,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
@Test
|
@Test
|
||||||
public void testBasicAuthErrorHandling() {
|
public void testBasicAuthErrorHandling() {
|
||||||
int numberOfConnections = 10;
|
int numberOfConnections = 10;
|
||||||
Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).build();
|
Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).httpEngine(new FollowRedirectsEngine()).build();
|
||||||
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
|
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
|
||||||
Response response = target.request().get();
|
Response response = target.request().get();
|
||||||
Assert.assertEquals(401, response.getStatus());
|
Assert.assertEquals(401, response.getStatus());
|
||||||
|
@ -1178,7 +1182,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
// KEYCLOAK-1733
|
// KEYCLOAK-1733
|
||||||
@Test
|
@Test
|
||||||
public void testNullQueryParameterAccessToken() {
|
public void testNullQueryParameterAccessToken() {
|
||||||
Client client = ClientBuilder.newClient();
|
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
|
||||||
|
|
||||||
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
|
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
|
||||||
Response response = target.request().get();
|
Response response = target.request().get();
|
||||||
|
@ -1197,7 +1201,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
@Test
|
@Test
|
||||||
public void testRestCallWithAccessTokenAsQueryParameter() {
|
public void testRestCallWithAccessTokenAsQueryParameter() {
|
||||||
|
|
||||||
Client client = ClientBuilder.newClient();
|
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
|
||||||
try {
|
try {
|
||||||
WebTarget webTarget = client.target(testRealmPage.toString() + "/protocol/openid-connect/token");
|
WebTarget webTarget = client.target(testRealmPage.toString() + "/protocol/openid-connect/token");
|
||||||
|
|
||||||
|
@ -1229,14 +1233,15 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
//KEYCLOAK-4765
|
//KEYCLOAK-4765
|
||||||
@Test
|
@Test
|
||||||
public void testCallURLWithAccessToken() {
|
public void testCallURLWithAccessToken() throws Exception {
|
||||||
// test login to customer-portal which does a bearer request to customer-db
|
// test login to customer-portal which does a bearer request to customer-db
|
||||||
String applicationURL = inputPortalNoAccessToken.getInjectedUrl().toString() + "?access_token=invalid_token";
|
URI applicationURL = inputPortalNoAccessToken.getUriBuilder().clone()
|
||||||
driver.navigate().to(applicationURL);
|
.queryParam("access_token", "invalid_token")
|
||||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
.build();
|
||||||
|
|
||||||
Assert.assertEquals(applicationURL, driver.getCurrentUrl());
|
driver.navigate().to(applicationURL.toURL());
|
||||||
System.out.println(driver.getPageSource());
|
|
||||||
|
assertEquals(applicationURL.toASCIIString(), driver.getCurrentUrl());
|
||||||
inputPortalNoAccessToken.execute("hello");
|
inputPortalNoAccessToken.execute("hello");
|
||||||
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
|
||||||
}
|
}
|
||||||
|
@ -1353,7 +1358,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
.user(userId)
|
.user(userId)
|
||||||
.detail(Details.USERNAME, "bburke@redhat.com")
|
.detail(Details.USERNAME, "bburke@redhat.com")
|
||||||
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
||||||
.detail(Details.REDIRECT_URI, clientSecretJwtSecurePortal.getInjectedUrl().toString())
|
.detail(Details.REDIRECT_URI,
|
||||||
|
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString()),
|
||||||
|
org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString() + "/")))
|
||||||
.removeDetail(Details.CODE_ID)
|
.removeDetail(Details.CODE_ID)
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
|
@ -1385,7 +1392,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||||
.user(userId)
|
.user(userId)
|
||||||
.detail(Details.USERNAME, "bburke@redhat.com")
|
.detail(Details.USERNAME, "bburke@redhat.com")
|
||||||
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
|
||||||
.detail(Details.REDIRECT_URI, clientSecretJwtSecurePortal.getInjectedUrl().toString())
|
.detail(Details.REDIRECT_URI,
|
||||||
|
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString()),
|
||||||
|
org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString() + "/")))
|
||||||
.removeDetail(Details.CODE_ID)
|
.removeDetail(Details.CODE_ID)
|
||||||
.assertEvent();
|
.assertEvent();
|
||||||
|
|
||||||
|
|
|
@ -236,6 +236,10 @@ public class OIDCPublicKeyRotationAdapterTest extends AbstractServletsAdapterTes
|
||||||
@Test
|
@Test
|
||||||
public void testPublicKeyCacheInvalidatedWhenPushedNotBefore() {
|
public void testPublicKeyCacheInvalidatedWhenPushedNotBefore() {
|
||||||
driver.manage().timeouts().pageLoadTimeout(1000, TimeUnit.SECONDS);
|
driver.manage().timeouts().pageLoadTimeout(1000, TimeUnit.SECONDS);
|
||||||
|
String customerDBUnsecuredUrl = customerDb.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
|
||||||
|
String customerDBUrlNoTrailSlash = customerDb.getUriBuilder().build().toASCIIString();
|
||||||
|
customerDBUrlNoTrailSlash = customerDBUrlNoTrailSlash.substring(0, customerDBUrlNoTrailSlash.length() - 1);
|
||||||
|
String tokenMinTTLUnsecuredUrl = tokenMinTTLPage.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
|
||||||
|
|
||||||
// increase accessTokenLifespan to 1200
|
// increase accessTokenLifespan to 1200
|
||||||
RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
|
RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
|
||||||
|
@ -259,21 +263,21 @@ public class OIDCPublicKeyRotationAdapterTest extends AbstractServletsAdapterTes
|
||||||
adminClient.realm(DEMO).components().component(oldActiveKeyProviderId).remove();
|
adminClient.realm(DEMO).components().component(oldActiveKeyProviderId).remove();
|
||||||
|
|
||||||
// Set some offset to ensure pushing notBefore will pass
|
// Set some offset to ensure pushing notBefore will pass
|
||||||
setAdapterAndServerTimeOffset(130, customerDb.toString() + "/unsecured/foo", tokenMinTTLPage.toString() + "/unsecured/foo");
|
setAdapterAndServerTimeOffset(130, customerDBUnsecuredUrl, tokenMinTTLUnsecuredUrl);
|
||||||
|
|
||||||
// Send notBefore policy from the realm
|
// Send notBefore policy from the realm
|
||||||
demoRealm.setNotBefore(Time.currentTime() - 1);
|
demoRealm.setNotBefore(Time.currentTime() - 1);
|
||||||
adminClient.realm(DEMO).update(demoRealm);
|
adminClient.realm(DEMO).update(demoRealm);
|
||||||
GlobalRequestResult result = adminClient.realm(DEMO).pushRevocation();
|
GlobalRequestResult result = adminClient.realm(DEMO).pushRevocation();
|
||||||
Assert.assertTrue(result.getSuccessRequests().contains(customerDb.toString()));
|
Assert.assertTrue(result.getSuccessRequests().contains(customerDBUrlNoTrailSlash));
|
||||||
|
|
||||||
// Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
|
// Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
|
||||||
status = invokeRESTEndpoint(accessTokenString);
|
status = invokeRESTEndpoint(accessTokenString);
|
||||||
Assert.assertEquals(401, status);
|
Assert.assertEquals(401, status);
|
||||||
|
|
||||||
// Revert public keys change and time offset
|
// Revert public keys change and time offset
|
||||||
resetKeycloakDeploymentForAdapter(customerDb.toString() + "/unsecured/foo");
|
resetKeycloakDeploymentForAdapter(customerDBUnsecuredUrl);
|
||||||
resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
|
resetKeycloakDeploymentForAdapter(tokenMinTTLUnsecuredUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1070,7 +1070,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
testRealmLoginPage.form().login("bburke@redhat.com", "password");
|
||||||
Assert.assertEquals(driver.getCurrentUrl(), inputPortalPage + "/secured/post");
|
Assert.assertThat(URI.create(driver.getCurrentUrl()).getPath(), endsWith("secured/post"));
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("parameter=hello");
|
waitUntilElement(By.xpath("//body")).text().contains("parameter=hello");
|
||||||
|
|
||||||
// test that user principal and KeycloakSecurityContext available
|
// test that user principal and KeycloakSecurityContext available
|
||||||
|
@ -1101,7 +1101,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
|
|
||||||
samlidpInitiatedLoginPage.form().login(bburkeUser);
|
samlidpInitiatedLoginPage.form().login(bburkeUser);
|
||||||
assertCurrentUrlStartsWith(salesPost2ServletPage);
|
assertCurrentUrlStartsWith(salesPost2ServletPage);
|
||||||
Assert.assertThat(driver.getCurrentUrl(), endsWith("/foo"));
|
Assert.assertThat(URI.create(driver.getCurrentUrl()).getPath(), endsWith("foo"));
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("principal=bburke");
|
waitUntilElement(By.xpath("//body")).text().contains("principal=bburke");
|
||||||
salesPost2ServletPage.logout();
|
salesPost2ServletPage.logout();
|
||||||
checkLoggedOut(salesPost2ServletPage, testRealmSAMLPostLoginPage);
|
checkLoggedOut(salesPost2ServletPage, testRealmSAMLPostLoginPage);
|
||||||
|
@ -1119,7 +1119,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
|
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
|
||||||
Assert.assertEquals(driver.getCurrentUrl(), badAssertionSalesPostSigPage + "/saml");
|
Assert.assertEquals(driver.getCurrentUrl(), badAssertionSalesPostSigPage.getUriBuilder().clone().path("saml").build().toASCIIString());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -1129,7 +1129,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
|
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
|
||||||
Assert.assertEquals(driver.getCurrentUrl(), missingAssertionSigPage + "/saml");
|
Assert.assertEquals(driver.getCurrentUrl(), missingAssertionSigPage.getUriBuilder().clone().path("saml").build().toASCIIString());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -1218,7 +1218,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
|
|
||||||
String body = driver.findElement(By.xpath("//body")).getText();
|
String body = driver.findElement(By.xpath("//body")).getText();
|
||||||
|
@ -1270,7 +1270,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
|
|
||||||
String body = driver.findElement(By.xpath("//body")).getText();
|
String body = driver.findElement(By.xpath("//body")).getText();
|
||||||
|
@ -1324,7 +1324,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
|
|
||||||
String body = driver.findElement(By.xpath("//body")).getText();
|
String body = driver.findElement(By.xpath("//body")).getText();
|
||||||
|
@ -1379,7 +1379,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
testRealmSAMLPostLoginPage.form().login("bburke", "password");
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitForPageToLoad();
|
waitForPageToLoad();
|
||||||
|
|
||||||
String body = driver.findElement(By.xpath("//body")).getText();
|
String body = driver.findElement(By.xpath("//body")).getText();
|
||||||
|
@ -1430,7 +1430,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login("level2GroupUser", "password");
|
testRealmSAMLPostLoginPage.form().login("level2GroupUser", "password");
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("topAttribute: true");
|
waitUntilElement(By.xpath("//body")).text().contains("topAttribute: true");
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("level2Attribute: true");
|
waitUntilElement(By.xpath("//body")).text().contains("level2Attribute: true");
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("attribute email: level2@redhat.com");
|
waitUntilElement(By.xpath("//body")).text().contains("attribute email: level2@redhat.com");
|
||||||
|
@ -1447,7 +1447,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login(bburkeUser);
|
testRealmSAMLPostLoginPage.form().login(bburkeUser);
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("attribute email: bburke@redhat.com");
|
waitUntilElement(By.xpath("//body")).text().contains("attribute email: bburke@redhat.com");
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("friendlyAttribute email: bburke@redhat.com");
|
waitUntilElement(By.xpath("//body")).text().contains("friendlyAttribute email: bburke@redhat.com");
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("phone: 617");
|
waitUntilElement(By.xpath("//body")).text().contains("phone: 617");
|
||||||
|
@ -1493,7 +1493,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
|
||||||
testRealmSAMLPostLoginPage.form().login(bburkeUser);
|
testRealmSAMLPostLoginPage.form().login(bburkeUser);
|
||||||
|
|
||||||
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
|
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
|
||||||
waitUntilElement(By.xpath("//body")).text().contains("hardcoded-attribute: hard");
|
waitUntilElement(By.xpath("//body")).text().contains("hardcoded-attribute: hard");
|
||||||
employee2ServletPage.checkRolesEndPoint(false);
|
employee2ServletPage.checkRolesEndPoint(false);
|
||||||
employee2ServletPage.logout();
|
employee2ServletPage.logout();
|
||||||
|
@ -1543,7 +1543,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
})
|
})
|
||||||
.build()
|
.build()
|
||||||
|
|
||||||
.navigateTo(employee2ServletPage.toString() + "/getAttributes")
|
.navigateTo(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build())
|
||||||
|
|
||||||
.execute(r -> {
|
.execute(r -> {
|
||||||
Assert.assertThat(r, statusCodeIsHC(Response.Status.OK));
|
Assert.assertThat(r, statusCodeIsHC(Response.Status.OK));
|
||||||
|
@ -1743,7 +1743,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||||
StatusCodeType statusCode = responseType.getStatus().getStatusCode();
|
StatusCodeType statusCode = responseType.getStatus().getStatusCode();
|
||||||
|
|
||||||
Assert.assertThat(statusCode.getValue().toString(), is(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
|
Assert.assertThat(statusCode.getValue().toString(), is(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
|
||||||
Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString() + "/"));
|
Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString()));
|
||||||
Assert.assertThat(responseType.getSignature(), notNullValue());
|
Assert.assertThat(responseType.getSignature(), notNullValue());
|
||||||
Assert.assertThat(responseType.getAssertions().size(), is(1));
|
Assert.assertThat(responseType.getAssertions().size(), is(1));
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,66 @@
|
||||||
|
package org.keycloak.testsuite.adapter.servlet.jetty;
|
||||||
|
|
||||||
|
import org.junit.Ignore;
|
||||||
|
import org.keycloak.testsuite.adapter.servlet.DemoServletsAdapterTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||||
|
import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
||||||
|
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY94)
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY93)
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY92)
|
||||||
|
public class JettyDemoServletAdapterTest extends DemoServletsAdapterTest {
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9614")
|
||||||
|
@Override
|
||||||
|
public void testAuthenticated() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9614")
|
||||||
|
@Override
|
||||||
|
public void testAuthenticatedWithCustomSessionConfig() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9616")
|
||||||
|
@Override
|
||||||
|
public void testOIDCParamsForwarding() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9616")
|
||||||
|
@Override
|
||||||
|
public void testOIDCUiLocalesParamForwarding() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9615")
|
||||||
|
@Override
|
||||||
|
public void testInvalidTokenCookie() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9615")
|
||||||
|
@Override
|
||||||
|
public void testTokenInCookieRefresh() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9615")
|
||||||
|
@Override
|
||||||
|
public void testTokenInCookieSSO() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9615")
|
||||||
|
@Override
|
||||||
|
public void testTokenInCookieSSORoot() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9617")
|
||||||
|
@Override
|
||||||
|
public void testWithoutKeycloakConf() {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,24 @@
|
||||||
|
package org.keycloak.testsuite.adapter.servlet.jetty;
|
||||||
|
|
||||||
|
import org.junit.Ignore;
|
||||||
|
import org.keycloak.testsuite.adapter.servlet.SAMLServletAdapterTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||||
|
import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
||||||
|
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY94)
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY93)
|
||||||
|
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY92)
|
||||||
|
public class JettySAMLServletAdapterTest extends SAMLServletAdapterTest {
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9687")
|
||||||
|
@Override
|
||||||
|
public void multiTenant1SamlTest() throws Exception {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Ignore("KEYCLOAK-9687")
|
||||||
|
@Override
|
||||||
|
public void multiTenant2SamlTest() throws Exception {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -140,7 +140,7 @@ public class UndertowRelaviteUriAdapterTest extends AbstractServletsAdapterTest
|
||||||
Assert.assertTrue(driver.getPageSource().contains("iPhone"));
|
Assert.assertTrue(driver.getPageSource().contains("iPhone"));
|
||||||
|
|
||||||
// test logout
|
// test logout
|
||||||
driver.navigate().to(customerPortal.logout());
|
driver.navigate().to(customerPortal.logout().toASCIIString());
|
||||||
Assert.assertTrue(driver.getPageSource().contains("servlet logout ok"));
|
Assert.assertTrue(driver.getPageSource().contains("servlet logout ok"));
|
||||||
|
|
||||||
customerPortal.navigateTo();
|
customerPortal.navigateTo();
|
||||||
|
|
|
@ -28,10 +28,10 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import javax.ws.rs.ClientErrorException;
|
import javax.ws.rs.ClientErrorException;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
|
@ -48,10 +48,10 @@ import org.keycloak.services.resources.admin.permissions.GroupPermissionManageme
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import javax.ws.rs.ClientErrorException;
|
import javax.ws.rs.ClientErrorException;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
|
@ -57,7 +57,6 @@ import org.keycloak.services.resources.admin.AdminAuth.Resource;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.Assert;
|
import org.keycloak.testsuite.Assert;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.CredentialBuilder;
|
import org.keycloak.testsuite.util.CredentialBuilder;
|
||||||
|
@ -83,6 +82,7 @@ import static org.junit.Assert.fail;
|
||||||
import static org.keycloak.services.resources.admin.AdminAuth.Resource.AUTHORIZATION;
|
import static org.keycloak.services.resources.admin.AdminAuth.Resource.AUTHORIZATION;
|
||||||
import static org.keycloak.services.resources.admin.AdminAuth.Resource.CLIENT;
|
import static org.keycloak.services.resources.admin.AdminAuth.Resource.CLIENT;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
|
|
@ -17,13 +17,12 @@
|
||||||
|
|
||||||
package org.keycloak.testsuite.admin.concurrency;
|
package org.keycloak.testsuite.admin.concurrency;
|
||||||
|
|
||||||
import org.jboss.logging.Logger;
|
|
||||||
import org.keycloak.admin.client.Keycloak;
|
import org.keycloak.admin.client.Keycloak;
|
||||||
import org.keycloak.admin.client.resource.RealmResource;
|
import org.keycloak.admin.client.resource.RealmResource;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
|
|
@ -34,12 +34,12 @@ import org.keycloak.testsuite.AbstractAuthTest;
|
||||||
import org.keycloak.testsuite.Assert;
|
import org.keycloak.testsuite.Assert;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.util.AdminEventPaths;
|
import org.keycloak.testsuite.util.AdminEventPaths;
|
||||||
import org.keycloak.testsuite.util.AssertAdminEvents;
|
import org.keycloak.testsuite.util.AssertAdminEvents;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
|
@ -36,12 +36,12 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.RoleRepresentation;
|
import org.keycloak.representations.idm.RoleRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.util.AdminEventPaths;
|
import org.keycloak.testsuite.util.AdminEventPaths;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.RoleBuilder;
|
import org.keycloak.testsuite.util.RoleBuilder;
|
||||||
import org.keycloak.testsuite.util.URLAssert;
|
import org.keycloak.testsuite.util.URLAssert;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.ws.rs.NotFoundException;
|
import javax.ws.rs.NotFoundException;
|
||||||
|
|
|
@ -48,7 +48,6 @@ import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||||
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
||||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||||
|
@ -60,6 +59,7 @@ import org.keycloak.testsuite.util.CredentialBuilder;
|
||||||
import org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse;
|
import org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
import javax.ws.rs.NotFoundException;
|
import javax.ws.rs.NotFoundException;
|
||||||
|
|
|
@ -11,9 +11,9 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.ContainerInfo;
|
import org.keycloak.testsuite.arquillian.ContainerInfo;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
||||||
import org.keycloak.testsuite.util.ContainerAssume;
|
import org.keycloak.testsuite.util.ContainerAssume;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
|
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
|
|
@ -48,10 +48,8 @@ import org.keycloak.representations.idm.RoleRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.account.AccountFormServiceTest;
|
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
|
|
||||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||||
import org.keycloak.testsuite.pages.AccountApplicationsPage;
|
import org.keycloak.testsuite.pages.AccountApplicationsPage;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
|
@ -63,6 +61,7 @@ import org.keycloak.testsuite.util.RealmManager;
|
||||||
import org.keycloak.testsuite.util.RoleBuilder;
|
import org.keycloak.testsuite.util.RoleBuilder;
|
||||||
import org.keycloak.testsuite.util.TokenSignatureUtil;
|
import org.keycloak.testsuite.util.TokenSignatureUtil;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
import org.keycloak.testsuite.utils.tls.TLSUtils;
|
||||||
import org.keycloak.util.TokenUtil;
|
import org.keycloak.util.TokenUtil;
|
||||||
|
|
||||||
import javax.ws.rs.NotFoundException;
|
import javax.ws.rs.NotFoundException;
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
package org.keycloak.testsuite.util;
|
||||||
|
|
||||||
|
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A simple wrapper for the HTTP Client Engine to follow redirects.
|
||||||
|
*
|
||||||
|
* <p>
|
||||||
|
* When hitting a Servlet deployed on Jetty without trailing slash, we get a <code>302</code> in return.
|
||||||
|
* Our testsuite doesn't work well with this. This engine solves this problem.
|
||||||
|
* </p>
|
||||||
|
*/
|
||||||
|
public class FollowRedirectsEngine extends ApacheHttpClient4Engine {
|
||||||
|
public FollowRedirectsEngine() {
|
||||||
|
this.followRedirects = true;
|
||||||
|
}
|
||||||
|
}
|
|
@ -33,8 +33,10 @@ import java.io.InputStreamReader;
|
||||||
import java.io.Reader;
|
import java.io.Reader;
|
||||||
import java.io.StringWriter;
|
import java.io.StringWriter;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
import java.net.URL;
|
||||||
import java.nio.charset.Charset;
|
import java.nio.charset.Charset;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
import static org.keycloak.testsuite.util.URLUtils.currentUrlDoesntStartWith;
|
import static org.keycloak.testsuite.util.URLUtils.currentUrlDoesntStartWith;
|
||||||
import static org.keycloak.testsuite.util.URLUtils.currentUrlEquals;
|
import static org.keycloak.testsuite.util.URLUtils.currentUrlEquals;
|
||||||
|
@ -60,12 +62,15 @@ public class URLAssert {
|
||||||
assertCurrentUrlEquals(page.toString());
|
assertCurrentUrlEquals(page.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static void assertCurrentUrlEquals(final URI url) {
|
||||||
|
assertCurrentUrlEquals(url.toASCIIString());
|
||||||
|
}
|
||||||
|
|
||||||
public static void assertCurrentUrlEquals(final String url) {
|
public static void assertCurrentUrlEquals(final String url) {
|
||||||
assertTrue("Expected URL: " + url + "; actual: " + DroneUtils.getCurrentDriver().getCurrentUrl(),
|
assertTrue("Expected URL: " + url + "; actual: " + DroneUtils.getCurrentDriver().getCurrentUrl(),
|
||||||
currentUrlEquals(url));
|
currentUrlEquals(url));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static void assertCurrentUrlStartsWith(final AbstractPage page, WebDriver driver) {
|
public static void assertCurrentUrlStartsWith(final AbstractPage page, WebDriver driver) {
|
||||||
assertCurrentUrlStartsWith(page.toString(), driver);
|
assertCurrentUrlStartsWith(page.toString(), driver);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
package org.keycloak.testsuite.arquillian.undertow;
|
package org.keycloak.testsuite.utils.tls;
|
||||||
|
|
||||||
import java.security.KeyStore;
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
|
|
||||||
import javax.net.ssl.KeyManager;
|
import javax.net.ssl.KeyManager;
|
||||||
import javax.net.ssl.KeyManagerFactory;
|
import javax.net.ssl.KeyManagerFactory;
|
||||||
|
@ -9,6 +6,8 @@ import javax.net.ssl.SSLContext;
|
||||||
import javax.net.ssl.TrustManager;
|
import javax.net.ssl.TrustManager;
|
||||||
import javax.net.ssl.TrustManagerFactory;
|
import javax.net.ssl.TrustManagerFactory;
|
||||||
import javax.net.ssl.X509TrustManager;
|
import javax.net.ssl.X509TrustManager;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
import java.security.cert.X509Certificate;
|
||||||
|
|
||||||
public class TLSUtils {
|
public class TLSUtils {
|
||||||
|
|
||||||
|
@ -30,7 +29,7 @@ public class TLSUtils {
|
||||||
public static SSLContext initializeTLS() {
|
public static SSLContext initializeTLS() {
|
||||||
try {
|
try {
|
||||||
KeyStore keystore = KeyStore.getInstance("jks");
|
KeyStore keystore = KeyStore.getInstance("jks");
|
||||||
keystore.load(KeycloakOnUndertow.class.getResourceAsStream("/keycloak.jks"), "secret".toCharArray());
|
keystore.load(TLSUtils.class.getResourceAsStream("/keycloak.jks"), "secret".toCharArray());
|
||||||
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
|
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
|
||||||
keyManagerFactory.init(keystore, "secret".toCharArray());
|
keyManagerFactory.init(keystore, "secret".toCharArray());
|
||||||
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
|
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
|
||||||
|
@ -38,7 +37,7 @@ public class TLSUtils {
|
||||||
// Essentially, this is REQUEST CLIENT AUTH behavior. It doesn't fail if the client doesn't have a cert.
|
// Essentially, this is REQUEST CLIENT AUTH behavior. It doesn't fail if the client doesn't have a cert.
|
||||||
// However it will challenge him to send it.
|
// However it will challenge him to send it.
|
||||||
KeyStore truststore = KeyStore.getInstance("jks");
|
KeyStore truststore = KeyStore.getInstance("jks");
|
||||||
truststore.load(KeycloakOnUndertow.class.getResourceAsStream("/keycloak.truststore"), "secret".toCharArray());
|
truststore.load(TLSUtils.class.getResourceAsStream("/keycloak.truststore"), "secret".toCharArray());
|
||||||
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
|
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
|
||||||
trustManagerFactory.init(truststore);
|
trustManagerFactory.init(truststore);
|
||||||
TrustManager[] trustManagers = new TrustManager[trustManagerFactory.getTrustManagers().length + 1];
|
TrustManager[] trustManagers = new TrustManager[trustManagerFactory.getTrustManagers().length + 1];
|
|
@ -1,403 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
|
||||||
<parent>
|
|
||||||
<artifactId>keycloak-testsuite-pom</artifactId>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<version>5.0.0-SNAPSHOT</version>
|
|
||||||
<relativePath>../../pom.xml</relativePath>
|
|
||||||
</parent>
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
|
||||||
|
|
||||||
<artifactId>keycloak-testsuite-jetty92</artifactId>
|
|
||||||
<name>Keycloak Jetty 9.2.x Integration TestSuite</name>
|
|
||||||
<properties>
|
|
||||||
<maven.compiler.target>1.7</maven.compiler.target>
|
|
||||||
<maven.compiler.source>1.7</maven.compiler.source>
|
|
||||||
|
|
||||||
<jetty9.version>9.2.4.v20141103</jetty9.version>
|
|
||||||
</properties>
|
|
||||||
<description />
|
|
||||||
|
|
||||||
<dependencies>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-dependencies-server-all</artifactId>
|
|
||||||
<type>pom</type>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-admin-client</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-saml-jetty92-adapter</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>log4j</groupId>
|
|
||||||
<artifactId>log4j</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-api</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-log4j12</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.spec.javax.servlet</groupId>
|
|
||||||
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.spec.javax.ws.rs</groupId>
|
|
||||||
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-jaxrs</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-client</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-multipart-provider</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-jackson2-provider</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.resteasy</groupId>
|
|
||||||
<artifactId>resteasy-undertow</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.google.zxing</groupId>
|
|
||||||
<artifactId>javase</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.bouncycastle</groupId>
|
|
||||||
<artifactId>bcprov-jdk15on</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.apache.httpcomponents</groupId>
|
|
||||||
<artifactId>httpclient</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-ldap-federation</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-kerberos-federation</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-undertow-adapter</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-jetty92-adapter</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.jboss.logging</groupId>
|
|
||||||
<artifactId>jboss-logging</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>io.undertow</groupId>
|
|
||||||
<artifactId>undertow-servlet</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>io.undertow</groupId>
|
|
||||||
<artifactId>undertow-core</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.fasterxml.jackson.core</groupId>
|
|
||||||
<artifactId>jackson-core</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.fasterxml.jackson.core</groupId>
|
|
||||||
<artifactId>jackson-databind</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.fasterxml.jackson.core</groupId>
|
|
||||||
<artifactId>jackson-annotations</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>junit</groupId>
|
|
||||||
<artifactId>junit</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.hamcrest</groupId>
|
|
||||||
<artifactId>hamcrest-all</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.h2database</groupId>
|
|
||||||
<artifactId>h2</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>com.icegreen</groupId>
|
|
||||||
<artifactId>greenmail</artifactId>
|
|
||||||
<exclusions>
|
|
||||||
<exclusion>
|
|
||||||
<groupId>org.slf4j</groupId>
|
|
||||||
<artifactId>slf4j-api</artifactId>
|
|
||||||
</exclusion>
|
|
||||||
</exclusions>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.infinispan</groupId>
|
|
||||||
<artifactId>infinispan-core</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.seleniumhq.selenium</groupId>
|
|
||||||
<artifactId>selenium-java</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>xml-apis</groupId>
|
|
||||||
<artifactId>xml-apis</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.seleniumhq.selenium</groupId>
|
|
||||||
<artifactId>selenium-chrome-driver</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.wildfly</groupId>
|
|
||||||
<artifactId>wildfly-undertow</artifactId>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak</groupId>
|
|
||||||
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
|
|
||||||
<type>test-jar</type>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.keycloak.testsuite</groupId>
|
|
||||||
<artifactId>integration-arquillian-test-apps-servlets</artifactId>
|
|
||||||
<version>${project.version}</version>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
|
||||||
<artifactId>jetty-jaas</artifactId>
|
|
||||||
<version>${jetty9.version}</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
|
||||||
<artifactId>jetty-util</artifactId>
|
|
||||||
<version>${jetty9.version}</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
|
||||||
<artifactId>jetty-webapp</artifactId>
|
|
||||||
<version>${jetty9.version}</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
|
||||||
<artifactId>jetty-security</artifactId>
|
|
||||||
<version>${jetty9.version}</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
|
||||||
<artifactId>jetty-servlet</artifactId>
|
|
||||||
<version>${jetty9.version}</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
</dependencies>
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-jar-plugin</artifactId>
|
|
||||||
<version>2.2</version>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<goals>
|
|
||||||
<goal>test-jar</goal>
|
|
||||||
</goals>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-deploy-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<skip>true</skip>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>exec-maven-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<workingDirectory>${project.basedir}</workingDirectory>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
|
|
||||||
<profiles>
|
|
||||||
<profile>
|
|
||||||
<id>keycloak-server</id>
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>exec-maven-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<mainClass>org.keycloak.testsuite.KeycloakServer</mainClass>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>mail-server</id>
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>exec-maven-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<mainClass>org.keycloak.testsuite.MailServer</mainClass>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</profile>
|
|
||||||
<profile>
|
|
||||||
<id>totp</id>
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.codehaus.mojo</groupId>
|
|
||||||
<artifactId>exec-maven-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<mainClass>org.keycloak.testsuite.TotpGenerator</mainClass>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</profile>
|
|
||||||
|
|
||||||
<profile>
|
|
||||||
<id>jpa</id>
|
|
||||||
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<systemPropertyVariables>
|
|
||||||
<keycloak.realm.provider>jpa</keycloak.realm.provider>
|
|
||||||
<keycloak.user.provider>jpa</keycloak.user.provider>
|
|
||||||
<keycloak.eventStore.provider>jpa</keycloak.eventStore.provider>
|
|
||||||
</systemPropertyVariables>
|
|
||||||
</configuration>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</profile>
|
|
||||||
|
|
||||||
<!-- MySQL -->
|
|
||||||
<profile>
|
|
||||||
<activation>
|
|
||||||
<property>
|
|
||||||
<name>keycloak.connectionsJpa.driver</name>
|
|
||||||
<value>com.mysql.jdbc.Driver</value>
|
|
||||||
</property>
|
|
||||||
</activation>
|
|
||||||
<id>mysql</id>
|
|
||||||
<dependencies>
|
|
||||||
<dependency>
|
|
||||||
<groupId>mysql</groupId>
|
|
||||||
<artifactId>mysql-connector-java</artifactId>
|
|
||||||
<version>${mysql.version}</version>
|
|
||||||
</dependency>
|
|
||||||
</dependencies>
|
|
||||||
</profile>
|
|
||||||
|
|
||||||
<!-- PostgreSQL -->
|
|
||||||
<profile>
|
|
||||||
<activation>
|
|
||||||
<property>
|
|
||||||
<name>keycloak.connectionsJpa.driver</name>
|
|
||||||
<value>org.postgresql.Driver</value>
|
|
||||||
</property>
|
|
||||||
</activation>
|
|
||||||
<id>postgresql</id>
|
|
||||||
<dependencies>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.postgresql</groupId>
|
|
||||||
<artifactId>postgresql</artifactId>
|
|
||||||
<version>${postgresql.version}</version>
|
|
||||||
</dependency>
|
|
||||||
</dependencies>
|
|
||||||
</profile>
|
|
||||||
|
|
||||||
<profile>
|
|
||||||
<id>clean-jpa</id>
|
|
||||||
<build>
|
|
||||||
<plugins>
|
|
||||||
<plugin>
|
|
||||||
<groupId>org.liquibase</groupId>
|
|
||||||
<artifactId>liquibase-maven-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<changeLogFile>META-INF/jpa-changelog-master.xml</changeLogFile>
|
|
||||||
|
|
||||||
<url>${keycloak.connectionsJpa.url}</url>
|
|
||||||
<driver>${keycloak.connectionsJpa.driver}</driver>
|
|
||||||
<username>${keycloak.connectionsJpa.user}</username>
|
|
||||||
<password>${keycloak.connectionsJpa.password}</password>
|
|
||||||
|
|
||||||
<promptOnNonLocalDatabase>false</promptOnNonLocalDatabase>
|
|
||||||
</configuration>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>clean-jpa</id>
|
|
||||||
<phase>clean</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>dropAll</goal>
|
|
||||||
</goals>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
</plugins>
|
|
||||||
</build>
|
|
||||||
</profile>
|
|
||||||
</profiles>
|
|
||||||
</project>
|
|
|
@ -1,191 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
* and other contributors as indicated by the @author tags.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
package org.keycloak.testsuite;
|
|
||||||
|
|
||||||
import org.eclipse.jetty.server.Handler;
|
|
||||||
import org.eclipse.jetty.server.Server;
|
|
||||||
import org.eclipse.jetty.server.handler.HandlerCollection;
|
|
||||||
import org.eclipse.jetty.webapp.WebAppContext;
|
|
||||||
import org.junit.AfterClass;
|
|
||||||
import org.junit.BeforeClass;
|
|
||||||
import org.junit.ClassRule;
|
|
||||||
import org.junit.Rule;
|
|
||||||
import org.junit.Test;
|
|
||||||
import org.keycloak.models.KeycloakSession;
|
|
||||||
import org.keycloak.models.RealmModel;
|
|
||||||
import org.keycloak.services.managers.RealmManager;
|
|
||||||
import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy;
|
|
||||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.net.URL;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
|
||||||
*/
|
|
||||||
public class Jetty9Test {
|
|
||||||
@ClassRule
|
|
||||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
|
|
||||||
@Override
|
|
||||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
|
||||||
AdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
public static Server server = null;
|
|
||||||
|
|
||||||
|
|
||||||
@BeforeClass
|
|
||||||
public static void initJetty() throws Exception {
|
|
||||||
server = new Server(8082);
|
|
||||||
List<Handler> list = new ArrayList<Handler>();
|
|
||||||
System.setProperty("app.server.base.url", "http://localhost:8082");
|
|
||||||
System.setProperty("my.host.name", "localhost");
|
|
||||||
URL dir = Jetty9Test.class.getResource("/adapter-test/demorealm.json");
|
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
|
||||||
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
|
|
||||||
list.add(new WebAppContext(new File(base, "customer-db-error-page").toString(), "/customer-db-error-page"));
|
|
||||||
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "secure-portal").toString(), "/secure-portal"));
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
HandlerCollection handlers = new HandlerCollection();
|
|
||||||
handlers.setHandlers(list.toArray(new Handler[list.size()]));
|
|
||||||
server.setHandler(handlers);
|
|
||||||
|
|
||||||
server.start();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@AfterClass
|
|
||||||
public static void shutdownJetty() throws Exception {
|
|
||||||
try {
|
|
||||||
server.stop();
|
|
||||||
server.destroy();
|
|
||||||
Thread.sleep(100);
|
|
||||||
} catch (Exception e) {}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Rule
|
|
||||||
public AdapterTestStrategy testStrategy = new AdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule, true);
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testLoginSSOAndLogout() throws Exception {
|
|
||||||
testStrategy.testLoginSSOAndLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testLoginEncodedRedirectUri() throws Exception {
|
|
||||||
testStrategy.testLoginEncodedRedirectUri();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testSavedPostRequest() throws Exception {
|
|
||||||
testStrategy.testSavedPostRequest();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testServletRequestLogout() throws Exception {
|
|
||||||
testStrategy.testServletRequestLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testLoginSSOIdle() throws Exception {
|
|
||||||
testStrategy.testLoginSSOIdle();
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception {
|
|
||||||
testStrategy.testLoginSSOIdleRemoveExpiredUserSessions();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testLoginSSOMax() throws Exception {
|
|
||||||
testStrategy.testLoginSSOMax();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-518
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testNullBearerToken() throws Exception {
|
|
||||||
testStrategy.testNullBearerToken();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-1368
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
|
||||||
testStrategy.testNullBearerTokenCustomErrorPage();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-518
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testBadUser() throws Exception {
|
|
||||||
testStrategy.testBadUser();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-732
|
|
||||||
*
|
|
||||||
* @throws Throwable
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testSingleSessionInvalidated() throws Throwable {
|
|
||||||
testStrategy.testSingleSessionInvalidated();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-741
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
|
|
||||||
testStrategy.testSessionInvalidatedAfterFailedRefresh();
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-942
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testAdminApplicationLogout() throws Throwable {
|
|
||||||
testStrategy.testAdminApplicationLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* KEYCLOAK-1216
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
public void testAccountManagementSessionsLogout() throws Throwable {
|
|
||||||
testStrategy.testAccountManagementSessionsLogout();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,204 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
* and other contributors as indicated by the @author tags.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
package org.keycloak.testsuite;
|
|
||||||
|
|
||||||
import org.eclipse.jetty.server.Handler;
|
|
||||||
import org.eclipse.jetty.server.Server;
|
|
||||||
import org.eclipse.jetty.server.handler.HandlerCollection;
|
|
||||||
import org.eclipse.jetty.webapp.WebAppContext;
|
|
||||||
import org.junit.AfterClass;
|
|
||||||
import org.junit.Assert;
|
|
||||||
import org.junit.BeforeClass;
|
|
||||||
import org.junit.ClassRule;
|
|
||||||
import org.junit.Rule;
|
|
||||||
import org.junit.Test;
|
|
||||||
import org.keycloak.models.KeycloakSession;
|
|
||||||
import org.keycloak.models.RealmModel;
|
|
||||||
import org.keycloak.services.managers.RealmManager;
|
|
||||||
import org.keycloak.testsuite.helper.adapter.SamlAdapterTestStrategy;
|
|
||||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
|
||||||
import org.openqa.selenium.WebDriver;
|
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.net.URL;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
|
||||||
*/
|
|
||||||
public class JettySamlTest {
|
|
||||||
@Rule
|
|
||||||
public SamlAdapterTestStrategy testStrategy = new SamlAdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule);
|
|
||||||
@ClassRule
|
|
||||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
|
|
||||||
@Override
|
|
||||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
|
||||||
SamlAdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
public static Server server = null;
|
|
||||||
|
|
||||||
|
|
||||||
@BeforeClass
|
|
||||||
public static void initJetty() throws Exception {
|
|
||||||
server = new Server(8082);
|
|
||||||
List<Handler> list = new ArrayList<Handler>();
|
|
||||||
System.setProperty("app.server.base.url", "http://localhost:8082");
|
|
||||||
System.setProperty("my.host.name", "localhost");
|
|
||||||
URL dir = JettySamlTest.class.getResource("/keycloak-saml/testsaml.json");
|
|
||||||
File base = new File(dir.getFile()).getParentFile();
|
|
||||||
//list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "simple-post").toString(), "/sales-post"));
|
|
||||||
list.add(new WebAppContext(new File(base, "simple-post2").toString(), "/sales-post2"));
|
|
||||||
list.add(new WebAppContext(new File(base, "simple-input").toString(), "/input-portal"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-post").toString(), "/sales-post-sig"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-post-email").toString(), "/sales-post-sig-email"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-post-transient").toString(), "/sales-post-sig-transient"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-post-persistent").toString(), "/sales-post-sig-persistent"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-metadata").toString(), "/sales-metadata"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-get").toString(), "/employee-sig"));
|
|
||||||
list.add(new WebAppContext(new File(base, "mappers").toString(), "/employee2"));
|
|
||||||
list.add(new WebAppContext(new File(base, "signed-front-get").toString(), "/employee-sig-front"));
|
|
||||||
list.add(new WebAppContext(new File(base, "bad-client-signed-post").toString(), "/bad-client-sales-post-sig"));
|
|
||||||
list.add(new WebAppContext(new File(base, "bad-realm-signed-post").toString(), "/bad-realm-sales-post-sig"));
|
|
||||||
list.add(new WebAppContext(new File(base, "encrypted-post").toString(), "/sales-post-enc"));
|
|
||||||
SamlAdapterTestStrategy.uploadSP("http://localhost:8081/auth");
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
HandlerCollection handlers = new HandlerCollection();
|
|
||||||
handlers.setHandlers(list.toArray(new Handler[list.size()]));
|
|
||||||
server.setHandler(handlers);
|
|
||||||
|
|
||||||
server.start();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@AfterClass
|
|
||||||
public static void shutdownJetty() throws Exception {
|
|
||||||
try {
|
|
||||||
server.stop();
|
|
||||||
server.destroy();
|
|
||||||
Thread.sleep(100);
|
|
||||||
} catch (Exception e) {}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testSavedPostRequest() throws Exception {
|
|
||||||
testStrategy.testSavedPostRequest();
|
|
||||||
}
|
|
||||||
@Test
|
|
||||||
public void testPostSimpleLoginLogoutIdpInitiatedRedirectTo() {
|
|
||||||
testStrategy.testPostSimpleLoginLogoutIdpInitiatedRedirectTo();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testErrorHandlingSigned() throws Exception {
|
|
||||||
testStrategy.testErrorHandlingSigned();
|
|
||||||
}
|
|
||||||
@Test
|
|
||||||
public void testErrorHandlingUnsigned() throws Exception {
|
|
||||||
testStrategy.testErrorHandlingUnsigned();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSimpleLoginLogout() {
|
|
||||||
testStrategy.testPostSimpleLoginLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSimpleLoginLogoutIdpInitiated() {
|
|
||||||
testStrategy.testPostSimpleLoginLogoutIdpInitiated();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSignedLoginLogout() {
|
|
||||||
testStrategy.testPostSignedLoginLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSignedLoginLogoutTransientNameID() {
|
|
||||||
testStrategy.testPostSignedLoginLogoutTransientNameID();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSignedLoginLogoutPersistentNameID() {
|
|
||||||
testStrategy.testPostSignedLoginLogoutPersistentNameID();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSignedLoginLogoutEmailNameID() {
|
|
||||||
testStrategy.testPostSignedLoginLogoutEmailNameID();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testAttributes() throws Exception {
|
|
||||||
testStrategy.testAttributes();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testRedirectSignedLoginLogout() {
|
|
||||||
testStrategy.testRedirectSignedLoginLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testRedirectSignedLoginLogoutFrontNoSSO() {
|
|
||||||
testStrategy.testRedirectSignedLoginLogoutFrontNoSSO();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testRedirectSignedLoginLogoutFront() {
|
|
||||||
testStrategy.testRedirectSignedLoginLogoutFront();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostEncryptedLoginLogout() {
|
|
||||||
testStrategy.testPostEncryptedLoginLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostBadClientSignature() {
|
|
||||||
testStrategy.testPostBadClientSignature();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostBadRealmSignature() {
|
|
||||||
testStrategy.testPostBadRealmSignature( );
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testPostSimpleUnauthorized() {
|
|
||||||
testStrategy.testPostSimpleUnauthorized( new SamlAdapterTestStrategy.CheckAuthError() {
|
|
||||||
@Override
|
|
||||||
public void check(WebDriver driver) {
|
|
||||||
Assert.assertTrue(driver.getPageSource().contains("Error 403 !role"));
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testMetadataPostSignedLoginLogout() throws Exception {
|
|
||||||
testStrategy.testMetadataPostSignedLoginLogout();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "customer-db",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url": "http://localhost:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"bearer-only" : true,
|
|
||||||
"enable-cors" : true
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,96 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Error Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Error Servlet</servlet-name>
|
|
||||||
<url-pattern>/error.html</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<error-page>
|
|
||||||
<error-code>400</error-code>
|
|
||||||
<location>/error.html</location>
|
|
||||||
</error-page>
|
|
||||||
|
|
||||||
<error-page>
|
|
||||||
<error-code>401</error-code>
|
|
||||||
<location>/error.html</location>
|
|
||||||
</error-page>
|
|
||||||
|
|
||||||
<error-page>
|
|
||||||
<error-code>403</error-code>
|
|
||||||
<location>/error.html</location>
|
|
||||||
</error-page>
|
|
||||||
|
|
||||||
<error-page>
|
|
||||||
<error-code>500</error-code>
|
|
||||||
<location>/error.html</location>
|
|
||||||
</error-page>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Errors</web-resource-name>
|
|
||||||
<url-pattern>/error.html</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>FORM</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
<form-login-config>
|
|
||||||
<form-login-page>/error.html</form-login-page>
|
|
||||||
<form-error-page>/error.html</form-error-page>
|
|
||||||
</form-login-config>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "customer-db",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url": "http://localhost:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"bearer-only" : true,
|
|
||||||
"enable-cors" : true
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,57 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
"realm": "demo",
|
|
||||||
"resource": "customer-portal",
|
|
||||||
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url": "http://localhost:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"expose-token": true,
|
|
||||||
"credentials": {
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,76 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Error Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Error Servlet</servlet-name>
|
|
||||||
<url-pattern>/error.html</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Errors</web-resource-name>
|
|
||||||
<url-pattern>/error.html</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>FORM</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
<form-login-config>
|
|
||||||
<form-login-page>/error.html</form-login-page>
|
|
||||||
<form-error-page>/error.html</form-error-page>
|
|
||||||
</form-login-config>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,164 +0,0 @@
|
||||||
{
|
|
||||||
"id": "demo",
|
|
||||||
"realm": "demo",
|
|
||||||
"enabled": true,
|
|
||||||
"accessTokenLifespan": 3000,
|
|
||||||
"accessCodeLifespan": 10,
|
|
||||||
"accessCodeLifespanUserAction": 6000,
|
|
||||||
"sslRequired": "external",
|
|
||||||
"registrationAllowed": false,
|
|
||||||
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
|
||||||
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"requiredCredentials": [ "password" ],
|
|
||||||
"users" : [
|
|
||||||
{
|
|
||||||
"username" : "bburke@redhat.com",
|
|
||||||
"enabled": true,
|
|
||||||
"email" : "bburke@redhat.com",
|
|
||||||
"firstName": "Bill",
|
|
||||||
"lastName": "Burke",
|
|
||||||
"credentials" : [
|
|
||||||
{ "type" : "password",
|
|
||||||
"value" : "password" }
|
|
||||||
],
|
|
||||||
"realmRoles": [ "user" ],
|
|
||||||
"applicationRoles": {
|
|
||||||
"account": [ "manage-account" ]
|
|
||||||
}
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"username" : "mposolda",
|
|
||||||
"enabled": true,
|
|
||||||
"email" : "mposolda@redhat.com",
|
|
||||||
"firstName": "Marek",
|
|
||||||
"lastName": "Posolda",
|
|
||||||
"credentials" : [
|
|
||||||
{ "type" : "password",
|
|
||||||
"value" : "password" }
|
|
||||||
],
|
|
||||||
"realmRoles": [ "user" ],
|
|
||||||
"applicationRoles": {
|
|
||||||
"account": [ "manage-account" ]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"roles" : {
|
|
||||||
"realm" : [
|
|
||||||
{
|
|
||||||
"name": "user",
|
|
||||||
"description": "User privileges"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "admin",
|
|
||||||
"description": "Administrator privileges"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"scopeMappings": [
|
|
||||||
{
|
|
||||||
"client": "third-party",
|
|
||||||
"roles": ["user"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"client": "customer-portal",
|
|
||||||
"roles": ["user"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"client": "product-portal",
|
|
||||||
"roles": ["user"]
|
|
||||||
}
|
|
||||||
|
|
||||||
],
|
|
||||||
"applications": [
|
|
||||||
{
|
|
||||||
"name": "customer-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"adminUrl": "http://localhost:8082/customer-portal",
|
|
||||||
"baseUrl": "http://localhost:8082/customer-portal",
|
|
||||||
"directAccessGrantsEnabled": true,
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/customer-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "customer-cookie-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"baseUrl": "http://localhost:8082/customer-cookie-portal",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/customer-cookie-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "customer-portal-js",
|
|
||||||
"enabled": true,
|
|
||||||
"publicClient": true,
|
|
||||||
"adminUrl": "http://localhost:8082/customer-portal-js",
|
|
||||||
"baseUrl": "http://localhost:8082/customer-portal-js",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8080/customer-portal-js/*"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "customer-portal-cli",
|
|
||||||
"enabled": true,
|
|
||||||
"publicClient": true,
|
|
||||||
"redirectUris": [
|
|
||||||
"urn:ietf:wg:oauth:2.0:oob",
|
|
||||||
"http://localhost"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "product-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"adminUrl": "http://localhost:8082/product-portal",
|
|
||||||
"baseUrl": "http://localhost:8082/product-portal",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/product-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "secure-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"adminUrl": "http://localhost:8082/secure-portal",
|
|
||||||
"baseUrl": "http://localhost:8082/secure-portal",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/secure-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "session-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"adminUrl": "http://localhost:8082/session-portal",
|
|
||||||
"baseUrl": "http://localhost:8082/session-portal",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/session-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "input-portal",
|
|
||||||
"enabled": true,
|
|
||||||
"adminUrl": "http://localhost:8082/input-portal",
|
|
||||||
"baseUrl": "http://localhost:8082/input-portal",
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/input-portal/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"oauthClients": [
|
|
||||||
{
|
|
||||||
"name": "third-party",
|
|
||||||
"enabled": true,
|
|
||||||
"redirectUris": [
|
|
||||||
"http://localhost:8082/oauth-client/*",
|
|
||||||
"http://localhost:8082/oauth-client-cdi/*"
|
|
||||||
],
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "input-portal",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url" : "http://${my.host.name}:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"credentials" : {
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,57 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.InputServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/secured/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "product-portal",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url" : "http://localhost:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"credentials" : {
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,57 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.ProductServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "secure-portal",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url" : "http://localhost:8080/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"credentials" : {
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,47 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
"realm" : "demo",
|
|
||||||
"resource" : "session-portal",
|
|
||||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
|
||||||
"auth-server-url" : "http://${my.host.name}:8081/auth",
|
|
||||||
"ssl-required" : "external",
|
|
||||||
"credentials" : {
|
|
||||||
"secret": "password"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,57 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.SessionServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Servlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>admin</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>user</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,64 +0,0 @@
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<keycloak-saml-adapter xmlns="urn:keycloak:saml:adapter"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="urn:keycloak:saml:adapter http://www.keycloak.org/schema/keycloak_saml_adapter_1_7.xsd">
|
|
||||||
<SP entityID="http://localhost:8082/bad-client-sales-post-sig/"
|
|
||||||
sslPolicy="EXTERNAL"
|
|
||||||
nameIDPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
|
|
||||||
logoutPage="/logout.jsp"
|
|
||||||
forceAuthentication="false">
|
|
||||||
<Keys>
|
|
||||||
<Key signing="true" >
|
|
||||||
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
|
|
||||||
<PrivateKey alias="http://localhost:8081/bad-client-sales-post-sig/" password="test123"/>
|
|
||||||
<Certificate alias="http://localhost:8081/bad-client-sales-post-sig/"/>
|
|
||||||
</KeyStore>
|
|
||||||
</Key>
|
|
||||||
</Keys>
|
|
||||||
<PrincipalNameMapping policy="FROM_NAME_ID"/>
|
|
||||||
<RoleIdentifiers>
|
|
||||||
<Attribute name="Role"/>
|
|
||||||
</RoleIdentifiers>
|
|
||||||
<IDP entityID="idp">
|
|
||||||
<SingleSignOnService signRequest="true"
|
|
||||||
validateResponseSignature="true"
|
|
||||||
requestBinding="POST"
|
|
||||||
bindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
/>
|
|
||||||
|
|
||||||
<SingleLogoutService
|
|
||||||
validateRequestSignature="true"
|
|
||||||
validateResponseSignature="true"
|
|
||||||
signRequest="true"
|
|
||||||
signResponse="true"
|
|
||||||
requestBinding="POST"
|
|
||||||
responseBinding="POST"
|
|
||||||
postBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
redirectBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
/>
|
|
||||||
<Keys>
|
|
||||||
<Key signing="true">
|
|
||||||
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
|
|
||||||
<Certificate alias="demo"/>
|
|
||||||
</KeyStore>
|
|
||||||
</Key>
|
|
||||||
</Keys>
|
|
||||||
</IDP>
|
|
||||||
</SP>
|
|
||||||
</keycloak-saml-adapter>
|
|
Binary file not shown.
|
@ -1,60 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
|
||||||
version="3.0">
|
|
||||||
|
|
||||||
<module-name>adapter-test</module-name>
|
|
||||||
|
|
||||||
<servlet>
|
|
||||||
<servlet-name>SendUsernameServlet</servlet-name>
|
|
||||||
<servlet-class>org.keycloak.testsuite.helper.adapter.SendUsernameServlet</servlet-class>
|
|
||||||
</servlet>
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>SendUsernameServlet</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<security-constraint>
|
|
||||||
<web-resource-collection>
|
|
||||||
<web-resource-name>Users</web-resource-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</web-resource-collection>
|
|
||||||
<auth-constraint>
|
|
||||||
<role-name>manager</role-name>
|
|
||||||
</auth-constraint>
|
|
||||||
</security-constraint>
|
|
||||||
|
|
||||||
<login-config>
|
|
||||||
<auth-method>BASIC</auth-method>
|
|
||||||
<realm-name>demo</realm-name>
|
|
||||||
<form-login-config>
|
|
||||||
<form-login-page>/error.html</form-login-page>
|
|
||||||
<form-error-page>/error.html</form-error-page>
|
|
||||||
</form-login-config>
|
|
||||||
</login-config>
|
|
||||||
|
|
||||||
<security-role>
|
|
||||||
<role-name>manager</role-name>
|
|
||||||
</security-role>
|
|
||||||
<security-role>
|
|
||||||
<role-name>el-jefe</role-name>
|
|
||||||
</security-role>
|
|
||||||
</web-app>
|
|
|
@ -1,46 +0,0 @@
|
||||||
<?xml version="1.0"?>
|
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
|
|
||||||
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
|
|
||||||
<Get name="securityHandler">
|
|
||||||
<Set name="authenticator">
|
|
||||||
<New class="org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator">
|
|
||||||
<!--
|
|
||||||
<Set name="adapterConfig">
|
|
||||||
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
|
|
||||||
<Set name="realm">tomcat</Set>
|
|
||||||
<Set name="resource">customer-portal</Set>
|
|
||||||
<Set name="authServerUrl">http://localhost:8081/auth</Set>
|
|
||||||
<Set name="sslRequired">external</Set>
|
|
||||||
<Set name="credentials">
|
|
||||||
<Map>
|
|
||||||
<Entry>
|
|
||||||
<Item>secret</Item>
|
|
||||||
<Item>password</Item>
|
|
||||||
</Entry>
|
|
||||||
</Map>
|
|
||||||
</Set>
|
|
||||||
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
-->
|
|
||||||
</New>
|
|
||||||
</Set>
|
|
||||||
</Get>
|
|
||||||
</Configure>
|
|
|
@ -1,64 +0,0 @@
|
||||||
<!--
|
|
||||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
|
||||||
~ and other contributors as indicated by the @author tags.
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<keycloak-saml-adapter xmlns="urn:keycloak:saml:adapter"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="urn:keycloak:saml:adapter http://www.keycloak.org/schema/keycloak_saml_adapter_1_7.xsd">
|
|
||||||
<SP entityID="http://localhost:8082/bad-realm-sales-post-sig/"
|
|
||||||
sslPolicy="EXTERNAL"
|
|
||||||
nameIDPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
|
|
||||||
logoutPage="/logout.jsp"
|
|
||||||
forceAuthentication="false">
|
|
||||||
<Keys>
|
|
||||||
<Key signing="true" >
|
|
||||||
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
|
|
||||||
<PrivateKey alias="http://localhost:8081/bad-realm-sales-post-sig/" password="test123"/>
|
|
||||||
<Certificate alias="http://localhost:8081/bad-realm-sales-post-sig/"/>
|
|
||||||
</KeyStore>
|
|
||||||
</Key>
|
|
||||||
</Keys>
|
|
||||||
<PrincipalNameMapping policy="FROM_NAME_ID"/>
|
|
||||||
<RoleIdentifiers>
|
|
||||||
<Attribute name="Role"/>
|
|
||||||
</RoleIdentifiers>
|
|
||||||
<IDP entityID="idp">
|
|
||||||
<SingleSignOnService signRequest="true"
|
|
||||||
validateResponseSignature="true"
|
|
||||||
requestBinding="POST"
|
|
||||||
bindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
/>
|
|
||||||
|
|
||||||
<SingleLogoutService
|
|
||||||
validateRequestSignature="true"
|
|
||||||
validateResponseSignature="true"
|
|
||||||
signRequest="true"
|
|
||||||
signResponse="true"
|
|
||||||
requestBinding="POST"
|
|
||||||
responseBinding="POST"
|
|
||||||
postBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
redirectBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
|
|
||||||
/>
|
|
||||||
<Keys>
|
|
||||||
<Key signing="true">
|
|
||||||
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
|
|
||||||
<Certificate alias="demo"/>
|
|
||||||
</KeyStore>
|
|
||||||
</Key>
|
|
||||||
</Keys>
|
|
||||||
</IDP>
|
|
||||||
</SP>
|
|
||||||
</keycloak-saml-adapter>
|
|
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue