diff --git a/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/SimpleWebXmlParser.java b/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/SimpleWebXmlParser.java index 47bdcea681..f5eafa9b53 100644 --- a/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/SimpleWebXmlParser.java +++ b/testsuite/integration-arquillian/servers/auth-server/undertow/src/main/java/org/keycloak/testsuite/arquillian/undertow/SimpleWebXmlParser.java @@ -28,6 +28,7 @@ import javax.servlet.Filter; import javax.servlet.Servlet; import io.undertow.servlet.api.DeploymentInfo; +import io.undertow.servlet.api.ErrorPage; import io.undertow.servlet.api.FilterInfo; import io.undertow.servlet.api.LoginConfig; import io.undertow.servlet.api.SecurityConstraint; @@ -183,9 +184,19 @@ class SimpleWebXmlParser { cfg.setName(cookieName); di.setServletSessionConfig(cfg); } + + // ERROR PAGES + List errorPages = document.getElementsByTagName("error-page"); + for (ElementWrapper errorPage : errorPages) { + int errorCode = Integer.parseInt(errorPage.getElementByTagName("error-code").getText()); + String location = errorPage.getElementByTagName("location").getText(); + di.addErrorPage(new ErrorPage(location, errorCode)); + } } catch (ClassNotFoundException cnfe) { throw new RuntimeException(cnfe); + } catch (NullPointerException npe) { + throw new RuntimeException("Error parsing web.xml of " + di.getDeploymentName(), npe); } } diff --git a/testsuite/integration-arquillian/test-apps/servlets/pom.xml b/testsuite/integration-arquillian/test-apps/servlets/pom.xml index 1755ffd722..38d38a0742 100644 --- a/testsuite/integration-arquillian/test-apps/servlets/pom.xml +++ b/testsuite/integration-arquillian/test-apps/servlets/pom.xml @@ -14,9 +14,8 @@ - javax.servlet - javax.servlet-api - 3.1.0 + org.jboss.spec.javax.servlet + jboss-servlet-api_3.0_spec junit diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/ErrorServlet.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/ErrorServlet.java index afe41ead6b..9f322eb091 100644 --- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/ErrorServlet.java +++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/ErrorServlet.java @@ -23,22 +23,34 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; +import org.keycloak.adapters.spi.AuthenticationError; /** * @author Marek Posolda */ public class ErrorServlet extends HttpServlet { + public static AuthenticationError authError; @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + authError = (AuthenticationError)req.getAttribute(AuthenticationError.class.getName()); - + Integer statusCode = (Integer) req.getAttribute("javax.servlet.error.status_code"); + resp.setContentType("text/html"); PrintWriter pw = resp.getWriter(); pw.printf("%s", "Error Page"); - pw.print("

There was an error

"); + pw.print("

There was an error

"); + if (statusCode != null) + pw.print("
HTTP status code: " + statusCode); + if (authError != null) + pw.print("
Error info: " + authError.toString()); + pw.print(""); pw.flush(); - - + } + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + doGet(req, resp); } } diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantResolver.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantResolver.java index f2e60bba22..643cc61dbc 100644 --- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantResolver.java +++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantResolver.java @@ -31,10 +31,19 @@ public class MultiTenantResolver implements KeycloakConfigResolver { @Override public KeycloakDeployment resolve(HttpFacade.Request request) { - String realm = request.getQueryParamValue("realm"); - // FIXME doesn't work - need to load resources from WEB-INF - InputStream is = getClass().getResourceAsStream("/" + realm + "-keycloak.json"); + String path = request.getURI(); + int multitenantIndex = path.indexOf("multi-tenant/"); + if (multitenantIndex == -1) { + throw new IllegalStateException("Not able to resolve realm from the request path!"); + } + + String realm = path.substring(path.indexOf("multi-tenant/")).split("/")[1]; + if (realm.contains("?")) { + realm = realm.split("\\?")[0]; + } + + InputStream is = getClass().getResourceAsStream("/adapter-test/multi-tenant/WEB-INF/" + realm + "-keycloak.json"); if (is == null) { throw new IllegalStateException("Not able to find the file /" + realm + "-keycloak.json"); diff --git a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantServlet.java b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantServlet.java index 5deb72027f..d658db7574 100644 --- a/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantServlet.java +++ b/testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/MultiTenantServlet.java @@ -33,6 +33,18 @@ public class MultiTenantServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + + String realm = req.getPathInfo().split("/")[1]; + if (realm.contains("?")) { + realm = realm.split("\\?")[0]; + } + + if (req.getPathInfo() != null && req.getPathInfo().contains("logout")) { + req.logout(); + resp.sendRedirect(req.getContextPath() + "/" + realm); + return; + } + resp.setContentType("text/html"); PrintWriter pw = resp.getWriter(); KeycloakSecurityContext context = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName()); diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerCookiePortal.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerCookiePortal.java new file mode 100644 index 0000000000..caa278f19f --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerCookiePortal.java @@ -0,0 +1,43 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.testsuite.adapter.page; + +import org.jboss.arquillian.container.test.api.OperateOnDeployment; +import org.jboss.arquillian.test.api.ArquillianResource; +import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl; + +import java.net.URL; + +public class CustomerCookiePortal extends AbstractPageWithInjectedUrl { + + public static final String DEPLOYMENT_NAME = "customer-cookie-portal"; + + @ArquillianResource + @OperateOnDeployment(DEPLOYMENT_NAME) + private URL url; + + @Override + public URL getInjectedUrl() { + return url; + } + + public String logoutURL() { + return url + "/logout"; + } + +} diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerPortal.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerPortal.java index 4ec2201fca..51c0978ba6 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerPortal.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/CustomerPortal.java @@ -39,5 +39,9 @@ public class CustomerPortal extends AbstractPageWithInjectedUrl { public URL getInjectedUrl() { return url; } + + public String logout() { + return url + "/logout"; + } } diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/InputPortalNoAccessToken.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/InputPortalNoAccessToken.java index 5daa0de2b6..24f3ad94dd 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/InputPortalNoAccessToken.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/InputPortalNoAccessToken.java @@ -19,6 +19,7 @@ package org.keycloak.testsuite.adapter.page; import org.jboss.arquillian.container.test.api.OperateOnDeployment; import org.jboss.arquillian.test.api.ArquillianResource; +import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl; import org.openqa.selenium.WebElement; import org.openqa.selenium.support.FindBy; @@ -28,9 +29,9 @@ import java.net.URL; * * @author vramik */ -public class InputPortalNoAccessToken extends SAMLServlet { +public class InputPortalNoAccessToken extends AbstractPageWithInjectedUrl { - public static final String DEPLOYMENT_NAME = "input-portal-no-access-token"; + public static final String DEPLOYMENT_NAME = "no-access-token"; @ArquillianResource @OperateOnDeployment(DEPLOYMENT_NAME) diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java index e08a44da9e..4ae26e7ac9 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java @@ -67,7 +67,7 @@ public class AuthServerTestEnricher { @Inject private Event stopContainerEvent; - private static final String AUTH_SERVER_CONTAINER_DEFAULT = "auth-server-undertow"; + public static final String AUTH_SERVER_CONTAINER_DEFAULT = "auth-server-undertow"; private static final String AUTH_SERVER_CONTAINER_PROPERTY = "auth.server.container"; public static final String AUTH_SERVER_CONTAINER = System.getProperty(AUTH_SERVER_CONTAINER_PROPERTY, AUTH_SERVER_CONTAINER_DEFAULT); diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java index e0a7ab4351..cd77c5b64b 100644 --- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java +++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java @@ -56,6 +56,8 @@ import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isTomcatAp import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isWLSAppServer; import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isWASAppServer; import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; import static org.keycloak.testsuite.util.IOUtil.appendChildInDocument; import static org.keycloak.testsuite.util.IOUtil.documentToString; import static org.keycloak.testsuite.util.IOUtil.getElementTextContent; @@ -186,8 +188,9 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor { AdapterConfig adapterConfig = loadJson(archive.get(adapterConfigPath) .getAsset().openStream(), AdapterConfig.class); - log.info(" setting " + (relative ? "" : "non-") + "relative auth-server-url"); - if (relative) { + // TODO find out if this is necessary + if (relative && !AUTH_SERVER_CONTAINER.equals(AUTH_SERVER_CONTAINER_DEFAULT)) { + log.info(" setting relative auth-server-url"); adapterConfig.setAuthServerUrl("/auth"); // ac.setRealmKey(null); // TODO verify if realm key is required for relative scneario } else { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java index 744486793c..8940ee1048 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractServletsAdapterTest.java @@ -37,6 +37,11 @@ import static org.keycloak.testsuite.util.IOUtil.loadRealm; public abstract class AbstractServletsAdapterTest extends AbstractAdapterTest { + protected static WebArchive servletDeploymentMultiTenant(String name, Class... servletClasses) { + WebArchive servletDeployment = servletDeployment(name, null, servletClasses); + return servletDeployment; + } + protected static WebArchive servletDeployment(String name, Class... servletClasses) { return servletDeployment(name, "keycloak.json", servletClasses); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java index 6f238e0ee7..495434e2d4 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoFilterServletAdapterTest.java @@ -1,23 +1,42 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.keycloak.testsuite.adapter.servlet; import org.junit.Ignore; import org.junit.Test; import org.keycloak.testsuite.arquillian.annotation.UseServletFilter; -/** - * Created by zschwarz on 9/14/16. - */ - @UseServletFilter(filterName = "oidc-filter", filterClass = "org.keycloak.adapters.servlet.KeycloakOIDCFilter", filterDependency = "org.keycloak:keycloak-servlet-filter-adapter", skipPattern = "/error.html") public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoServletsAdapterTest { + @Test + @Override + @Ignore + public void testNullBearerTokenCustomErrorPage() { + //can't test because of the way filter works + } + @Test @Override @Ignore public void testAuthenticated() { - + //Don't need to test this because HttpServletRequest.authenticate doesn't make sense with filter implementation } @Test @@ -40,4 +59,25 @@ public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoS public void testOIDCUiLocalesParamForwarding() { } + + @Test + @Override + @Ignore + public void testTokenInCookieSSO() { + + } + + @Test + @Override + @Ignore + public void testInvalidTokenCookie() { + + } + + @Test + @Override + @Ignore + public void testTokenInCookieRefresh() { + + } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java index 617455c038..31e4305504 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractDemoServletsAdapterTest.java @@ -39,12 +39,13 @@ import org.jboss.arquillian.graphene.page.Page; import org.jboss.shrinkwrap.api.spec.WebArchive; import org.junit.Assert; import org.junit.Before; -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; +import org.openqa.selenium.Cookie; import org.keycloak.OAuth2Constants; import org.keycloak.admin.client.resource.ClientResource; +import org.keycloak.adapters.OIDCAuthenticationError; import org.keycloak.common.Version; import org.keycloak.common.util.Time; import org.keycloak.constants.AdapterConstants; @@ -65,6 +66,7 @@ import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest; import org.keycloak.testsuite.adapter.filter.AdapterActionsFilter; import org.keycloak.testsuite.adapter.page.BasicAuth; import org.keycloak.testsuite.adapter.page.ClientSecretJwtSecurePortal; +import org.keycloak.testsuite.adapter.page.CustomerCookiePortal; import org.keycloak.testsuite.adapter.page.CustomerDb; import org.keycloak.testsuite.adapter.page.CustomerDbErrorPage; import org.keycloak.testsuite.adapter.page.CustomerPortal; @@ -101,6 +103,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO; @@ -148,7 +151,9 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd private Config configPage; @Page private ClientSecretJwtSecurePortal clientSecretJwtSecurePortal; - + @Page + private CustomerCookiePortal customerCookiePortal; + @Rule public AssertEvents assertEvents = new AssertEvents(this); @@ -157,6 +162,11 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd return servletDeployment(CustomerPortal.DEPLOYMENT_NAME, CustomerServlet.class, ErrorServlet.class, ServletTestUtils.class); } + @Deployment(name = CustomerCookiePortal.DEPLOYMENT_NAME) + protected static WebArchive customerCookiePortal() { + return servletDeployment(CustomerCookiePortal.DEPLOYMENT_NAME, CustomerServlet.class, ErrorServlet.class, ServletTestUtils.class); + } + @Deployment(name = CustomerPortalNoConf.DEPLOYMENT_NAME) protected static WebArchive customerPortalNoConf() { return servletDeployment(CustomerPortalNoConf.DEPLOYMENT_NAME, CustomerServletNoConf.class, ErrorServlet.class); @@ -233,6 +243,127 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd driver.manage().deleteAllCookies(); } + //KEYCLOAK-702 + @Test + public void testTokenInCookieSSO() { + // Login + String tokenCookie = loginToCustomerCookiePortal(); + + // SSO to second app + customerPortal.navigateTo(); + assertLogged(); + + // return to customer-cookie-portal and assert still same cookie (accessToken didn't expire) + customerCookiePortal.navigateTo(); + assertLogged(); + String tokenCookie2 = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); + assertEquals(tokenCookie, tokenCookie2); + + // Logout with httpServletRequest + logoutFromCustomerCookiePortal(); + + // Also should be logged-out from the second app + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + } + + //KEYCLOAK-702 + @Test + public void testTokenInCookieRefresh() { + // Set token timeout 3 sec + RealmRepresentation demo = adminClient.realm("demo").toRepresentation(); + int originalTokenTimeout = demo.getAccessCodeLifespan(); + demo.setAccessTokenLifespan(3); + adminClient.realm("demo").update(demo); + + try { + // login to customer-cookie-portal + String tokenCookie1 = loginToCustomerCookiePortal(); + + // Simulate waiting 4 seconds + setTimeOffset(4); + + // assert cookie was refreshed + customerCookiePortal.navigateTo(); + assertCurrentUrlEquals(customerCookiePortal); + assertLogged(); + String tokenCookie2 = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); + assertNotEquals(tokenCookie1, tokenCookie2); + + // login to 2nd app and logout from it + customerPortal.navigateTo(); + assertCurrentUrlEquals(customerPortal); + assertLogged(); + + driver.navigate().to(customerCookiePortal.logoutURL()); + assertTrue(driver.getPageSource().contains("servlet logout ok")); + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + + // Simulate another 4 seconds + setTimeOffset(8); + + // assert not logged in customer-cookie-portal + customerCookiePortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + } finally { + // Set token timeout 3 sec + demo.setAccessTokenLifespan(originalTokenTimeout); + adminClient.realm("demo").update(demo); + + resetTimeOffset(); + } + } + + //KEYCLOAK-702 + @Test + public void testInvalidTokenCookie() { + // Login + String tokenCookie = loginToCustomerCookiePortal(); + String changedTokenCookie = tokenCookie.replace("a", "b"); + + // change cookie to invalid value + driver.manage().addCookie(new Cookie(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE, changedTokenCookie, "/customer-cookie-portal")); + + // visit page and assert re-logged and cookie was refreshed + customerCookiePortal.navigateTo(); + assertCurrentUrlEquals(customerCookiePortal); + String currentCookie = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); + assertNotEquals(currentCookie, tokenCookie); + assertNotEquals(currentCookie, changedTokenCookie); + + // logout + logoutFromCustomerCookiePortal(); + } + + // login to customer-cookie-portal and return the KEYCLOAK_ADAPTER_STATE cookie established on adapter + private String loginToCustomerCookiePortal() { + customerCookiePortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + testRealmLoginPage.form().login("bburke@redhat.com", "password"); + assertCurrentUrlEquals(customerCookiePortal); + assertLogged(); + + // Assert no JSESSIONID cookie + Assert.assertNull(driver.manage().getCookieNamed("JSESSIONID")); + + return driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); + } + + private void logoutFromCustomerCookiePortal() { + String logout = customerCookiePortal.logoutURL(); + driver.navigate().to(logout); + assertTrue(driver.getPageSource().contains("servlet logout ok")); + assertNull(driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE)); + customerCookiePortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + } + + private void assertLogged() { + String pageSource = driver.getPageSource(); + Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); + } + @Test public void testSavedPostRequest() throws InterruptedException { // test login to customer-portal which does a bearer request to customer-db @@ -437,6 +568,7 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd driver.navigate().to(logoutUri); } + //KEYCLOAK-518 @Test public void testNullBearerToken() { Client client = ClientBuilder.newClient(); @@ -450,41 +582,39 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd client.close(); } + //KEYCLOAK-1368 @Test - @Ignore public void testNullBearerTokenCustomErrorPage() { + ErrorServlet.authError = null; Client client = ClientBuilder.newClient(); WebTarget target = client.target(customerDbErrorPage.toString()); + Response response = target.request().get(); - // TODO: follow redirects automatically if possible - if (response.getStatus() == 302) { - String location = response.getHeaderString(HttpHeaders.LOCATION); - response.close(); - response = client.target(location).request().get(); - } - assertEquals(200, response.getStatus()); + assertEquals(401, response.getStatus()); String errorPageResponse = response.readEntity(String.class); assertTrue(errorPageResponse.contains("Error Page")); response.close(); + Assert.assertNotNull(ErrorServlet.authError); + OIDCAuthenticationError error = (OIDCAuthenticationError) ErrorServlet.authError; + Assert.assertEquals(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, error.getReason()); + ErrorServlet.authError = null; response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get(); - // TODO: follow redirects automatically if possible - if (response.getStatus() == 302) { - String location = response.getHeaderString(HttpHeaders.LOCATION); - response.close(); - response = client.target(location).request().get(); - } - assertEquals(200, response.getStatus()); + + assertEquals(401, response.getStatus()); errorPageResponse = response.readEntity(String.class); assertTrue(errorPageResponse.contains("Error Page")); response.close(); - + Assert.assertNotNull(ErrorServlet.authError); + error = (OIDCAuthenticationError) ErrorServlet.authError; + Assert.assertEquals(OIDCAuthenticationError.Reason.INVALID_TOKEN, error.getReason()); + client.close(); } + //KEYCLOAK-518 @Test - @Ignore public void testBadUser() { Client client = ClientBuilder.newClient(); URI uri = OIDCLoginProtocolService.tokenUrl(authServerPage.createUriBuilder()).build("demo"); @@ -1016,7 +1146,6 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd //KEYCLOAK-4765 @Test - @Ignore public void testCallURLWithAccessToken() { // test login to customer-portal which does a bearer request to customer-db String applicationURL = inputPortalNoAccessToken.getInjectedUrl().toString() + "?access_token=invalid_token"; @@ -1026,6 +1155,7 @@ public abstract class AbstractDemoServletsAdapterTest extends AbstractServletsAd Assert.assertEquals(applicationURL, driver.getCurrentUrl()); System.out.println(driver.getPageSource()); inputPortalNoAccessToken.execute("hello"); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); } @Test diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionFilterServletAdapterTest.java new file mode 100644 index 0000000000..e8042cbb87 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionFilterServletAdapterTest.java @@ -0,0 +1,31 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.keycloak.testsuite.adapter.servlet; + +import org.junit.Ignore; +import org.junit.Test; + +public abstract class AbstractSessionFilterServletAdapterTest extends AbstractSessionServletAdapterTest { + + @Test + @Override + @Ignore + public void testAccountManagementSessionsLogout() { + //Can't test this because backchannel logout for filter does not invalidate the session + } + +} \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionServletAdapterTest.java index 65124e4e56..31bdc7dacd 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/AbstractSessionServletAdapterTest.java @@ -76,6 +76,7 @@ public abstract class AbstractSessionServletAdapterTest extends AbstractServlets @SecondBrowser protected WebDriver driver2; + //KEYCLOAK-732 @Test public void testSingleSessionInvalidated() { @@ -116,6 +117,7 @@ public abstract class AbstractSessionServletAdapterTest extends AbstractServlets } + //KEYCLOAK-741 @Test public void testSessionInvalidatedAfterFailedRefresh() { RealmRepresentation testRealmRep = testRealmResource().toRepresentation(); @@ -152,6 +154,7 @@ public abstract class AbstractSessionServletAdapterTest extends AbstractServlets testRealmResource().update(testRealmRep); } + //KEYCLOAK-942 @Test public void testAdminApplicationLogout() { // login as bburke @@ -171,6 +174,7 @@ public abstract class AbstractSessionServletAdapterTest extends AbstractServlets driver.navigate().to(logoutUri); } + //KEYCLOAK-1216 @Test public void testAccountManagementSessionsLogout() { // login as bburke diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/MultiTenancyTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/MultiTenancyTest.java new file mode 100644 index 0000000000..23bd4bddf4 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/MultiTenancyTest.java @@ -0,0 +1,146 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.keycloak.testsuite.adapter.undertow.servlet; + +import java.util.List; +import javax.ws.rs.core.UriBuilder; +import org.jboss.arquillian.container.test.api.Deployment; +import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.junit.After; +import org.junit.Assert; +import org.junit.Test; +import org.keycloak.protocol.oidc.OIDCLoginProtocolService; +import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest; +import org.keycloak.testsuite.adapter.servlet.ErrorServlet; +import org.keycloak.testsuite.adapter.servlet.MultiTenantResolver; +import org.keycloak.testsuite.adapter.servlet.MultiTenantServlet; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; +import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.util.IOUtil.loadRealm; +import org.keycloak.testsuite.util.URLAssert; +import org.keycloak.testsuite.util.WaitUtils; + +/** + * note: migrated from old testsuite + * + * @author Juraci Paixão Kröhling + */ +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) +public class MultiTenancyTest extends AbstractServletsAdapterTest { + + @Override + public void addAdapterTestRealms(List testRealms) { + testRealms.add(loadRealm("/adapter-test/tenant1-realm.json")); + testRealms.add(loadRealm("/adapter-test/tenant2-realm.json")); + } + + @Override + protected boolean isImportAfterEachMethod() { + return false; + } + + @Deployment(name = "multi-tenant") + protected static WebArchive multiTenant() { + return servletDeploymentMultiTenant("multi-tenant", MultiTenantServlet.class, ErrorServlet.class, MultiTenantResolver.class); + } + + @After + public void afterTest() { + driver.manage().deleteAllCookies(); + } + + /** + * Simplest scenario: one user, one realm. The user is not logged in at + * any other realm + */ + @Test + public void testTenantsLoggingOut() { + doTenantRequests("tenant1", true); + doTenantRequests("tenant2", true); + } + + /** + * This tests the adapter's ability to deal with multiple sessions + * from the same user, one for each realm. It should not mixup and return + * a session from tenant1 to tenant2 + */ + @Test + public void testTenantsWithoutLoggingOut() { + doTenantRequests("tenant1", true); + doTenantRequests("tenant2", true); + + doTenantRequests("tenant1", false); + doTenantRequests("tenant2", true); + } + + /** + * This test simulates an user that is not logged in yet, and tries to login + * into tenant1 using an account from tenant2. + * On this scenario, the user should be shown the login page again. + */ + @Test + public void testUnauthorizedAccessNotLoggedIn() { + String keycloakServerBaseUrl = authServerPage.toString(); + + driver.navigate().to(authServerContextRootPage + "/multi-tenant/tenant1"); + WaitUtils.waitForPageToLoad(); + URLAssert.assertCurrentUrlStartsWith(keycloakServerBaseUrl); + + String currentUrl = driver.getCurrentUrl(); + String toString = testRealmLoginPage.toString(); + testRealmLoginPage.form().login("user-tenant2", "user-tenant2"); + URLAssert.assertCurrentUrlStartsWith(keycloakServerBaseUrl); + } + + /** + * This test simulates an user which is already logged in into tenant1 + * and tries to access a resource on tenant2. + * On this scenario, the user should be shown the login page again. + */ + @Test + public void testUnauthorizedAccessLoggedIn() { + doTenantRequests("tenant1", false); + + driver.navigate().to(authServerContextRootPage + "/multi-tenant/tenant2"); + URLAssert.assertCurrentUrlStartsWith(authServerPage.toString()); + } + + private void doTenantRequests(String tenant, boolean logout) { + String tenantLoginUrl = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(authServerPage.getAuthRoot())).build(tenant).toString(); + String tenantUrl = authServerContextRootPage + "/multi-tenant/" + tenant; + + driver.navigate().to(tenantUrl); + URLAssert.assertCurrentUrlStartsWith(tenantLoginUrl); + testRealmLoginPage.form().login("bburke@redhat.com", "password"); + log.debug("Current url: " + driver.getCurrentUrl()); + + URLAssert.assertCurrentUrlStartsWith(tenantUrl); + String pageSource = driver.getPageSource(); + log.debug(pageSource); + + Assert.assertTrue(pageSource.contains("Username: bburke@redhat.com")); + Assert.assertTrue(pageSource.contains("Realm: " + tenant)); + + if (logout) { + driver.navigate().to(authServerContextRootPage + "/multi-tenant/" + tenant + "/logout"); + Assert.assertFalse(driver.getPageSource().contains("Username: bburke@redhat.com")); + Assert.assertTrue(driver.getCurrentUrl().startsWith(tenantLoginUrl)); + } + log.debug("---------------------------------------------------------------------------------------"); + } +} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowBrokerLinkAndTokenExchangeTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowBrokerLinkAndTokenExchangeTest.java index add7d1f1de..d21dddc28a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowBrokerLinkAndTokenExchangeTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowBrokerLinkAndTokenExchangeTest.java @@ -20,11 +20,13 @@ import org.junit.Test; import org.keycloak.testsuite.adapter.servlet.AbstractBrokerLinkAndTokenExchangeTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + /** * * @author Vlastislav Ramik */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowBrokerLinkAndTokenExchangeTest extends AbstractBrokerLinkAndTokenExchangeTest { //@Test diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowClientInitiatedAccountLinkTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowClientInitiatedAccountLinkTest.java index 336d6b7e55..38f54bb8f4 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowClientInitiatedAccountLinkTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowClientInitiatedAccountLinkTest.java @@ -20,11 +20,13 @@ import org.junit.Test; import org.keycloak.testsuite.adapter.servlet.AbstractClientInitiatedAccountLinkTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + /** * * @author Vlastislav Ramik */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowClientInitiatedAccountLinkTest extends AbstractClientInitiatedAccountLinkTest { //@Test diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoFilterServletAdapterTest.java index ca4c5c21b6..e759bb133a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoFilterServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoFilterServletAdapterTest.java @@ -20,11 +20,11 @@ package org.keycloak.testsuite.adapter.undertow.servlet; import org.keycloak.testsuite.adapter.servlet.AbstractDemoFilterServletAdapterTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; -import org.junit.Ignore; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; /** * @author Marek Posolda */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowDemoFilterServletAdapterTest extends AbstractDemoFilterServletAdapterTest { } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoServletsAdapterTest.java index 860c3d3896..ab19c0de90 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowDemoServletsAdapterTest.java @@ -17,14 +17,21 @@ package org.keycloak.testsuite.adapter.undertow.servlet; +import org.junit.Test; import org.keycloak.testsuite.adapter.servlet.AbstractDemoServletsAdapterTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; -import org.junit.Ignore; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; /** * @author Marek Posolda */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowDemoServletsAdapterTest extends AbstractDemoServletsAdapterTest { + + @Test + @Override + public void testLoginEncodedRedirectUri() { + super.testLoginEncodedRedirectUri(); + } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java index 0dfd99c996..77d2def82a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOIDCPublicKeyRotationAdapterTest.java @@ -20,9 +20,11 @@ package org.keycloak.testsuite.adapter.undertow.servlet; import org.keycloak.testsuite.adapter.servlet.AbstractOIDCPublicKeyRotationAdapterTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + /** * @author Marek Posolda */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowOIDCPublicKeyRotationAdapterTest extends AbstractOIDCPublicKeyRotationAdapterTest { } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOfflineServletsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOfflineServletsAdapterTest.java index 517d18ab0d..c330ee9e94 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOfflineServletsAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowOfflineServletsAdapterTest.java @@ -20,9 +20,11 @@ package org.keycloak.testsuite.adapter.undertow.servlet; import org.keycloak.testsuite.adapter.servlet.AbstractOfflineServletsAdapterTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + /** * @author Marek Posolda */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowOfflineServletsAdapterTest extends AbstractOfflineServletsAdapterTest { } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowRelaviteUriAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowRelaviteUriAdapterTest.java new file mode 100644 index 0000000000..e6308f06b7 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowRelaviteUriAdapterTest.java @@ -0,0 +1,149 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.keycloak.testsuite.adapter.undertow.servlet; + +import java.util.List; +import java.util.Map; +import org.jboss.arquillian.container.test.api.Deployment; +import org.jboss.arquillian.graphene.page.Page; +import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.junit.Assert; +import org.junit.Test; +import org.keycloak.OAuth2Constants; +import org.keycloak.protocol.oidc.OIDCLoginProtocolService; +import org.keycloak.representations.idm.RealmRepresentation; +import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest; +import org.keycloak.testsuite.adapter.filter.AdapterActionsFilter; +import org.keycloak.testsuite.adapter.page.CustomerDb; +import org.keycloak.testsuite.adapter.page.CustomerPortal; +import org.keycloak.testsuite.adapter.page.ProductPortal; +import org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet; +import org.keycloak.testsuite.adapter.servlet.CustomerServlet; +import org.keycloak.testsuite.adapter.servlet.ErrorServlet; +import org.keycloak.testsuite.adapter.servlet.ProductServlet; +import org.keycloak.testsuite.adapter.servlet.ServletTestUtils; +import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; + +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; +import static org.keycloak.testsuite.auth.page.AuthRealm.DEMO; +import static org.keycloak.testsuite.util.IOUtil.loadRealm; +import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals; +import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf; + +/** + * Also tests relative URIs in the adapter and valid redirect uris. + * Also tests adapters not configured with public key + * + * note: migrated from old testsuite + * + * @author Bill Burke + */ +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) +public class UndertowRelaviteUriAdapterTest extends AbstractServletsAdapterTest { + + @Page + private CustomerPortal customerPortal; + @Page + private ProductPortal productPortal; + + @Override + public void addAdapterTestRealms(List testRealms) { + testRealms.add(loadRealm("/adapter-test/demorealm-relative.json")); + } + + @Deployment(name = CustomerPortal.DEPLOYMENT_NAME) + protected static WebArchive customerPortal() { + return servletDeployment(CustomerPortal.DEPLOYMENT_NAME, "keycloak-relative.json", CustomerServlet.class, ErrorServlet.class, ServletTestUtils.class); + } + + @Deployment(name = CustomerDb.DEPLOYMENT_NAME) + protected static WebArchive customerDb() { + return servletDeployment(CustomerDb.DEPLOYMENT_NAME, "keycloak-relative.json", AdapterActionsFilter.class, CustomerDatabaseServlet.class); + } + + @Deployment(name = ProductPortal.DEPLOYMENT_NAME) + protected static WebArchive productPortal() { + return servletDeployment(ProductPortal.DEPLOYMENT_NAME, "keycloak-relative.json", ProductServlet.class); + } + + @Test + public void testLoginSSOAndLogout() { + // test login to customer-portal which does a bearer request to customer-db + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + testRealmLoginPage.form().login("bburke@redhat.com", "password"); + assertCurrentUrlEquals(customerPortal); + String pageSource = driver.getPageSource(); + Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); + + // test SSO + productPortal.navigateTo(); + assertCurrentUrlEquals(productPortal); + pageSource = driver.getPageSource(); + Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad")); + + // View stats + List> stats = adminClient.realm(DEMO).getClientSessionStats(); + Map customerPortalStats = null; + Map productPortalStats = null; + for (Map s : stats) { + switch (s.get("clientId")) { + case "customer-portal": + customerPortalStats = s; + break; + case "product-portal": + productPortalStats = s; + break; + } + } + Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active"))); + Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active"))); + + // test logout + String logoutUri = OIDCLoginProtocolService.logoutUrl(authServerPage.createUriBuilder()) + .queryParam(OAuth2Constants.REDIRECT_URI, customerPortal.toString()).build("demo").toString(); + driver.navigate().to(logoutUri); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + productPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + } + + @Test + public void testServletRequestLogout() { + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + testRealmLoginPage.form().login("bburke@redhat.com", "password"); + assertCurrentUrlEquals(customerPortal); + Assert.assertTrue(driver.getPageSource().contains("Bill Burke")); + + + productPortal.navigateTo(); + assertCurrentUrlEquals(productPortal); + Assert.assertTrue(driver.getPageSource().contains("iPhone")); + + // test logout + driver.navigate().to(customerPortal.logout()); + Assert.assertTrue(driver.getPageSource().contains("servlet logout ok")); + + customerPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + productPortal.navigateTo(); + assertCurrentUrlStartsWithLoginUrlOf(testRealmPage); + } +} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionFilterServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionFilterServletAdapterTest.java new file mode 100644 index 0000000000..efd6783fd9 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionFilterServletAdapterTest.java @@ -0,0 +1,28 @@ +/* + * Copyright 2018 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.testsuite.adapter.undertow.servlet; + +import org.keycloak.testsuite.adapter.servlet.AbstractSessionFilterServletAdapterTest; +import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; + +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + + +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) +public class UndertowSessionFilterServletAdapterTest extends AbstractSessionFilterServletAdapterTest { +} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionServletAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionServletAdapterTest.java index 73c6a227c8..f10043edd2 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionServletAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UndertowSessionServletAdapterTest.java @@ -20,9 +20,11 @@ package org.keycloak.testsuite.adapter.undertow.servlet; import org.keycloak.testsuite.adapter.servlet.AbstractSessionServletAdapterTest; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; + /** * @author Marek Posolda */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UndertowSessionServletAdapterTest extends AbstractSessionServletAdapterTest { } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UserStorageConsentTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UserStorageConsentTest.java index 04426aafe3..9698c9bd23 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UserStorageConsentTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/undertow/servlet/UserStorageConsentTest.java @@ -52,6 +52,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_CONTAINER_DEFAULT; import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals; import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf; @@ -59,7 +60,7 @@ import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLo * @author Bill Burke * @version $Revision: 1 $ */ -@AppServerContainer("auth-server-undertow") +@AppServerContainer(AUTH_SERVER_CONTAINER_DEFAULT) public class UserStorageConsentTest extends AbstractServletsAdapterTest { @Page diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/META-INF/context.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/META-INF/context.xml new file mode 100644 index 0000000000..abff3d28be --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/META-INF/context.xml @@ -0,0 +1,20 @@ + + + + + \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/jetty-web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/jetty-web.xml new file mode 100644 index 0000000000..8df593613b --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/jetty-web.xml @@ -0,0 +1,46 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-portal/WEB-INF/keycloak-cookie.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/keycloak.json similarity index 100% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-portal/WEB-INF/keycloak-cookie.json rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/keycloak.json diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/web.xml new file mode 100644 index 0000000000..a744f9ea48 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-cookie-portal/WEB-INF/web.xml @@ -0,0 +1,69 @@ + + + + + + customer-cookie-portal + + + Servlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet + + + Error Servlet + org.keycloak.testsuite.adapter.servlet.ErrorServlet + + + + Servlet + /* + + + + Error Servlet + /error.html + + + + + Users + /* + + + user + + + + + Errors + /error.html + + + + + KEYCLOAK + demo + + + + user + + diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index f8f5ccfcca..02136ea14a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -32,6 +32,23 @@ org.keycloak.testsuite.adapter.servlet.ErrorServlet + + 400 + /error.html + + + 401 + /error.html + + + 403 + /error.html + + + 500 + /error.html + + Servlet /* diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm-relative.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm-relative.json new file mode 100644 index 0000000000..76886beba3 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm-relative.json @@ -0,0 +1,107 @@ +{ + "realm": "demo", + "enabled": true, + "accessTokenLifespan": 3000, + "accessCodeLifespan": 10, + "accessCodeLifespanUserAction": 6000, + "sslRequired": "external", + "registrationAllowed": false, + "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", + "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "requiredCredentials": [ "password" ], + "users" : [ + { + "username" : "bburke@redhat.com", + "enabled": true, + "email" : "bburke@redhat.com", + "firstName": "Bill", + "lastName": "Burke", + "credentials" : [ + { "type" : "password", + "value" : "password" } + ], + "realmRoles": [ "user" ], + "applicationRoles": { + "account": [ "manage-account" ] + } + } + ], + "roles" : { + "realm" : [ + { + "name": "user", + "description": "User privileges" + }, + { + "name": "admin", + "description": "Administrator privileges" + } + ] + }, + "scopeMappings": [ + { + "client": "third-party", + "roles": ["user"] + }, + { + "client": "customer-portal", + "roles": ["user"] + }, + { + "client": "product-portal", + "roles": ["user"] + } + + ], + "applications": [ + { + "name": "customer-portal", + "enabled": true, + "adminUrl": "/customer-portal", + "baseUrl": "/customer-portal", + "redirectUris": [ + "/customer-portal/*" + ], + "secret": "password" + }, + { + "name": "customer-portal-js", + "enabled": true, + "publicClient": true, + "baseUrl": "/customer-portal-js", + "redirectUris": [ + "/customer-portal-js/*" + ] + }, + { + "name": "customer-portal-cli", + "enabled": true, + "publicClient": true, + "redirectUris": [ + "urn:ietf:wg:oauth:2.0:oob", + "http://localhost" + ] + }, + { + "name": "product-portal", + "enabled": true, + "adminUrl": "/product-portal", + "baseUrl": "/product-portal", + "redirectUris": [ + "/product-portal/*" + ], + "secret": "password" + } + ], + "oauthClients": [ + { + "name": "third-party", + "enabled": true, + "redirectUris": [ + "/oauth-client/*", + "/oauth-client-cdi/*" + ], + "secret": "password" + } + ] +} diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json index 583d8d3635..bd1ced29c2 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/demorealm.json @@ -141,7 +141,8 @@ "redirectUris": [ "/customer-portal/*" ], - "secret": "password" + "secret": "password", + "directAccessGrantsEnabled": true }, { "clientId": "customer-portal-subsystem", diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal/WEB-INF/keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal/WEB-INF/keycloak.json index eecc24bac9..0a72fd5c68 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal/WEB-INF/keycloak.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal/WEB-INF/keycloak.json @@ -1,7 +1,7 @@ { "realm" : "demo", "resource" : "input-portal", - "auth-server-url" : "http://${my.host.name}:8180/auth", + "auth-server-url" : "http://localhost:8180/auth", "ssl-required" : "external", "min-time-between-jwks-requests": 120, "credentials" : { diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/META-INF/context.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/META-INF/context.xml new file mode 100644 index 0000000000..7d047a597d --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/META-INF/context.xml @@ -0,0 +1,20 @@ + + + + + \ No newline at end of file diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/classes/tenant1-keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/tenant1-keycloak.json similarity index 100% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/classes/tenant1-keycloak.json rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/tenant1-keycloak.json diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/classes/tenant2-keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/tenant2-keycloak.json similarity index 100% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/classes/tenant2-keycloak.json rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/tenant2-keycloak.json diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/web.xml index 72433c5c9d..644b1f01ce 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/web.xml +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/multi-tenant/WEB-INF/web.xml @@ -34,7 +34,7 @@ - Servlet + MultiTenantServlet /* @@ -50,6 +50,7 @@ KEYCLOAK + not-important diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/META-INF/context.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/META-INF/context.xml similarity index 100% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/META-INF/context.xml rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/META-INF/context.xml diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/jetty-web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/jetty-web.xml similarity index 100% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/jetty-web.xml rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/jetty-web.xml diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/keycloak.json similarity index 72% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/keycloak.json rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/keycloak.json index 92446db12b..3277924fa5 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/keycloak.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/keycloak.json @@ -1,10 +1,9 @@ { "realm" : "demo", - "resource" : "input-portal-no-access-token", + "resource" : "no-access-token", "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", - "auth-server-url" : "http://${my.host.name}:8180/auth", + "auth-server-url" : "http://localhost:8180/auth", "ssl-required" : "external", - "min-time-between-jwks-requests": 120, "credentials" : { "secret": "password" }, diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/web.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/web.xml similarity index 87% rename from testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/web.xml rename to testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/web.xml index 272a262195..7d8f2ec79f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/input-portal-no-access-token/WEB-INF/web.xml +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/no-access-token/WEB-INF/web.xml @@ -21,7 +21,7 @@ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0"> - input-portal-no-access-token + no-access-token Servlet @@ -42,15 +42,18 @@ user + + + public + /* + + KEYCLOAK demo - - admin - user diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/session-portal/WEB-INF/keycloak.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/session-portal/WEB-INF/keycloak.json index d07b7382eb..45f1759232 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/session-portal/WEB-INF/keycloak.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/session-portal/WEB-INF/keycloak.json @@ -2,7 +2,7 @@ "realm" : "demo", "resource" : "session-portal", "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", - "auth-server-url" : "http://${my.host.name}:8180/auth", + "auth-server-url" : "http://localhost:8180/auth", "ssl-required" : "external", "credentials" : { "secret": "password" diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant1-realm.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant1-realm.json index b565c05926..76a3c029c2 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant1-realm.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant1-realm.json @@ -22,7 +22,7 @@ "value" : "password" } ], "realmRoles": [ "user" ], - "applicationRoles": { + "clientRoles": { "multi-tenant": [ "user" ] } }, @@ -37,7 +37,7 @@ "value" : "user-tenant1" } ], "realmRoles": [ "user" ], - "applicationRoles": { + "clientRoles": { "multi-tenant": [ "user" ] } } @@ -61,20 +61,10 @@ { "clientId": "multi-tenant", "enabled": true, - "adminUrl": "/multi-tenant", - "baseUrl": "/multi-tenant", + "adminUrl": "/multi-tenant/tenant1", + "baseUrl": "/multi-tenant/tenant1", "redirectUris": [ - "/multi-tenant/*" - ], - "secret": "password" - }, - { - "clientId": "multitenant", - "enabled": true, - "adminUrl": "/multitenant/tenant1", - "baseUrl": "/multitenant/tenant1", - "redirectUris": [ - "/multitenant/tenant1/*" + "/multi-tenant/tenant1/*" ], "secret": "password" } diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant2-realm.json b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant2-realm.json index 54b28a4086..b925b444cc 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant2-realm.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/adapter-test/tenant2-realm.json @@ -22,7 +22,7 @@ "value" : "password" } ], "realmRoles": [ "user" ], - "applicationRoles": { + "clientRoles": { "multi-tenant": [ "user" ] } }, @@ -37,7 +37,7 @@ "value" : "user-tenant2" } ], "realmRoles": [ "user" ], - "applicationRoles": { + "clientRoles": { "multi-tenant": [ "user" ] } } @@ -61,10 +61,10 @@ { "clientId": "multi-tenant", "enabled": true, - "adminUrl": "/multi-tenant", - "baseUrl": "/multi-tenant", + "adminUrl": "/multi-tenant/tenant2", + "baseUrl": "/multi-tenant/tenant2", "redirectUris": [ - "/multi-tenant/*" + "/multi-tenant/tenant2/*" ], "secret": "password" } diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java deleted file mode 100755 index c729a8ad12..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java +++ /dev/null @@ -1,244 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.rule.AbstractKeycloakRule; - -import java.net.URL; - -/** - * Tests Undertow Adapter - * - * @author Bill Burke - * @author John Ament - */ -public class AdapterTest { - - @ClassRule - public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { - @Override - protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { - AdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass()); - - URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json"); - createApplicationDeployment() - .name("customer-portal").contextPath("/customer-portal") - .servletClass(CustomerServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/secure-portal-keycloak.json"); - createApplicationDeployment() - .name("secure-portal").contextPath("/secure-portal") - .servletClass(CallAuthenticatedServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .isConstrained(false).deployApplication(); - - url = getClass().getResource("/adapter-test/customer-db-keycloak.json"); - createApplicationDeployment() - .name("customer-db").contextPath("/customer-db") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .errorPage(null).deployApplication(); - - createApplicationDeployment() - .name("customer-db-error-page").contextPath("/customer-db-error-page") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/product-keycloak.json"); - createApplicationDeployment() - .name("product-portal").contextPath("/product-portal") - .servletClass(ProductServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/product-autodetect-bearer-only-keycloak.json"); - createApplicationDeployment() - .name("product-portal-autodetect-bearer-only").contextPath("/product-portal-autodetect-bearer-only") - .servletClass(ProductServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - // Test that replacing system properties works for adapters - System.setProperty("app.server.base.url", "http://localhost:8081"); - System.setProperty("my.host.name", "localhost"); - url = getClass().getResource("/adapter-test/session-keycloak.json"); - createApplicationDeployment() - .name("session-portal").contextPath("/session-portal") - .servletClass(SessionServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/input-keycloak.json"); - createApplicationDeployment() - .name("input-portal").contextPath("/input-portal") - .servletClass(InputServlet.class).adapterConfigPath(url.getPath()) - .role("user").constraintUrl("/secured/*").deployApplication(); - - url = getClass().getResource("/adapter-test/no-access-token.json"); - createApplicationDeployment() - .name("no-access-token").contextPath("/no-access-token") - .servletClass(InputServlet.class).adapterConfigPath(url.getPath()) - .role("user").constraintUrl("/secured/*").deployApplication(); - } - }; - - @Rule - public AdapterTestStrategy testStrategy = new AdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8081", keycloakRule); - - //@Test - public void testUi() throws Exception { - Thread.sleep(1000000000); - } - - @Test - public void testLoginSSOAndLogout() throws Exception { - testStrategy.testLoginSSOMax(); - - testStrategy.testLoginSSOAndLogout(); - } - - @Test - public void testLoginEncodedRedirectUri() throws Exception { - testStrategy.testLoginEncodedRedirectUri(); - } - - @Test - public void testSavedPostRequest() throws Exception { - testStrategy.testSavedPostRequest(); - } - - @Test - public void testServletRequestLogout() throws Exception { - testStrategy.testServletRequestLogout(); - } - - @Test - public void testLoginSSOIdle() throws Exception { - testStrategy.testLoginSSOIdle(); - - } - - @Test - public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception { - testStrategy.testLoginSSOIdleRemoveExpiredUserSessions(); - } - - @Test - public void testLoginSSOMax() throws Exception { - testStrategy.testLoginSSOMax(); - } - - /** - * KEYCLOAK-518 - * @throws Exception - */ - @Test - public void testNullBearerToken() throws Exception { - testStrategy.testNullBearerToken(); - } - - /** - * KEYCLOAK-1368 - * @throws Exception - */ - @Test - public void testNullBearerTokenCustomErrorPage() throws Exception { - testStrategy.testNullBearerTokenCustomErrorPage(); - } - - @Test - public void testAutodetectBearerOnly() throws Exception { - testStrategy.testAutodetectBearerOnly(); - } - - @Test - public void testBasicAuthErrorHandling() throws Exception { - testStrategy.testBasicAuthErrorHandling(); - } - - /** - * KEYCLOAK-518 - * @throws Exception - */ - @Test - public void testBadUser() throws Exception { - testStrategy.testBadUser(); - } - - @Test - public void testAuthenticated() throws Exception { - testStrategy.testAuthenticated(); - } - - /** - * KEYCLOAK-732 - * - * @throws Throwable - */ - @Test - public void testSingleSessionInvalidated() throws Throwable { - testStrategy.testSingleSessionInvalidated(); - } - - /** - * KEYCLOAK-741 - */ - @Test - public void testSessionInvalidatedAfterFailedRefresh() throws Throwable { - testStrategy.testSessionInvalidatedAfterFailedRefresh(); - - } - - /** - * KEYCLOAK-942 - */ - @Test - public void testAdminApplicationLogout() throws Throwable { - testStrategy.testAdminApplicationLogout(); - } - - /** - * KEYCLOAK-1216 - */ - @Test - public void testAccountManagementSessionsLogout() throws Throwable { - testStrategy.testAccountManagementSessionsLogout(); - } - - /** - * KEYCLOAK-1733 - */ - @Test - public void testNullQueryParameterAccessToken() throws Exception { - testStrategy.testNullQueryParameterAccessToken(); - } - - @Test - public void testRestCallWithAccessTokenAsQueryParameter() throws Exception { - testStrategy.testRestCallWithAccessTokenAsQueryParameter(); - - } - - @Test - public void testCallURLWithAccessToken() throws Exception { - testStrategy.checkThatAccessTokenCanBeSentPublicly(); - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CallAuthenticatedServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CallAuthenticatedServlet.java deleted file mode 100755 index ad7323a75c..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CallAuthenticatedServlet.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.keycloak.KeycloakSecurityContext; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public class CallAuthenticatedServlet extends HttpServlet { - private static final String LINK = "%s"; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (!req.authenticate(resp)) { - return; - } - - KeycloakSecurityContext sc = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName()); - Assert.assertNotNull(sc); - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - pw.printf("%s", "Customer Portal"); - pw.println("Stian Thorgersen"); - pw.println("Bill Burke"); - pw.print(""); - pw.flush(); - - - - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CookieTokenStoreAdapterTest.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CookieTokenStoreAdapterTest.java deleted file mode 100755 index 07d3140b71..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CookieTokenStoreAdapterTest.java +++ /dev/null @@ -1,219 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.keycloak.common.util.Time; -import org.keycloak.constants.AdapterConstants; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.protocol.oidc.OIDCLoginProtocolService; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.KeycloakServer; -import org.keycloak.testsuite.OAuthClient; -import org.keycloak.testsuite.pages.LoginPage; -import org.keycloak.testsuite.rule.AbstractKeycloakRule; -import org.keycloak.testsuite.rule.WebResource; -import org.keycloak.testsuite.rule.WebRule; -import org.openqa.selenium.Cookie; -import org.openqa.selenium.WebDriver; - -import javax.ws.rs.core.UriBuilder; -import java.net.URL; - -/** - * KEYCLOAK-702 - * - * @author Marek Posolda - */ -public class CookieTokenStoreAdapterTest { - - public static final String LOGIN_URL = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build("demo").toString(); - - @ClassRule - public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { - - @Override - protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { - // Other tests may left Time offset uncleared, which could cause issues - Time.setOffset(0); - - RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/demorealm.json"), RealmRepresentation.class); - manager.importRealm(representation); - - URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json"); - createApplicationDeployment() - .name("customer-portal").contextPath("/customer-portal") - .servletClass(CustomerServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/cust-app-cookie-keycloak.json"); - createApplicationDeployment() - .name("customer-cookie-portal").contextPath("/customer-cookie-portal") - .servletClass(CustomerServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/customer-db-keycloak.json"); - createApplicationDeployment() - .name("customer-db").contextPath("/customer-db") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .errorPage(null).deployApplication(); - } - }; - - @Rule - public WebRule webRule = new WebRule(this); - - @WebResource - protected WebDriver driver; - - @WebResource - protected OAuthClient oauth; - - @WebResource - protected LoginPage loginPage; - - @Test - public void testTokenInCookieSSO() throws Throwable { - // Login - String tokenCookie = loginToCustomerCookiePortal(); - - // SSO to second app - driver.navigate().to("http://localhost:8081/customer-portal"); - assertLogged(); - - // return to customer-cookie-portal and assert still same cookie (accessToken didn't expire) - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - assertLogged(); - String tokenCookie2 = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); - Assert.assertEquals(tokenCookie, tokenCookie2); - - // Logout with httpServletRequest - logoutFromCustomerCookiePortal(); - - // Also should be logged-out from the second app - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - } - - @Test - public void testTokenInCookieRefresh() throws Throwable { - try { - // Set token timeout 1 sec - KeycloakSession session = keycloakRule.startSession(); - RealmModel realm = session.realms().getRealmByName("demo"); - int originalTokenTimeout = realm.getAccessTokenLifespan(); - realm.setAccessTokenLifespan(3); - session.getTransactionManager().commit(); - session.close(); - - // login to customer-cookie-portal - String tokenCookie1 = loginToCustomerCookiePortal(); - - // Simulate waiting 4 seconds (Running testsuite in real env like Wildfly or EAP may still require to do Thread.sleep to really wait 4 seconds...) - Time.setOffset(4); - //Thread.sleep(4000); - - // assert cookie was refreshed - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-cookie-portal"); - assertLogged(); - String tokenCookie2 = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); - Assert.assertNotEquals(tokenCookie1, tokenCookie2); - - // login to 2nd app and logout from it - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal"); - assertLogged(); - - driver.navigate().to("http://localhost:8081/customer-portal/logout"); - Assert.assertTrue(driver.getPageSource().contains("servlet logout ok")); - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - - // Simulate another 4 seconds - Time.setOffset(8); - - // assert not logged in customer-cookie-portal - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - - // Change timeout back - Time.setOffset(0); - session = keycloakRule.startSession(); - realm = session.realms().getRealmByName("demo"); - realm.setAccessTokenLifespan(originalTokenTimeout); - session.getTransactionManager().commit(); - session.close(); - } finally { - Time.setOffset(0); - } - } - - @Test - public void testInvalidTokenCookie() throws Throwable { - // Login - String tokenCookie = loginToCustomerCookiePortal(); - String changedTokenCookie = tokenCookie.replace("a", "b"); - - // change cookie to invalid value - driver.manage().addCookie(new Cookie(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE, changedTokenCookie, "/customer-cookie-portal")); - - // visit page and assert re-logged and cookie was refreshed - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-cookie-portal"); - String currentCookie = driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); - Assert.assertNotEquals(currentCookie, tokenCookie); - Assert.assertNotEquals(currentCookie, changedTokenCookie); - - // logout - logoutFromCustomerCookiePortal(); - } - - // login to customer-cookie-portal and return the KEYCLOAK_ADAPTER_STATE cookie established on adapter - private String loginToCustomerCookiePortal() { - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - loginPage.login("bburke@redhat.com", "password"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-cookie-portal"); - assertLogged(); - - // Assert no JSESSIONID cookie - Assert.assertNull(driver.manage().getCookieNamed("JSESSIONID")); - - return driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE).getValue(); - } - - private void logoutFromCustomerCookiePortal() { - driver.navigate().to("http://localhost:8081/customer-cookie-portal/logout"); - Assert.assertTrue(driver.getPageSource().contains("servlet logout ok")); - Assert.assertNull(driver.manage().getCookieNamed(AdapterConstants.KEYCLOAK_ADAPTER_STATE_COOKIE)); - driver.navigate().to("http://localhost:8081/customer-cookie-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - } - - private void assertLogged() { - String pageSource = driver.getPageSource(); - Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java deleted file mode 100755 index ddf097eec0..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerDatabaseServlet.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; -import java.security.Principal; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public class CustomerDatabaseServlet extends HttpServlet { - private static final String LINK = "%s"; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - // test that bearer token auth never has an HTTP session created - Assert.assertNull(req.getSession(false)); - - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - Principal principal = req.getUserPrincipal(); - Assert.assertNotNull(principal); - pw.printf("%s", "Customer Portal"); - pw.println("Stian Thorgersen"); - pw.println("Bill Burke"); - pw.print(""); - pw.flush(); - - - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java deleted file mode 100755 index 9ac7002951..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.keycloak.KeycloakSecurityContext; -import org.keycloak.adapters.RefreshableKeycloakSecurityContext; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.client.WebTarget; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.Response; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public class CustomerServlet extends HttpServlet { - private static final String LINK = "%s"; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - PrintWriter pw = resp.getWriter(); - if (req.getRequestURI().toString().endsWith("logout")) { - resp.setStatus(200); - pw.println("servlet logout ok"); - - // Call logout before pw.flush - req.logout(); - pw.flush(); - return; - } - KeycloakSecurityContext context = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName()); - Client client = ClientBuilder.newClient(); - - try { - String appBase = System.getProperty("app.server.base.url", "http://localhost:8081"); - WebTarget target = client.target(appBase + "/customer-db/"); - Response response = target.request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Assert not possible to authenticate with refresh token - RefreshableKeycloakSecurityContext refreshableContext = (RefreshableKeycloakSecurityContext) context; - response = target.request() - .header(HttpHeaders.AUTHORIZATION, "Bearer " + refreshableContext.getRefreshToken()) - .get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - String html = target.request() - .header(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString()) - .get(String.class); - resp.setContentType("text/html"); - pw.println(html); - pw.flush(); - } finally { - client.close(); - } - - - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/FilterAdapterTest.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/FilterAdapterTest.java deleted file mode 100755 index 8b7e6ffae3..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/FilterAdapterTest.java +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.rule.AbstractKeycloakRule; - -import java.net.URL; -import java.security.PublicKey; - -/** - * Tests Undertow Adapter - * - * @author Bill Burke - */ -public class FilterAdapterTest { - - @ClassRule - public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { - @Override - protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { - AdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass()); - - URL url = getClass().getResource("/adapter-test/cust-app-keycloak.json"); - createApplicationDeployment() - .name("customer-portal").contextPath("/customer-portal") - .servletClass(CustomerServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplicationWithFilter(); - - url = getClass().getResource("/adapter-test/secure-portal-keycloak.json"); - createApplicationDeployment() - .name("secure-portal").contextPath("/secure-portal") - .servletClass(CallAuthenticatedServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .isConstrained(false).deployApplicationWithFilter(); - - url = getClass().getResource("/adapter-test/customer-db-keycloak.json"); - createApplicationDeployment() - .name("customer-db").contextPath("/customer-db") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .errorPage(null).deployApplicationWithFilter(); - - createApplicationDeployment() - .name("customer-db-error-page").contextPath("/customer-db-error-page") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplicationWithFilter(); - - url = getClass().getResource("/adapter-test/product-keycloak.json"); - createApplicationDeployment() - .name("product-portal").contextPath("/product-portal") - .servletClass(ProductServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplicationWithFilter(); - - // Test that replacing system properties works for adapters - System.setProperty("app.server.base.url", "http://localhost:8081"); - System.setProperty("my.host.name", "localhost"); - url = getClass().getResource("/adapter-test/session-keycloak.json"); - createApplicationDeployment() - .name("session-portal").contextPath("/session-portal") - .servletClass(SessionServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplicationWithFilter(); - - url = getClass().getResource("/adapter-test/input-keycloak.json"); - createApplicationDeployment() - .name("input-portal").contextPath("/input-portal") - .servletClass(InputServlet.class).adapterConfigPath(url.getPath()) - .role("user").constraintUrl("/secured/*").deployApplicationWithFilter(); - } - }; - - @Rule - public AdapterTestStrategy testStrategy = new AdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8081", keycloakRule); - - @Test - public void testLoginSSOAndLogout() throws Exception { - testStrategy.testLoginSSOAndLogout(); - } - - @Test - public void testSavedPostRequest() throws Exception { - System.setProperty("insecure.user.principal.unsupported", "true"); - testStrategy.testSavedPostRequest(); - } - - @Test - public void testServletRequestLogout() throws Exception { - testStrategy.testServletRequestLogout(); - } - - @Test - public void testLoginSSOIdle() throws Exception { - testStrategy.testLoginSSOIdle(); - - } - - @Test - public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception { - testStrategy.testLoginSSOIdleRemoveExpiredUserSessions(); - } - - @Test - public void testLoginSSOMax() throws Exception { - testStrategy.testLoginSSOMax(); - } - - /** - * KEYCLOAK-518 - * @throws Exception - */ - @Test - public void testNullBearerToken() throws Exception { - testStrategy.testNullBearerToken(); - } - - /** - * KEYCLOAK-1368 - * @throws Exception - */ - /* - can't test because of the way filter works - @Test - public void testNullBearerTokenCustomErrorPage() throws Exception { - testStrategy.testNullBearerTokenCustomErrorPage(); - } - */ - - /** - * KEYCLOAK-518 - * @throws Exception - */ - @Test - public void testBadUser() throws Exception { - testStrategy.testBadUser(); - } - - /* - Don't need to test this because HttpServletRequest.authenticate doesn't make sense with filter implementation - - @Test - public void testAuthenticated() throws Exception { - testStrategy.testAuthenticated(); - } - */ - - /** - * KEYCLOAK-732 - * - * @throws Throwable - */ - @Test - public void testSingleSessionInvalidated() throws Throwable { - testStrategy.testSingleSessionInvalidated(); - } - - /** - * KEYCLOAK-741 - */ - @Test - public void testSessionInvalidatedAfterFailedRefresh() throws Throwable { - testStrategy.testSessionInvalidatedAfterFailedRefresh(); - - } - - /** - * KEYCLOAK-942 - */ - @Test - public void testAdminApplicationLogout() throws Throwable { - testStrategy.testAdminApplicationLogout(); - } - - /** - * KEYCLOAK-1216 - */ - /* - Can't test this because backchannel logout for filter does not invalidate the session - @Test - public void testAccountManagementSessionsLogout() throws Throwable { - testStrategy.testAccountManagementSessionsLogout(); - } - */ - -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputServlet.java deleted file mode 100755 index 8b87d1cb0e..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputServlet.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.keycloak.KeycloakSecurityContext; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * @author Bill Burke - */ -public class InputServlet extends HttpServlet { - - private static final String FORM_URLENCODED = "application/x-www-form-urlencoded"; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - String appBase = System.getProperty("app.server.base.url", "http://localhost:8081"); - if (req.getRequestURI().endsWith("insecure")) { - if (System.getProperty("insecure.user.principal.unsupported") == null) Assert.assertNotNull(req.getUserPrincipal()); - if (System.getProperty("insecure.user.principal.unsupported") == null) Assert.assertNotNull(req.getAttribute(KeycloakSecurityContext.class.getName())); - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - pw.printf("%s", "Insecure Page"); - if (req.getUserPrincipal() != null) pw.printf("UserPrincipal: " + req.getUserPrincipal().getName()); - pw.print(""); - pw.flush(); - return; - } - String actionUrl = appBase + "/input-portal/secured/post"; - - - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - pw.printf("%s", "Input Page"); - pw.printf("
", actionUrl); - pw.println(""); - pw.println("
"); - pw.print(""); - pw.flush(); - - - } - - @Override - protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - if (!FORM_URLENCODED.equals(req.getContentType())) { - resp.setStatus(HttpServletResponse.SC_BAD_REQUEST); - PrintWriter pw = resp.getWriter(); - resp.setContentType("text/plain"); - pw.printf("Expecting content type " + FORM_URLENCODED + - ", received " + req.getContentType() + " instead"); - pw.flush(); - return; - } - resp.setContentType("text/plain"); - PrintWriter pw = resp.getWriter(); - pw.printf("parameter="+req.getParameter("parameter")); - pw.flush(); - } - -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenancyTest.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenancyTest.java deleted file mode 100755 index 0d232f8731..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenancyTest.java +++ /dev/null @@ -1,154 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.protocol.oidc.OIDCLoginProtocolService; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.KeycloakServer; -import org.keycloak.testsuite.pages.LoginPage; -import org.keycloak.testsuite.rule.AbstractKeycloakRule; -import org.keycloak.testsuite.rule.WebResource; -import org.keycloak.testsuite.rule.WebRule; -import org.openqa.selenium.WebDriver; - -import javax.ws.rs.core.UriBuilder; - -/** - * - * @author Juraci Paixão Kröhling - */ -public class MultiTenancyTest { - @Rule - public WebRule webRule = new WebRule(this); - - @WebResource - protected LoginPage loginPage; - - @WebResource - protected WebDriver driver; - - @ClassRule - public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() { - @Override - protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { - RealmRepresentation tenant1 = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/tenant1-realm.json"), RealmRepresentation.class); - manager.importRealm(tenant1); - - RealmRepresentation tenant2 = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/tenant2-realm.json"), RealmRepresentation.class); - manager.importRealm(tenant2); - - createApplicationDeployment() - .name("multi-tenant").contextPath("/multi-tenant") - .servletClass(MultiTenantServlet.class) - .role("user") - .keycloakConfigResolver(MultiTenantResolver.class).deployApplication(); - } - - protected String[] getTestRealms() { - return new String[]{"test", "demo", "tenant1", "tenant2"}; - } - }; - - /** - * Simplest scenario: one user, one realm. The user is not logged in at - * any other realm - * @throws Exception - */ - @Test - public void testTenantsLoggingOut() throws Exception { - doTenantRequests("tenant1", true); - doTenantRequests("tenant2", true); - } - - /** - * This tests the adapter's ability to deal with multiple sessions - * from the same user, one for each realm. It should not mixup and return - * a session from tenant1 to tenant2 - * @throws Exception - */ - @Test - public void testTenantsWithoutLoggingOut() throws Exception { - doTenantRequests("tenant1", true); - doTenantRequests("tenant2", true); - - doTenantRequests("tenant1", false); - doTenantRequests("tenant2", true); - } - - /** - * This test simulates an user that is not logged in yet, and tris to login - * into tenant1 using an account from tenant2. - * On this scenario, the user should be shown the login page again. - * - * @throws Exception - */ - @Test - public void testUnauthorizedAccessNotLoggedIn() throws Exception { - String keycloakServerBaseUrl = "http://localhost:8081/auth"; - - driver.navigate().to("http://localhost:8081/multi-tenant?realm=tenant1"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(keycloakServerBaseUrl)); - - loginPage.login("user-tenant2", "user-tenant2"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(keycloakServerBaseUrl)); - } - - /** - * This test simulates an user which is already logged in into tenant1 - * and tries to access a resource on tenant2. - * On this scenario, the user should be shown the login page again. - * - * @throws Exception - */ - @Test - public void testUnauthorizedAccessLoggedIn() throws Exception { - String keycloakServerBaseUrl = "http://localhost:8081/auth"; - doTenantRequests("tenant1", false); - - driver.navigate().to("http://localhost:8081/multi-tenant?realm=tenant2"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(keycloakServerBaseUrl)); - } - - private void doTenantRequests(String tenant, boolean logout) { - String tenantLoginUrl = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build(tenant).toString(); - - driver.navigate().to("http://localhost:8081/multi-tenant?realm="+tenant); - System.out.println("Current url: " + driver.getCurrentUrl()); - - Assert.assertTrue(driver.getCurrentUrl().startsWith(tenantLoginUrl)); - loginPage.login("bburke@redhat.com", "password"); - System.out.println("Current url: " + driver.getCurrentUrl()); - - Assert.assertEquals("http://localhost:8081/multi-tenant?realm="+tenant, driver.getCurrentUrl()); - String pageSource = driver.getPageSource(); - System.out.println(pageSource); - - Assert.assertTrue(pageSource.contains("Username: bburke@redhat.com")); - Assert.assertTrue(pageSource.contains("Realm: "+tenant)); - - if (logout) { - driver.manage().deleteAllCookies(); - } - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantResolver.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantResolver.java deleted file mode 100644 index 688bf485f3..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantResolver.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.keycloak.adapters.KeycloakConfigResolver; -import org.keycloak.adapters.KeycloakDeployment; -import org.keycloak.adapters.KeycloakDeploymentBuilder; -import org.keycloak.adapters.spi.HttpFacade; - -import java.io.InputStream; - -/** - * - * @author Juraci Paixão Kröhling - */ -public class MultiTenantResolver implements KeycloakConfigResolver { - - @Override - public KeycloakDeployment resolve(HttpFacade.Request request) { - String realm = request.getQueryParamValue("realm"); - InputStream is = getClass().getResourceAsStream("/adapter-test/"+realm+"-keycloak.json"); - - KeycloakDeployment deployment = KeycloakDeploymentBuilder.build(is); - return deployment; - } - -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantServlet.java deleted file mode 100755 index b2f5311ce6..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/MultiTenantServlet.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.keycloak.KeycloakSecurityContext; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * - * @author Juraci Paixão Kröhling - */ -public class MultiTenantServlet extends HttpServlet { - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - KeycloakSecurityContext context = (KeycloakSecurityContext)req.getAttribute(KeycloakSecurityContext.class.getName()); - - pw.print("Username: "); - pw.println(context.getIdToken().getPreferredUsername()); - - pw.print("
Realm: "); - pw.println(context.getRealm()); - - pw.flush(); - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/ProductServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/ProductServlet.java deleted file mode 100755 index fef4c21369..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/ProductServlet.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * @author Bill Burke - * @version $Revision: 1 $ - */ -public class ProductServlet extends HttpServlet { - private static final String LINK = "%s"; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - pw.printf("%s", "Product Portal"); - pw.println("iPhone"); - pw.println("iPad"); - String x = req.getParameter("encodeTest"); - String encodeTest= Boolean.toString("a"); - pw.flush(); - - - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java deleted file mode 100755 index a147608bec..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/RelativeUriAdapterTest.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.adapter; - -import org.junit.Assert; -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.keycloak.OAuth2Constants; -import org.keycloak.admin.client.Keycloak; -import org.keycloak.models.Constants; -import org.keycloak.models.KeycloakSession; -import org.keycloak.models.RealmModel; -import org.keycloak.protocol.oidc.OIDCLoginProtocolService; -import org.keycloak.representations.idm.RealmRepresentation; -import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.KeycloakServer; -import org.keycloak.testsuite.OAuthClient; -import org.keycloak.testsuite.pages.LoginPage; -import org.keycloak.testsuite.rule.AbstractKeycloakRule; -import org.keycloak.testsuite.rule.WebResource; -import org.keycloak.testsuite.rule.WebRule; -import org.openqa.selenium.WebDriver; - -import javax.ws.rs.core.UriBuilder; -import java.net.URL; -import java.security.PublicKey; -import java.util.List; -import java.util.Map; - -/** - * Tests Undertow Adapter - * - * Also tests relative URIs in the adapter and valid redirect uris. - * Also tests adapters not configured with public key - * - * @author Bill Burke - */ -public class RelativeUriAdapterTest { - - public static final String LOGIN_URL = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build("demo").toString(); - @ClassRule - public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule(){ - @Override - protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { - RealmRepresentation representation = KeycloakServer.loadJson(getClass().getResourceAsStream("/adapter-test/demorealm-relative.json"), RealmRepresentation.class); - manager.importRealm(representation); - - URL url = getClass().getResource("/adapter-test/cust-app-keycloak-relative.json"); - createApplicationDeployment() - .name("customer-portal").contextPath("/customer-portal") - .servletClass(CustomerServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - - url = getClass().getResource("/adapter-test/customer-db-keycloak-relative.json"); - createApplicationDeployment() - .name("customer-db").contextPath("/customer-db") - .servletClass(CustomerDatabaseServlet.class).adapterConfigPath(url.getPath()) - .role("user") - .errorPage(null).deployApplication(); - - url = getClass().getResource("/adapter-test/product-keycloak-relative.json"); - createApplicationDeployment() - .name("product-portal").contextPath("/product-portal") - .servletClass(ProductServlet.class).adapterConfigPath(url.getPath()) - .role("user").deployApplication(); - } - }; - - @Rule - public WebRule webRule = new WebRule(this); - - @WebResource - protected WebDriver driver; - - @WebResource - protected OAuthClient oauth; - - @WebResource - protected LoginPage loginPage; - - @Test - public void testLoginSSOAndLogout() throws Exception { - // test login to customer-portal which does a bearer request to customer-db - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - loginPage.login("bburke@redhat.com", "password"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal"); - String pageSource = driver.getPageSource(); - Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); - - // test SSO - driver.navigate().to("http://localhost:8081/product-portal"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/product-portal"); - pageSource = driver.getPageSource(); - Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad")); - - // View stats - List> stats = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID).realm("demo").getClientSessionStats(); - Map customerPortalStats = null; - Map productPortalStats = null; - for (Map s : stats) { - if (s.get("clientId").equals("customer-portal")) { - customerPortalStats = s; - } else if (s.get("clientId").equals("product-portal")) { - productPortalStats = s; - } - } - Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active"))); - Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active"))); - - // test logout - String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth")) - .queryParam(OAuth2Constants.REDIRECT_URI, "/customer-portal").build("demo").toString(); - driver.navigate().to(logoutUri); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - driver.navigate().to("http://localhost:8081/product-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - } - - @Test - public void testServletRequestLogout() throws Exception { - driver.navigate().to("http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - loginPage.login("bburke@redhat.com", "password"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/customer-portal"); - Assert.assertTrue(driver.getPageSource().contains("Bill Burke")); - - driver.navigate().to("http://localhost:8081/product-portal"); - Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/product-portal"); - Assert.assertTrue(driver.getPageSource().contains("iPhone")); - - // test logout - driver.navigate().to("http://localhost:8081/customer-portal/logout"); - Assert.assertTrue(driver.getPageSource().contains("servlet logout ok")); - - driver.navigate().to("http://localhost:8081/customer-portal"); - String currentUrl = driver.getCurrentUrl(); - Assert.assertTrue(currentUrl.startsWith(LOGIN_URL)); - driver.navigate().to("http://localhost:8081/product-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - } - -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java deleted file mode 100755 index cd2b2b6355..0000000000 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.adapter; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; -import java.io.PrintWriter; - -/** - * @author Marek Posolda - */ -public class SessionServlet extends HttpServlet { - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - String counter = increaseAndGetCounter(req); - - resp.setContentType("text/html"); - PrintWriter pw = resp.getWriter(); - pw.printf("%s", "Session Test"); - pw.printf("Counter=%s", counter); - pw.print(""); - pw.flush(); - - - } - - private String increaseAndGetCounter(HttpServletRequest req) { - HttpSession session = req.getSession(); - Integer counter = (Integer)session.getAttribute("counter"); - counter = (counter == null) ? 1 : counter + 1; - session.setAttribute("counter", counter); - return String.valueOf(counter); - } -} diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/helper/adapter/AdapterTestStrategy.java similarity index 78% rename from testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java rename to testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/helper/adapter/AdapterTestStrategy.java index 9f845991c8..b129bfd912 100755 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java +++ b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/helper/adapter/AdapterTestStrategy.java @@ -14,19 +14,15 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.keycloak.testsuite.adapter; +package org.keycloak.testsuite.helper.adapter; -import org.apache.http.conn.params.ConnManagerParams; -import org.json.JSONException; -import org.json.JSONObject; +import org.keycloak.testsuite.pages.InputPage; import org.junit.Assert; import org.junit.rules.ExternalResource; import org.keycloak.OAuth2Constants; import org.keycloak.adapters.OIDCAuthenticationError; import org.keycloak.admin.client.Keycloak; -import org.keycloak.common.Version; import org.keycloak.common.util.Time; -import org.keycloak.constants.AdapterConstants; import org.keycloak.models.ClientModel; import org.keycloak.models.Constants; import org.keycloak.models.KeycloakSession; @@ -34,7 +30,6 @@ import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.utils.SessionTimeoutHelper; import org.keycloak.protocol.oidc.OIDCLoginProtocolService; -import org.keycloak.representations.VersionRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.services.managers.RealmManager; @@ -65,7 +60,11 @@ import java.util.Map; import java.util.concurrent.atomic.AtomicInteger; /** - * Tests Undertow Adapter + * Tests Jetty/Tomcat Adapter + * + * Methods from this class are used by testsuite/jetty/* and testsuite/tomcat* modules + * + * TODO: remove this when testsuite/jetty/* and testsuite/tomcat* modules will be migrated to arquillian testsuite * * @author Bill Burke * @author John Ament @@ -411,55 +410,6 @@ public class AdapterTestStrategy extends ExternalResource { Time.setOffset(0); } - public void testAutodetectBearerOnly() throws Exception { - Client client = ClientBuilder.newClient(); - - // Do not redirect client to login page if it's an XHR - WebTarget target = client.target(APP_SERVER_BASE_URL + "/product-portal-autodetect-bearer-only"); - Response response = target.request().header("X-Requested-With", "XMLHttpRequest").get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Do not redirect client to login page if it's a partial Faces request - response = target.request().header("Faces-Request", "partial/ajax").get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Do not redirect client to login page if it's a SOAP request - response = target.request().header("SOAPAction", "").get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Do not redirect client to login page if Accept header is missing - response = target.request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Do not redirect client to login page if client does not understand HTML reponses - response = target.request().header(HttpHeaders.ACCEPT, "application/json,text/xml").get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // Redirect client to login page if it's not an XHR - response = target.request().header("X-Requested-With", "Dont-Know").header(HttpHeaders.ACCEPT, "*/*").get(); - Assert.assertEquals(302, response.getStatus()); - Assert.assertTrue(response.getHeaderString(HttpHeaders.LOCATION).contains("response_type=code")); - response.close(); - - // Redirect client to login page if client explicitely understands HTML responses - response = target.request().header(HttpHeaders.ACCEPT, "text/html,application/xhtml+xml,application/xml;q=0.9").get(); - Assert.assertEquals(302, response.getStatus()); - Assert.assertTrue(response.getHeaderString(HttpHeaders.LOCATION).contains("response_type=code")); - response.close(); - - // Redirect client to login page if client understands all response types - response = target.request().header(HttpHeaders.ACCEPT, "*/*").get(); - Assert.assertEquals(302, response.getStatus()); - Assert.assertTrue(response.getHeaderString(HttpHeaders.LOCATION).contains("response_type=code")); - response.close(); - client.close(); - } - /** * KEYCLOAK-518 * @throws Exception @@ -477,26 +427,6 @@ public class AdapterTestStrategy extends ExternalResource { } - /** - * KEYCLOAK-1733 - * - * @throws Exception - */ - public void testNullQueryParameterAccessToken() throws Exception { - Client client = ClientBuilder.newClient(); - WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db/"); - Response response = target.request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - target = client.target(APP_SERVER_BASE_URL + "/customer-db?access_token="); - response = target.request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - client.close(); - } - /** * KEYCLOAK-1368 * @throws Exception @@ -542,29 +472,6 @@ public class AdapterTestStrategy extends ExternalResource { } - /** - * KEYCLOAK-3016 - * @throws Exception - */ - public void testBasicAuthErrorHandling() throws Exception { - Client client = ClientBuilder.newClient(); - WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db/"); - Response response = target.request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - - // The number of iterations should be HttpClient's connection pool size + 1. - final int LIMIT = ConnManagerParams.DEFAULT_MAX_TOTAL_CONNECTIONS + 1; - for (int i = 0; i < LIMIT; i++) { - System.out.println("Testing Basic Auth with bad credentials " + i); - response = target.request().header(HttpHeaders.AUTHORIZATION, "Basic dXNlcm5hbWU6cGFzc3dvcmQ=").get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - } - - client.close(); - } - /** * KEYCLOAK-518 * @throws Exception @@ -587,77 +494,6 @@ public class AdapterTestStrategy extends ExternalResource { client.close(); } - - public void testAuthenticated() throws Exception { - // test login to customer-portal which does a bearer request to customer-db - driver.navigate().to(APP_SERVER_BASE_URL + "/secure-portal"); - System.out.println("Current url: " + driver.getCurrentUrl()); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - loginPage.login("bburke@redhat.com", "password"); - System.out.println("Current url: " + driver.getCurrentUrl()); - Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/secure-portal" + slash); - String pageSource = driver.getPageSource(); - System.out.println(pageSource); - Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen")); - - // test logout - - String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL)) - .queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/secure-portal").build("demo").toString(); - driver.navigate().to(logoutUri); - String currentUrl = driver.getCurrentUrl(); - pageSource = driver.getPageSource(); - Assert.assertTrue(currentUrl.startsWith(LOGIN_URL)); - driver.navigate().to(APP_SERVER_BASE_URL + "/secure-portal"); - Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); - } - - /** - * KEYCLOAK-1733 - * - * @throws Exception - */ - public void testRestCallWithAccessTokenAsQueryParameter() throws Exception { - String accessToken = getAccessToken(); - Client client = ClientBuilder.newClient(); - try { - // test without token - Response response = client.target(APP_SERVER_BASE_URL + "/customer-db").request().get(); - Assert.assertEquals(401, response.getStatus()); - response.close(); - // test with access_token as QueryParamter - response = client.target(APP_SERVER_BASE_URL + "/customer-db").queryParam("access_token", accessToken).request().get(); - Assert.assertEquals(200, response.getStatus()); - response.close(); - } finally { - client.close(); - } - } - - private String getAccessToken() throws JSONException { - String tokenUrl = AUTH_SERVER_URL + "/realms/demo/protocol/openid-connect/token"; - - Client client = ClientBuilder.newClient(); - try { - WebTarget webTarget = client.target(tokenUrl); - - Form form = new Form(); - form.param("grant_type", "password"); - form.param("client_id", "customer-portal-public"); - form.param("username", "bburke@redhat.com"); - form.param("password", "password"); - Response response = webTarget.request().post(Entity.form(form)); - - Assert.assertEquals(200, response.getStatus()); - - JSONObject jsonObject = new JSONObject(response.readEntity(String.class)); - System.out.println(jsonObject); - response.close(); - return jsonObject.getString("access_token"); - } finally { - client.close(); - } - } /** * KEYCLOAK-732 @@ -803,14 +639,4 @@ public class AdapterTestStrategy extends ExternalResource { Assert.assertTrue(pageSource.contains("Counter=2")); } - - void checkThatAccessTokenCanBeSentPublicly() { - // test login to customer-portal which does a bearer request to customer-db - final String applicationURL = APP_SERVER_BASE_URL + "/no-access-token?access_token=invalid_token"; - driver.navigate().to(applicationURL); - System.out.println("Current url: " + driver.getCurrentUrl()); - Assert.assertEquals(applicationURL, driver.getCurrentUrl()); - inputPage.execute("hello"); - } - } diff --git a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputPage.java b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/pages/InputPage.java similarity index 97% rename from testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputPage.java rename to testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/pages/InputPage.java index 1c5f3c4881..b99ac5ad99 100755 --- a/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/adapter/InputPage.java +++ b/testsuite/integration-deprecated/src/test/java/org/keycloak/testsuite/pages/InputPage.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.keycloak.testsuite.adapter; +package org.keycloak.testsuite.pages; import org.keycloak.testsuite.pages.AbstractPage; import org.openqa.selenium.WebElement; diff --git a/testsuite/jetty/jetty81/pom.xml b/testsuite/jetty/jetty81/pom.xml index a31579a8d2..e7167d0ebd 100755 --- a/testsuite/jetty/jetty81/pom.xml +++ b/testsuite/jetty/jetty81/pom.xml @@ -218,6 +218,12 @@ test-jar test
+ + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.eclipse.jetty jetty-util diff --git a/testsuite/jetty/jetty81/src/test/java/org/keycloak/testsuite/Jetty8Test.java b/testsuite/jetty/jetty81/src/test/java/org/keycloak/testsuite/Jetty8Test.java index 23f95ecf57..be2974d3d5 100755 --- a/testsuite/jetty/jetty81/src/test/java/org/keycloak/testsuite/Jetty8Test.java +++ b/testsuite/jetty/jetty81/src/test/java/org/keycloak/testsuite/Jetty8Test.java @@ -28,7 +28,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index b5e700aada..33ab1378a8 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index d1bcfe4d64..1244623db7 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/jetty/jetty81/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/jetty/jetty81/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/jetty/jetty81/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty81/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/jetty/jetty91/pom.xml b/testsuite/jetty/jetty91/pom.xml index 7cd7e21a0c..b0b4093277 100755 --- a/testsuite/jetty/jetty91/pom.xml +++ b/testsuite/jetty/jetty91/pom.xml @@ -218,6 +218,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.eclipse.jetty jetty-util diff --git a/testsuite/jetty/jetty91/src/test/java/org/keycloak/testsuite/Jetty9Test.java b/testsuite/jetty/jetty91/src/test/java/org/keycloak/testsuite/Jetty9Test.java index 6e3a2ac463..12159b07f6 100755 --- a/testsuite/jetty/jetty91/src/test/java/org/keycloak/testsuite/Jetty9Test.java +++ b/testsuite/jetty/jetty91/src/test/java/org/keycloak/testsuite/Jetty9Test.java @@ -28,7 +28,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index b5e700aada..33ab1378a8 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 8d05b6693c..c66fc167f5 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/jetty/jetty91/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/jetty/jetty91/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/jetty/jetty91/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty91/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/jetty/jetty92/pom.xml b/testsuite/jetty/jetty92/pom.xml index 0201fa5aa1..43a9697fbe 100755 --- a/testsuite/jetty/jetty92/pom.xml +++ b/testsuite/jetty/jetty92/pom.xml @@ -218,6 +218,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.eclipse.jetty jetty-jaas diff --git a/testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java b/testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java index 03110639a3..f44d94b466 100755 --- a/testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java +++ b/testsuite/jetty/jetty92/src/test/java/org/keycloak/testsuite/Jetty9Test.java @@ -28,7 +28,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index b5e700aada..33ab1378a8 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 8d05b6693c..c66fc167f5 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty92/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/jetty/jetty93/pom.xml b/testsuite/jetty/jetty93/pom.xml index 610da73051..bc5df310e8 100644 --- a/testsuite/jetty/jetty93/pom.xml +++ b/testsuite/jetty/jetty93/pom.xml @@ -218,6 +218,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.eclipse.jetty jetty-jaas diff --git a/testsuite/jetty/jetty93/src/test/java/org/keycloak/testsuite/Jetty9Test.java b/testsuite/jetty/jetty93/src/test/java/org/keycloak/testsuite/Jetty9Test.java index 03110639a3..f44d94b466 100644 --- a/testsuite/jetty/jetty93/src/test/java/org/keycloak/testsuite/Jetty9Test.java +++ b/testsuite/jetty/jetty93/src/test/java/org/keycloak/testsuite/Jetty9Test.java @@ -28,7 +28,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index b5e700aada..33ab1378a8 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 8d05b6693c..c66fc167f5 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/jetty/jetty93/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/jetty/jetty93/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100644 --- a/testsuite/jetty/jetty93/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty93/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/jetty/jetty94/pom.xml b/testsuite/jetty/jetty94/pom.xml index cb53476f8e..86d83bca86 100644 --- a/testsuite/jetty/jetty94/pom.xml +++ b/testsuite/jetty/jetty94/pom.xml @@ -218,6 +218,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.eclipse.jetty jetty-jaas diff --git a/testsuite/jetty/jetty94/src/test/java/org/keycloak/testsuite/Jetty9Test.java b/testsuite/jetty/jetty94/src/test/java/org/keycloak/testsuite/Jetty9Test.java index 03110639a3..f44d94b466 100644 --- a/testsuite/jetty/jetty94/src/test/java/org/keycloak/testsuite/Jetty9Test.java +++ b/testsuite/jetty/jetty94/src/test/java/org/keycloak/testsuite/Jetty9Test.java @@ -28,7 +28,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index b5e700aada..33ab1378a8 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 8d05b6693c..c66fc167f5 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/jetty/jetty94/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/jetty/jetty94/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100644 --- a/testsuite/jetty/jetty94/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/jetty/jetty94/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/tomcat6/pom.xml b/testsuite/tomcat6/pom.xml index 79a9fafa37..49ef5e21e0 100755 --- a/testsuite/tomcat6/pom.xml +++ b/testsuite/tomcat6/pom.xml @@ -212,6 +212,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.apache.tomcat catalina diff --git a/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatTest.java b/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatTest.java index d3e22d06eb..a50f15f8fe 100755 --- a/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatTest.java +++ b/testsuite/tomcat6/src/test/java/org/keycloak/testsuite/TomcatTest.java @@ -24,7 +24,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index 7f4c5c14d2..f683ec1039 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 0be2692ee5..c8b96bd514 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/tomcat6/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/tomcat6/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/tomcat6/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/tomcat6/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/tomcat7/pom.xml b/testsuite/tomcat7/pom.xml index 4710e1e19f..6c10abfb8a 100755 --- a/testsuite/tomcat7/pom.xml +++ b/testsuite/tomcat7/pom.xml @@ -244,7 +244,12 @@ test-jar test - + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test +
diff --git a/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java index a2094a385c..d3eadab963 100755 --- a/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java +++ b/testsuite/tomcat7/src/test/java/org/keycloak/testsuite/Tomcat7Test.java @@ -25,7 +25,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index c5aedd5682..8ab0cc4319 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 0be2692ee5..c8b96bd514 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/tomcat7/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/tomcat7/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/tomcat7/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/tomcat7/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet diff --git a/testsuite/tomcat8/pom.xml b/testsuite/tomcat8/pom.xml index d022549387..ce25749276 100755 --- a/testsuite/tomcat8/pom.xml +++ b/testsuite/tomcat8/pom.xml @@ -216,6 +216,12 @@ test-jar test + + org.keycloak.testsuite + integration-arquillian-test-apps-servlets + ${project.version} + test + org.apache.tomcat diff --git a/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java b/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java index 7d4074ecf1..f684fc2954 100755 --- a/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java +++ b/testsuite/tomcat8/src/test/java/org/keycloak/testsuite/TomcatTest.java @@ -25,7 +25,7 @@ import org.junit.Test; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.services.managers.RealmManager; -import org.keycloak.testsuite.adapter.AdapterTestStrategy; +import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy; import org.keycloak.testsuite.rule.AbstractKeycloakRule; import java.io.File; diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml index c5aedd5682..8ab0cc4319 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/customer-db-error-page/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet Error Servlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml index 81924fb852..276a536958 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/customer-db/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerDatabaseServlet + org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml index 0be2692ee5..c8b96bd514 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/customer-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CustomerServlet + org.keycloak.testsuite.adapter.servlet.CustomerServlet Error Servlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml index 4ac67c46e1..1e54cccf6c 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/input-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.InputServlet + org.keycloak.testsuite.adapter.servlet.InputServlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml index 59c6d3f7ae..aa59767433 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/product-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.ProductServlet + org.keycloak.testsuite.adapter.servlet.ProductServlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml index 859407b754..204305d344 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/secure-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.CallAuthenticatedServlet + org.keycloak.testsuite.adapter.servlet.CallAuthenticatedServlet diff --git a/testsuite/tomcat8/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml b/testsuite/tomcat8/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml index be1549fe74..a48e7d9a92 100755 --- a/testsuite/tomcat8/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml +++ b/testsuite/tomcat8/src/test/resources/adapter-test/session-portal/WEB-INF/web.xml @@ -25,7 +25,7 @@ Servlet - org.keycloak.testsuite.adapter.SessionServlet + org.keycloak.testsuite.adapter.servlet.SessionServlet