KEYLOAK-3663 OIDC servlet filter

This commit is contained in:
zschwarz 2016-10-05 12:04:17 +02:00
parent 36aa3da3d0
commit 4bd38bb9c1
4 changed files with 86 additions and 15 deletions

View file

@ -49,9 +49,9 @@ import static org.keycloak.testsuite.util.IOUtil.loadJson;
import static org.keycloak.testsuite.util.IOUtil.loadXML;
import static org.keycloak.testsuite.util.IOUtil.modifyDocElementAttribute;
import static org.keycloak.testsuite.util.IOUtil.modifyDocElementValue;
import static org.keycloak.testsuite.util.IOUtil.removeElementFromDoc;
import static org.keycloak.testsuite.util.IOUtil.removeElementsFromDoc;
;
/**
* @author tkyjovsk
@ -97,7 +97,7 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
if (archive.contains(adapterConfigPath)) {
log.info("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
if (adapterConfigPath.equals(SAML_ADAPTER_CONFIG_PATH)) { // SAML adapter config
log.info("Modyfying saml adapter config in " + archive.getName());
log.info("Modifying saml adapter config in " + archive.getName());
Document doc = loadXML(archive.get("WEB-INF/keycloak-saml.xml").getAsset().openStream());
if (authServerSslRequired) {
@ -148,7 +148,17 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
} catch (IOException ex) {
log.log(Level.FATAL, "Cannot serialize adapter config to JSON.", ex);
}
log.info("Adding OIDCFilter dependencies to " + archive.getName());
((WebArchive) archive).addAsLibraries(KeycloakDependenciesResolver.resolveDependencies("org.keycloak:keycloak-servlet-filter-adapter:" + System.getProperty("project.version")));
}
} else if (archive.getName().equals("customer-portal-subsystem.war")) {
log.info("Adding OIDCFilter dependencies to " + archive.getName());
((WebArchive) archive).addAsLibraries(KeycloakDependenciesResolver.resolveDependencies("org.keycloak:keycloak-servlet-filter-adapter:" + System.getProperty("project.version")));
}
}
@ -210,9 +220,11 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
appendChildInDocument(webXmlDoc, "web-app", filterMapping);
//finally we need to remove all keycloak related configuration from web.xml
removeElementFromDoc(webXmlDoc, "web-app", "security-constraint");
removeElementFromDoc(webXmlDoc, "web-app", "login-config");
removeElementFromDoc(webXmlDoc, "web-app", "security-role");
removeElementsFromDoc(webXmlDoc, "web-app", "security-constraint");
removeElementsFromDoc(webXmlDoc, "web-app", "login-config");
removeElementsFromDoc(webXmlDoc, "web-app", "security-role");
}

View file

@ -129,7 +129,7 @@ public class IOUtil {
node.setTextContent(node.getTextContent().replace(regex, replacement));
}
public static void removeElementFromDoc(Document doc, String parentTag, String removeNode) {
public static void removeElementsFromDoc(Document doc, String parentTag, String removeNode) {
NodeList nodes = doc.getElementsByTagName(parentTag);
if (nodes.getLength() != 1) {
log.warn("Not able or ambiguous to find element: " + parentTag);
@ -143,18 +143,23 @@ public class IOUtil {
}
NodeList removeNodes = parentElement.getElementsByTagName(removeNode);
if (removeNodes.getLength() != 1) {
log.warn("Not able or ambiguous to find element: " + removeNode + " within node " + parentTag);
return;
}
Element removeElement = (Element) removeNodes.item(0);
if (removeElement == null) {
if (removeNodes == null) {
log.warn("Not able to find element: " + removeNode + " within node " + parentTag);
return;
}
parentElement.removeChild(removeElement);
for (int i = 0; i < removeNodes.getLength();){
Element removeElement = (Element) removeNodes.item(i);
if (removeElement == null) {
log.warn("Not able to find element: " + removeNode + " within node " + parentTag);
return;
}
log.info("Removing node " + removeNode);
parentElement.removeChild(removeElement);
}
}
public static String getElementTextContent(Document doc, String path) {

View file

@ -0,0 +1,42 @@
package org.keycloak.testsuite.adapter.servlet;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.testsuite.arquillian.annotation.UseServletFilter;
/**
* Created by zschwarz on 9/14/16.
*/
@UseServletFilter(filterName = "oidc-filter", filterClass = "org.keycloak.adapters.servlet.KeycloakOIDCFilter")
public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoServletsAdapterTest {
@Test
@Override
@Ignore
public void testCustomerPortalWithSubsystemSettings() {
}
@Test
@Override
@Ignore
public void testAuthenticated() {
}
@Test
@Override
@Ignore
public void testOIDCParamsForwarding() {
}
@Test
@Override
@Ignore
public void testClientWithJwksUri() {
}
}

View file

@ -0,0 +1,12 @@
package org.keycloak.testsuite.adapter;
import org.keycloak.testsuite.adapter.servlet.AbstractDemoFilterServletAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
/**
* Created by zschwarz on 9/14/16.
*/
@AppServerContainer("app-server-wildfly")
public class WildflyOIDCFilterAdapterTest extends AbstractDemoFilterServletAdapterTest{
}