libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Limit the received content when handling the content as a String

Browse source 
Closes #27293

Co-authored-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz 2024-03-07 12:00:45 +01:00 committed by Alexander Schwartz
parent 66c9f173f2
commit 6de5325d1c
32 changed files with 607 additions and 194 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc
View file

@ -4,6 +4,20 @@ The nonce claim is now only added to the ID token strictly following the OpenID
A new `Nonce backwards compatible` mapper is also included in the software that can be assigned to client scopes to revert to the old behavior. For example, the JS adapter checked the returned `nonce` claim in all the tokens before fixing issue https://github.com/keycloak/keycloak/issues/26651[#26651] in version 24.0.0. Therefore, if an old version of the JS adapter is used, the mapper should be added to the required clients by using client scopes.
= Limiting memory usage when consuming HTTP responses
In some scenarios like brokering Keycloak uses HTTP to talk to external servers.
To avoid a denial of service when those providers send too much data, {project_name} now restricts responses to 10 MB by default.
Users can configure this limit by setting the provider configuration option `spi-connections-http-client-default-max-consumed-response-size`:
.Restricting the consumed responses to 1 MB
[source,bash]
----
bin/kc.[sh|bat] --spi-connections-http-client-default-max-consumed-response-size=1000000
----
= Removed a model module
The module `org.keycloak:keycloak-model-legacy` module was deprecated in a previous release and is removed in this release. Use the `org.keycloak:keycloak-model-storage` module instead.

52
server-spi-private/src/main/java/org/keycloak/broker/provider/util/SimpleHttp.java
View file

@ -43,6 +43,7 @@ import org.apache.http.entity.StringEntity;
import org.apache.http.message.BasicNameValuePair;
import org.keycloak.common.util.Base64;
import org.keycloak.connections.httpclient.HttpClientProvider;
import org.keycloak.connections.httpclient.SafeInputStream;
import org.keycloak.models.KeycloakSession;
import org.keycloak.util.JsonSerialization;
@ -86,48 +87,54 @@ public class SimpleHttp {
private int connectionRequestTimeoutMillis = UNDEFINED_TIMEOUT;
private long maxConsumedResponseSize;
private RequestConfig.Builder requestConfigBuilder;
protected SimpleHttp(String url, String method, HttpClient client) {
protected SimpleHttp(String url, String method, HttpClient client, long maxConsumedResponseSize) {
this.client = client;
this.url = url;
this.method = method;
this.maxConsumedResponseSize = maxConsumedResponseSize;
}
public static SimpleHttp doDelete(String url, KeycloakSession session) {
return doDelete(url, session.getProvider(HttpClientProvider.class).getHttpClient());
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
return doDelete(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
}
public static SimpleHttp doDelete(String url, HttpClient client) {
return new SimpleHttp(url, "DELETE", client);
protected static SimpleHttp doDelete(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "DELETE", client, maxConsumedResponseSize);
}
public static SimpleHttp doGet(String url, KeycloakSession session) {
return doGet(url, session.getProvider(HttpClientProvider.class).getHttpClient());
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
return doGet(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
}
public static SimpleHttp doGet(String url, HttpClient client) {
return new SimpleHttp(url, "GET", client);
protected static SimpleHttp doGet(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "GET", client, maxConsumedResponseSize);
}
public static SimpleHttp doPost(String url, KeycloakSession session) {
return doPost(url, session.getProvider(HttpClientProvider.class).getHttpClient());
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
return doPost(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
}
public static SimpleHttp doPost(String url, HttpClient client) {
return new SimpleHttp(url, "POST", client);
protected static SimpleHttp doPost(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "POST", client, maxConsumedResponseSize);
}
public static SimpleHttp doPut(String url, HttpClient client) {
return new SimpleHttp(url, "PUT", client);
protected static SimpleHttp doPut(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "PUT", client, maxConsumedResponseSize);
}
public static SimpleHttp doHead(String url, HttpClient client) {
return new SimpleHttp(url, "HEAD", client);
protected static SimpleHttp doHead(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "HEAD", client, maxConsumedResponseSize);
}
public static SimpleHttp doPatch(String url, HttpClient client) {
return new SimpleHttp(url, "PATCH", client);
protected static SimpleHttp doPatch(String url, HttpClient client, long maxConsumedResponseSize) {
return new SimpleHttp(url, "PATCH", client, maxConsumedResponseSize);
}
public SimpleHttp header(String name, String value) {
@ -178,6 +185,11 @@ public class SimpleHttp {
return this;
}
public SimpleHttp setMaxConsumedResponseSize(long maxConsumedResponseSize) {
this.maxConsumedResponseSize = maxConsumedResponseSize;
return this;
}
public SimpleHttp auth(String token) {
header("Authorization", "Bearer " + token);
return this;
@ -296,7 +308,7 @@ public class SimpleHttp {
httpRequest.setConfig(requestConfigBuilder.build());
}
return new Response(client.execute(httpRequest));
return new Response(client.execute(httpRequest), maxConsumedResponseSize);
}
private RequestConfig.Builder requestConfigBuilder() {
@ -341,12 +353,14 @@ public class SimpleHttp {
public static class Response implements AutoCloseable {
private final HttpResponse response;
private final long maxConsumedResponseSize;
private int statusCode = -1;
private String responseString;
private ContentType contentType;
public Response(HttpResponse response) {
public Response(HttpResponse response, long maxConsumedResponseSize) {
this.response = response;
this.maxConsumedResponseSize = maxConsumedResponseSize;
}
private void readResponse() throws IOException {
@ -368,6 +382,8 @@ public class SimpleHttp {
}
}
is = new SafeInputStream(is, maxConsumedResponseSize);
try (InputStreamReader reader = charset == null ? new InputStreamReader(is, StandardCharsets.UTF_8) :
new InputStreamReader(is, charset)) {

13
server-spi-private/src/main/java/org/keycloak/connections/httpclient/HttpClientProvider.java
View file

@ -54,6 +54,8 @@ public interface HttpClientProvider extends Provider {
* Helper method to retrieve the contents of a URL as a String.
* Decoding response with the correct character set is performed according to the headers returned in the server's response.
* To retrieve binary data, use {@link #getInputStream(String)}
*
* Implementations should limit the amount of data returned to avoid an {@link OutOfMemoryError}.
*
* @param uri URI with data to receive.
* @return Body of the response as a String.
@ -90,4 +92,15 @@ public interface HttpClientProvider extends Provider {
return getInputStream(uri);
}
long DEFAULT_MAX_CONSUMED_RESPONSE_SIZE = 10_000_000L;
/**
* Get the configured limit for the response size.
*
* @return number of bytes
*/
default long getMaxConsumedResponseSize() {
return DEFAULT_MAX_CONSUMED_RESPONSE_SIZE;
}
}

69
server-spi-private/src/main/java/org/keycloak/connections/httpclient/SafeInputStream.java Normal file
View file

@ -0,0 +1,69 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.connections.httpclient;
import java.io.IOException;
import java.io.InputStream;
/**
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
*
* @author Alexander Schwartz
*/
public class SafeInputStream extends InputStream {
private long bytesConsumed;
private final InputStream delegate;
private final long maxBytesToConsume;
public SafeInputStream(InputStream delegate, long maxBytesToConsume) {
this.delegate = delegate;
this.maxBytesToConsume = maxBytesToConsume;
}
@Override
public int read(byte[] b, int off, int len) throws IOException {
int sizeRead = delegate.read(b, off, len);
if (sizeRead > 0) {
bytesConsumed += sizeRead;
}
checkConsumedBytes();
return sizeRead;
}
private void checkConsumedBytes() throws IOException {
if (bytesConsumed > maxBytesToConsume) {
throw new IOException(String.format("Response is at least %s bytes in size, with max bytes to be consumed being %d", bytesConsumed, maxBytesToConsume));
}
}
@Override
public int read() throws IOException {
int result = delegate.read();
if (result > 0) {
++bytesConsumed;
}
checkConsumedBytes();
return result;
}
@Override
public void close() throws IOException {
delegate.close();
}
}

62
server-spi-private/src/test/java/org/keycloak/broker/provider/util/SimpleHttpTest.java
View file

@ -4,8 +4,9 @@ import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.HttpVersion;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.ProtocolVersion;
import org.apache.http.client.HttpClient;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpPost;
@ -20,7 +21,9 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameters;
import org.keycloak.common.util.SecretGenerator;
import org.keycloak.common.util.StreamUtil;
import org.keycloak.connections.httpclient.HttpClientProvider;
import java.io.IOException;
import java.net.URLEncoder;
@ -29,8 +32,11 @@ import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collection;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.startsWith;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.fail;
/**
@ -64,7 +70,7 @@ public final class SimpleHttpTest {
@Test
public void withCharset() throws IOException {
HttpResponse httpResponse = createBasicResponse(entity);
SimpleHttp.Response response = new SimpleHttp.Response(httpResponse);
SimpleHttp.Response response = new SimpleHttp.Response(httpResponse, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
if (success) {
assertEquals(original, response.asString());
} else {
@ -90,21 +96,39 @@ public final class SimpleHttpTest {
@Parameters(name = "{index}: requestWithEncoding({0})")
public static Collection<Object[]> entities() {
return Arrays.asList(new Object[][] { { "English" }, { "Русский" }, { "GermanÜmläütß" } });
return Arrays.asList(new Object[][] {
{ "English" },
{ "Русский" },
{ "GermanÜmläütß" },
{ SecretGenerator.getInstance().randomString(1000) },
{ SecretGenerator.getInstance().randomString(1024) }
});
}
@Test
public void requestWithEncoding() throws IOException {
String expectedResponse = "{\"value\":\"" + value + "\"}";
HttpClientMock client = new HttpClientMock();
SimpleHttp.doPost("", client).json(new DummyEntity(value)).asResponse();
assertEquals("{\"value\":\"" + value + "\"}", client.data);
if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) {
SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse();
assertEquals(expectedResponse, response.asString());
} else {
IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString());
assertThat(e.getMessage(), startsWith("Response is at least"));
}
}
@Test
public void requestWithEncodingParam() throws IOException {
String expectedResponse = "dummy=" + URLEncoder.encode(value, "UTF-8");
HttpClientMock client = new HttpClientMock();
SimpleHttp.doPost("", client).param("dummy", value).asResponse();
assertEquals("dummy=" + URLEncoder.encode(value, "UTF-8"), client.data);
if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) {
SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).param("dummy", value).asResponse();
assertEquals(expectedResponse, response.asString());
} else {
IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString());
assertThat(e.getMessage(), startsWith("Response is at least"));
}
}
public static final class DummyEntity {
@ -119,8 +143,6 @@ public final class SimpleHttpTest {
*/
public static final class HttpClientMock implements HttpClient {
String data;
@Override
public HttpParams getParams() {
fail(); return null;
@ -132,50 +154,52 @@ public final class SimpleHttpTest {
}
@Override
public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException, ClientProtocolException {
public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException {
HttpPost post = (HttpPost) paramHttpUriRequest;
data = StreamUtil.readString(post.getEntity().getContent());
return null;
String content = StreamUtil.readString(post.getEntity().getContent(), StandardCharsets.UTF_8);
BasicHttpResponse httpResponse = new BasicHttpResponse(new ProtocolVersion("HTTP", 1, 1), HttpStatus.SC_OK, "OK");
httpResponse.setEntity(new StringEntity(content, StandardCharsets.UTF_8));
return httpResponse;
}
@Override
public HttpResponse execute(HttpUriRequest paramHttpUriRequest, HttpContext paramHttpContext)
throws IOException, ClientProtocolException {
throws IOException {
fail(); return null;
}
@Override
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException, ClientProtocolException {
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException {
fail(); return null;
}
@Override
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, HttpContext paramHttpContext)
throws IOException, ClientProtocolException {
throws IOException {
fail(); return null;
}
@Override
public <T> T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler<? extends T> paramResponseHandler)
throws IOException, ClientProtocolException {
throws IOException {
fail(); return null;
}
@Override
public <T> T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler<? extends T> paramResponseHandler,
HttpContext paramHttpContext) throws IOException, ClientProtocolException {
HttpContext paramHttpContext) throws IOException {
fail(); return null;
}
@Override
public <T> T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler<? extends T> paramResponseHandler)
throws IOException, ClientProtocolException {
throws IOException {
fail(); return null;
}
@Override
public <T> T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler<? extends T> paramResponseHandler,
HttpContext paramHttpContext) throws IOException, ClientProtocolException {
HttpContext paramHttpContext) throws IOException {
fail(); return null;
}

34
services/src/main/java/org/keycloak/connections/httpclient/DefaultHttpClientFactory.java
View file

@ -41,6 +41,7 @@ import java.io.InputStream;
import java.security.KeyStore;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.util.EntityUtils;
@ -49,20 +50,11 @@ import static org.keycloak.utils.StringUtil.isBlank;
/**
* The default {@link HttpClientFactory} for {@link HttpClientProvider HttpClientProvider's} used by Keycloak for outbound HTTP calls.
* <p>
* The constructed clients can be configured via Keycloaks SPI configuration, e.g. {@code standalone.xml, standalone-ha.xml, domain.xml}.
* </p>
* Example for Quarkus configuration:
* <p>
* Examples for jboss-cli
* </p>
* <pre>
* {@code
*
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:add(enabled=true)
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.connection-pool-size,value=128)
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[".*\\.(google|googleapis)\\.com;http://www-proxy.acme.corp.com:8080",".*\\.acme\\.corp\\.com;NO_PROXY",".*;http://fallback:8080"])
* spi-connections-http-client-default-connection-pool-size=10
* }
* </pre>
* </p>
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
public class DefaultHttpClientFactory implements HttpClientFactory {
@ -73,13 +65,15 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
private static final String HTTPS_PROXY = "https_proxy";
private static final String HTTP_PROXY = "http_proxy";
private static final String NO_PROXY = "no_proxy";
public static final String MAX_CONSUMED_RESPONSE_SIZE = "max-consumed-response-size";
private volatile CloseableHttpClient httpClient;
private Config.Scope config;
private final BasicResponseHandler stringResponseHandler = new BasicResponseHandler();
private BasicResponseHandler stringResponseHandler;
private final InputStreamResponseHandler inputStreamResponseHandler = new InputStreamResponseHandler();
private long maxConsumedResponseSize;
private static class InputStreamResponseHandler extends AbstractResponseHandler<InputStream> {
@ -144,6 +138,11 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
}
return body;
}
@Override
public long getMaxConsumedResponseSize() {
return maxConsumedResponseSize;
}
};
}
@ -153,7 +152,7 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
if (httpClient != null) {
httpClient.close();
}
} catch (IOException e) {
} catch (IOException ignored) {
}
}
@ -254,7 +253,8 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
@Override
public void postInit(KeycloakSessionFactory factory) {
maxConsumedResponseSize = config.getLong(MAX_CONSUMED_RESPONSE_SIZE, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
stringResponseHandler = new SafeBasicResponseHandler(maxConsumedResponseSize);
}
@Override
@ -334,6 +334,12 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
.type("string")
.helpText("Denotes the combination of a regex based hostname pattern and a proxy-uri in the form of hostnamePattern;proxyUri.")
.add()
.property()
.name(MAX_CONSUMED_RESPONSE_SIZE)
.type("long")
.helpText("Maximum size of a response consumed by the client (to prevent denial of service)")
.defaultValue(HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE)
.add()
.build();
}

41
services/src/main/java/org/keycloak/connections/httpclient/SafeBasicResponseHandler.java Normal file
View file

@ -0,0 +1,41 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.connections.httpclient;
import org.apache.http.HttpEntity;
import org.apache.http.impl.client.BasicResponseHandler;
import java.io.IOException;
/**
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
*
* @author Alexander Schwartz
*/
class SafeBasicResponseHandler extends BasicResponseHandler {
private final long maxConsumedResponseSize;
SafeBasicResponseHandler(long maxConsumedResponseSize) {
this.maxConsumedResponseSize = maxConsumedResponseSize;
}
@Override
public String handleEntity(HttpEntity entity) throws IOException {
return super.handleEntity(new SafeHttpEntity(entity, maxConsumedResponseSize));
}
}

88
services/src/main/java/org/keycloak/connections/httpclient/SafeHttpEntity.java Normal file
View file

@ -0,0 +1,88 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.connections.httpclient;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
/**
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
*
* @author Alexander Schwartz
*/
class SafeHttpEntity implements HttpEntity {
private final HttpEntity delegate;
private final long maxConsumedResponseSize;
SafeHttpEntity(HttpEntity delegate, long maxConsumedResponseSize) {
this.delegate = delegate;
this.maxConsumedResponseSize = maxConsumedResponseSize;
}
@Override
public boolean isRepeatable() {
return delegate.isRepeatable();
}
@Override
public boolean isChunked() {
return delegate.isChunked();
}
@Override
public long getContentLength() {
return delegate.getContentLength();
}
@Override
public Header getContentType() {
return delegate.getContentType();
}
@Override
public Header getContentEncoding() {
return delegate.getContentEncoding();
}
@Override
public InputStream getContent() throws IOException, UnsupportedOperationException {
return new SafeInputStream(delegate.getContent(), maxConsumedResponseSize);
}
@Override
public void writeTo(OutputStream outputStream) throws IOException {
delegate.writeTo(outputStream);
}
@Override
public boolean isStreaming() {
return delegate.isStreaming();
}
@Override
@Deprecated
public void consumeContent() throws IOException {
delegate.consumeContent();
}
}

68
services/src/test/java/org/keycloak/connections/httpclient/SafeBasicResponseHandlerTest.java Normal file
View file

@ -0,0 +1,68 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.connections.httpclient;
import org.apache.http.HttpEntity;
import org.apache.http.entity.StringEntity;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.util.concurrent.atomic.AtomicBoolean;
/**
* @author Alexander Schwartz
*/
public class SafeBasicResponseHandlerTest {
@Test
public void shouldThrowExceptionForLongResponses() throws UnsupportedEncodingException {
// arrange
AtomicBoolean inputStreamHasBeenClosed = new AtomicBoolean(false);
HttpEntity entity = new StringEntity("1234567890") {
@Override
public InputStream getContent() throws IOException {
InputStream delegate = super.getContent();
return new InputStream() {
@Override
public int read() throws IOException {
return delegate.read();
}
@Override
public void close() throws IOException {
super.close();
inputStreamHasBeenClosed.set(true);
}
};
}
};
// act
IOException exception = Assert.assertThrows(IOException.class, () -> new SafeBasicResponseHandler(5).handleEntity(entity));
// assert
MatcherAssert.assertThat("Too long response should throw an exception", exception.getMessage(), Matchers.startsWith("Response is at least"));
MatcherAssert.assertThat("Stream should have been closed", inputStreamHasBeenClosed.get(), Matchers.is(true));
}
}

52
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/util/SimpleHttpDefault.java Normal file
View file

@ -0,0 +1,52 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.broker.util;
import org.apache.http.client.HttpClient;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.connections.httpclient.HttpClientProvider;
/**
* This class provides additional builders used in tests to create instances of SimpleHttpTest with a default length response size set.
*
* @author Alexander Schwartz
*/
public abstract class SimpleHttpDefault extends SimpleHttp {
protected SimpleHttpDefault(String url, String method, HttpClient client, long maxConsumedResponseSize) {
// dummy constructor, only needed to make the compiler happy
super(url, method, client, maxConsumedResponseSize);
}
public static SimpleHttp doDelete(String url, HttpClient client) {
return SimpleHttp.doDelete(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
}
public static SimpleHttp doPost(String url, HttpClient client) {
return SimpleHttp.doPost(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
}
public static SimpleHttp doPut(String url, HttpClient client) {
return SimpleHttp.doPut(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
}
public static SimpleHttp doGet(String url, HttpClient client) {
return SimpleHttp.doGet(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
}
}

5
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java
View file

@ -72,6 +72,7 @@ import org.keycloak.representations.RefreshToken;
import org.keycloak.representations.UserInfo;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.runonserver.RunOnServerException;
import org.keycloak.util.BasicAuthHelper;
import org.keycloak.util.JsonSerialization;
@ -1127,7 +1128,7 @@ public class OAuthClient {
public OIDCConfigurationRepresentation doWellKnownRequest(String realm) {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp request = SimpleHttp.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration",
SimpleHttp request = SimpleHttpDefault.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration",
client);
if (requestHeaders != null) {
for (Map.Entry<String, String> entry : requestHeaders.entrySet()) {
@ -2196,7 +2197,7 @@ public class OAuthClient {
private JSONWebKeySet getRealmKeys(String realm) {
String certUrl = baseUrl + "/realms/" + realm + "/protocol/openid-connect/certs";
try (CloseableHttpClient client = httpClient.get()){
return SimpleHttp.doGet(certUrl, client).asJson(JSONWebKeySet.class);
return SimpleHttpDefault.doGet(certUrl, client).asJson(JSONWebKeySet.class);
} catch (IOException e) {
throw new RuntimeException("Failed to retrieve keys", e);
}

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java
View file

@ -38,6 +38,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.UserBuilder;
@ -139,7 +140,7 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
// Check if the feature really works
private void checkIfFeatureWorks(boolean shouldWorks) {
try {
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
List<SessionRepresentation> sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
.asJson(new TypeReference<List<SessionRepresentation>>() {
});
assertEquals(1, sessions.size());

15
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceReadOnlyAttributesTest.java
View file

@ -40,6 +40,7 @@ import org.keycloak.representations.userprofile.config.UPAttributePermissions;
import org.keycloak.representations.userprofile.config.UPConfig;
import org.keycloak.services.messages.Messages;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.userprofile.UserProfileConstants;
import static org.hamcrest.Matchers.contains;
@ -149,7 +150,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
private void testAccountUpdateAttributeExpectFailure(String attrName, boolean deniedForAdminAsWell) throws IOException {
// Attribute not yet supposed to be on the user
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName)));
// Assert not possible to add the attribute to the user
@ -175,7 +176,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
}
// Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed
user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0));
user.singleAttribute("someOtherAttr", "foo");
user = updateAndGet(user);
@ -198,7 +199,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
private void testAccountUpdateAttributeExpectSuccess(String attrName) throws IOException {
// Attribute not yet supposed to be on the user
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName)));
// Assert not possible to add the attribute to the user
@ -206,7 +207,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
user = updateAndGet(user);
// Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed
user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0));
user.singleAttribute("someOtherAttr", "foo");
user = updateAndGet(user);
@ -226,18 +227,18 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
}
private UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
assertEquals(204, status);
return get();
}
private UserRepresentation get() throws IOException {
return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
}
private void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
assertEquals(expectedStatus, response.getStatus());
assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage());
}

133
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java
View file

@ -69,6 +69,7 @@ import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.forms.VerifyProfileTest;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.TokenUtil;
@ -297,7 +298,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
user.setFirstName(originalFirstName);
user.setLastName(originalLastName);
user.setEmail(originalEmail);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -345,7 +346,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
adminClient.realm("test").update(realmRep);
user.setEmail(originalEmail);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -405,7 +406,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
user.setFirstName(originalFirstName);
user.setLastName(originalLastName);
user.setEmail(originalEmail);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -512,7 +513,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
user.setFirstName(originalFirstName);
user.setLastName(originalLastName);
user.setEmail(originalEmail);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -562,7 +563,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
user.setUsername(originalUsername);
user.setAttributes(originalAttributes);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -586,7 +587,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertEquals("Homer1", user.getFirstName());
} finally {
user.setFirstName(originalFirstname);
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
assertEquals(204, status);
}
}
@ -601,7 +602,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
}
protected static UserRepresentation getUser(String accountUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException {
SimpleHttp a = SimpleHttp.doGet(accountUrl, httpClient).auth(tokenUtil.getToken());
SimpleHttp a = SimpleHttpDefault.doGet(accountUrl, httpClient).auth(tokenUtil.getToken());
try {
return a.asJson(UserRepresentation.class);
@ -612,7 +613,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
}
protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
try {
assertEquals(204, a.asStatus());
} catch (AssertionError e) {
@ -624,7 +625,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
protected void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
assertEquals(expectedStatus, response.getStatus());
ErrorRepresentation errorRep = response.asJson(ErrorRepresentation.class);
List<ErrorRepresentation> errors = errorRep.getErrors();
@ -643,23 +644,23 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
// Read with no access
assertEquals(403, SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus());
assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus());
// Update with no access
assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus());
assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus());
// Update with read only
assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus());
assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus());
}
@Test
public void testUpdateProfilePermissions() throws IOException {
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
int status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus();
int status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus();
assertEquals(403, status);
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus();
status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus();
assertEquals(200, status);
}
@ -739,7 +740,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertExpectedCredentialTypes(credentials, PasswordCredentialModel.TYPE, OTPCredentialModel.TYPE);
// Test password-only
credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient)
credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient)
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
Assert.assertEquals(1, credentials.size());
password = credentials.get(0);
@ -747,8 +748,8 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
Assert.assertEquals(1, password.getUserCredentialMetadatas().size());
// Test password-only and user-credentials
credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" +
AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient)
credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" +
AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient)
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
Assert.assertEquals(1, credentials.size());
password = credentials.get(0);
@ -767,7 +768,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
.get();
// Test that current user can't update the credential, which belongs to the different user
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doPut(getAccountUrl("credentials/" + otpCredential.getId() + "/label"), httpClient)
.auth(tokenUtil.getToken())
.json("new-label")
@ -775,7 +776,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertEquals(404, response.getStatus());
// Test that current user can't delete the credential, which belongs to the different user
response = SimpleHttp
response = SimpleHttpDefault
.doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient)
.acceptJson()
.auth(tokenUtil.getToken())
@ -846,7 +847,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
.filter(credentialRep -> OTPCredentialModel.TYPE.equals(credentialRep.getType()))
.findFirst()
.get();
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient)
.acceptJson()
.auth(tokenUtil.getToken())
@ -865,7 +866,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
// Send REST request to get all credential containers and credentials of current user
private List<AccountCredentialResource.CredentialContainer> getCredentials() throws IOException {
return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient)
return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient)
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
}
@ -944,7 +945,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
String otpCredentialId = otpCredential.getUserCredentialMetadatas().get(0).getCredential().getId();
// remove credential using account console as otp is removable
try (SimpleHttp.Response response = SimpleHttp
try (SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("credentials/" + otpCredentialId), httpClient)
.acceptJson()
.auth(tokenUtil.getToken())
@ -982,7 +983,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertCredentialContainerExpected(password, PasswordCredentialModel.TYPE, CredentialTypeMetadata.Category.BASIC_AUTHENTICATION.toString(),
"password-display-name", "password-help-text", "kcAuthenticatorPasswordClass",
null, UserModel.RequiredAction.UPDATE_PASSWORD.toString(), false, 1);
try (SimpleHttp.Response response = SimpleHttp
try (SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("credentials/" + password.getUserCredentialMetadatas().get(0).getCredential().getId()), httpClient)
.acceptJson()
.auth(tokenUtil.getToken())
@ -1070,11 +1071,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void testDeleteSessions() throws IOException {
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
oauth.doLogin("view-account-access", "password");
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
List<SessionRepresentation> sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
assertEquals(2, sessions.size());
int status = SimpleHttp.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus();
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus();
assertEquals(200, status);
sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
assertEquals(1, sessions.size());
}
@ -1085,7 +1086,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertNull(tokenResponse.getErrorDescription());
TokenUtil token = new TokenUtil("view-applications-access", "password");
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1108,7 +1109,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertNull(tokenResponse.getErrorDescription());
TokenUtil token = new TokenUtil("view-applications-access", "password");
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.param("name", "In Use")
@ -1135,7 +1136,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertNull(offlineTokenResponse.getErrorDescription());
TokenUtil token = new TokenUtil("view-applications-access", "password");
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1172,14 +1173,14 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
ConsentRepresentation requestedConsent = new ConsentRepresentation();
requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
SimpleHttp
SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
.auth(token.getToken())
.asJson(ConsentRepresentation.class);
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1187,7 +1188,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
});
assertFalse(applications.isEmpty());
SimpleHttp
SimpleHttpDefault
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1217,7 +1218,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertNull(tokenResponse.getErrorDescription());
TokenUtil token = new TokenUtil("view-applications-access", "password");
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1246,7 +1247,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void listApplicationsWithoutPermission() throws IOException {
TokenUtil token = new TokenUtil("no-account-access", "password");
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1258,7 +1259,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void getNotExistingApplication() throws IOException {
TokenUtil token = new TokenUtil("view-applications-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doGet(getAccountUrl("applications/" + appId), httpClient)
.header("Accept", "application/json")
.auth(token.getToken())
@ -1283,7 +1284,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,2);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation = SimpleHttp
ConsentRepresentation consentRepresentation = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1304,7 +1305,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
events.assertEmpty();
//cleanup
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
.asResponse();
@ -1317,7 +1318,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation = SimpleHttp
ConsentRepresentation consentRepresentation = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1331,7 +1332,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
requestedScopes = testRealm().clientScopes().findAll().subList(1,2);
requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation2 = SimpleHttp
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1354,7 +1355,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
events.assertEmpty();
//Cleanup
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
.asResponse();
@ -1368,7 +1369,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1386,7 +1387,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1404,7 +1405,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation = SimpleHttp
ConsentRepresentation consentRepresentation = SimpleHttpDefault
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1424,7 +1425,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
events.assertEmpty();
//Cleanup
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
.asResponse();
@ -1438,7 +1439,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation = SimpleHttp
ConsentRepresentation consentRepresentation = SimpleHttpDefault
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1452,7 +1453,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
requestedScopes = testRealm().clientScopes().findAll().subList(1,2);
requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation2 = SimpleHttp
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1475,7 +1476,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
events.assertEmpty();
//Cleanup
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
.asResponse();
@ -1489,7 +1490,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1507,7 +1508,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1525,7 +1526,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation1 = SimpleHttp
ConsentRepresentation consentRepresentation1 = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1536,7 +1537,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertEquals(1, consentRepresentation1.getGrantedScopes().size());
assertEquals(requestedScopes.get(0).getId(), consentRepresentation1.getGrantedScopes().get(0).getId());
ConsentRepresentation consentRepresentation2 = SimpleHttp
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1550,7 +1551,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void getConsentForNotExistingClient() throws IOException {
tokenUtil = new TokenUtil("view-consent-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1562,7 +1563,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void getNotExistingConsentForClient() throws IOException {
tokenUtil = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1574,7 +1575,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void getConsentWithoutPermission() throws IOException {
tokenUtil = new TokenUtil("no-account-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1590,7 +1591,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
ConsentRepresentation consentRepresentation = SimpleHttp
ConsentRepresentation consentRepresentation = SimpleHttpDefault
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.json(requestedConsent)
@ -1601,7 +1602,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
assertEquals(1, consentRepresentation.getGrantedScopes().size());
assertEquals(requestedScopes.get(0).getId(), consentRepresentation.getGrantedScopes().get(0).getId());
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1616,7 +1617,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
.assertEvent();
events.assertEmpty();
response = SimpleHttp
response = SimpleHttpDefault
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1628,7 +1629,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void deleteConsentForNotExistingClient() throws IOException {
tokenUtil = new TokenUtil("manage-consent-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1640,7 +1641,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void deleteConsentWithoutPermission() throws IOException {
tokenUtil = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1658,14 +1659,14 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
tokenUtil = new TokenUtil("view-applications-access", "password");
SimpleHttp.Response response = SimpleHttp
SimpleHttp.Response response = SimpleHttpDefault
.doDelete(getAccountUrl("applications/offline-client/consent"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
.asResponse();
assertEquals(204, response.getStatus());
List<ClientRepresentation> applications = SimpleHttp
List<ClientRepresentation> applications = SimpleHttpDefault
.doGet(getAccountUrl("applications"), httpClient)
.header("Accept", "application/json")
.auth(tokenUtil.getToken())
@ -1692,7 +1693,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
public void testInvalidApiVersion() throws IOException {
apiVersion = "v2-foo";
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse();
assertEquals("API version not found", response.asJson().get("error").textValue());
assertEquals(404, response.getStatus());
}
@ -1703,7 +1704,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
assertNull(tokenResponse.getErrorDescription());
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
.auth(tokenResponse.getAccessToken())
.header("Accept", "application/json")
.asResponse();
@ -1719,7 +1720,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
assertNull(tokenResponse.getErrorDescription());
response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
.auth(tokenResponse.getAccessToken())
.header("Accept", "application/json")
.asResponse();
@ -1731,7 +1732,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
assertNull(tokenResponse.getErrorDescription());
response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
.auth(tokenResponse.getAccessToken())
.header("Accept", "application/json")
.asResponse();
@ -1749,7 +1750,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
realmRep.setAccountTheme("custom-account-provider");
adminClient.realm("test").update(realmRep);
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
.header("Accept", "text/html")
.asResponse();
assertEquals(200, response.getStatus());

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.java
View file

@ -43,6 +43,7 @@ import org.keycloak.representations.idm.UserProfileAttributeMetadata;
import org.keycloak.representations.idm.UserProfileMetadata;
import org.keycloak.representations.account.UserRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.forms.VerifyProfileTest;
import org.keycloak.userprofile.UserProfileContext;
@ -325,7 +326,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe
user.setLastName(originalLastName);
user.setEmail(originalEmail);
user.setAttributes(originalAttributes);
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
System.out.println(response.asString());
assertEquals(204, response.getStatus());
}
@ -384,7 +385,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe
}
protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
try {
assertEquals(204, a.asStatus());
} catch (AssertionError e) {

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/LinkedAccountsRestServiceTest.java
View file

@ -27,6 +27,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.UserBuilder;
@ -133,7 +134,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
}
private SortedSet<LinkedAccountRepresentation> linkedAccountsRep() throws IOException {
return SimpleHttp.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<SortedSet<LinkedAccountRepresentation>>() {});
return SimpleHttpDefault.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<SortedSet<LinkedAccountRepresentation>>() {});
}
private LinkedAccountRepresentation findLinkedAccount(String providerAlias) throws IOException {
@ -147,7 +148,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
@Test
public void testBuildLinkedAccountUri() throws IOException {
AccountLinkUriRepresentation rep = SimpleHttp.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client)
AccountLinkUriRepresentation rep = SimpleHttpDefault.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client)
.auth(tokenUtil.getToken())
.asJson(new TypeReference<AccountLinkUriRepresentation>() {});
URI brokerUri = rep.getAccountLinkUri();
@ -198,7 +199,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
@Test
public void testRemoveLinkedAccount() throws IOException {
assertTrue(findLinkedAccount("github").isConnected());
SimpleHttp.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse();
SimpleHttpDefault.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse();
assertFalse(findLinkedAccount("github").isConnected());
}

21
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/ResourcesRestServiceTest.java
View file

@ -41,6 +41,7 @@ import org.keycloak.services.resources.account.resources.AbstractResourceService
import org.keycloak.services.resources.account.resources.AbstractResourceService.Permission;
import org.keycloak.services.resources.account.resources.AbstractResourceService.Resource;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.UserBuilder;
@ -350,7 +351,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
permissions.add(permission);
}
SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
.auth(tokenUtil.getToken())
.json(permissions).asResponse();
@ -386,7 +387,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
permissions.add(new Permission(users.get(users.size() - 1), "Scope A", "Scope B", "Scope C", "Scope D"));
String resourceId = sharedResource.getId();
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
.auth(tokenUtil.getToken())
.json(permissions).asResponse();
@ -410,7 +411,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
public void failShareResourceInvalidPermissions() throws Exception {
List<Permission> permissions = new ArrayList<>();
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient)
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient)
.auth(tokenUtil.getToken())
.json(permissions).asResponse();
@ -446,16 +447,16 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
// test read access
for (String url : Arrays.asList(resourcesUrl, sharedWithOthersUrl, sharedWithMeUrl, resourceUrl, permissionsUrl, requestsUrl)) {
assertEquals( "no-account-access GET " + url, 403,
SimpleHttp.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus());
SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus());
assertEquals("view-account-access GET " + url,200,
SimpleHttp.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus());
SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus());
}
// test write access
assertEquals( "no-account-access PUT " + permissionsUrl, 403,
SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
assertEquals( "view-account-access PUT " + permissionsUrl, 403,
SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
}
@Test
@ -475,7 +476,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
permissions.add(new Permission(users.get(users.size() - 1), "Scope B", "Scope D"));
String resourceId = sharedResource.getId();
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
.auth(tokenUtil.getToken())
.json(permissions).asResponse();
@ -611,7 +612,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
}
}
SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
.auth(tokenUtil.getToken())
.json(requests).asResponse();
@ -706,7 +707,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
}
private SimpleHttp get(String resource, String token) {
return SimpleHttp.doGet(getAccountUrl("resources" + resource), httpClient).auth(token);
return SimpleHttpDefault.doGet(getAccountUrl("resources" + resource), httpClient).auth(token);
}
private AuthzClient createAuthzClient(ClientRepresentation client) {

27
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java
View file

@ -38,6 +38,7 @@ import org.keycloak.representations.account.ClientRepresentation;
import org.keycloak.representations.account.DeviceRepresentation;
import org.keycloak.representations.account.SessionRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
@ -100,25 +101,25 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
// Read sessions with no access
assertEquals(403, SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
.auth(noaccessToken.getToken()).asStatus());
// Delete all sessions with no access
assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
.auth(noaccessToken.getToken()).asStatus());
// Delete all sessions with read only
assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
.auth(viewToken.getToken()).asStatus());
// Delete single session with no access
assertEquals(403,
SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
.auth(noaccessToken.getToken()).asStatus());
// Delete single session with read only
assertEquals(403,
SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
.auth(viewToken.getToken()).asStatus());
}
@ -310,14 +311,14 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
assertEquals(2, sessions.size());
// With `ViewToken` you can only read
int status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson()
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson()
.auth(viewToken.getToken()).asStatus();
assertEquals(403, status);
sessions = getSessions(viewToken.getToken());
assertEquals(2, sessions.size());
// Here you can delete the session
status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken())
status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken())
.asStatus();
assertEquals(204, status);
sessions = getSessions(tokenUtil.getToken());
@ -333,18 +334,18 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
assertEquals(3, getSessions().size());
String currentToken = tokenResponse.getAccessToken();
int status = SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient)
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient)
.acceptJson()
.auth(currentToken).asStatus();
assertEquals(204, status);
assertEquals(1, getSessions(currentToken).size());
status = SimpleHttp.doDelete(getAccountUrl("sessions?current=true"), httpClient)
status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=true"), httpClient)
.acceptJson()
.auth(currentToken).asStatus();
assertEquals(204, status);
status = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient)
status = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient)
.acceptJson()
.auth(currentToken).asStatus();
assertEquals(401, status);
@ -406,7 +407,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
}
private List<SessionRepresentation> getSessions(String sessionOne) throws IOException {
return SimpleHttp
return SimpleHttpDefault
.doGet(getAccountUrl("sessions"), httpClient).auth(sessionOne)
.asJson(new TypeReference<List<SessionRepresentation>>() {
});
@ -425,7 +426,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
}
private List<DeviceRepresentation> queryDevices(String token) throws IOException {
return SimpleHttp
return SimpleHttpDefault
.doGet(getAccountUrl("sessions/devices"), httpClient).auth(token)
.asJson(new TypeReference<List<DeviceRepresentation>>() {
});
@ -446,7 +447,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
}
private List<SessionRepresentation> getSessions() throws IOException {
return SimpleHttp
return SimpleHttpDefault
.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
.asJson(new TypeReference<List<SessionRepresentation>>() {
});

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleLandingPageTest.java
View file

@ -9,6 +9,7 @@ import org.junit.Test;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import java.io.IOException;
import java.util.HashMap;
@ -41,7 +42,7 @@ public class AdminConsoleLandingPageTest extends AbstractKeycloakTest {
@Test
public void landingPage() throws IOException {
String body = SimpleHttp.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString();
String body = SimpleHttpDefault.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString();
Map<String, String> config = getConfig(body);
String authUrl = config.get("authUrl");

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsolePermissionsCalculatedTest.java
View file

@ -28,6 +28,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.updaters.Creator;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.RealmBuilder;
@ -71,7 +72,7 @@ public class AdminConsolePermissionsCalculatedTest extends AbstractKeycloakTest
String whoAmiUrl = suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/admin/master/console/whoami?currentRealm=master";
JsonNode jsonNode = SimpleHttp.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson();
JsonNode jsonNode = SimpleHttpDefault.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson();
assertTrue("Permissions for " + Config.getAdminRealm() + " realm.", jsonNode.at("/realm_access/" + Config.getAdminRealm()).isArray());
}

13
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AdminConsoleWhoAmILocaleTest.java
View file

@ -11,6 +11,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
@ -101,7 +102,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nDisabledUserWithoutLocale() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_OFF), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_OFF, USER_WITHOUT_LOCALE))
@ -112,7 +113,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nDisabledUserWithLocale() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_OFF), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_OFF, USER_WITH_LOCALE))
@ -123,7 +124,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nEnabledUserWithoutLocale() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_ON), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))
@ -134,7 +135,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nEnabledUserWithLocale() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_ON), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_ON, USER_WITH_LOCALE))
@ -145,7 +146,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nEnabledAcceptLanguageHeader() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_ON), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))
@ -157,7 +158,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
@Test
public void testLocaleRealmI18nEnabledKeycloakLocaleCookie() throws Exception {
JsonNode whoAmI = SimpleHttp
JsonNode whoAmI = SimpleHttpDefault
.doGet(whoAmiUrl(REALM_I18N_ON), client)
.header("Accept", "application/json")
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java
View file

@ -39,6 +39,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
import org.keycloak.testsuite.util.AccountHelper;
import org.keycloak.testsuite.util.OAuthClient;
@ -490,7 +491,7 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
assertThat(errorPage.getError(), is("Page not found"));
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse();
SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse();
assertThat(simple, notNullValue());
assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode()));

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTransientSessionsTest.java
View file

@ -53,6 +53,7 @@ import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.updaters.Creator;
import org.keycloak.testsuite.util.AccountHelper;
@ -362,7 +363,7 @@ public final class KcOidcBrokerTransientSessionsTest extends AbstractAdvancedBro
assertThat(errorPage.getError(), is("Page not found"));
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse();
SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse();
assertThat(simple, notNullValue());
assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode()));

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java
View file

@ -21,6 +21,7 @@ import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.util.JsonSerialization;
import org.keycloak.utils.MediaType;
@ -166,7 +167,7 @@ public class UncaughtErrorPageTest extends AbstractKeycloakTest {
URI uri = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/realms/master/testing/uncaught-error").build();
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp.Response response = SimpleHttp.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse();
for (BrowserSecurityHeaders header : BrowserSecurityHeaders.values()) {
String expectedValue = header.getDefaultValue();

27
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAccountRestApiTest.java
View file

@ -45,6 +45,7 @@ import org.keycloak.representations.userprofile.config.UPConfig;
import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.account.AccountCredentialResource;
import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.forms.VerifyProfileTest;
import org.keycloak.testsuite.util.LDAPRule;
import org.keycloak.testsuite.util.LDAPTestUtils;
@ -248,11 +249,11 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
RealmModel appRealm = ctx.getRealm();
appRealm.setEditUsernameAllowed(false);
});
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
user.setEmail("john-alias@email.org");
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
assertEquals("johnkeycloak", usernew.getUsername());
assertEquals("John", usernew.getFirstName());
assertEquals("Doe", usernew.getLastName());
@ -261,7 +262,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
//clean up
usernew.setEmail("john@email.org");
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
}
@ -272,11 +273,11 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
RealmModel appRealm = ctx.getRealm();
appRealm.setEditUsernameAllowed(false);
});
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
user.setEmail("john-alias@email.org");
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
assertEquals("johnkeycloak", usernew.getUsername());
assertEquals("John", usernew.getFirstName());
assertEquals("Doe", usernew.getLastName());
@ -288,7 +289,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
//clean up
usernew.setEmail("john@email.org");
final int i = SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
final int i = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
org.keycloak.representations.idm.UserRepresentation userRep = testRealm().users()
.search(usernew.getUsername()).get(0);
@ -300,7 +301,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
userRep.setAttributes(null);
testRealm().users().get(userRep.getId()).update(userRep);
usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
// Metadata attributes still not present in account REST
Assert.assertNull(usernew.getAttributes());
@ -317,23 +318,23 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
}
private UserRepresentation getProfile() throws IOException {
return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
}
private void updateProfileExpectSuccess(UserRepresentation user) throws IOException {
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
assertEquals(204, status);
}
private void updateProfileExpectError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
assertEquals(expectedStatus, response.getStatus());
assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage());
}
// Send REST request to get all credential containers and credentials of current user
private List<AccountCredentialResource.CredentialContainer> getCredentials() throws IOException {
return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient)
return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient)
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
}

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java
View file

@ -42,6 +42,7 @@ import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.federation.BackwardsCompatibilityUserStorageFactory;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.LoginConfigTotpPage;
@ -249,7 +250,7 @@ public class BackwardsCompatibilityUserStorageTest extends AbstractTestRealmKeyc
String otpCredentialId = otpCreds.get(0).getCredential().getId();
// Delete OTP credential from federated storage
int deleteStatus = SimpleHttp.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient)
int deleteStatus = SimpleHttpDefault.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient)
.auth(accountToken).acceptJson().asStatus();
Assert.assertEquals(204, deleteStatus);
@ -352,7 +353,7 @@ public class BackwardsCompatibilityUserStorageTest extends AbstractTestRealmKeyc
}
private List<CredentialMetadataRepresentation> getOtpCredentialFromAccountREST(String accountCredentialsUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException {
List<AccountCredentialResource.CredentialContainer> credentials = SimpleHttp.doGet(accountCredentialsUrl, httpClient)
List<AccountCredentialResource.CredentialContainer> credentials = SimpleHttpDefault.doGet(accountCredentialsUrl, httpClient)
.auth(tokenUtil.getToken()).asJson(new TypeReference<>() {});
return credentials.stream()

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java
View file

@ -72,6 +72,7 @@ import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.exportimport.ExportImportUtil;
import org.keycloak.testsuite.runonserver.RunHelpers;
import org.keycloak.testsuite.util.OAuthClient;
@ -1118,7 +1119,7 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest {
protected void testResourceTag() {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
URI url = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth").build();
String response = SimpleHttp.doGet(url.toString(), client).asString();
String response = SimpleHttpDefault.doGet(url.toString(), client).asString();
Matcher m = Pattern.compile("resources/([^/]*)/common").matcher(response);
assertTrue(m.find());
assertTrue(m.group(1).matches("[a-zA-Z0-9_\\-.~]{5}"));

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
View file

@ -39,6 +39,7 @@ import org.keycloak.models.Constants;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.ClientBuilder;
@ -301,10 +302,10 @@ public class OAuthRedirectUriTest extends AbstractKeycloakTest {
CloseableHttpClient client = HttpClients.custom().setDefaultRequestConfig(globalConfig).setDefaultCookieStore(cookieStore).build();
try {
String loginPage = SimpleHttp.doGet(loginUrl, client).asString();
String loginPage = SimpleHttpDefault.doGet(loginUrl, client).asString();
String formAction = loginPage.split("action=\"")[1].split("\"")[0].replaceAll("&amp;", "&");
SimpleHttp.Response response = SimpleHttp.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse();
SimpleHttp.Response response = SimpleHttpDefault.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse();
response.getStatus();
assertThat(response.getFirstHeader("Location"), Matchers.startsWith("android-app://org.keycloak.examples.cordova/https/keycloak-cordova-example.github.io/login"));

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/TokenRevocationTest.java
View file

@ -61,6 +61,7 @@ import org.keycloak.representations.oidc.TokenMetadataRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientManager;
@ -326,7 +327,7 @@ public class TokenRevocationTest extends AbstractKeycloakTest {
// Test account REST not possible
String accountUrl = OAuthClient.AUTH_SERVER_ROOT + "/realms/test/account";
SimpleHttp accountRequest = SimpleHttp.doGet(accountUrl, restHttpClient)
SimpleHttp accountRequest = SimpleHttpDefault.doGet(accountUrl, restHttpClient)
.auth(accessTokenString)
.acceptJson();
assertEquals(Status.UNAUTHORIZED.getStatusCode(), accountRequest.asStatus());

9
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java
View file

@ -73,6 +73,7 @@ import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource;
import org.keycloak.testsuite.pages.AppPage;
@ -1436,11 +1437,11 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
private String createEncryptedRequestObject(String encAlg) throws IOException, JWEException {
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
OIDCConfigurationRepresentation representation = SimpleHttp
OIDCConfigurationRepresentation representation = SimpleHttpDefault
.doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration",
httpClient).asJson(OIDCConfigurationRepresentation.class);
String jwksUri = representation.getJwksUri();
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
Map<String, PublicKey> keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION);
String keyId = null;
@ -1523,11 +1524,11 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
byte[] contentBytes = JsonSerialization.writeValueAsBytes(requestObject);
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
OIDCConfigurationRepresentation representation = SimpleHttp
OIDCConfigurationRepresentation representation = SimpleHttpDefault
.doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration",
httpClient).asJson(OIDCConfigurationRepresentation.class);
String jwksUri = representation.getJwksUri();
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
Map<String, PublicKey> keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION);
String keyId = jweHeader.getKeyId();

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCWellKnownProviderTest.java
View file

@ -47,6 +47,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.forms.BrowserFlowTest;
import org.keycloak.testsuite.forms.LevelOfAssuranceFlowTest;
import org.keycloak.testsuite.util.AdminClientUtil;
@ -288,10 +289,10 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
public void certs() throws IOException {
TokenSignatureUtil.registerKeyProvider(Algorithm.ES256, adminClient, testContext);
OIDCConfigurationRepresentation representation = SimpleHttp.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class);
OIDCConfigurationRepresentation representation = SimpleHttpDefault.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class);
String jwksUri = representation.getJwksUri();
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, client).asJson(JSONWebKeySet.class);
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, client).asJson(JSONWebKeySet.class);
assertEquals(3, jsonWebKeySet.getKeys().length);
}

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java
View file

@ -25,6 +25,7 @@ import org.keycloak.representations.idm.ClientInitialAccessPresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.OAuthClient;
@ -274,7 +275,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
private void assertWelcomePage(String expectedAdminUrl) throws IOException {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/", client);
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/", client);
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
get.header(entry.getKey(), entry.getValue());
@ -288,7 +289,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
private void assertOldAdminPageJsPathSetCorrectly(String realm, String expectedAdminUrl) throws IOException {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
get.header(entry.getKey(), entry.getValue());
@ -302,7 +303,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
private void assertAdminPage(String realm, String expectedFrontendUrl, String expectedAdminUrl) throws IOException, URISyntaxException {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
get.header(entry.getKey(), entry.getValue());