Merge pull request #752 from mposolda/stateless-session-mgmt
Test for KEYCLOAK-741
This commit is contained in:
commit
63f4a32f2e
4 changed files with 80 additions and 16 deletions
|
@ -32,6 +32,7 @@ import org.keycloak.adapters.AdapterConstants;
|
||||||
import org.keycloak.models.ApplicationModel;
|
import org.keycloak.models.ApplicationModel;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
|
import org.keycloak.models.PasswordPolicy;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.UserSessionModel;
|
import org.keycloak.models.UserSessionModel;
|
||||||
|
@ -45,6 +46,7 @@ import org.keycloak.services.resources.admin.AdminRoot;
|
||||||
import org.keycloak.testsuite.OAuthClient;
|
import org.keycloak.testsuite.OAuthClient;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||||
|
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||||
import org.keycloak.testsuite.rule.WebResource;
|
import org.keycloak.testsuite.rule.WebResource;
|
||||||
import org.keycloak.testsuite.rule.WebRule;
|
import org.keycloak.testsuite.rule.WebRule;
|
||||||
import org.keycloak.testutils.KeycloakServer;
|
import org.keycloak.testutils.KeycloakServer;
|
||||||
|
@ -64,6 +66,7 @@ import java.net.URI;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import java.util.concurrent.atomic.AtomicInteger;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests Undertow Adapter
|
* Tests Undertow Adapter
|
||||||
|
@ -422,6 +425,11 @@ public class AdapterTest {
|
||||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-732
|
||||||
|
*
|
||||||
|
* @throws Throwable
|
||||||
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testSingleSessionInvalidated() throws Throwable {
|
public void testSingleSessionInvalidated() throws Throwable {
|
||||||
AdapterTest browser1 = this;
|
AdapterTest browser1 = this;
|
||||||
|
@ -457,6 +465,57 @@ public class AdapterTest {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* KEYCLOAK-741
|
||||||
|
*/
|
||||||
|
@Test
|
||||||
|
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
|
||||||
|
final AtomicInteger origTokenLifespan = new AtomicInteger();
|
||||||
|
|
||||||
|
// Delete adminUrl and set short accessTokenLifespan
|
||||||
|
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||||
|
@Override
|
||||||
|
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
|
||||||
|
ApplicationModel sessionPortal = demoRealm.getApplicationByName("session-portal");
|
||||||
|
sessionPortal.setManagementUrl(null);
|
||||||
|
|
||||||
|
origTokenLifespan.set(demoRealm.getAccessTokenLifespan());
|
||||||
|
demoRealm.setAccessTokenLifespan(1);
|
||||||
|
}
|
||||||
|
}, "demo");
|
||||||
|
|
||||||
|
// Login
|
||||||
|
loginAndCheckSession(driver, loginPage);
|
||||||
|
|
||||||
|
// Logout
|
||||||
|
String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth"))
|
||||||
|
.queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8081/session-portal").build("demo").toString();
|
||||||
|
driver.navigate().to(logoutUri);
|
||||||
|
|
||||||
|
// Wait until accessToken is expired
|
||||||
|
Thread.sleep(2000);
|
||||||
|
|
||||||
|
// Assert that http session was invalidated
|
||||||
|
driver.navigate().to("http://localhost:8081/session-portal");
|
||||||
|
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||||
|
loginPage.login("bburke@redhat.com", "password");
|
||||||
|
Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/session-portal");
|
||||||
|
String pageSource = driver.getPageSource();
|
||||||
|
Assert.assertTrue(pageSource.contains("Counter=1"));
|
||||||
|
|
||||||
|
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
|
||||||
|
ApplicationModel sessionPortal = demoRealm.getApplicationByName("session-portal");
|
||||||
|
sessionPortal.setManagementUrl("http://localhost:8081/session-portal");
|
||||||
|
|
||||||
|
demoRealm.setAccessTokenLifespan(origTokenLifespan.get());
|
||||||
|
}
|
||||||
|
|
||||||
|
}, "demo");
|
||||||
|
}
|
||||||
|
|
||||||
private static void loginAndCheckSession(WebDriver driver, LoginPage loginPage) {
|
private static void loginAndCheckSession(WebDriver driver, LoginPage loginPage) {
|
||||||
driver.navigate().to("http://localhost:8081/session-portal");
|
driver.navigate().to("http://localhost:8081/session-portal");
|
||||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||||
|
|
|
@ -83,6 +83,25 @@ public abstract class AbstractKeycloakRule extends ExternalResource {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void update(KeycloakRule.KeycloakSetup configurer, String realmId) {
|
||||||
|
KeycloakSession session = server.getSessionFactory().create();
|
||||||
|
session.getTransaction().begin();
|
||||||
|
|
||||||
|
try {
|
||||||
|
RealmManager manager = new RealmManager(session);
|
||||||
|
|
||||||
|
RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
|
||||||
|
RealmModel appRealm = manager.getRealm(realmId);
|
||||||
|
|
||||||
|
configurer.session = session;
|
||||||
|
configurer.config(manager, adminstrationRealm, appRealm);
|
||||||
|
|
||||||
|
session.getTransaction().commit();
|
||||||
|
} finally {
|
||||||
|
session.close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -81,22 +81,7 @@ public class KeycloakRule extends AbstractKeycloakRule {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void update(KeycloakSetup configurer) {
|
public void update(KeycloakSetup configurer) {
|
||||||
KeycloakSession session = server.getSessionFactory().create();
|
update(configurer, "test");
|
||||||
session.getTransaction().begin();
|
|
||||||
|
|
||||||
try {
|
|
||||||
RealmManager manager = new RealmManager(session);
|
|
||||||
|
|
||||||
RealmModel adminstrationRealm = manager.getRealm(Config.getAdminRealm());
|
|
||||||
RealmModel appRealm = manager.getRealm("test");
|
|
||||||
|
|
||||||
configurer.session = session;
|
|
||||||
configurer.config(manager, adminstrationRealm, appRealm);
|
|
||||||
|
|
||||||
session.getTransaction().commit();
|
|
||||||
} finally {
|
|
||||||
session.close();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{
|
{
|
||||||
|
"id": "demo",
|
||||||
"realm": "demo",
|
"realm": "demo",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
"accessTokenLifespan": 3000,
|
"accessTokenLifespan": 3000,
|
||||||
|
|
Loading…
Reference in a new issue