libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-6749 Jetty App Server

Browse source
This commit is contained in:
Sebastian Laskawiec 2019-02-12 10:12:40 +01:00 committed by Hynek Mlnařík
parent 2e7eb92f43
commit 406097a508
308 changed files with 2102 additions and 14279 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
adapters/oidc/jetty/jetty-core/pom.xml
View file

@ -32,7 +32,6 @@
<maven.compiler.target>1.7</maven.compiler.target>
<maven.compiler.source>1.7</maven.compiler.source>
<jetty9.version>8.1.17.v20150415</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.core.*
</keycloak.osgi.export>
@ -89,21 +88,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>

5
adapters/oidc/jetty/jetty-core/src/main/java/org/keycloak/adapters/jetty/core/JettyCookieTokenStore.java
View file

@ -22,6 +22,7 @@ import org.jboss.logging.Logger;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.AdapterUtils;
import org.keycloak.adapters.CookieTokenStore;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OidcKeycloakAccount;
@ -71,6 +72,10 @@ public class JettyCookieTokenStore implements AdapterTokenStore {
securityContext.setCurrentRequestInfo(deployment, this);
request.setAttribute(KeycloakSecurityContext.class.getName(), securityContext);
JettyRequestAuthenticator jettyAuthenticator = (JettyRequestAuthenticator) authenticator;
KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = AdapterUtils.createPrincipal(deployment, securityContext);
jettyAuthenticator.principal = principal;
return true;
} else {
return false;

8
adapters/oidc/jetty/jetty8.1/pom.xml
View file

@ -31,8 +31,6 @@
<properties>
<maven.compiler.target>1.7</maven.compiler.target>
<maven.compiler.source>1.7</maven.compiler.source>
<jetty9.version>8.1.17.v20150415</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.*
</keycloak.osgi.export>
@ -88,21 +86,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty81.version}</version>
<scope>provided</scope>
</dependency>

7
adapters/oidc/jetty/jetty9.1/pom.xml
View file

@ -29,7 +29,6 @@
<artifactId>keycloak-jetty91-adapter</artifactId>
<name>Keycloak Jetty 9.1.x Integration</name>
<properties>
<jetty9.version>9.1.5.v20140505</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.*
</keycloak.osgi.export>
@ -96,21 +95,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty91.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty91.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty91.version}</version>
<scope>provided</scope>
</dependency>

8
adapters/oidc/jetty/jetty9.2/pom.xml
View file

@ -31,8 +31,6 @@
<properties>
<maven.compiler.target>1.7</maven.compiler.target>
<maven.compiler.source>1.7</maven.compiler.source>
<jetty9.version>9.2.4.v20141103</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.*
</keycloak.osgi.export>
@ -85,21 +83,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty92.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty92.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty92.version}</version>
<scope>provided</scope>
</dependency>

7
adapters/oidc/jetty/jetty9.3/pom.xml
View file

@ -29,7 +29,6 @@
<artifactId>keycloak-jetty93-adapter</artifactId>
<name>Keycloak Jetty 9.3.x Integration</name>
<properties>
<jetty9.version>9.3.9.v20160517</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.*
</keycloak.osgi.export>
@ -82,21 +81,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty93.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty93.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty93.version}</version>
<scope>provided</scope>
</dependency>

7
adapters/oidc/jetty/jetty9.4/pom.xml
View file

@ -29,7 +29,6 @@
<artifactId>keycloak-jetty94-adapter</artifactId>
<name>Keycloak Jetty 9.4.x Integration</name>
<properties>
<jetty9.version>9.4.2.v20170220</jetty9.version>
<keycloak.osgi.export>
org.keycloak.adapters.jetty.*
</keycloak.osgi.export>
@ -82,21 +81,21 @@
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty9.version}</version>
<version>${jetty94.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<version>${jetty94.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<version>${jetty94.version}</version>
<scope>provided</scope>
</dependency>

10
pom.xml
View file

@ -87,6 +87,11 @@
<undertow.version>2.0.15.Final</undertow.version>
<elytron.version>1.7.0.Final</elytron.version>
<elytron.undertow-server.version>1.3.0.Final</elytron.undertow-server.version>
<jetty81.version>8.1.17.v20150415</jetty81.version>
<jetty91.version>9.1.5.v20140505</jetty91.version>
<jetty92.version>9.2.4.v20141103</jetty92.version>
<jetty93.version>9.3.9.v20160517</jetty93.version>
<jetty94.version>9.4.2.v20170220</jetty94.version>
<woodstox.version>5.0.3</woodstox.version>
<xmlsec.version>2.1.2</xmlsec.version>
<glassfish.json.version>1.1.2</glassfish.json.version>
@ -300,6 +305,11 @@
<artifactId>resteasy-jackson2-provider</artifactId>
<version>${resteasy.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxb-provider</artifactId>
<version>${resteasy.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-client</artifactId>

15
testsuite/integration-arquillian/HOW-TO-RUN.md
View file

@ -85,6 +85,21 @@ TODO: Add info about Wildfly logging
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
-Dtest=org.keycloak.testsuite.adapter.**.*Test
### Jetty
At the moment we can run the testsuite with Jetty `9.1`, `9.2` and `9.4`.
Each version has its corresponding profile:
* Jetty `9.1`: `app-server-jetty91`
* Jetty `9.2`: `app-server-jetty92`
* Jetty `9.4`: `app-server-jetty94`
Here's how to run the tests with Jetty `9.4`:
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
-Papp-server-jetty94 \
-Dtest=org.keycloak.testsuite.adapter.**.*Test
### Wildfly
# Run tests

1
testsuite/integration-arquillian/pom.xml
View file

@ -61,6 +61,7 @@
<arquillian-graphene.version>2.3.2</arquillian-graphene.version>
<arquillian-wildfly-container.version>2.1.1.Final</arquillian-wildfly-container.version>
<arquillian-wls-container.version>1.0.1.Final</arquillian-wls-container.version>
<arquillian-jetty9-container.version>1.0.0.CR3</arquillian-jetty9-container.version>
<arquillian-container-karaf.version>2.2.0.Final</arquillian-container-karaf.version>
<arquillian-infinispan-container.version>1.2.0.Beta2</arquillian-infinispan-container.version>
<undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>

87
testsuite/integration-arquillian/servers/app-server/jetty/92/pom.xml Normal file
View file

@ -0,0 +1,87 @@
<?xml version="1.0"?>
<!--
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
<?xml version="1.0"?>
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>integration-arquillian-servers-app-server-jetty-92</artifactId>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty92-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty92-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-jetty-embedded-9</artifactId>
<version>${arquillian-jetty9-container.version}</version>
</dependency>
<!-- Server support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty92.version}</version>
</dependency>
<!-- Deployer support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
<version>${jetty92.version}</version>
</dependency>
<!-- KeycloakJettyAuthenticator support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jaas</artifactId>
<version>${jetty92.version}</version>
</dependency>
<!-- Web application annotations support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-annotations</artifactId>
<version>${jetty92.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
<classifier>tests</classifier>
<type>test-jar</type>
</dependency>
</dependencies>
<name>App Server - Jetty 9.2</name>
</project>

5
testsuite/integration-arquillian/servers/app-server/jetty/92/src/test/java/org/keycloak/testsuite/arquillian/jetty/Jetty92AppServerTest.java Normal file
View file

@ -0,0 +1,5 @@
package org.keycloak.testsuite.arquillian.jetty;
public class Jetty92AppServerTest extends AbstractJettyAppServerTest {
}

87
testsuite/integration-arquillian/servers/app-server/jetty/93/pom.xml Normal file
View file

@ -0,0 +1,87 @@
<?xml version="1.0"?>
<!--
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
<?xml version="1.0"?>
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>integration-arquillian-servers-app-server-jetty-93</artifactId>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty93-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty93-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-jetty-embedded-9</artifactId>
<version>${arquillian-jetty9-container.version}</version>
</dependency>
<!-- Server support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty93.version}</version>
</dependency>
<!-- Deployer support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
<version>${jetty93.version}</version>
</dependency>
<!-- KeycloakJettyAuthenticator support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jaas</artifactId>
<version>${jetty93.version}</version>
</dependency>
<!-- Web application annotations support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-annotations</artifactId>
<version>${jetty93.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
<classifier>tests</classifier>
<type>test-jar</type>
</dependency>
</dependencies>
<name>App Server - Jetty 9.3</name>
</project>

5
testsuite/integration-arquillian/servers/app-server/jetty/93/src/test/java/org/keycloak/testsuite/arquillian/jetty/Jetty93AppServerTest.java Normal file
View file

@ -0,0 +1,5 @@
package org.keycloak.testsuite.arquillian.jetty;
public class Jetty93AppServerTest extends AbstractJettyAppServerTest {
}

87
testsuite/integration-arquillian/servers/app-server/jetty/94/pom.xml Normal file
View file

@ -0,0 +1,87 @@
<?xml version="1.0"?>
<!--
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
<?xml version="1.0"?>
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>integration-arquillian-servers-app-server-jetty-94</artifactId>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty94-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty94-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-jetty-embedded-9</artifactId>
<version>${arquillian-jetty9-container.version}</version>
</dependency>
<!-- Server support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty94.version}</version>
</dependency>
<!-- Deployer support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
<version>${jetty94.version}</version>
</dependency>
<!-- KeycloakJettyAuthenticator support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jaas</artifactId>
<version>${jetty94.version}</version>
</dependency>
<!-- Web application annotations support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-annotations</artifactId>
<version>${jetty94.version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<version>${project.version}</version>
<classifier>tests</classifier>
<type>test-jar</type>
</dependency>
</dependencies>
<name>App Server - Jetty 9.4</name>
</project>

5
testsuite/integration-arquillian/servers/app-server/jetty/94/src/test/java/org/keycloak/testsuite/arquillian/jetty/Jetty94AppServerTest.java Normal file
View file

@ -0,0 +1,5 @@
package org.keycloak.testsuite.arquillian.jetty;
public class Jetty94AppServerTest extends AbstractJettyAppServerTest {
}

137
testsuite/integration-arquillian/servers/app-server/jetty/common/pom.xml Normal file
View file

@ -0,0 +1,137 @@
<?xml version="1.0"?>
<!--
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
<?xml version="1.0"?>
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>integration-arquillian-servers-app-server-jetty-common</artifactId>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty94-adapter</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty94-adapter</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-servlet-filter-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-spi</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-util</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-jetty-embedded-9</artifactId>
<version>${arquillian-jetty9-container.version}</version>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxrs</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxb-provider</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-client</artifactId>
</dependency>
<!-- Server support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty94.version}</version>
<optional>true</optional>
</dependency>
<!-- Deployer support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-deploy</artifactId>
<version>${jetty94.version}</version>
<optional>true</optional>
</dependency>
<!-- KeycloakJettyAuthenticator support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jaas</artifactId>
<version>${jetty94.version}</version>
<optional>true</optional>
</dependency>
<!-- Web application annotations support -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-plus</artifactId>
<version>${jetty94.version}</version>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-annotations</artifactId>
<version>${jetty94.version}</version>
<optional>true</optional>
</dependency>
<!-- JSP Support -->
<!-- We can't use Jetty built-in support for JSPs since it conflicts with Undertow -->
<dependency>
<groupId>org.jboss.spec.javax.servlet.jsp</groupId>
<artifactId>jboss-jsp-api_2.3_spec</artifactId>
</dependency>
<!-- Test dependiencies -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<name>App Server - Jetty Common</name>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>test-jar</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

187
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/JettyAppProvider.java Normal file
View file

@ -0,0 +1,187 @@
package org.keycloak.testsuite.arquillian.jetty;
import org.eclipse.jetty.deploy.App;
import org.eclipse.jetty.deploy.AppProvider;
import org.eclipse.jetty.deploy.DeploymentManager;
import org.eclipse.jetty.deploy.util.FileID;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.webapp.WebAppContext;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.exporter.ZipExporter;
import java.io.File;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.net.URI;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Locale;
/**
* Most of the bits of this class have been copied from <code>org.jboss.arquillian.container.jetty.embedded_9.ArquillianAppProvider</code>.
*
* Unfortunately Arquillian extension for Jetty 8 and 9 uses totally different mechanism, so we need to implement
* all the bits ourselves.
*
* @author Sebastian Łaskawiec
*/
class JettyAppProvider extends AbstractLifeCycle implements AppProvider {
private static final Logger log = Logger.getLogger(MethodHandles.lookup().lookupClass());
/**
* The prefix assigned to the temporary file where the archive is exported
*/
private static final String EXPORT_FILE_PREFIX = "export";
/**
* Directory into which we'll extract export the war files
*/
private static final File EXPORT_DIR;
static {
/*
* Use of java.io.tmpdir Should be a last-resort fallback for temp directory.
*
* Use of java.io.tmpdir on CI systems is dangerous (overwrite possibility is extremely high)
*
* Use of java.io.tmpdir on Unix systems is unreliable (due to common /tmp dir cleanup processes)
*/
File systemDefaultTmpDir = new File(AccessController.doPrivileged(new PrivilegedAction<String>() {
@Override
public String run() {
return System.getProperty("java.io.tmpdir");
}
}));
// If running under maven + surefire, use information provided by surefire.
String baseDirVal = AccessController.doPrivileged(new PrivilegedAction<String>() {
@Override
public String run() {
return System.getProperty("basedir");
}
});
File mavenTmpDir = null;
if (baseDirVal != null) {
File baseDir = new File(baseDirVal);
if (baseDir.exists() && baseDir.isDirectory()) {
File targetDir = new File(baseDir, "target");
if (targetDir.exists() && targetDir.isDirectory()) {
mavenTmpDir = new File(targetDir, "arquillian-jetty-temp");
mavenTmpDir.mkdirs();
}
}
}
if ((mavenTmpDir != null) && mavenTmpDir.exists() && mavenTmpDir.isDirectory()) {
EXPORT_DIR = mavenTmpDir;
} else {
EXPORT_DIR = systemDefaultTmpDir;
}
// If the temp location doesn't exist or isn't a directory
if (!EXPORT_DIR.exists() || !EXPORT_DIR.isDirectory()) {
throw new IllegalStateException("Could not obtain export directory \"" + EXPORT_DIR.getAbsolutePath() + "\"");
}
}
private final JettyAppServerConfiguration config;
private DeploymentManager deploymentManager;
public JettyAppProvider(JettyAppServerConfiguration config) {
this.config = config;
}
protected KeycloakAdapterApp createApp(final Archive<?> archive) {
String name = archive.getName();
int extOff = name.lastIndexOf('.');
if (extOff <= 0) {
throw new RuntimeException("Not a valid Web Archive filename: " + name);
}
String ext = name.substring(extOff).toLowerCase();
if (!ext.equals(".war")) {
throw new RuntimeException("Not a recognized Web Archive: " + name);
}
name = name.substring(0, extOff);
final File exported;
try {
// If this method returns successfully then it is guaranteed that:
// 1. The file denoted by the returned abstract pathname did not exist before this method was invoked, and
// 2. Neither this method nor any of its variants will return the same abstract pathname again in the current invocation of the virtual machine.
exported = File.createTempFile(EXPORT_FILE_PREFIX, archive.getName(), EXPORT_DIR);
} catch (IOException e) {
throw new RuntimeException("Could not create temporary File in " + EXPORT_DIR + " to write exported archive", e);
}
// We are overwriting the temporary file placeholder reserved by File#createTemplateFile()
archive.as(ZipExporter.class).exportTo(exported, true);
// Mark to delete when we come down
// exported.deleteOnExit();
// Add the context
URI uri = exported.toURI();
log.debug("Webapp archive location: " + uri.toASCIIString());
return new KeycloakAdapterApp(new App(deploymentManager, this, uri.toASCIIString()), archive);
}
@Override
public ContextHandler createContextHandler(final App app) throws Exception {
Resource resource = Resource.newResource(app.getOriginId());
File file = resource.getFile();
if (!resource.exists())
throw new IllegalStateException("App resouce does not exist " + resource);
String context = file.getName();
if (FileID.isWebArchiveFile(file)) {
// Context Path is the same as the archive.
context = context.substring(0, context.length() - 4);
} else {
throw new IllegalStateException("unable to create ContextHandler for " + app);
}
// Ensure "/" is Not Trailing in context paths.
if (context.endsWith("/") && context.length() > 0) {
context = context.substring(0, context.length() - 1);
}
// Start building the webapplication
WebAppContext webAppContext = new WebAppContext();
webAppContext.setDisplayName(context);
webAppContext.setLogUrlOnStart(true);
// special case of archive (or dir) named "root" is / context
if (context.equalsIgnoreCase("root")) {
context = URIUtil.SLASH;
} else if (context.toLowerCase(Locale.ENGLISH).startsWith("root-")) {
int dash = context.toLowerCase(Locale.ENGLISH).indexOf('-');
String virtual = context.substring(dash + 1);
webAppContext.setVirtualHosts(new String[]{virtual});
context = URIUtil.SLASH;
}
// Ensure "/" is Prepended to all context paths.
if (context.charAt(0) != '/') {
context = "/" + context;
}
webAppContext.setContextPath(context);
webAppContext.setWar(file.getAbsolutePath());
webAppContext.setExtractWAR(true);
webAppContext.setParentLoaderPriority(true);
return webAppContext;
}
@Override
public void setDeploymentManager(DeploymentManager deploymentManager) {
this.deploymentManager = deploymentManager;
}
}

323
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/JettyAppServer.java Normal file
View file

@ -0,0 +1,323 @@
/*
* Copyright 2018 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty;
import org.eclipse.jetty.annotations.AnnotationConfiguration;
import org.eclipse.jetty.deploy.App;
import org.eclipse.jetty.deploy.AppLifeCycle;
import org.eclipse.jetty.deploy.DeploymentManager;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.servlet.ServletHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.servlet.ServletMapping;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
import org.jboss.arquillian.container.spi.client.container.DeployableContainer;
import org.jboss.arquillian.container.spi.client.container.DeploymentException;
import org.jboss.arquillian.container.spi.client.container.LifecycleException;
import org.jboss.arquillian.container.spi.client.protocol.ProtocolDescription;
import org.jboss.arquillian.container.spi.client.protocol.metadata.HTTPContext;
import org.jboss.arquillian.container.spi.client.protocol.metadata.ProtocolMetaData;
import org.jboss.arquillian.container.spi.client.protocol.metadata.Servlet;
import org.jboss.logging.Logger;
import org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher;
import org.jboss.resteasy.spi.ResteasyDeployment;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.asset.ClassAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.jboss.shrinkwrap.descriptor.api.Descriptor;
import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
import org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator;
import org.keycloak.testsuite.arquillian.jetty.saml.util.RestSamlApplicationConfig;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import javax.ws.rs.Path;
import java.lang.invoke.MethodHandles;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
public class JettyAppServer implements DeployableContainer<JettyAppServerConfiguration> {
private static final Logger log = Logger.getLogger(MethodHandles.lookup().lookupClass());
private JettyAppServerConfiguration configuration;
private JettyAppProvider appProvider;
private DeploymentManager deployer;
private Server server;
Map<String, KeycloakAdapterApp> deployedApps = new ConcurrentHashMap<>();
@Override
public Class<JettyAppServerConfiguration> getConfigurationClass() {
return JettyAppServerConfiguration.class;
}
@Override
public void setup(JettyAppServerConfiguration configuration) {
this.configuration = configuration;
appProvider = new JettyAppProvider(this.configuration);
}
@Override
public void start() throws LifecycleException {
if (configuration == null) {
log.warn("Starting Jetty with default setup.");
setup(new JettyAppServerConfiguration());
}
long start = System.currentTimeMillis();
server = new Server(configuration.getBindHttpPort());
setupSSL();
ContextHandlerCollection contexts = new ContextHandlerCollection();
deployer = new DeploymentManager();
deployer.setContexts(contexts);
deployer.addAppProvider(appProvider);
server.addBean(deployer);
HandlerCollection handlers = new HandlerCollection();
handlers.addHandler(contexts);
handlers.addHandler(new DefaultHandler());
server.setHandler(handlers);
try {
server.start();
} catch (Exception e) {
throw new LifecycleException("Unable to start Jetty", e);
}
log.infof("App server started in %dms on http://%s:%d/", (System.currentTimeMillis() - start), configuration.getBindAddress(), configuration.getBindHttpPort());
}
private void setupSSL() {
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setSslContext(TLSUtils.initializeTLS());
ServerConnector connector = new ServerConnector(server);
connector.setPort(configuration.getBindHttpPort());
HttpConfiguration https = new HttpConfiguration();
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(https));
sslConnector.setPort(configuration.getBindHttpsPort());
server.setConnectors(new Connector[] { connector, sslConnector });
}
@Override
public void stop() throws LifecycleException {
try {
server.stop();
} catch (Exception e) {
throw new LifecycleException("Unable to stop Jetty", e);
}
log.info("App Server stopped.");
}
@Override
public ProtocolDescription getDefaultProtocol() {
return new ProtocolDescription("Servlet 3.1");
}
@Override
public ProtocolMetaData deploy(Archive<?> archive) throws DeploymentException {
log.info("Deploying archive " + archive.getName());
if (!(archive instanceof WebArchive)) {
throw new IllegalArgumentException("JettyContainer only supports WebArchives.");
}
WebArchive webArchive = (WebArchive) archive;
try {
KeycloakAdapterApp app = appProvider.createApp(webArchive);
WebAppContext webAppContext = (WebAppContext) app.getContextHandler();
addAdditionalConfigurations(webAppContext);
setContextRoot(webArchive, app, webAppContext);
if (app.usesOIDCAuthenticator()) {
addOIDCAuthenticator(webAppContext);
}
if (app.usesSAMLAuthenticator()) {
addSAMLAuthenticator(webAppContext);
}
if (app.usesJaxrs()) {
addRestEasyServlet(webArchive, webAppContext);
}
setEmbeddedClassloaderForDeployment(webAppContext);
deployer.addApp(app);
deployer.requestAppGoal(app, AppLifeCycle.STARTED);
deployedApps.put(archive.getId(), app);
HTTPContext httpContext = new HTTPContext(configuration.getBindAddress(), configuration.getBindHttpPort());
ServletHandler servletHandler = webAppContext.getServletHandler();
for (ServletHolder servlet : servletHandler.getServlets()) {
log.debugf("Servlet context mapping: %s => %s", servlet.getName(), servlet.getContextPath());
httpContext.add(new Servlet(servlet.getName(), servlet.getContextPath()));
}
if (log.isInfoEnabled()) {
for (ServletMapping mapping : server.getChildHandlerByClass(ServletHandler.class).getServletMappings()) {
log.debugf("Servlet mapping: %s => %s", mapping.getServletName(), Arrays.toString(mapping.getPathSpecs()));
}
}
return new ProtocolMetaData().addContext(httpContext);
} catch (Exception e) {
throw new DeploymentException("Unable to deploy archive", e);
}
}
private void addAdditionalConfigurations(WebAppContext webAppContext) {
List<String> configurations = new ArrayList<>();
configurations.add(AnnotationConfiguration.class.getName());
//due to Jetty incompatibility between 8 and 9, we need to use reflections here
try {
Method m = webAppContext.getClass().getDeclaredMethod("getDefaultConfigurationClasses", null);
configurations.addAll(Arrays.asList((String[]) m.invoke(webAppContext)));
} catch (Exception e) {
throw new IllegalStateException("Critical Jetty incompatibility detected", e);
}
webAppContext.setConfigurationClasses(configurations.toArray(new String[0]));
}
private void setContextRoot(WebArchive archive, KeycloakAdapterApp app, WebAppContext webAppContext) {
if ("ROOT.war".equals(archive.getName())) {
webAppContext.setContextPath("/");
} else {
webAppContext.setContextPath("/" + app.getApplicationName());
}
}
private void addRestEasyServlet(WebArchive archive, WebAppContext webAppContext) {
log.debug("Starting Resteasy deployment");
boolean addServlet = true;
ServletHolder resteasyServlet = new ServletHolder("javax.ws.rs.core.Application", new HttpServlet30Dispatcher());
String jaxrsApplication = getJaxRsApplication(archive);
Set<Class<?>> pathAnnotatedClasses = getPathAnnotatedClasses(archive);
if (jaxrsApplication != null) {
log.debug("App has an Application.class: " + jaxrsApplication);
resteasyServlet.setInitParameter("javax.ws.rs.Application", jaxrsApplication);
} else if (!pathAnnotatedClasses.isEmpty()) {
log.debug("App has @Path annotated classes: " + pathAnnotatedClasses);
ResteasyDeployment deployment = new ResteasyDeployment();
deployment.setApplication(new RestSamlApplicationConfig(pathAnnotatedClasses));
webAppContext.setAttribute(ResteasyDeployment.class.getName(), deployment);
} else {
log.debug("An application doesn't have Application.class, nor @Path annotated classes. Skipping Resteasy initialization.");
addServlet = false;
}
if (addServlet) {
// this should be /* in general. However Jetty 9.2 (this is bug specific to this version),
// can not merge two instances of javax.ws.rs.Application together (one from web.xml
// and the other one added here). In 9.1 and 9.4 this works fine.
// Once we stop supporting 9.2, this should replaced with /* and this comment should be removed.
webAppContext.addServlet(resteasyServlet, "/");
}
log.debug("Finished Resteasy deployment");
}
private String getJaxRsApplication(WebArchive archive) {
return archive.getContent(archivePath ->
archivePath.get().startsWith("/WEB-INF/classes/") && archivePath.get().endsWith("Application.class"))
.values().stream().findFirst().map(node -> node.getPath().get()).orElse(null);
}
private void addSAMLAuthenticator(WebAppContext webAppContext) {
webAppContext.getSecurityHandler().setAuthenticator(new KeycloakSamlAuthenticator());
}
private void addOIDCAuthenticator(WebAppContext webAppContext) {
webAppContext.getSecurityHandler().setAuthenticator(new KeycloakJettyAuthenticator());
}
private void setEmbeddedClassloaderForDeployment(WebAppContext webAppContext) {
ClassLoader parentCl = Thread.currentThread().getContextClassLoader();
webAppContext.setClassLoader(parentCl);
}
private Set<Class<?>> getPathAnnotatedClasses(WebArchive webArchive) {
return webArchive.getContent(archivePath ->
archivePath.get().startsWith("/WEB-INF/classes/") &&
archivePath.get().endsWith(".class")
).values().stream()
.filter(node -> node.getAsset() instanceof ClassAsset)
.map(node -> ((ClassAsset)node.getAsset()).getSource())
.filter(clazz -> clazz.isAnnotationPresent(Path.class))
.collect(Collectors.toSet());
}
@Override
public void undeploy(Archive<?> archive) {
log.info("Undeploying archive " + archive.getName());
App app = deployedApps.get(archive.getId());
if (app != null) {
deployer.requestAppGoal(app, AppLifeCycle.UNDEPLOYED);
} else {
log.warnf("Deployment '%s' (name=%s) not found", archive.getId(), archive.getName());
}
}
@Override
public void deploy(Descriptor descriptor) {
throw new UnsupportedOperationException("Not implemented");
}
@Override
public void undeploy(Descriptor descriptor) {
throw new UnsupportedOperationException("Not implemented");
}
public String getJettyVersion() {
return Server.getVersion();
}
/*
* This is a non-public method that should not be used. Only for testing.
*/
protected Server getServer() {
return server;
}
}

36
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/JettyAppServerArquillianExtension.java Normal file
View file

@ -0,0 +1,36 @@
/*
* Copyright 2019 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty;
import org.jboss.arquillian.container.spi.client.container.DeployableContainer;
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
import org.jboss.arquillian.core.spi.LoadableExtension;
import org.keycloak.testsuite.arquillian.jetty.container.JettyDeploymentArchiveProcessor;
public class JettyAppServerArquillianExtension implements LoadableExtension {
@Override
public void register(ExtensionBuilder builder) {
builder
.service(DeployableContainer.class, JettyAppServer.class)
.service(ApplicationArchiveProcessor.class, JettyDeploymentArchiveProcessor.class);
}
}

76
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/JettyAppServerConfiguration.java Normal file
View file

@ -0,0 +1,76 @@
/*
* Copyright 2019 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty;
import org.jboss.arquillian.container.spi.ConfigurationException;
import org.jboss.arquillian.container.spi.client.container.ContainerConfiguration;
public class JettyAppServerConfiguration implements ContainerConfiguration {
private int bindHttpPortOffset = 0;
private int bindHttpsPortOffset = 0;
private int bindHttpPort = 8280;
private int bindHttpsPort = 8643;
private String bindAddress = "localhost";
@Override
public void validate() throws ConfigurationException {
setBindHttpPort(bindHttpPort + bindHttpPortOffset);
setBindHttpsPort(bindHttpsPort + bindHttpsPortOffset);
}
public int getBindHttpPortOffset() {
return bindHttpPortOffset;
}
public void setBindHttpPortOffset(int bindHttpPortOffset) {
this.bindHttpPortOffset = bindHttpPortOffset;
}
public int getBindHttpsPortOffset() {
return bindHttpsPortOffset;
}
public void setBindHttpsPortOffset(int bindHttpsPortOffset) {
this.bindHttpsPortOffset = bindHttpsPortOffset;
}
public int getBindHttpPort() {
return bindHttpPort;
}
public void setBindHttpPort(int bindHttpPort) {
this.bindHttpPort = bindHttpPort;
}
public int getBindHttpsPort() {
return bindHttpsPort;
}
public void setBindHttpsPort(int bindHttpsPort) {
this.bindHttpsPort = bindHttpsPort;
}
public String getBindAddress() {
return bindAddress;
}
public void setBindAddress(String bindAddress) {
this.bindAddress = bindAddress;
}
}

92
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/KeycloakAdapterApp.java Normal file
View file

@ -0,0 +1,92 @@
package org.keycloak.testsuite.arquillian.jetty;
import org.apache.commons.io.IOUtils;
import org.eclipse.jetty.deploy.App;
import org.jboss.shrinkwrap.api.Archive;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class KeycloakAdapterApp extends App {
public static final String WEB_XML_PATH = "/WEB-INF/web.xml";
private static final Pattern modulePattern = Pattern.compile("<module-name>(.*)</module-name>");
private static final Pattern authMethodPattern = Pattern.compile("<auth-method>(.*)</auth-method>");
private final boolean usesOIDCAuthenticator;
private final boolean usesSAMLAuthenticator;
private final boolean usesJaxrs;
private final String applicationName;
public KeycloakAdapterApp(App app, Archive<?> archive) {
super(app.getDeploymentManager(), app.getAppProvider(), app.getOriginId());
boolean usesJaxRS = false;
boolean usesOIDCAuthenticator = false;
boolean usesSAMLAuthenticator = false;
String applicationName = archive.getName();
if (archive.contains(WEB_XML_PATH)) {
try {
try (InputStream is = archive.get(WEB_XML_PATH).getAsset().openStream()) {
String webXml = IOUtils.toString(is, StandardCharsets.UTF_8);
usesJaxRS = webXml.contains("javax.ws.rs.core.Application");
for(String line : webXml.split("\n")) {
line = line.trim();
if (!usesOIDCAuthenticator && !usesSAMLAuthenticator) {
Matcher m = authMethodPattern.matcher(line);
if (m.find()) {
String authMethod = m.group(1);
switch (authMethod) {
case "KEYCLOAK": {
usesOIDCAuthenticator = true;
break;
}
case "KEYCLOAK-SAML": {
usesSAMLAuthenticator = true;
break;
}
default: {
throw new IllegalArgumentException("Unknown auth-method" + authMethod);
}
}
}
}
Matcher m = modulePattern.matcher(line.trim());
if (m.find()) {
applicationName = m.group(1);
}
}
}
} catch (IOException ignored) {
}
}
this.applicationName = applicationName;
this.usesJaxrs = usesJaxRS;
this.usesOIDCAuthenticator = usesOIDCAuthenticator;
this.usesSAMLAuthenticator = usesSAMLAuthenticator;
}
public boolean usesOIDCAuthenticator() {
return usesOIDCAuthenticator;
}
public boolean usesJaxrs() {
return usesJaxrs;
}
public boolean usesSAMLAuthenticator() {
return usesSAMLAuthenticator;
}
public String getApplicationName() {
return applicationName;
}
}

25
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/container/AppServerVersion.java Normal file
View file

@ -0,0 +1,25 @@
package org.keycloak.testsuite.arquillian.jetty.container;
import org.eclipse.jetty.util.Jetty;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public enum AppServerVersion {
INSTANCE;
private String appServerVersion;
AppServerVersion() {
Pattern versionExtraction = Pattern.compile("(\\d\\.\\d).*");
Matcher m = versionExtraction.matcher(Jetty.VERSION);
if (!m.find()) {
throw new IllegalStateException("Could not parse Jetty version: " + Jetty.VERSION);
}
appServerVersion = m.group(1).replaceAll("\\.", "");
}
public String getAppServerVersion() {
return appServerVersion;
}
}

83
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/container/JettyAppServerProvider.java Normal file
View file

@ -0,0 +1,83 @@
/*
* Copyright 2019 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty.container;
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
import org.keycloak.testsuite.arquillian.container.AppServerContainerProvider;
import org.keycloak.testsuite.arquillian.jetty.JettyAppServer;
import java.util.ArrayList;
import java.util.List;
public class JettyAppServerProvider implements AppServerContainerProvider {
private Node configuration;
private static final String containerName = "jetty" + AppServerVersion.INSTANCE.getAppServerVersion();
@Override
public String getName() {
return containerName;
}
@Override
public List<Node> getContainers() {
List<Node> containers = new ArrayList<>();
containers.add(standaloneContainer());
//not supported yet
// containers.add(haNodeContainer(1));
// containers.add(haNodeContainer(2));
return containers;
}
private void createChild(String name, String text) {
configuration.createChild("property").attribute("name", name).text(text);
}
private Node standaloneContainer() {
Node container = new Node("container");
container.attribute("mode", "manual");
container.attribute("qualifier", AppServerContainerProvider.APP_SERVER + "-" + containerName);
configuration = container.createChild("configuration");
createChild("enabled", "true");
createChild("bindAddress", "0.0.0.0");
createChild("bindHttpPort", "8280");
createChild("adapterImplClass", JettyAppServer.class.getName());
return container;
}
private Node haNodeContainer(int number) {
Node container = new Node("container");
container.attribute("mode", "manual");
container.attribute("qualifier", AppServerContainerProvider.APP_SERVER + "-" + containerName + "-ha-node-" + number);
configuration = container.createChild("configuration");
createChild("enabled", "true");
createChild("bindAddress", "localhost");
createChild("bindHttpPort", "8280");
createChild("bindHttpPortOffset", Integer.toString(number));
createChild("adapterImplClass", JettyAppServer.class.getName());
return container;
}
}

68
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/container/JettyDeploymentArchiveProcessor.java Normal file
View file

@ -0,0 +1,68 @@
/*
* Copyright 2019 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty.container;
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
import org.jboss.arquillian.test.spi.TestClass;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.Archive;
import org.keycloak.testsuite.utils.annotation.UseServletFilter;
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
public class JettyDeploymentArchiveProcessor implements ApplicationArchiveProcessor {
private final Logger log = Logger.getLogger(JettyDeploymentArchiveProcessor.class);
@Override
public void process(Archive<?> archive, TestClass testClass) {
if (DeploymentArchiveProcessorUtils.checkRunOnServerDeployment(archive)) return;
if (!System.getProperty("app.server", "jetty").contains("jetty")) return;
modifyWebXML(archive, testClass);
modifyOIDCAdapterConfig(archive, DeploymentArchiveProcessorUtils.ADAPTER_CONFIG_PATH);
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH);
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH_TENANT1);
modifySAMLAdapterConfig(archive, DeploymentArchiveProcessorUtils.SAML_ADAPTER_CONFIG_PATH_TENANT2);
modifyOIDCAdapterConfig(archive, DeploymentArchiveProcessorUtils.ADAPTER_CONFIG_PATH_JS);
}
private void modifyWebXML(Archive<?> archive, TestClass testClass) {
if (!archive.contains(DeploymentArchiveProcessorUtils.WEBXML_PATH)) return;
if (!testClass.getJavaClass().isAnnotationPresent(UseServletFilter.class)) return;
log.debug("Modifying WEB.XML in " + archive.getName() + " for Servlet Filter.");
DeploymentArchiveProcessorUtils.modifyWebXMLForServletFilter(archive, testClass);
}
private void modifyOIDCAdapterConfig(Archive<?> archive, String adapterConfigPath) {
if (!archive.contains(adapterConfigPath)) return;
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
DeploymentArchiveProcessorUtils.modifyOIDCAdapterConfig(archive, adapterConfigPath);
}
private void modifySAMLAdapterConfig(Archive<?> archive, String adapterConfigPath) {
if (!archive.contains(adapterConfigPath)) return;
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
DeploymentArchiveProcessorUtils.modifySAMLAdapterConfig(archive, adapterConfigPath);
}
}

47
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/java/org/keycloak/testsuite/arquillian/jetty/saml/util/RestSamlApplicationConfig.java Normal file
View file

@ -0,0 +1,47 @@
/*
* Copyright 2019 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.arquillian.jetty.saml.util;
import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;
import java.util.Set;
/**
* Wildfly JAX-RS Integration has support for scanning deployment for annotations.
*
* https://github.com/wildfly/wildfly/blob/14.0.1.Final/jaxrs/src/main/java/org/jboss/as/jaxrs/deployment/JaxrsAnnotationProcessor.java
*
* On undertow we have to set Application Class manually:
*
* ResteasyDeployment deployment = new ResteasyDeployment();
* deployment.setApplication(application);
*/
@ApplicationPath("/")
public class RestSamlApplicationConfig extends Application {
private final Set<Class<?>> classes;
public RestSamlApplicationConfig(Set<Class<?>> classes) {
this.classes = classes;
}
@Override
public Set<Class<?>> getClasses() {
return classes;
}
}

1
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/resources/META-INF/services/org.jboss.arquillian.core.spi.LoadableExtension Normal file
View file

@ -0,0 +1 @@
org.keycloak.testsuite.arquillian.jetty.JettyAppServerArquillianExtension

1
testsuite/integration-arquillian/servers/app-server/jetty/common/src/main/resources/META-INF/services/org.keycloak.testsuite.arquillian.container.AppServerContainerProvider Normal file
View file

@ -0,0 +1 @@
org.keycloak.testsuite.arquillian.jetty.container.JettyAppServerProvider

248
testsuite/integration-arquillian/servers/app-server/jetty/common/src/test/java/org/keycloak/testsuite/arquillian/jetty/AbstractJettyAppServerTest.java Normal file
View file

@ -0,0 +1,248 @@
package org.keycloak.testsuite.arquillian.jetty;
import org.eclipse.jetty.deploy.DeploymentManager;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.SecurityHandler;
import org.jboss.arquillian.container.spi.client.protocol.metadata.HTTPContext;
import org.jboss.arquillian.container.spi.client.protocol.metadata.ProtocolMetaData;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.adapters.jetty.KeycloakJettyAuthenticator;
import org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator;
import org.keycloak.testsuite.arquillian.jetty.container.JettyAppServerProvider;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.Response;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.URI;
import java.net.URL;
/**
* This is a basic set of sanity tests for checking Jetty server compatibility.
* If this test suite is green, it is OK to integrate it with the Arquillian testsuite.
*/
public abstract class AbstractJettyAppServerTest {
public static final String TEST_SERVLET_NAME = "TestServlet";
public static final String TEST_SERVLET_URL_MAPPING = "test-servlet";
@Test
public void testServerStartupAndShutdown() throws Exception {
// given
int httpPort = 8081;
int httpsPort = 8082;
JettyAppServerConfiguration configuration = new JettyAppServerConfiguration();
configuration.setBindHttpPort(httpPort);
configuration.setBindHttpsPort(httpsPort);
JettyAppServer server = new JettyAppServer();
server.setup(configuration);
// when
server.start();
boolean wasFreeOnHTTPPortWhenServerStarted = isFree("localhost", httpPort);
boolean wasFreeOnHTTPSPortWhenServerStarted = isFree("localhost", httpsPort);
server.stop();
boolean wasFreeOnHTTPWhenServerStopped = isFree("localhost", httpPort);
boolean wasFreeOnHTTPSWhenServerStopped = isFree("localhost", httpsPort);
// then
Assert.assertFalse(wasFreeOnHTTPPortWhenServerStarted);
Assert.assertTrue(wasFreeOnHTTPWhenServerStopped);
Assert.assertFalse(wasFreeOnHTTPSPortWhenServerStarted);
Assert.assertTrue(wasFreeOnHTTPSWhenServerStopped);
}
@Test
public void testDeployingServletApp() throws Exception {
// given
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
.addClasses(ExampleServlet.class);
JettyAppServer server = new JettyAppServer();
Response responseFromTheApp = null;
// when
try {
server.start();
ProtocolMetaData data = server.deploy(archive);
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
URI appURI = servletContext.getServletByName(TEST_SERVLET_NAME).getBaseURI().resolve(TEST_SERVLET_URL_MAPPING);
Client client = ClientBuilder.newClient();
responseFromTheApp = client.target(appURI).request().get();
} finally {
server.stop();
}
// assert
Assert.assertNotNull(responseFromTheApp);
Assert.assertEquals(200, responseFromTheApp.getStatus());
}
@Test
public void testDeployingRESTApp() throws Exception {
// given
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
.addClasses(ExampleRest.class);
JettyAppServer server = new JettyAppServer();
Response responseFromTheApp = null;
// when
try {
server.start();
ProtocolMetaData data = server.deploy(archive);
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
URI appURI = servletContext.getServlets().get(0).getBaseURI();
Client client = ClientBuilder.newClient();
responseFromTheApp = client.target(appURI).request().get();
} finally {
server.stop();
}
// assert
Assert.assertNotNull(responseFromTheApp);
Assert.assertEquals(200, responseFromTheApp.getStatus());
}
@Test
public void testDeployingAndUndeploying() throws Exception {
// given
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
.addClasses(ExampleRest.class);
JettyAppServer server = new JettyAppServer();
Response responseFromTheApp = null;
// when
try {
server.start();
ProtocolMetaData data = server.deploy(archive);
HTTPContext servletContext = data.getContexts(HTTPContext.class).iterator().next();
URI appURI = servletContext.getServlets().get(0).getBaseURI();
server.undeploy(archive);
Client client = ClientBuilder.newClient();
responseFromTheApp = client.target(appURI).request().get();
} finally {
server.stop();
}
// assert
Assert.assertNotNull(responseFromTheApp);
Assert.assertEquals(404, responseFromTheApp.getStatus());
}
@Test
public void testDetectingSAML() throws Exception {
// given
URL webXml = AbstractJettyAppServerTest.class.getResource("/web-saml.xml");
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
.addAsWebInfResource(webXml, "web.xml");
JettyAppServer server = new JettyAppServer();
// when
Authenticator installedAuthenticator = null;
try {
server.start();
server.deploy(archive);
installedAuthenticator = server.getServer()
.getBean(DeploymentManager.class).getApps().iterator().next()
.getContextHandler().getChildHandlerByClass(SecurityHandler.class).getAuthenticator();
} finally {
server.stop();
}
// assert
Assert.assertTrue(installedAuthenticator instanceof KeycloakSamlAuthenticator);
}
@Test
public void testDetectingOIDC() throws Exception {
// given
URL webXml = AbstractJettyAppServerTest.class.getResource("/web-oidc.xml");
WebArchive archive = ShrinkWrap.create(WebArchive.class,"archive.war")
.addAsWebInfResource(webXml, "web.xml");
JettyAppServer server = new JettyAppServer();
// when
Authenticator installedAuthenticator = null;
try {
server.start();
server.deploy(archive);
installedAuthenticator = server.getServer()
.getBean(DeploymentManager.class).getApps().iterator().next()
.getContextHandler().getChildHandlerByClass(SecurityHandler.class).getAuthenticator();
} finally {
server.stop();
}
// assert
Assert.assertTrue(installedAuthenticator instanceof KeycloakJettyAuthenticator);
}
@Test
public void testJettyVersion() throws Exception {
// given
String versionRegexp = "jetty\\d\\d";
// when
String appServerName = new JettyAppServerProvider().getName();
// assert
Assert.assertTrue(appServerName.matches(versionRegexp));
}
@WebServlet(name = TEST_SERVLET_NAME, urlPatterns = "/" + TEST_SERVLET_URL_MAPPING)
public static class ExampleServlet extends HttpServlet {
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
resp.getWriter().println("ok");
}
}
@Path("/")
public static class ExampleRest extends HttpServlet {
@GET
public Response doGet() {
return Response.ok().build();
}
}
public static boolean isFree(String hostName, int port) {
SocketAddress socketAddress = new InetSocketAddress(hostName, port);
Socket socket = new Socket();
try {
socket.connect(socketAddress, 2000);
socket.close();
return false;
} catch (Exception exception) {
return true;
}
}
}

5
testsuite/integration-arquillian/servers/app-server/jetty/common/src/test/resources/log4j.properties Executable file
View file

@ -0,0 +1,5 @@
log4j.rootLogger=info, stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p %t [%c] %m%n

12
testsuite/integration-arquillian/servers/app-server/jetty/common/src/test/resources/web-oidc.xml Normal file
View file

@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>demo</realm-name>
</login-config>
</web-app>

12
testsuite/integration-arquillian/servers/app-server/jetty/common/src/test/resources/web-saml.xml Normal file
View file

@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<login-config>
<auth-method>KEYCLOAK-SAML</auth-method>
<realm-name>demo</realm-name>
</login-config>
</web-app>

73
testsuite/integration-arquillian/servers/app-server/jetty/pom.xml Normal file
View file

@ -0,0 +1,73 @@
<?xml version="1.0"?>
<!--
~ Copyright 2018 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
<?xml version="1.0"?>
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<parent>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>integration-arquillian-servers-app-server-jetty</artifactId>
<packaging>pom</packaging>
<name>App Server - Jetty Parent</name>
<profiles>
<profile>
<id>app-server-jetty94</id>
<activation>
<property>
<name>app.server</name>
<value>jetty94</value>
</property>
</activation>
<modules>
<module>common</module>
<module>94</module>
</modules>
</profile>
<profile>
<id>app-server-jetty93</id>
<activation>
<property>
<name>app.server</name>
<value>jetty93</value>
</property>
</activation>
<modules>
<module>common</module>
<module>93</module>
</modules>
</profile>
<profile>
<id>app-server-jetty92</id>
<activation>
<property>
<name>app.server</name>
<value>jetty92</value>
</property>
</activation>
<modules>
<module>common</module>
<module>92</module>
</modules>
</profile>
</profiles>
</project>

1
testsuite/integration-arquillian/servers/app-server/pom.xml
View file

@ -41,6 +41,7 @@
<module>karaf</module>
<module>tomcat</module>
<module>undertow</module>
<module>jetty</module>
</modules>
</project>

4
testsuite/integration-arquillian/servers/app-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/UndertowAppServer.java
View file

@ -134,7 +134,7 @@ public class UndertowAppServer implements DeployableContainer<UndertowAppServerC
if (isJaxrsApp(webArchive)) {
di = new UndertowDeployerHelper().getDeploymentInfo(configuration, webArchive,
undertow.undertowDeployment(getCustomResteasyDeployment(webArchive)));
undertow.undertowDeployment(discoverPathAnnotatedClasses(webArchive)));
} else if (applicationClassNode.isPresent()) {
String applicationPath = applicationClassNode.get().getPath().get();
@ -237,7 +237,7 @@ public class UndertowAppServer implements DeployableContainer<UndertowAppServerC
}
}
private ResteasyDeployment getCustomResteasyDeployment(WebArchive webArchive) {
private ResteasyDeployment discoverPathAnnotatedClasses(WebArchive webArchive) {
//take all classes from war and add those with @Path annotation to RestSamlApplicationConfig
Set<Class<?>> classes = webArchive.getContent(archivePath ->
archivePath.get().startsWith("/WEB-INF/classes/") &&

10
testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/KeycloakOnUndertow.java
View file

@ -49,23 +49,15 @@ import org.keycloak.services.filters.KeycloakSessionServletFilter;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.resources.KeycloakApplication;
import org.keycloak.testsuite.KeycloakServer;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import org.keycloak.testsuite.utils.undertow.UndertowDeployerHelper;
import org.keycloak.testsuite.utils.undertow.UndertowWarClassLoader;
import org.keycloak.util.JsonSerialization;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
import java.io.IOException;
import java.lang.reflect.Field;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

2
testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/lb/SimpleUndertowLoadBalancer.java
View file

@ -40,7 +40,7 @@ import io.undertow.util.Headers;
import org.jboss.logging.Logger;
import org.keycloak.common.util.reflections.Reflections;
import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import java.util.LinkedHashMap;
import java.util.StringTokenizer;

88
testsuite/integration-arquillian/tests/base/pom.xml
View file

@ -413,6 +413,94 @@
</plugins>
</build>
</profile>
<profile>
<id>app-server-jetty94</id>
<activation>
<property>
<name>app.server</name>
<value>jetty94</value>
</property>
</activation>
<properties>
<app.server>jetty94</app.server> <!--in case the profile is called directly-->
<app.server.skip.unpack>true</app.server.skip.unpack>
</properties>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-94</artifactId>
<version>${project.version}</version>
<scope>runtime</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.commonjava.maven.plugins</groupId>
<artifactId>directory-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>app-server-jetty93</id>
<activation>
<property>
<name>app.server</name>
<value>jetty93</value>
</property>
</activation>
<properties>
<app.server>jetty93</app.server> <!--in case the profile is called directly-->
<app.server.skip.unpack>true</app.server.skip.unpack>
</properties>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-93</artifactId>
<version>${project.version}</version>
<scope>runtime</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.commonjava.maven.plugins</groupId>
<artifactId>directory-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>app-server-jetty92</id>
<activation>
<property>
<name>app.server</name>
<value>jetty92</value>
</property>
</activation>
<properties>
<app.server>jetty92</app.server> <!--in case the profile is called directly-->
<app.server.skip.unpack>true</app.server.skip.unpack>
</properties>
<dependencies>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-servers-app-server-jetty-92</artifactId>
<version>${project.version}</version>
<scope>runtime</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.commonjava.maven.plugins</groupId>
<artifactId>directory-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>app-server-wildfly</id>
<activation>

6
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerCookiePortalRoot.java
View file

@ -35,11 +35,7 @@ public class CustomerCookiePortalRoot extends AbstractPageWithInjectedUrl {
@Override
public URL getInjectedUrl() {
try {
return new URL(url.toString() + "/");
} catch (MalformedURLException e) {
throw new RuntimeException(e);
}
return url;
}
public String logoutURL() {

14
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerPortal.java
View file

@ -21,6 +21,8 @@ import org.jboss.arquillian.container.test.api.OperateOnDeployment;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
import javax.ws.rs.core.UriBuilder;
import java.net.URI;
import java.net.URL;
/**
@ -40,18 +42,18 @@ public class CustomerPortal extends AbstractPageWithInjectedUrl {
return url;
}
public String logout() {
return url + "/logout";
public URI logout() {
return getUriBuilder().clone().path("logout").build();
}
public String callCustomerDbAudienceRequiredUrl(boolean attachAudienceScope) {
String url = this.url + "/call-customer-db-audience-required";
public URI callCustomerDbAudienceRequiredUrl(boolean attachAudienceScope) {
UriBuilder builder = getUriBuilder().clone().path("call-customer-db-audience-required");
if (attachAudienceScope) {
url = url + "?scope=customer-db-audience-required";
builder.queryParam("scope", "customer-db-audience-required");
}
return url;
return builder.build();
}
}

2
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/MultiTenant1Saml.java
View file

@ -37,7 +37,7 @@ public class MultiTenant1Saml extends SAMLServlet {
@Override
public URL getInjectedUrl() {
try {
return new URL(url + "/?realm=tenant1");
return new URL(url + "?realm=tenant1");
} catch (MalformedURLException e) {
throw new IllegalStateException(e);
}

2
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/MultiTenant2Saml.java
View file

@ -37,7 +37,7 @@ public class MultiTenant2Saml extends SAMLServlet {
@Override
public URL getInjectedUrl() {
try {
return new URL(url + "/?realm=tenant2");
return new URL(url + "?realm=tenant2");
} catch (MalformedURLException e) {
throw new IllegalStateException(e);
}

2
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
View file

@ -294,7 +294,7 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
@Override
public void navigateTo() {
driver.navigate().to(toString() + "/");
driver.navigate().to(toString());
waitForPageToLoad();
}

54
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AdapterTestExecutionDecider.java
View file

@ -35,42 +35,34 @@ import org.keycloak.testsuite.arquillian.annotation.AppServerContainers;
public class AdapterTestExecutionDecider implements TestExecutionDecider {
private final Logger log = Logger.getLogger(AdapterTestExecutionDecider.class);
private static final Map<Method, CachedRecord> cache = new HashMap<>();
@Inject private Instance<TestContext> testContextInstance;
@Override
public ExecutionDecision decide(Method method) {
ExecutionDecision decision = getFromCache(method);
if (decision != null) {
return decision;
}
TestContext testContext = testContextInstance.get();
if (!testContext.isAdapterTest()) {
return execute(method, Boolean.TRUE, null);
return ExecutionDecision.execute();
}
if (testContext.isAdapterContainerEnabled() || testContext.isAdapterContainerEnabledCluster()) {
if (method.isAnnotationPresent(AppServerContainer.class)) { // taking method level annotation first as it has higher priority
if (getCorrespondingAnnotation(method) == null) { //no corresponding annotation - taking class level annotation
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer class level annotation.");
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer class level annotation.");
}
} else if (getCorrespondingAnnotation(method).skip()) { //corresponding annotation
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer method level annotation.");
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer method level annotation.");
}
} else { //taking class level annotation
if (getCorrespondingAnnotation(testContext.getTestClass()).skip()) {
return execute(method, Boolean.FALSE, "Skipped by @AppServerContainer class level annotation.");
return ExecutionDecision.dontExecute("Skipped by @AppServerContainer class level annotation.");
}
}
// execute otherwise
return execute(method, Boolean.TRUE, null);
} else {
return execute(method, Boolean.FALSE, "Not enabled by @AppServerContainer annotations.");
return ExecutionDecision.execute();
}
return ExecutionDecision.dontExecute("Not enabled by @AppServerContainer annotations.");
}
@Override
@ -113,38 +105,4 @@ public class AdapterTestExecutionDecider implements TestExecutionDecider {
.findFirst()
.orElse(null);
}
private ExecutionDecision execute(Method method, Boolean execute, String message) {
if (execute) {
cache.put(method, new CachedRecord(Boolean.TRUE, ""));
return ExecutionDecision.execute();
} else {
cache.put(method, new CachedRecord(Boolean.FALSE, message));
log.debug(method.getName() + " " + message);
return ExecutionDecision.dontExecute(message);
}
}
private ExecutionDecision getFromCache(Method method) {
if (cache.containsKey(method)) {
CachedRecord cachedRecord = cache.get(method);
if (cachedRecord.execute) {
return ExecutionDecision.execute(cachedRecord.message);
} else {
return ExecutionDecision.dontExecute(cachedRecord.message);
}
}
return null;
}
private class CachedRecord {
private final Boolean execute;
private final String message;
public CachedRecord(Boolean execute, String message) {
this.execute = execute;
this.message = message;
}
}
}

36
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/CrossDCTestEnricher.java
View file

@ -16,44 +16,40 @@
*/
package org.keycloak.testsuite.arquillian;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import static org.hamcrest.Matchers.lessThan;
import org.jboss.arquillian.container.spi.event.StopContainer;
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
import org.jboss.arquillian.container.test.api.ContainerController;
import org.jboss.arquillian.core.api.Event;
import org.jboss.arquillian.core.api.Instance;
import org.jboss.arquillian.core.spi.Validate;
import org.jboss.arquillian.core.api.annotation.Inject;
import org.jboss.arquillian.core.api.annotation.Observes;
import org.jboss.arquillian.core.spi.Validate;
import org.jboss.arquillian.test.spi.event.suite.After;
import org.jboss.arquillian.test.spi.event.suite.AfterSuite;
import org.jboss.arquillian.test.spi.event.suite.Before;
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
import org.jboss.logging.Logger;
import static org.junit.Assert.assertThat;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.models.Constants;
import org.keycloak.testsuite.arquillian.annotation.InitialDcState;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.crossdc.DC;
import org.keycloak.testsuite.crossdc.ServerSetup;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;
import java.util.stream.Stream;
import org.jboss.arquillian.container.spi.Container;
import org.jboss.arquillian.container.spi.event.StopContainer;
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
import org.jboss.arquillian.core.api.Event;
import org.jboss.arquillian.test.spi.event.suite.AfterSuite;
import org.wildfly.extras.creaper.core.ManagementClient;
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
import org.wildfly.extras.creaper.core.online.OnlineOptions;
import static org.hamcrest.Matchers.lessThan;
import static org.junit.Assert.assertThat;
/**
*

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/ContainerConstants.java
View file

@ -38,4 +38,8 @@ public interface ContainerConstants {
public static final String APP_SERVER_FUSE63 = APP_SERVER_PREFIX + "fuse63";
public static final String APP_SERVER_FUSE7X = APP_SERVER_PREFIX + "fuse7x";
public static final String APP_SERVER_JETTY94 = APP_SERVER_PREFIX + "jetty94";
public static final String APP_SERVER_JETTY93 = APP_SERVER_PREFIX + "jetty93";
public static final String APP_SERVER_JETTY92 = APP_SERVER_PREFIX + "jetty92";
}

11
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/provider/URLProvider.java
View file

@ -38,6 +38,7 @@ import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.keycloak.testsuite.arquillian.ContainerInfo;
import org.keycloak.testsuite.util.URLUtils;
public class URLProvider extends URLResourceProvider {
@ -82,7 +83,6 @@ public class URLProvider extends URLResourceProvider {
try {
url = fixLocalhost(url);
url = fixBoundToAll(url);
url = removeTrailingSlash(url);
if (appServerSslRequired) {
url = fixSsl(url);
}
@ -153,13 +153,4 @@ public class URLProvider extends URLResourceProvider {
return new URL(urlString);
}
public URL removeTrailingSlash(URL url) throws MalformedURLException {
URL urlWithoutSlash = url;
String urlS = url.toExternalForm();
if (urlS.endsWith("/")) {
urlWithoutSlash = new URL(urlS.substring(0, urlS.length() - 1));
}
return urlWithoutSlash;
}
}

2
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/URLUtils.java
View file

@ -8,10 +8,12 @@ import org.openqa.selenium.ie.InternetExplorerDriver;
import org.openqa.selenium.support.ui.ExpectedCondition;
import org.openqa.selenium.support.ui.WebDriverWait;
import java.net.URI;
import java.util.Arrays;
import java.util.List;
import java.util.regex.Pattern;
import static org.junit.Assert.assertEquals;
import static org.keycloak.testsuite.util.DroneUtils.getCurrentDriver;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
import static org.openqa.selenium.support.ui.ExpectedConditions.not;

16
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java
View file

@ -206,6 +206,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
@Test
public void testErrorConditions() throws Exception {
String helloUrl = appPage.getUriBuilder().clone().path("hello").build().toASCIIString();
RealmResource realm = adminClient.realms().realm(CHILD_IDP);
List<FederatedIdentityRepresentation> links = realm.users().get(childUserId).getFederatedIdentity();
@ -239,10 +240,11 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
// now log in
navigateTo( appPage.getInjectedUrl() + "/hello");
navigateTo(helloUrl);
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
loginPage.login("child", "password");
Assert.assertTrue(driver.getCurrentUrl().startsWith(appPage.getInjectedUrl() + "/hello"));
Assert.assertTrue(driver.getCurrentUrl().startsWith(helloUrl));
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
// now test CSRF with bad hash.
@ -268,10 +270,10 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
roles.add(userRole);
clientResource.getScopeMappings().realmLevel().add(roles);
navigateTo( appPage.getInjectedUrl() + "/hello");
navigateTo(helloUrl);
Assert.assertTrue(loginPage.isCurrent(CHILD_IDP));
loginPage.login("child", "password");
Assert.assertTrue(driver.getCurrentUrl().startsWith(appPage.getInjectedUrl() + "/hello"));
Assert.assertTrue(driver.getCurrentUrl().startsWith(helloUrl));
Assert.assertTrue(driver.getPageSource().contains("Unknown request:"));
@ -375,12 +377,6 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
Assert.assertTrue(links.isEmpty());
logoutAll();
}
@Test

107
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/DemoServletsAdapterTest.java
View file

@ -16,44 +16,20 @@
*/
package org.keycloak.testsuite.adapter.servlet;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriBuilder;
import org.apache.commons.io.FileUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.conn.params.ConnManagerParams;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.adapters.OIDCAuthenticationError;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.common.util.Time;
import org.keycloak.constants.AdapterConstants;
import org.keycloak.events.Details;
@ -96,6 +72,7 @@ import org.keycloak.testsuite.auth.page.login.OAuthGrant;
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.console.page.events.Config;
import org.keycloak.testsuite.console.page.events.LoginEvents;
import org.keycloak.testsuite.util.FollowRedirectsEngine;
import org.keycloak.testsuite.util.JavascriptBrowser;
import org.keycloak.testsuite.util.Matchers;
import org.keycloak.testsuite.util.URLUtils;
@ -105,6 +82,27 @@ import org.openqa.selenium.By;
import org.openqa.selenium.Cookie;
import org.openqa.selenium.WebDriver;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriBuilder;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import static org.hamcrest.Matchers.allOf;
import static org.hamcrest.Matchers.anyOf;
import static org.hamcrest.Matchers.containsString;
@ -343,7 +341,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlEquals(customerPortal);
assertLogged();
driver.navigate().to(customerPortal.logout());
driver.navigate().to(customerPortal.logout().toASCIIString());
WaitUtils.waitUntilElement(By.id("customer_portal_logout")).is().present();
customerPortal.navigateTo();
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
@ -427,7 +425,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
testRealmLoginPage.form().login("bburke@redhat.com", "password");
assertCurrentUrlEquals(inputPortal + "/secured/post");
assertCurrentUrlEquals(inputPortal.getUriBuilder().clone().path("secured").path("post").build());
waitForPageToLoad();
assertPageContains("parameter=hello");
@ -585,7 +583,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
@Test
public void testLoginSSOMax() throws InterruptedException {
// Delete cookies
driver.navigate().to(customerPortal + "/error.html");
driver.navigate().to(customerPortal.getUriBuilder().clone().path("error.html").build().toASCIIString());
driver.manage().deleteAllCookies();
// test login to customer-portal which does a bearer request to customer-db
@ -613,7 +611,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
//KEYCLOAK-518
@Test
public void testNullBearerToken() {
Client client = ClientBuilder.newClient();
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
WebTarget target = client.target(customerDb.toString());
Response response = target.request().get();
assertEquals(401, response.getStatus());
@ -627,7 +625,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
//KEYCLOAK-1368
@Test
public void testNullBearerTokenCustomErrorPage() {
Client client = ClientBuilder.newClient();
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
WebTarget target = client.target(customerDbErrorPage.toString());
Response response = target.request().get();
@ -855,7 +853,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
@Test
public void testVerifyTokenAudience() {
public void testVerifyTokenAudience() throws Exception {
// Generate audience client scope
String clientScopeId = testingClient.testing().generateAudienceClientScope("demo", "customer-db-audience-required");
@ -863,7 +861,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
client.addOptionalClientScope(clientScopeId);
// Login without audience scope. Invoke service should end with failure
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(false));
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(false).toURL());
assertTrue(testRealmLoginPage.form().isUsernamePresent());
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
testRealmLoginPage.form().login("bburke@redhat.com", "password");
@ -874,11 +872,11 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
Assert.assertFalse(pageSource.contains("Stian Thorgersen"));
// Logout TODO: will be good to not request logout to force adapter to use additional scope (and other request parameters)
driver.navigate().to(customerPortal.logout());
driver.navigate().to(customerPortal.logout().toURL());
waitForPageToLoad();
// Login with requested audience
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(true));
driver.navigate().to(customerPortal.callCustomerDbAudienceRequiredUrl(true).toURL());
assertTrue(testRealmLoginPage.form().isUsernamePresent());
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
testRealmLoginPage.form().login("bburke@redhat.com", "password");
@ -955,7 +953,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.user(userId)
.detail(Details.USERNAME, "bburke@redhat.com")
.detail(Details.CONSENT, Details.CONSENT_VALUE_CONSENT_GRANTED)
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
.detail(Details.REDIRECT_URI,
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
.removeDetail(Details.CODE_ID)
.assertEvent();
@ -1012,7 +1012,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.user(userId)
.detail(Details.USERNAME, "bburke@redhat.com")
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
.detail(Details.REDIRECT_URI,
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
.removeDetail(Details.CODE_ID)
.assertEvent();
@ -1032,7 +1034,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.realm(realm.getId())
.user(userId)
.session(AssertEvents.isUUID())
.detail(Details.REDIRECT_URI, customerPortal.getInjectedUrl().toString())
.detail(Details.REDIRECT_URI,
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString()),
org.hamcrest.Matchers.equalTo(customerPortal.getInjectedUrl().toString() + "/")))
.assertEvent();
assertEvents.assertEmpty();
@ -1109,7 +1113,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
// Do not redirect client to login page if it's an XHR
System.out.println(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
WebTarget target = client.target(productPortalAutodetectBearerOnly.getInjectedUrl().toString());
WebTarget target = client.target(productPortalAutodetectBearerOnly.getInjectedUrl().toString() + "/");
Response response = target.request().header("X-Requested-With", "XMLHttpRequest").get();
Assert.assertEquals(401, response.getStatus());
response.close();
@ -1158,7 +1162,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
@Test
public void testBasicAuthErrorHandling() {
int numberOfConnections = 10;
Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).build();
Client client = new ResteasyClientBuilder().connectionPoolSize(numberOfConnections).httpEngine(new FollowRedirectsEngine()).build();
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
Response response = target.request().get();
Assert.assertEquals(401, response.getStatus());
@ -1178,7 +1182,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
// KEYCLOAK-1733
@Test
public void testNullQueryParameterAccessToken() {
Client client = ClientBuilder.newClient();
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
WebTarget target = client.target(customerDb.getInjectedUrl().toString());
Response response = target.request().get();
@ -1197,7 +1201,7 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
@Test
public void testRestCallWithAccessTokenAsQueryParameter() {
Client client = ClientBuilder.newClient();
Client client = new ResteasyClientBuilder().httpEngine(new FollowRedirectsEngine()).build();
try {
WebTarget webTarget = client.target(testRealmPage.toString() + "/protocol/openid-connect/token");
@ -1229,14 +1233,15 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
//KEYCLOAK-4765
@Test
public void testCallURLWithAccessToken() {
public void testCallURLWithAccessToken() throws Exception {
// test login to customer-portal which does a bearer request to customer-db
String applicationURL = inputPortalNoAccessToken.getInjectedUrl().toString() + "?access_token=invalid_token";
driver.navigate().to(applicationURL);
System.out.println("Current url: " + driver.getCurrentUrl());
URI applicationURL = inputPortalNoAccessToken.getUriBuilder().clone()
.queryParam("access_token", "invalid_token")
.build();
Assert.assertEquals(applicationURL, driver.getCurrentUrl());
System.out.println(driver.getPageSource());
driver.navigate().to(applicationURL.toURL());
assertEquals(applicationURL.toASCIIString(), driver.getCurrentUrl());
inputPortalNoAccessToken.execute("hello");
assertCurrentUrlStartsWithLoginUrlOf(testRealmPage);
}
@ -1353,7 +1358,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.user(userId)
.detail(Details.USERNAME, "bburke@redhat.com")
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
.detail(Details.REDIRECT_URI, clientSecretJwtSecurePortal.getInjectedUrl().toString())
.detail(Details.REDIRECT_URI,
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString()),
org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString() + "/")))
.removeDetail(Details.CODE_ID)
.assertEvent();
@ -1385,7 +1392,9 @@ public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
.user(userId)
.detail(Details.USERNAME, "bburke@redhat.com")
.detail(Details.CONSENT, Details.CONSENT_VALUE_NO_CONSENT_REQUIRED)
.detail(Details.REDIRECT_URI, clientSecretJwtSecurePortal.getInjectedUrl().toString())
.detail(Details.REDIRECT_URI,
org.hamcrest.Matchers.anyOf(org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString()),
org.hamcrest.Matchers.equalTo(clientSecretJwtSecurePortal.getInjectedUrl().toString() + "/")))
.removeDetail(Details.CODE_ID)
.assertEvent();

12
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/OIDCPublicKeyRotationAdapterTest.java
View file

@ -236,6 +236,10 @@ public class OIDCPublicKeyRotationAdapterTest extends AbstractServletsAdapterTes
@Test
public void testPublicKeyCacheInvalidatedWhenPushedNotBefore() {
driver.manage().timeouts().pageLoadTimeout(1000, TimeUnit.SECONDS);
String customerDBUnsecuredUrl = customerDb.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
String customerDBUrlNoTrailSlash = customerDb.getUriBuilder().build().toASCIIString();
customerDBUrlNoTrailSlash = customerDBUrlNoTrailSlash.substring(0, customerDBUrlNoTrailSlash.length() - 1);
String tokenMinTTLUnsecuredUrl = tokenMinTTLPage.getUriBuilder().clone().path("unsecured").path("foo").build().toASCIIString();
// increase accessTokenLifespan to 1200
RealmRepresentation demoRealm = adminClient.realm(DEMO).toRepresentation();
@ -259,21 +263,21 @@ public class OIDCPublicKeyRotationAdapterTest extends AbstractServletsAdapterTes
adminClient.realm(DEMO).components().component(oldActiveKeyProviderId).remove();
// Set some offset to ensure pushing notBefore will pass
setAdapterAndServerTimeOffset(130, customerDb.toString() + "/unsecured/foo", tokenMinTTLPage.toString() + "/unsecured/foo");
setAdapterAndServerTimeOffset(130, customerDBUnsecuredUrl, tokenMinTTLUnsecuredUrl);
// Send notBefore policy from the realm
demoRealm.setNotBefore(Time.currentTime() - 1);
adminClient.realm(DEMO).update(demoRealm);
GlobalRequestResult result = adminClient.realm(DEMO).pushRevocation();
Assert.assertTrue(result.getSuccessRequests().contains(customerDb.toString()));
Assert.assertTrue(result.getSuccessRequests().contains(customerDBUrlNoTrailSlash));
// Send REST request. New request to the publicKey cache should be sent, and key is no longer returned as token contains the old kid
status = invokeRESTEndpoint(accessTokenString);
Assert.assertEquals(401, status);
// Revert public keys change and time offset
resetKeycloakDeploymentForAdapter(customerDb.toString() + "/unsecured/foo");
resetKeycloakDeploymentForAdapter(tokenMinTTLPage.toString() + "/unsecured/foo");
resetKeycloakDeploymentForAdapter(customerDBUnsecuredUrl);
resetKeycloakDeploymentForAdapter(tokenMinTTLUnsecuredUrl);
}

26
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLServletAdapterTest.java
View file

@ -1070,7 +1070,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmLoginPage.form().login("bburke@redhat.com", "password");
Assert.assertEquals(driver.getCurrentUrl(), inputPortalPage + "/secured/post");
Assert.assertThat(URI.create(driver.getCurrentUrl()).getPath(), endsWith("secured/post"));
waitUntilElement(By.xpath("//body")).text().contains("parameter=hello");
// test that user principal and KeycloakSecurityContext available
@ -1101,7 +1101,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
samlidpInitiatedLoginPage.form().login(bburkeUser);
assertCurrentUrlStartsWith(salesPost2ServletPage);
Assert.assertThat(driver.getCurrentUrl(), endsWith("/foo"));
Assert.assertThat(URI.create(driver.getCurrentUrl()).getPath(), endsWith("foo"));
waitUntilElement(By.xpath("//body")).text().contains("principal=bburke");
salesPost2ServletPage.logout();
checkLoggedOut(salesPost2ServletPage, testRealmSAMLPostLoginPage);
@ -1119,7 +1119,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
testRealmSAMLPostLoginPage.form().login("bburke", "password");
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
Assert.assertEquals(driver.getCurrentUrl(), badAssertionSalesPostSigPage + "/saml");
Assert.assertEquals(driver.getCurrentUrl(), badAssertionSalesPostSigPage.getUriBuilder().clone().path("saml").build().toASCIIString());
}
@Test
@ -1129,7 +1129,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
testRealmSAMLPostLoginPage.form().login("bburke", "password");
waitUntilElement(By.xpath("//body")).text().contains("Error info: SamlAuthenticationError [reason=INVALID_SIGNATURE");
Assert.assertEquals(driver.getCurrentUrl(), missingAssertionSigPage + "/saml");
Assert.assertEquals(driver.getCurrentUrl(), missingAssertionSigPage.getUriBuilder().clone().path("saml").build().toASCIIString());
}
@Test
@ -1218,7 +1218,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login("bburke", "password");
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitForPageToLoad();
String body = driver.findElement(By.xpath("//body")).getText();
@ -1270,7 +1270,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login("bburke", "password");
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitForPageToLoad();
String body = driver.findElement(By.xpath("//body")).getText();
@ -1324,7 +1324,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login("bburke", "password");
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitForPageToLoad();
String body = driver.findElement(By.xpath("//body")).getText();
@ -1379,7 +1379,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login("bburke", "password");
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitForPageToLoad();
String body = driver.findElement(By.xpath("//body")).getText();
@ -1430,7 +1430,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login("level2GroupUser", "password");
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitUntilElement(By.xpath("//body")).text().contains("topAttribute: true");
waitUntilElement(By.xpath("//body")).text().contains("level2Attribute: true");
waitUntilElement(By.xpath("//body")).text().contains("attribute email: level2@redhat.com");
@ -1447,7 +1447,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login(bburkeUser);
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitUntilElement(By.xpath("//body")).text().contains("attribute email: bburke@redhat.com");
waitUntilElement(By.xpath("//body")).text().contains("friendlyAttribute email: bburke@redhat.com");
waitUntilElement(By.xpath("//body")).text().contains("phone: 617");
@ -1493,7 +1493,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
assertCurrentUrlStartsWith(testRealmSAMLPostLoginPage);
testRealmSAMLPostLoginPage.form().login(bburkeUser);
driver.navigate().to(employee2ServletPage.toString() + "/getAttributes");
driver.navigate().to(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build().toURL());
waitUntilElement(By.xpath("//body")).text().contains("hardcoded-attribute: hard");
employee2ServletPage.checkRolesEndPoint(false);
employee2ServletPage.logout();
@ -1543,7 +1543,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
})
.build()
.navigateTo(employee2ServletPage.toString() + "/getAttributes")
.navigateTo(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build())
.execute(r -> {
Assert.assertThat(r, statusCodeIsHC(Response.Status.OK));
@ -1743,7 +1743,7 @@ public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
StatusCodeType statusCode = responseType.getStatus().getStatusCode();
Assert.assertThat(statusCode.getValue().toString(), is(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString() + "/"));
Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString()));
Assert.assertThat(responseType.getSignature(), notNullValue());
Assert.assertThat(responseType.getAssertions().size(), is(1));

66
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/jetty/JettyDemoServletAdapterTest.java Normal file
View file

@ -0,0 +1,66 @@
package org.keycloak.testsuite.adapter.servlet.jetty;
import org.junit.Ignore;
import org.keycloak.testsuite.adapter.servlet.DemoServletsAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY94)
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY93)
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY92)
public class JettyDemoServletAdapterTest extends DemoServletsAdapterTest {
@Ignore("KEYCLOAK-9614")
@Override
public void testAuthenticated() {
}
@Ignore("KEYCLOAK-9614")
@Override
public void testAuthenticatedWithCustomSessionConfig() {
}
@Ignore("KEYCLOAK-9616")
@Override
public void testOIDCParamsForwarding() {
}
@Ignore("KEYCLOAK-9616")
@Override
public void testOIDCUiLocalesParamForwarding() {
}
@Ignore("KEYCLOAK-9615")
@Override
public void testInvalidTokenCookie() {
}
@Ignore("KEYCLOAK-9615")
@Override
public void testTokenInCookieRefresh() {
}
@Ignore("KEYCLOAK-9615")
@Override
public void testTokenInCookieSSO() {
}
@Ignore("KEYCLOAK-9615")
@Override
public void testTokenInCookieSSORoot() {
}
@Ignore("KEYCLOAK-9617")
@Override
public void testWithoutKeycloakConf() {
}
}

24
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/jetty/JettySAMLServletAdapterTest.java Normal file
View file

@ -0,0 +1,24 @@
package org.keycloak.testsuite.adapter.servlet.jetty;
import org.junit.Ignore;
import org.keycloak.testsuite.adapter.servlet.SAMLServletAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY94)
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY93)
@AppServerContainer(ContainerConstants.APP_SERVER_JETTY92)
public class JettySAMLServletAdapterTest extends SAMLServletAdapterTest {
@Ignore("KEYCLOAK-9687")
@Override
public void multiTenant1SamlTest() throws Exception {
}
@Ignore("KEYCLOAK-9687")
@Override
public void multiTenant2SamlTest() throws Exception {
}
}

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowRelaviteUriAdapterTest.java
View file

@ -140,7 +140,7 @@ public class UndertowRelaviteUriAdapterTest extends AbstractServletsAdapterTest
Assert.assertTrue(driver.getPageSource().contains("iPhone"));
// test logout
driver.navigate().to(customerPortal.logout());
driver.navigate().to(customerPortal.logout().toASCIIString());
Assert.assertTrue(driver.getPageSource().contains("servlet logout ok"));
customerPortal.navigateTo();

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/CrossRealmPermissionsTest.java
View file

@ -28,10 +28,10 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.Response;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java
View file

@ -48,10 +48,10 @@ import org.keycloak.services.resources.admin.permissions.GroupPermissionManageme
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.Response;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java
View file

@ -57,7 +57,6 @@ import org.keycloak.services.resources.admin.AdminAuth.Resource;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.CredentialBuilder;
@ -83,6 +82,7 @@ import static org.junit.Assert.fail;
import static org.keycloak.services.resources.admin.AdminAuth.Resource.AUTHORIZATION;
import static org.keycloak.services.resources.admin.AdminAuth.Resource.CLIENT;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.utils.tls.TLSUtils;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/concurrency/AbstractConcurrencyTest.java
View file

@ -17,13 +17,12 @@
package org.keycloak.testsuite.admin.concurrency;
import org.jboss.logging.Logger;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import java.util.Collections;
import java.util.HashSet;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventAuthDetailsTest.java
View file

@ -34,12 +34,12 @@ import org.keycloak.testsuite.AbstractAuthTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.AssertAdminEvents;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import java.util.Collections;
import java.util.List;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
View file

@ -36,12 +36,12 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RoleBuilder;
import org.keycloak.testsuite.util.URLAssert;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import org.keycloak.util.JsonSerialization;
import javax.ws.rs.NotFoundException;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
View file

@ -48,7 +48,6 @@ import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
@ -60,6 +59,7 @@ import org.keycloak.testsuite.util.CredentialBuilder;
import org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import org.keycloak.util.JsonSerialization;
import javax.ws.rs.NotFoundException;

2
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cluster/AbstractClusterTest.java
View file

@ -11,9 +11,9 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.ContainerInfo;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import java.util.HashMap;
import java.util.HashSet;

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
View file

@ -48,10 +48,8 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.account.AccountFormServiceTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.undertow.TLSUtils;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.pages.AccountApplicationsPage;
import org.keycloak.testsuite.pages.LoginPage;
@ -63,6 +61,7 @@ import org.keycloak.testsuite.util.RealmManager;
import org.keycloak.testsuite.util.RoleBuilder;
import org.keycloak.testsuite.util.TokenSignatureUtil;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import org.keycloak.util.TokenUtil;
import javax.ws.rs.NotFoundException;

17
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/FollowRedirectsEngine.java Normal file
View file

@ -0,0 +1,17 @@
package org.keycloak.testsuite.util;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine;
/**
* A simple wrapper for the HTTP Client Engine to follow redirects.
*
* <p>
* When hitting a Servlet deployed on Jetty without trailing slash, we get a <code>302</code> in return.
* Our testsuite doesn't work well with this. This engine solves this problem.
* </p>
*/
public class FollowRedirectsEngine extends ApacheHttpClient4Engine {
public FollowRedirectsEngine() {
this.followRedirects = true;
}
}

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/URLAssert.java
View file

@ -33,8 +33,10 @@ import java.io.InputStreamReader;
import java.io.Reader;
import java.io.StringWriter;
import java.net.URI;
import java.net.URL;
import java.nio.charset.Charset;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.util.URLUtils.currentUrlDoesntStartWith;
import static org.keycloak.testsuite.util.URLUtils.currentUrlEquals;
@ -60,12 +62,15 @@ public class URLAssert {
assertCurrentUrlEquals(page.toString());
}
public static void assertCurrentUrlEquals(final URI url) {
assertCurrentUrlEquals(url.toASCIIString());
}
public static void assertCurrentUrlEquals(final String url) {
assertTrue("Expected URL: " + url + "; actual: " + DroneUtils.getCurrentDriver().getCurrentUrl(),
currentUrlEquals(url));
}
public static void assertCurrentUrlStartsWith(final AbstractPage page, WebDriver driver) {
assertCurrentUrlStartsWith(page.toString(), driver);
}

11
testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/TLSUtils.java → testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/tls/TLSUtils.java
View file

@ -1,7 +1,4 @@
package org.keycloak.testsuite.arquillian.undertow;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
package org.keycloak.testsuite.utils.tls;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
@ -9,6 +6,8 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
public class TLSUtils {
@ -30,7 +29,7 @@ public class TLSUtils {
public static SSLContext initializeTLS() {
try {
KeyStore keystore = KeyStore.getInstance("jks");
keystore.load(KeycloakOnUndertow.class.getResourceAsStream("/keycloak.jks"), "secret".toCharArray());
keystore.load(TLSUtils.class.getResourceAsStream("/keycloak.jks"), "secret".toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, "secret".toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
@ -38,7 +37,7 @@ public class TLSUtils {
// Essentially, this is REQUEST CLIENT AUTH behavior. It doesn't fail if the client doesn't have a cert.
// However it will challenge him to send it.
KeyStore truststore = KeyStore.getInstance("jks");
truststore.load(KeycloakOnUndertow.class.getResourceAsStream("/keycloak.truststore"), "secret".toCharArray());
truststore.load(TLSUtils.class.getResourceAsStream("/keycloak.truststore"), "secret".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
TrustManager[] trustManagers = new TrustManager[trustManagerFactory.getTrustManagers().length + 1];

403
testsuite/jetty/jetty92/pom.xml
View file

@ -1,403 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<artifactId>keycloak-testsuite-pom</artifactId>
<groupId>org.keycloak</groupId>
<version>5.0.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>keycloak-testsuite-jetty92</artifactId>
<name>Keycloak Jetty 9.2.x Integration TestSuite</name>
<properties>
<maven.compiler.target>1.7</maven.compiler.target>
<maven.compiler.source>1.7</maven.compiler.source>
<jetty9.version>9.2.4.v20141103</jetty9.version>
</properties>
<description />
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-dependencies-server-all</artifactId>
<type>pom</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-admin-client</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty92-adapter</artifactId>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.spec.javax.ws.rs</groupId>
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxrs</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-client</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-multipart-provider</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jackson2-provider</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-undertow</artifactId>
</dependency>
<dependency>
<groupId>com.google.zxing</groupId>
<artifactId>javase</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-ldap-federation</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-kerberos-federation</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-undertow-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty92-adapter</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
</dependency>
<dependency>
<groupId>io.undertow</groupId>
<artifactId>undertow-servlet</artifactId>
</dependency>
<dependency>
<groupId>io.undertow</groupId>
<artifactId>undertow-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
</dependency>
<dependency>
<groupId>com.icegreen</groupId>
<artifactId>greenmail</artifactId>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.infinispan</groupId>
<artifactId>infinispan-core</artifactId>
</dependency>
<dependency>
<groupId>org.seleniumhq.selenium</groupId>
<artifactId>selenium-java</artifactId>
</dependency>
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
</dependency>
<dependency>
<groupId>org.seleniumhq.selenium</groupId>
<artifactId>selenium-chrome-driver</artifactId>
</dependency>
<dependency>
<groupId>org.wildfly</groupId>
<artifactId>wildfly-undertow</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
<type>test-jar</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.keycloak.testsuite</groupId>
<artifactId>integration-arquillian-test-apps-servlets</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jaas</artifactId>
<version>${jetty9.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty9.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
<version>${jetty9.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
<version>${jetty9.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>${jetty9.version}</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.2</version>
<executions>
<execution>
<goals>
<goal>test-jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<skip>true</skip>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<workingDirectory>${project.basedir}</workingDirectory>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>keycloak-server</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<mainClass>org.keycloak.testsuite.KeycloakServer</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>mail-server</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<mainClass>org.keycloak.testsuite.MailServer</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>totp</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<configuration>
<mainClass>org.keycloak.testsuite.TotpGenerator</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>jpa</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<systemPropertyVariables>
<keycloak.realm.provider>jpa</keycloak.realm.provider>
<keycloak.user.provider>jpa</keycloak.user.provider>
<keycloak.eventStore.provider>jpa</keycloak.eventStore.provider>
</systemPropertyVariables>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<!-- MySQL -->
<profile>
<activation>
<property>
<name>keycloak.connectionsJpa.driver</name>
<value>com.mysql.jdbc.Driver</value>
</property>
</activation>
<id>mysql</id>
<dependencies>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.version}</version>
</dependency>
</dependencies>
</profile>
<!-- PostgreSQL -->
<profile>
<activation>
<property>
<name>keycloak.connectionsJpa.driver</name>
<value>org.postgresql.Driver</value>
</property>
</activation>
<id>postgresql</id>
<dependencies>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<version>${postgresql.version}</version>
</dependency>
</dependencies>
</profile>
<profile>
<id>clean-jpa</id>
<build>
<plugins>
<plugin>
<groupId>org.liquibase</groupId>
<artifactId>liquibase-maven-plugin</artifactId>
<configuration>
<changeLogFile>META-INF/jpa-changelog-master.xml</changeLogFile>
<url>${keycloak.connectionsJpa.url}</url>
<driver>${keycloak.connectionsJpa.driver}</driver>
<username>${keycloak.connectionsJpa.user}</username>
<password>${keycloak.connectionsJpa.password}</password>
<promptOnNonLocalDatabase>false</promptOnNonLocalDatabase>
</configuration>
<executions>
<execution>
<id>clean-jpa</id>
<phase>clean</phase>
<goals>
<goal>dropAll</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

191
testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java
View file

@ -1,191 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.webapp.WebAppContext;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy;
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
import java.io.File;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class Jetty9Test {
@ClassRule
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
@Override
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
AdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
}
};
public static Server server = null;
@BeforeClass
public static void initJetty() throws Exception {
server = new Server(8082);
List<Handler> list = new ArrayList<Handler>();
System.setProperty("app.server.base.url", "http://localhost:8082");
System.setProperty("my.host.name", "localhost");
URL dir = Jetty9Test.class.getResource("/adapter-test/demorealm.json");
File base = new File(dir.getFile()).getParentFile();
list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
list.add(new WebAppContext(new File(base, "customer-db").toString(), "/customer-db"));
list.add(new WebAppContext(new File(base, "customer-db-error-page").toString(), "/customer-db-error-page"));
list.add(new WebAppContext(new File(base, "product-portal").toString(), "/product-portal"));
list.add(new WebAppContext(new File(base, "session-portal").toString(), "/session-portal"));
list.add(new WebAppContext(new File(base, "input-portal").toString(), "/input-portal"));
list.add(new WebAppContext(new File(base, "secure-portal").toString(), "/secure-portal"));
HandlerCollection handlers = new HandlerCollection();
handlers.setHandlers(list.toArray(new Handler[list.size()]));
server.setHandler(handlers);
server.start();
}
@AfterClass
public static void shutdownJetty() throws Exception {
try {
server.stop();
server.destroy();
Thread.sleep(100);
} catch (Exception e) {}
}
@Rule
public AdapterTestStrategy testStrategy = new AdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule, true);
@Test
public void testLoginSSOAndLogout() throws Exception {
testStrategy.testLoginSSOAndLogout();
}
@Test
public void testLoginEncodedRedirectUri() throws Exception {
testStrategy.testLoginEncodedRedirectUri();
}
@Test
public void testSavedPostRequest() throws Exception {
testStrategy.testSavedPostRequest();
}
@Test
public void testServletRequestLogout() throws Exception {
testStrategy.testServletRequestLogout();
}
@Test
public void testLoginSSOIdle() throws Exception {
testStrategy.testLoginSSOIdle();
}
@Test
public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception {
testStrategy.testLoginSSOIdleRemoveExpiredUserSessions();
}
@Test
public void testLoginSSOMax() throws Exception {
testStrategy.testLoginSSOMax();
}
/**
* KEYCLOAK-518
* @throws Exception
*/
@Test
public void testNullBearerToken() throws Exception {
testStrategy.testNullBearerToken();
}
/**
* KEYCLOAK-1368
* @throws Exception
*/
@Test
public void testNullBearerTokenCustomErrorPage() throws Exception {
testStrategy.testNullBearerTokenCustomErrorPage();
}
/**
* KEYCLOAK-518
* @throws Exception
*/
@Test
public void testBadUser() throws Exception {
testStrategy.testBadUser();
}
/**
* KEYCLOAK-732
*
* @throws Throwable
*/
@Test
public void testSingleSessionInvalidated() throws Throwable {
testStrategy.testSingleSessionInvalidated();
}
/**
* KEYCLOAK-741
*/
@Test
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
testStrategy.testSessionInvalidatedAfterFailedRefresh();
}
/**
* KEYCLOAK-942
*/
@Test
public void testAdminApplicationLogout() throws Throwable {
testStrategy.testAdminApplicationLogout();
}
/**
* KEYCLOAK-1216
*/
@Test
public void testAccountManagementSessionsLogout() throws Throwable {
testStrategy.testAccountManagementSessionsLogout();
}
}

204
testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/JettySamlTest.java
View file

@ -1,204 +0,0 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.webapp.WebAppContext;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.helper.adapter.SamlAdapterTestStrategy;
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
import org.openqa.selenium.WebDriver;
import java.io.File;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class JettySamlTest {
@Rule
public SamlAdapterTestStrategy testStrategy = new SamlAdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule);
@ClassRule
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
@Override
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
SamlAdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
}
};
public static Server server = null;
@BeforeClass
public static void initJetty() throws Exception {
server = new Server(8082);
List<Handler> list = new ArrayList<Handler>();
System.setProperty("app.server.base.url", "http://localhost:8082");
System.setProperty("my.host.name", "localhost");
URL dir = JettySamlTest.class.getResource("/keycloak-saml/testsaml.json");
File base = new File(dir.getFile()).getParentFile();
//list.add(new WebAppContext(new File(base, "customer-portal").toString(), "/customer-portal"));
list.add(new WebAppContext(new File(base, "simple-post").toString(), "/sales-post"));
list.add(new WebAppContext(new File(base, "simple-post2").toString(), "/sales-post2"));
list.add(new WebAppContext(new File(base, "simple-input").toString(), "/input-portal"));
list.add(new WebAppContext(new File(base, "signed-post").toString(), "/sales-post-sig"));
list.add(new WebAppContext(new File(base, "signed-post-email").toString(), "/sales-post-sig-email"));
list.add(new WebAppContext(new File(base, "signed-post-transient").toString(), "/sales-post-sig-transient"));
list.add(new WebAppContext(new File(base, "signed-post-persistent").toString(), "/sales-post-sig-persistent"));
list.add(new WebAppContext(new File(base, "signed-metadata").toString(), "/sales-metadata"));
list.add(new WebAppContext(new File(base, "signed-get").toString(), "/employee-sig"));
list.add(new WebAppContext(new File(base, "mappers").toString(), "/employee2"));
list.add(new WebAppContext(new File(base, "signed-front-get").toString(), "/employee-sig-front"));
list.add(new WebAppContext(new File(base, "bad-client-signed-post").toString(), "/bad-client-sales-post-sig"));
list.add(new WebAppContext(new File(base, "bad-realm-signed-post").toString(), "/bad-realm-sales-post-sig"));
list.add(new WebAppContext(new File(base, "encrypted-post").toString(), "/sales-post-enc"));
SamlAdapterTestStrategy.uploadSP("http://localhost:8081/auth");
HandlerCollection handlers = new HandlerCollection();
handlers.setHandlers(list.toArray(new Handler[list.size()]));
server.setHandler(handlers);
server.start();
}
@AfterClass
public static void shutdownJetty() throws Exception {
try {
server.stop();
server.destroy();
Thread.sleep(100);
} catch (Exception e) {}
}
@Test
public void testSavedPostRequest() throws Exception {
testStrategy.testSavedPostRequest();
}
@Test
public void testPostSimpleLoginLogoutIdpInitiatedRedirectTo() {
testStrategy.testPostSimpleLoginLogoutIdpInitiatedRedirectTo();
}
@Test
public void testErrorHandlingSigned() throws Exception {
testStrategy.testErrorHandlingSigned();
}
@Test
public void testErrorHandlingUnsigned() throws Exception {
testStrategy.testErrorHandlingUnsigned();
}
@Test
public void testPostSimpleLoginLogout() {
testStrategy.testPostSimpleLoginLogout();
}
@Test
public void testPostSimpleLoginLogoutIdpInitiated() {
testStrategy.testPostSimpleLoginLogoutIdpInitiated();
}
@Test
public void testPostSignedLoginLogout() {
testStrategy.testPostSignedLoginLogout();
}
@Test
public void testPostSignedLoginLogoutTransientNameID() {
testStrategy.testPostSignedLoginLogoutTransientNameID();
}
@Test
public void testPostSignedLoginLogoutPersistentNameID() {
testStrategy.testPostSignedLoginLogoutPersistentNameID();
}
@Test
public void testPostSignedLoginLogoutEmailNameID() {
testStrategy.testPostSignedLoginLogoutEmailNameID();
}
@Test
public void testAttributes() throws Exception {
testStrategy.testAttributes();
}
@Test
public void testRedirectSignedLoginLogout() {
testStrategy.testRedirectSignedLoginLogout();
}
@Test
public void testRedirectSignedLoginLogoutFrontNoSSO() {
testStrategy.testRedirectSignedLoginLogoutFrontNoSSO();
}
@Test
public void testRedirectSignedLoginLogoutFront() {
testStrategy.testRedirectSignedLoginLogoutFront();
}
@Test
public void testPostEncryptedLoginLogout() {
testStrategy.testPostEncryptedLoginLogout();
}
@Test
public void testPostBadClientSignature() {
testStrategy.testPostBadClientSignature();
}
@Test
public void testPostBadRealmSignature() {
testStrategy.testPostBadRealmSignature( );
}
@Test
public void testPostSimpleUnauthorized() {
testStrategy.testPostSimpleUnauthorized( new SamlAdapterTestStrategy.CheckAuthError() {
@Override
public void check(WebDriver driver) {
Assert.assertTrue(driver.getPageSource().contains("Error 403 !role"));
}
});
}
@Test
public void testMetadataPostSignedLoginLogout() throws Exception {
testStrategy.testMetadataPostSignedLoginLogout();
}
}

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "customer-db",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url": "http://localhost:8081/auth",
"ssl-required" : "external",
"bearer-only" : true,
"enable-cors" : true
}

96
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml
View file

@ -1,96 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>Error Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Error Servlet</servlet-name>
<url-pattern>/error.html</url-pattern>
</servlet-mapping>
<error-page>
<error-code>400</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>401</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/error.html</location>
</error-page>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Errors</web-resource-name>
<url-pattern>/error.html</url-pattern>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>demo</realm-name>
<form-login-config>
<form-login-page>/error.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "customer-db",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url": "http://localhost:8081/auth",
"ssl-required" : "external",
"bearer-only" : true,
"enable-cors" : true
}

57
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml
View file

@ -1,57 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

11
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/keycloak.json
View file

@ -1,11 +0,0 @@
{
"realm": "demo",
"resource": "customer-portal",
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url": "http://localhost:8081/auth",
"ssl-required" : "external",
"expose-token": true,
"credentials": {
"secret": "password"
}
}

76
testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml
View file

@ -1,76 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>Error Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Error Servlet</servlet-name>
<url-pattern>/error.html</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Errors</web-resource-name>
<url-pattern>/error.html</url-pattern>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>demo</realm-name>
<form-login-config>
<form-login-page>/error.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

164
testsuite/jetty/jetty92/src/test/resources/adapter-test/demorealm.json
View file

@ -1,164 +0,0 @@
{
"id": "demo",
"realm": "demo",
"enabled": true,
"accessTokenLifespan": 3000,
"accessCodeLifespan": 10,
"accessCodeLifespanUserAction": 6000,
"sslRequired": "external",
"registrationAllowed": false,
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"requiredCredentials": [ "password" ],
"users" : [
{
"username" : "bburke@redhat.com",
"enabled": true,
"email" : "bburke@redhat.com",
"firstName": "Bill",
"lastName": "Burke",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"realmRoles": [ "user" ],
"applicationRoles": {
"account": [ "manage-account" ]
}
},
{
"username" : "mposolda",
"enabled": true,
"email" : "mposolda@redhat.com",
"firstName": "Marek",
"lastName": "Posolda",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"realmRoles": [ "user" ],
"applicationRoles": {
"account": [ "manage-account" ]
}
}
],
"roles" : {
"realm" : [
{
"name": "user",
"description": "User privileges"
},
{
"name": "admin",
"description": "Administrator privileges"
}
]
},
"scopeMappings": [
{
"client": "third-party",
"roles": ["user"]
},
{
"client": "customer-portal",
"roles": ["user"]
},
{
"client": "product-portal",
"roles": ["user"]
}
],
"applications": [
{
"name": "customer-portal",
"enabled": true,
"adminUrl": "http://localhost:8082/customer-portal",
"baseUrl": "http://localhost:8082/customer-portal",
"directAccessGrantsEnabled": true,
"redirectUris": [
"http://localhost:8082/customer-portal/*"
],
"secret": "password"
},
{
"name": "customer-cookie-portal",
"enabled": true,
"baseUrl": "http://localhost:8082/customer-cookie-portal",
"redirectUris": [
"http://localhost:8082/customer-cookie-portal/*"
],
"secret": "password"
},
{
"name": "customer-portal-js",
"enabled": true,
"publicClient": true,
"adminUrl": "http://localhost:8082/customer-portal-js",
"baseUrl": "http://localhost:8082/customer-portal-js",
"redirectUris": [
"http://localhost:8080/customer-portal-js/*"
]
},
{
"name": "customer-portal-cli",
"enabled": true,
"publicClient": true,
"redirectUris": [
"urn:ietf:wg:oauth:2.0:oob",
"http://localhost"
]
},
{
"name": "product-portal",
"enabled": true,
"adminUrl": "http://localhost:8082/product-portal",
"baseUrl": "http://localhost:8082/product-portal",
"redirectUris": [
"http://localhost:8082/product-portal/*"
],
"secret": "password"
},
{
"name": "secure-portal",
"enabled": true,
"adminUrl": "http://localhost:8082/secure-portal",
"baseUrl": "http://localhost:8082/secure-portal",
"redirectUris": [
"http://localhost:8082/secure-portal/*"
],
"secret": "password"
},
{
"name": "session-portal",
"enabled": true,
"adminUrl": "http://localhost:8082/session-portal",
"baseUrl": "http://localhost:8082/session-portal",
"redirectUris": [
"http://localhost:8082/session-portal/*"
],
"secret": "password"
},
{
"name": "input-portal",
"enabled": true,
"adminUrl": "http://localhost:8082/input-portal",
"baseUrl": "http://localhost:8082/input-portal",
"redirectUris": [
"http://localhost:8082/input-portal/*"
],
"secret": "password"
}
],
"oauthClients": [
{
"name": "third-party",
"enabled": true,
"redirectUris": [
"http://localhost:8082/oauth-client/*",
"http://localhost:8082/oauth-client-cdi/*"
],
"secret": "password"
}
]
}

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "input-portal",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://${my.host.name}:8081/auth",
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
}

57
testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml
View file

@ -1,57 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.InputServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/secured/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "product-portal",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://localhost:8081/auth",
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
}

57
testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml
View file

@ -1,57 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.ProductServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "secure-portal",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://localhost:8080/auth",
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
}

47
testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml
View file

@ -1,47 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

10
testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/keycloak.json
View file

@ -1,10 +0,0 @@
{
"realm" : "demo",
"resource" : "session-portal",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://${my.host.name}:8081/auth",
"ssl-required" : "external",
"credentials" : {
"secret": "password"
}
}

57
testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml
View file

@ -1,57 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.adapter.servlet.SessionServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

64
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keycloak-saml.xml
View file

@ -1,64 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<keycloak-saml-adapter xmlns="urn:keycloak:saml:adapter"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:keycloak:saml:adapter http://www.keycloak.org/schema/keycloak_saml_adapter_1_7.xsd">
<SP entityID="http://localhost:8082/bad-client-sales-post-sig/"
sslPolicy="EXTERNAL"
nameIDPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
logoutPage="/logout.jsp"
forceAuthentication="false">
<Keys>
<Key signing="true" >
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
<PrivateKey alias="http://localhost:8081/bad-client-sales-post-sig/" password="test123"/>
<Certificate alias="http://localhost:8081/bad-client-sales-post-sig/"/>
</KeyStore>
</Key>
</Keys>
<PrincipalNameMapping policy="FROM_NAME_ID"/>
<RoleIdentifiers>
<Attribute name="Role"/>
</RoleIdentifiers>
<IDP entityID="idp">
<SingleSignOnService signRequest="true"
validateResponseSignature="true"
requestBinding="POST"
bindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
/>
<SingleLogoutService
validateRequestSignature="true"
validateResponseSignature="true"
signRequest="true"
signResponse="true"
requestBinding="POST"
responseBinding="POST"
postBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
redirectBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
/>
<Keys>
<Key signing="true">
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
<Certificate alias="demo"/>
</KeyStore>
</Key>
</Keys>
</IDP>
</SP>
</keycloak-saml-adapter>

BIN
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/keystore.jks
View file

Binary file not shown.

60
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-client-signed-post/WEB-INF/web.xml
View file

@ -1,60 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>SendUsernameServlet</servlet-name>
<servlet-class>org.keycloak.testsuite.helper.adapter.SendUsernameServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SendUsernameServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
<form-login-config>
<form-login-page>/error.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>manager</role-name>
</security-role>
<security-role>
<role-name>el-jefe</role-name>
</security-role>
</web-app>

46
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/jetty-web.xml
View file

@ -1,46 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator">
<!--
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081/auth</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
<Set name="realmKey">MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB</Set>
</New>
</Set>
-->
</New>
</Set>
</Get>
</Configure>

64
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keycloak-saml.xml
View file

@ -1,64 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<keycloak-saml-adapter xmlns="urn:keycloak:saml:adapter"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:keycloak:saml:adapter http://www.keycloak.org/schema/keycloak_saml_adapter_1_7.xsd">
<SP entityID="http://localhost:8082/bad-realm-sales-post-sig/"
sslPolicy="EXTERNAL"
nameIDPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
logoutPage="/logout.jsp"
forceAuthentication="false">
<Keys>
<Key signing="true" >
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
<PrivateKey alias="http://localhost:8081/bad-realm-sales-post-sig/" password="test123"/>
<Certificate alias="http://localhost:8081/bad-realm-sales-post-sig/"/>
</KeyStore>
</Key>
</Keys>
<PrincipalNameMapping policy="FROM_NAME_ID"/>
<RoleIdentifiers>
<Attribute name="Role"/>
</RoleIdentifiers>
<IDP entityID="idp">
<SingleSignOnService signRequest="true"
validateResponseSignature="true"
requestBinding="POST"
bindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
/>
<SingleLogoutService
validateRequestSignature="true"
validateResponseSignature="true"
signRequest="true"
signResponse="true"
requestBinding="POST"
responseBinding="POST"
postBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
redirectBindingUrl="http://localhost:8081/auth/realms/demo/protocol/saml"
/>
<Keys>
<Key signing="true">
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
<Certificate alias="demo"/>
</KeyStore>
</Key>
</Keys>
</IDP>
</SP>
</keycloak-saml-adapter>

BIN
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/keystore.jks
View file

Binary file not shown.

88
testsuite/jetty/jetty92/src/test/resources/keycloak-saml/bad-realm-signed-post/WEB-INF/web.xml
View file

@ -1,88 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>adapter-test</module-name>
<servlet>
<servlet-name>SendUsernameServlet</servlet-name>
<servlet-class>org.keycloak.testsuite.helper.adapter.SendUsernameServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>Error Servlet</servlet-name>
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SendUsernameServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Error Servlet</servlet-name>
<url-pattern>/error.html</url-pattern>
</servlet-mapping>
<error-page>
<error-code>400</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>401</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/error.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/error.html</location>
</error-page>
<security-constraint>
<web-resource-collection>
<web-resource-name>Users</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>demo</realm-name>
<form-login-config>
<form-login-page>/error.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>manager</role-name>
</security-role>
<security-role>
<role-name>el-jefe</role-name>
</security-role>
</web-app>

Some files were not shown because too many files have changed in this diff Show more