Merge pull request #752 from mposolda/stateless-session-mgmt

Test for KEYCLOAK-741
This commit is contained in:
Marek Posolda 2014-10-09 12:36:40 +02:00
commit 63f4a32f2e
4 changed files with 80 additions and 16 deletions

View file

@ -32,6 +32,7 @@ import org.keycloak.adapters.AdapterConstants;
import org.keycloak.models.ApplicationModel; import org.keycloak.models.ApplicationModel;
import org.keycloak.models.Constants; import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel; import org.keycloak.models.UserSessionModel;
@ -45,6 +46,7 @@ import org.keycloak.services.resources.admin.AdminRoot;
import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.LoginPage; import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.rule.AbstractKeycloakRule; import org.keycloak.testsuite.rule.AbstractKeycloakRule;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.WebResource; import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule; import org.keycloak.testsuite.rule.WebRule;
import org.keycloak.testutils.KeycloakServer; import org.keycloak.testutils.KeycloakServer;
@ -64,6 +66,7 @@ import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.PublicKey; import java.security.PublicKey;
import java.util.Map; import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;
/** /**
* Tests Undertow Adapter * Tests Undertow Adapter
@ -422,6 +425,11 @@ public class AdapterTest {
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
} }
/**
* KEYCLOAK-732
*
* @throws Throwable
*/
@Test @Test
public void testSingleSessionInvalidated() throws Throwable { public void testSingleSessionInvalidated() throws Throwable {
AdapterTest browser1 = this; AdapterTest browser1 = this;
@ -457,6 +465,57 @@ public class AdapterTest {
} }
} }
/**
* KEYCLOAK-741
*/
@Test
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
final AtomicInteger origTokenLifespan = new AtomicInteger();
// Delete adminUrl and set short accessTokenLifespan
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
ApplicationModel sessionPortal = demoRealm.getApplicationByName("session-portal");
sessionPortal.setManagementUrl(null);
origTokenLifespan.set(demoRealm.getAccessTokenLifespan());
demoRealm.setAccessTokenLifespan(1);
}
}, "demo");
// Login
loginAndCheckSession(driver, loginPage);
// Logout
String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
.queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8081/session-portal").build("demo").toString();
driver.navigate().to(logoutUri);
// Wait until accessToken is expired
Thread.sleep(2000);
// Assert that http session was invalidated
driver.navigate().to("http://localhost:8081/session-portal");
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
loginPage.login("bburke@redhat.com", "password");
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/session-portal");
String pageSource = driver.getPageSource();
Assert.assertTrue(pageSource.contains("Counter=1"));
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
@Override
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
ApplicationModel sessionPortal = demoRealm.getApplicationByName("session-portal");
sessionPortal.setManagementUrl("http://localhost:8081/session-portal");
demoRealm.setAccessTokenLifespan(origTokenLifespan.get());
}
}, "demo");
}
private static void loginAndCheckSession(WebDriver driver, LoginPage loginPage) { private static void loginAndCheckSession(WebDriver driver, LoginPage loginPage) {
driver.navigate().to("http://localhost:8081/session-portal"); driver.navigate().to("http://localhost:8081/session-portal");
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));

View file

@ -83,6 +83,25 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
} }
} }
public void update(KeycloakRule.KeycloakSetup configurer, String realmId) {
KeycloakSession session = server.getSessionFactory().create();
session.getTransaction().begin();
try {
RealmManager manager = new RealmManager(session);
RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
RealmModel appRealm = manager.getRealm(realmId);
configurer.session = session;
configurer.config(manager, adminstrationRealm, appRealm);
session.getTransaction().commit();
} finally {
session.close();
}
}
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) { protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
} }

View file

@ -81,22 +81,7 @@ public class KeycloakRule extends AbstractKeycloakRule {
} }
public void update(KeycloakSetup configurer) { public void update(KeycloakSetup configurer) {
KeycloakSession session = server.getSessionFactory().create(); update(configurer, "test");
session.getTransaction().begin();
try {
RealmManager manager = new RealmManager(session);
RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
RealmModel appRealm = manager.getRealm("test");
configurer.session = session;
configurer.config(manager, adminstrationRealm, appRealm);
session.getTransaction().commit();
} finally {
session.close();
}
} }

View file

@ -1,4 +1,5 @@
{ {
"id": "demo",
"realm": "demo", "realm": "demo",
"enabled": true, "enabled": true,
"accessTokenLifespan": 3000, "accessTokenLifespan": 3000,