Limit the received content when handling the content as a String
Closes #27293 Co-authored-by: rmartinc <rmartinc@redhat.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
parent
66c9f173f2
commit
6de5325d1c
32 changed files with 607 additions and 194 deletions
|
@ -4,6 +4,20 @@ The nonce claim is now only added to the ID token strictly following the OpenID
|
|||
|
||||
A new `Nonce backwards compatible` mapper is also included in the software that can be assigned to client scopes to revert to the old behavior. For example, the JS adapter checked the returned `nonce` claim in all the tokens before fixing issue https://github.com/keycloak/keycloak/issues/26651[#26651] in version 24.0.0. Therefore, if an old version of the JS adapter is used, the mapper should be added to the required clients by using client scopes.
|
||||
|
||||
= Limiting memory usage when consuming HTTP responses
|
||||
|
||||
In some scenarios like brokering Keycloak uses HTTP to talk to external servers.
|
||||
To avoid a denial of service when those providers send too much data, {project_name} now restricts responses to 10 MB by default.
|
||||
|
||||
Users can configure this limit by setting the provider configuration option `spi-connections-http-client-default-max-consumed-response-size`:
|
||||
|
||||
.Restricting the consumed responses to 1 MB
|
||||
[source,bash]
|
||||
----
|
||||
bin/kc.[sh|bat] --spi-connections-http-client-default-max-consumed-response-size=1000000
|
||||
----
|
||||
|
||||
|
||||
= Removed a model module
|
||||
|
||||
The module `org.keycloak:keycloak-model-legacy` module was deprecated in a previous release and is removed in this release. Use the `org.keycloak:keycloak-model-storage` module instead.
|
||||
|
|
|
@ -43,6 +43,7 @@ import org.apache.http.entity.StringEntity;
|
|||
import org.apache.http.message.BasicNameValuePair;
|
||||
import org.keycloak.common.util.Base64;
|
||||
import org.keycloak.connections.httpclient.HttpClientProvider;
|
||||
import org.keycloak.connections.httpclient.SafeInputStream;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
|
@ -86,48 +87,54 @@ public class SimpleHttp {
|
|||
|
||||
private int connectionRequestTimeoutMillis = UNDEFINED_TIMEOUT;
|
||||
|
||||
private long maxConsumedResponseSize;
|
||||
|
||||
private RequestConfig.Builder requestConfigBuilder;
|
||||
|
||||
protected SimpleHttp(String url, String method, HttpClient client) {
|
||||
protected SimpleHttp(String url, String method, HttpClient client, long maxConsumedResponseSize) {
|
||||
this.client = client;
|
||||
this.url = url;
|
||||
this.method = method;
|
||||
this.maxConsumedResponseSize = maxConsumedResponseSize;
|
||||
}
|
||||
|
||||
public static SimpleHttp doDelete(String url, KeycloakSession session) {
|
||||
return doDelete(url, session.getProvider(HttpClientProvider.class).getHttpClient());
|
||||
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
|
||||
return doDelete(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
|
||||
}
|
||||
|
||||
public static SimpleHttp doDelete(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "DELETE", client);
|
||||
protected static SimpleHttp doDelete(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "DELETE", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doGet(String url, KeycloakSession session) {
|
||||
return doGet(url, session.getProvider(HttpClientProvider.class).getHttpClient());
|
||||
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
|
||||
return doGet(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
|
||||
}
|
||||
|
||||
public static SimpleHttp doGet(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "GET", client);
|
||||
protected static SimpleHttp doGet(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "GET", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doPost(String url, KeycloakSession session) {
|
||||
return doPost(url, session.getProvider(HttpClientProvider.class).getHttpClient());
|
||||
HttpClientProvider provider = session.getProvider(HttpClientProvider.class);
|
||||
return doPost(url, provider.getHttpClient(), provider.getMaxConsumedResponseSize());
|
||||
}
|
||||
|
||||
public static SimpleHttp doPost(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "POST", client);
|
||||
protected static SimpleHttp doPost(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "POST", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doPut(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "PUT", client);
|
||||
protected static SimpleHttp doPut(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "PUT", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doHead(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "HEAD", client);
|
||||
protected static SimpleHttp doHead(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "HEAD", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doPatch(String url, HttpClient client) {
|
||||
return new SimpleHttp(url, "PATCH", client);
|
||||
protected static SimpleHttp doPatch(String url, HttpClient client, long maxConsumedResponseSize) {
|
||||
return new SimpleHttp(url, "PATCH", client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public SimpleHttp header(String name, String value) {
|
||||
|
@ -178,6 +185,11 @@ public class SimpleHttp {
|
|||
return this;
|
||||
}
|
||||
|
||||
public SimpleHttp setMaxConsumedResponseSize(long maxConsumedResponseSize) {
|
||||
this.maxConsumedResponseSize = maxConsumedResponseSize;
|
||||
return this;
|
||||
}
|
||||
|
||||
public SimpleHttp auth(String token) {
|
||||
header("Authorization", "Bearer " + token);
|
||||
return this;
|
||||
|
@ -296,7 +308,7 @@ public class SimpleHttp {
|
|||
httpRequest.setConfig(requestConfigBuilder.build());
|
||||
}
|
||||
|
||||
return new Response(client.execute(httpRequest));
|
||||
return new Response(client.execute(httpRequest), maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
private RequestConfig.Builder requestConfigBuilder() {
|
||||
|
@ -341,12 +353,14 @@ public class SimpleHttp {
|
|||
public static class Response implements AutoCloseable {
|
||||
|
||||
private final HttpResponse response;
|
||||
private final long maxConsumedResponseSize;
|
||||
private int statusCode = -1;
|
||||
private String responseString;
|
||||
private ContentType contentType;
|
||||
|
||||
public Response(HttpResponse response) {
|
||||
public Response(HttpResponse response, long maxConsumedResponseSize) {
|
||||
this.response = response;
|
||||
this.maxConsumedResponseSize = maxConsumedResponseSize;
|
||||
}
|
||||
|
||||
private void readResponse() throws IOException {
|
||||
|
@ -368,6 +382,8 @@ public class SimpleHttp {
|
|||
}
|
||||
}
|
||||
|
||||
is = new SafeInputStream(is, maxConsumedResponseSize);
|
||||
|
||||
try (InputStreamReader reader = charset == null ? new InputStreamReader(is, StandardCharsets.UTF_8) :
|
||||
new InputStreamReader(is, charset)) {
|
||||
|
||||
|
|
|
@ -55,6 +55,8 @@ public interface HttpClientProvider extends Provider {
|
|||
* Decoding response with the correct character set is performed according to the headers returned in the server's response.
|
||||
* To retrieve binary data, use {@link #getInputStream(String)}
|
||||
*
|
||||
* Implementations should limit the amount of data returned to avoid an {@link OutOfMemoryError}.
|
||||
*
|
||||
* @param uri URI with data to receive.
|
||||
* @return Body of the response as a String.
|
||||
* @throws IOException On network errors, no content being returned or a non-2xx HTTP status code
|
||||
|
@ -90,4 +92,15 @@ public interface HttpClientProvider extends Provider {
|
|||
return getInputStream(uri);
|
||||
}
|
||||
|
||||
long DEFAULT_MAX_CONSUMED_RESPONSE_SIZE = 10_000_000L;
|
||||
|
||||
/**
|
||||
* Get the configured limit for the response size.
|
||||
*
|
||||
* @return number of bytes
|
||||
*/
|
||||
default long getMaxConsumedResponseSize() {
|
||||
return DEFAULT_MAX_CONSUMED_RESPONSE_SIZE;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1,69 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.connections.httpclient;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
||||
/**
|
||||
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
|
||||
*
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class SafeInputStream extends InputStream {
|
||||
|
||||
private long bytesConsumed;
|
||||
private final InputStream delegate;
|
||||
private final long maxBytesToConsume;
|
||||
|
||||
public SafeInputStream(InputStream delegate, long maxBytesToConsume) {
|
||||
this.delegate = delegate;
|
||||
this.maxBytesToConsume = maxBytesToConsume;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int read(byte[] b, int off, int len) throws IOException {
|
||||
int sizeRead = delegate.read(b, off, len);
|
||||
if (sizeRead > 0) {
|
||||
bytesConsumed += sizeRead;
|
||||
}
|
||||
checkConsumedBytes();
|
||||
return sizeRead;
|
||||
}
|
||||
|
||||
private void checkConsumedBytes() throws IOException {
|
||||
if (bytesConsumed > maxBytesToConsume) {
|
||||
throw new IOException(String.format("Response is at least %s bytes in size, with max bytes to be consumed being %d", bytesConsumed, maxBytesToConsume));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public int read() throws IOException {
|
||||
int result = delegate.read();
|
||||
if (result > 0) {
|
||||
++bytesConsumed;
|
||||
}
|
||||
checkConsumedBytes();
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws IOException {
|
||||
delegate.close();
|
||||
}
|
||||
}
|
|
@ -4,8 +4,9 @@ import org.apache.http.HttpEntity;
|
|||
import org.apache.http.HttpHost;
|
||||
import org.apache.http.HttpRequest;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.HttpStatus;
|
||||
import org.apache.http.HttpVersion;
|
||||
import org.apache.http.client.ClientProtocolException;
|
||||
import org.apache.http.ProtocolVersion;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.ResponseHandler;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
|
@ -20,7 +21,9 @@ import org.junit.Test;
|
|||
import org.junit.runner.RunWith;
|
||||
import org.junit.runners.Parameterized;
|
||||
import org.junit.runners.Parameterized.Parameters;
|
||||
import org.keycloak.common.util.SecretGenerator;
|
||||
import org.keycloak.common.util.StreamUtil;
|
||||
import org.keycloak.connections.httpclient.HttpClientProvider;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URLEncoder;
|
||||
|
@ -29,8 +32,11 @@ import java.nio.charset.StandardCharsets;
|
|||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.startsWith;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotEquals;
|
||||
import static org.junit.Assert.assertThrows;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
/**
|
||||
|
@ -64,7 +70,7 @@ public final class SimpleHttpTest {
|
|||
@Test
|
||||
public void withCharset() throws IOException {
|
||||
HttpResponse httpResponse = createBasicResponse(entity);
|
||||
SimpleHttp.Response response = new SimpleHttp.Response(httpResponse);
|
||||
SimpleHttp.Response response = new SimpleHttp.Response(httpResponse, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
if (success) {
|
||||
assertEquals(original, response.asString());
|
||||
} else {
|
||||
|
@ -90,21 +96,39 @@ public final class SimpleHttpTest {
|
|||
|
||||
@Parameters(name = "{index}: requestWithEncoding({0})")
|
||||
public static Collection<Object[]> entities() {
|
||||
return Arrays.asList(new Object[][] { { "English" }, { "Русский" }, { "GermanÜmläütß" } });
|
||||
return Arrays.asList(new Object[][] {
|
||||
{ "English" },
|
||||
{ "Русский" },
|
||||
{ "GermanÜmläütß" },
|
||||
{ SecretGenerator.getInstance().randomString(1000) },
|
||||
{ SecretGenerator.getInstance().randomString(1024) }
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestWithEncoding() throws IOException {
|
||||
String expectedResponse = "{\"value\":\"" + value + "\"}";
|
||||
HttpClientMock client = new HttpClientMock();
|
||||
SimpleHttp.doPost("", client).json(new DummyEntity(value)).asResponse();
|
||||
assertEquals("{\"value\":\"" + value + "\"}", client.data);
|
||||
if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) {
|
||||
SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse();
|
||||
assertEquals(expectedResponse, response.asString());
|
||||
} else {
|
||||
IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString());
|
||||
assertThat(e.getMessage(), startsWith("Response is at least"));
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestWithEncodingParam() throws IOException {
|
||||
String expectedResponse = "dummy=" + URLEncoder.encode(value, "UTF-8");
|
||||
HttpClientMock client = new HttpClientMock();
|
||||
SimpleHttp.doPost("", client).param("dummy", value).asResponse();
|
||||
assertEquals("dummy=" + URLEncoder.encode(value, "UTF-8"), client.data);
|
||||
if (expectedResponse.getBytes(StandardCharsets.UTF_8).length < 1024) {
|
||||
SimpleHttp.Response response = SimpleHttp.doPost("", client, 1024).param("dummy", value).asResponse();
|
||||
assertEquals(expectedResponse, response.asString());
|
||||
} else {
|
||||
IOException e = assertThrows(IOException.class, () -> SimpleHttp.doPost("", client, 1024).json(new DummyEntity(value)).asResponse().asString());
|
||||
assertThat(e.getMessage(), startsWith("Response is at least"));
|
||||
}
|
||||
}
|
||||
|
||||
public static final class DummyEntity {
|
||||
|
@ -119,8 +143,6 @@ public final class SimpleHttpTest {
|
|||
*/
|
||||
public static final class HttpClientMock implements HttpClient {
|
||||
|
||||
String data;
|
||||
|
||||
@Override
|
||||
public HttpParams getParams() {
|
||||
fail(); return null;
|
||||
|
@ -132,50 +154,52 @@ public final class SimpleHttpTest {
|
|||
}
|
||||
|
||||
@Override
|
||||
public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException, ClientProtocolException {
|
||||
public HttpResponse execute(HttpUriRequest paramHttpUriRequest) throws IOException {
|
||||
HttpPost post = (HttpPost) paramHttpUriRequest;
|
||||
data = StreamUtil.readString(post.getEntity().getContent());
|
||||
return null;
|
||||
String content = StreamUtil.readString(post.getEntity().getContent(), StandardCharsets.UTF_8);
|
||||
BasicHttpResponse httpResponse = new BasicHttpResponse(new ProtocolVersion("HTTP", 1, 1), HttpStatus.SC_OK, "OK");
|
||||
httpResponse.setEntity(new StringEntity(content, StandardCharsets.UTF_8));
|
||||
return httpResponse;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpResponse execute(HttpUriRequest paramHttpUriRequest, HttpContext paramHttpContext)
|
||||
throws IOException, ClientProtocolException {
|
||||
throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException, ClientProtocolException {
|
||||
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest) throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpResponse execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, HttpContext paramHttpContext)
|
||||
throws IOException, ClientProtocolException {
|
||||
throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T> T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler<? extends T> paramResponseHandler)
|
||||
throws IOException, ClientProtocolException {
|
||||
throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T> T execute(HttpUriRequest paramHttpUriRequest, ResponseHandler<? extends T> paramResponseHandler,
|
||||
HttpContext paramHttpContext) throws IOException, ClientProtocolException {
|
||||
HttpContext paramHttpContext) throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T> T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler<? extends T> paramResponseHandler)
|
||||
throws IOException, ClientProtocolException {
|
||||
throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public <T> T execute(HttpHost paramHttpHost, HttpRequest paramHttpRequest, ResponseHandler<? extends T> paramResponseHandler,
|
||||
HttpContext paramHttpContext) throws IOException, ClientProtocolException {
|
||||
HttpContext paramHttpContext) throws IOException {
|
||||
fail(); return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -41,6 +41,7 @@ import java.io.InputStream;
|
|||
import java.security.KeyStore;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
|
||||
|
@ -49,20 +50,11 @@ import static org.keycloak.utils.StringUtil.isBlank;
|
|||
/**
|
||||
* The default {@link HttpClientFactory} for {@link HttpClientProvider HttpClientProvider's} used by Keycloak for outbound HTTP calls.
|
||||
* <p>
|
||||
* The constructed clients can be configured via Keycloaks SPI configuration, e.g. {@code standalone.xml, standalone-ha.xml, domain.xml}.
|
||||
* </p>
|
||||
* Example for Quarkus configuration:
|
||||
* <p>
|
||||
* Examples for jboss-cli
|
||||
* </p>
|
||||
* <pre>
|
||||
* {@code
|
||||
*
|
||||
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:add(enabled=true)
|
||||
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.connection-pool-size,value=128)
|
||||
* /subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=[".*\\.(google|googleapis)\\.com;http://www-proxy.acme.corp.com:8080",".*\\.acme\\.corp\\.com;NO_PROXY",".*;http://fallback:8080"])
|
||||
* spi-connections-http-client-default-connection-pool-size=10
|
||||
* }
|
||||
* </pre>
|
||||
* </p>
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class DefaultHttpClientFactory implements HttpClientFactory {
|
||||
|
@ -73,13 +65,15 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
|
|||
private static final String HTTPS_PROXY = "https_proxy";
|
||||
private static final String HTTP_PROXY = "http_proxy";
|
||||
private static final String NO_PROXY = "no_proxy";
|
||||
public static final String MAX_CONSUMED_RESPONSE_SIZE = "max-consumed-response-size";
|
||||
|
||||
private volatile CloseableHttpClient httpClient;
|
||||
private Config.Scope config;
|
||||
|
||||
private final BasicResponseHandler stringResponseHandler = new BasicResponseHandler();
|
||||
private BasicResponseHandler stringResponseHandler;
|
||||
|
||||
private final InputStreamResponseHandler inputStreamResponseHandler = new InputStreamResponseHandler();
|
||||
private long maxConsumedResponseSize;
|
||||
|
||||
private static class InputStreamResponseHandler extends AbstractResponseHandler<InputStream> {
|
||||
|
||||
|
@ -144,6 +138,11 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
|
|||
}
|
||||
return body;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getMaxConsumedResponseSize() {
|
||||
return maxConsumedResponseSize;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -153,7 +152,7 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
|
|||
if (httpClient != null) {
|
||||
httpClient.close();
|
||||
}
|
||||
} catch (IOException e) {
|
||||
} catch (IOException ignored) {
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -254,7 +253,8 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
|
|||
|
||||
@Override
|
||||
public void postInit(KeycloakSessionFactory factory) {
|
||||
|
||||
maxConsumedResponseSize = config.getLong(MAX_CONSUMED_RESPONSE_SIZE, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
stringResponseHandler = new SafeBasicResponseHandler(maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -334,6 +334,12 @@ public class DefaultHttpClientFactory implements HttpClientFactory {
|
|||
.type("string")
|
||||
.helpText("Denotes the combination of a regex based hostname pattern and a proxy-uri in the form of hostnamePattern;proxyUri.")
|
||||
.add()
|
||||
.property()
|
||||
.name(MAX_CONSUMED_RESPONSE_SIZE)
|
||||
.type("long")
|
||||
.helpText("Maximum size of a response consumed by the client (to prevent denial of service)")
|
||||
.defaultValue(HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE)
|
||||
.add()
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.connections.httpclient;
|
||||
|
||||
import org.apache.http.HttpEntity;
|
||||
import org.apache.http.impl.client.BasicResponseHandler;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
|
||||
*
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
class SafeBasicResponseHandler extends BasicResponseHandler {
|
||||
private final long maxConsumedResponseSize;
|
||||
|
||||
SafeBasicResponseHandler(long maxConsumedResponseSize) {
|
||||
this.maxConsumedResponseSize = maxConsumedResponseSize;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String handleEntity(HttpEntity entity) throws IOException {
|
||||
return super.handleEntity(new SafeHttpEntity(entity, maxConsumedResponseSize));
|
||||
}
|
||||
}
|
|
@ -0,0 +1,88 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.connections.httpclient;
|
||||
|
||||
import org.apache.http.Header;
|
||||
import org.apache.http.HttpEntity;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
||||
/**
|
||||
* Limit the amount of data read to prevent a {@link OutOfMemoryError}.
|
||||
*
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
class SafeHttpEntity implements HttpEntity {
|
||||
|
||||
private final HttpEntity delegate;
|
||||
private final long maxConsumedResponseSize;
|
||||
|
||||
SafeHttpEntity(HttpEntity delegate, long maxConsumedResponseSize) {
|
||||
this.delegate = delegate;
|
||||
this.maxConsumedResponseSize = maxConsumedResponseSize;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isRepeatable() {
|
||||
return delegate.isRepeatable();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isChunked() {
|
||||
return delegate.isChunked();
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getContentLength() {
|
||||
return delegate.getContentLength();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Header getContentType() {
|
||||
return delegate.getContentType();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Header getContentEncoding() {
|
||||
return delegate.getContentEncoding();
|
||||
}
|
||||
|
||||
@Override
|
||||
public InputStream getContent() throws IOException, UnsupportedOperationException {
|
||||
return new SafeInputStream(delegate.getContent(), maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void writeTo(OutputStream outputStream) throws IOException {
|
||||
delegate.writeTo(outputStream);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isStreaming() {
|
||||
return delegate.isStreaming();
|
||||
}
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public void consumeContent() throws IOException {
|
||||
delegate.consumeContent();
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,68 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.connections.httpclient;
|
||||
|
||||
import org.apache.http.HttpEntity;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.hamcrest.MatcherAssert;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
|
||||
/**
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public class SafeBasicResponseHandlerTest {
|
||||
|
||||
@Test
|
||||
public void shouldThrowExceptionForLongResponses() throws UnsupportedEncodingException {
|
||||
// arrange
|
||||
AtomicBoolean inputStreamHasBeenClosed = new AtomicBoolean(false);
|
||||
HttpEntity entity = new StringEntity("1234567890") {
|
||||
@Override
|
||||
public InputStream getContent() throws IOException {
|
||||
InputStream delegate = super.getContent();
|
||||
return new InputStream() {
|
||||
@Override
|
||||
public int read() throws IOException {
|
||||
return delegate.read();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws IOException {
|
||||
super.close();
|
||||
inputStreamHasBeenClosed.set(true);
|
||||
}
|
||||
};
|
||||
}
|
||||
};
|
||||
|
||||
// act
|
||||
IOException exception = Assert.assertThrows(IOException.class, () -> new SafeBasicResponseHandler(5).handleEntity(entity));
|
||||
|
||||
// assert
|
||||
MatcherAssert.assertThat("Too long response should throw an exception", exception.getMessage(), Matchers.startsWith("Response is at least"));
|
||||
MatcherAssert.assertThat("Stream should have been closed", inputStreamHasBeenClosed.get(), Matchers.is(true));
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
/*
|
||||
* Copyright 2024 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.broker.util;
|
||||
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.keycloak.broker.provider.util.SimpleHttp;
|
||||
import org.keycloak.connections.httpclient.HttpClientProvider;
|
||||
|
||||
/**
|
||||
* This class provides additional builders used in tests to create instances of SimpleHttpTest with a default length response size set.
|
||||
*
|
||||
* @author Alexander Schwartz
|
||||
*/
|
||||
public abstract class SimpleHttpDefault extends SimpleHttp {
|
||||
|
||||
protected SimpleHttpDefault(String url, String method, HttpClient client, long maxConsumedResponseSize) {
|
||||
// dummy constructor, only needed to make the compiler happy
|
||||
super(url, method, client, maxConsumedResponseSize);
|
||||
}
|
||||
|
||||
public static SimpleHttp doDelete(String url, HttpClient client) {
|
||||
return SimpleHttp.doDelete(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
}
|
||||
|
||||
public static SimpleHttp doPost(String url, HttpClient client) {
|
||||
return SimpleHttp.doPost(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
}
|
||||
|
||||
public static SimpleHttp doPut(String url, HttpClient client) {
|
||||
return SimpleHttp.doPut(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
}
|
||||
|
||||
public static SimpleHttp doGet(String url, HttpClient client) {
|
||||
return SimpleHttp.doGet(url, client, HttpClientProvider.DEFAULT_MAX_CONSUMED_RESPONSE_SIZE);
|
||||
}
|
||||
|
||||
}
|
|
@ -72,6 +72,7 @@ import org.keycloak.representations.RefreshToken;
|
|||
import org.keycloak.representations.UserInfo;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServerException;
|
||||
import org.keycloak.util.BasicAuthHelper;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
@ -1127,7 +1128,7 @@ public class OAuthClient {
|
|||
|
||||
public OIDCConfigurationRepresentation doWellKnownRequest(String realm) {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp request = SimpleHttp.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration",
|
||||
SimpleHttp request = SimpleHttpDefault.doGet(baseUrl + "/realms/" + realm + "/.well-known/openid-configuration",
|
||||
client);
|
||||
if (requestHeaders != null) {
|
||||
for (Map.Entry<String, String> entry : requestHeaders.entrySet()) {
|
||||
|
@ -2196,7 +2197,7 @@ public class OAuthClient {
|
|||
private JSONWebKeySet getRealmKeys(String realm) {
|
||||
String certUrl = baseUrl + "/realms/" + realm + "/protocol/openid-connect/certs";
|
||||
try (CloseableHttpClient client = httpClient.get()){
|
||||
return SimpleHttp.doGet(certUrl, client).asJson(JSONWebKeySet.class);
|
||||
return SimpleHttpDefault.doGet(certUrl, client).asJson(JSONWebKeySet.class);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException("Failed to retrieve keys", e);
|
||||
}
|
||||
|
|
|
@ -38,6 +38,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
@ -139,7 +140,7 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
|||
// Check if the feature really works
|
||||
private void checkIfFeatureWorks(boolean shouldWorks) {
|
||||
try {
|
||||
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
|
||||
List<SessionRepresentation> sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
|
||||
.asJson(new TypeReference<List<SessionRepresentation>>() {
|
||||
});
|
||||
assertEquals(1, sessions.size());
|
||||
|
|
|
@ -40,6 +40,7 @@ import org.keycloak.representations.userprofile.config.UPAttributePermissions;
|
|||
import org.keycloak.representations.userprofile.config.UPConfig;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.userprofile.UserProfileConstants;
|
||||
|
||||
import static org.hamcrest.Matchers.contains;
|
||||
|
@ -149,7 +150,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
|
|||
|
||||
private void testAccountUpdateAttributeExpectFailure(String attrName, boolean deniedForAdminAsWell) throws IOException {
|
||||
// Attribute not yet supposed to be on the user
|
||||
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName)));
|
||||
|
||||
// Assert not possible to add the attribute to the user
|
||||
|
@ -175,7 +176,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
|
|||
}
|
||||
|
||||
// Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed
|
||||
user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0));
|
||||
user.singleAttribute("someOtherAttr", "foo");
|
||||
user = updateAndGet(user);
|
||||
|
@ -198,7 +199,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
|
|||
|
||||
private void testAccountUpdateAttributeExpectSuccess(String attrName) throws IOException {
|
||||
// Attribute not yet supposed to be on the user
|
||||
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
assertThat(Optional.ofNullable(user.getAttributes()).orElse(Map.of()).keySet(), not(contains(attrName)));
|
||||
|
||||
// Assert not possible to add the attribute to the user
|
||||
|
@ -206,7 +207,7 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
|
|||
user = updateAndGet(user);
|
||||
|
||||
// Update attribute of the user with account REST to the same value (Case when we are updating existing attribute) - should be fine as our attribute is not changed
|
||||
user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
Assert.assertEquals("foo", user.getAttributes().get(attrName).get(0));
|
||||
user.singleAttribute("someOtherAttr", "foo");
|
||||
user = updateAndGet(user);
|
||||
|
@ -226,18 +227,18 @@ public class AccountRestServiceReadOnlyAttributesTest extends AbstractRestServic
|
|||
}
|
||||
|
||||
private UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
|
||||
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
assertEquals(204, status);
|
||||
return get();
|
||||
}
|
||||
|
||||
private UserRepresentation get() throws IOException {
|
||||
return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
}
|
||||
|
||||
|
||||
private void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
assertEquals(expectedStatus, response.getStatus());
|
||||
assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage());
|
||||
}
|
||||
|
|
|
@ -69,6 +69,7 @@ import org.keycloak.testsuite.AssertEvents;
|
|||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.forms.VerifyProfileTest;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
|
@ -297,7 +298,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
user.setFirstName(originalFirstName);
|
||||
user.setLastName(originalLastName);
|
||||
user.setEmail(originalEmail);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -345,7 +346,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
adminClient.realm("test").update(realmRep);
|
||||
|
||||
user.setEmail(originalEmail);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -405,7 +406,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
user.setFirstName(originalFirstName);
|
||||
user.setLastName(originalLastName);
|
||||
user.setEmail(originalEmail);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -512,7 +513,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
user.setFirstName(originalFirstName);
|
||||
user.setLastName(originalLastName);
|
||||
user.setEmail(originalEmail);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -562,7 +563,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
user.setUsername(originalUsername);
|
||||
user.setAttributes(originalAttributes);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -586,7 +587,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals("Homer1", user.getFirstName());
|
||||
} finally {
|
||||
user.setFirstName(originalFirstname);
|
||||
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
assertEquals(204, status);
|
||||
}
|
||||
}
|
||||
|
@ -601,7 +602,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
protected static UserRepresentation getUser(String accountUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException {
|
||||
SimpleHttp a = SimpleHttp.doGet(accountUrl, httpClient).auth(tokenUtil.getToken());
|
||||
SimpleHttp a = SimpleHttpDefault.doGet(accountUrl, httpClient).auth(tokenUtil.getToken());
|
||||
|
||||
try {
|
||||
return a.asJson(UserRepresentation.class);
|
||||
|
@ -612,7 +613,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
|
||||
SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
|
||||
SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
|
||||
try {
|
||||
assertEquals(204, a.asStatus());
|
||||
} catch (AssertionError e) {
|
||||
|
@ -624,7 +625,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
|
||||
protected void updateError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
assertEquals(expectedStatus, response.getStatus());
|
||||
ErrorRepresentation errorRep = response.asJson(ErrorRepresentation.class);
|
||||
List<ErrorRepresentation> errors = errorRep.getErrors();
|
||||
|
@ -643,23 +644,23 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
|
||||
// Read with no access
|
||||
assertEquals(403, SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus());
|
||||
assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus());
|
||||
|
||||
// Update with no access
|
||||
assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus());
|
||||
assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(noaccessToken.getToken()).json(new UserRepresentation()).asStatus());
|
||||
|
||||
// Update with read only
|
||||
assertEquals(403, SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus());
|
||||
assertEquals(403, SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(viewToken.getToken()).json(new UserRepresentation()).asStatus());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUpdateProfilePermissions() throws IOException {
|
||||
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
||||
int status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus();
|
||||
int status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(noaccessToken.getToken()).asStatus();
|
||||
assertEquals(403, status);
|
||||
|
||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
status = SimpleHttp.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus();
|
||||
status = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).header("Accept", "application/json").auth(viewToken.getToken()).asStatus();
|
||||
assertEquals(200, status);
|
||||
}
|
||||
|
||||
|
@ -739,7 +740,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertExpectedCredentialTypes(credentials, PasswordCredentialModel.TYPE, OTPCredentialModel.TYPE);
|
||||
|
||||
// Test password-only
|
||||
credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient)
|
||||
credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password"), httpClient)
|
||||
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
|
||||
Assert.assertEquals(1, credentials.size());
|
||||
password = credentials.get(0);
|
||||
|
@ -747,8 +748,8 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
Assert.assertEquals(1, password.getUserCredentialMetadatas().size());
|
||||
|
||||
// Test password-only and user-credentials
|
||||
credentials = SimpleHttp.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" +
|
||||
AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient)
|
||||
credentials = SimpleHttpDefault.doGet(getAccountUrl("credentials?" + AccountCredentialResource.TYPE + "=password&" +
|
||||
AccountCredentialResource.USER_CREDENTIALS + "=false"), httpClient)
|
||||
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
|
||||
Assert.assertEquals(1, credentials.size());
|
||||
password = credentials.get(0);
|
||||
|
@ -767,7 +768,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
.get();
|
||||
|
||||
// Test that current user can't update the credential, which belongs to the different user
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("credentials/" + otpCredential.getId() + "/label"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json("new-label")
|
||||
|
@ -775,7 +776,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals(404, response.getStatus());
|
||||
|
||||
// Test that current user can't delete the credential, which belongs to the different user
|
||||
response = SimpleHttp
|
||||
response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient)
|
||||
.acceptJson()
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -846,7 +847,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
.filter(credentialRep -> OTPCredentialModel.TYPE.equals(credentialRep.getType()))
|
||||
.findFirst()
|
||||
.get();
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("credentials/" + otpCredential.getId()), httpClient)
|
||||
.acceptJson()
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -865,7 +866,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
// Send REST request to get all credential containers and credentials of current user
|
||||
private List<AccountCredentialResource.CredentialContainer> getCredentials() throws IOException {
|
||||
return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient)
|
||||
return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient)
|
||||
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
|
||||
}
|
||||
|
||||
|
@ -944,7 +945,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
String otpCredentialId = otpCredential.getUserCredentialMetadatas().get(0).getCredential().getId();
|
||||
|
||||
// remove credential using account console as otp is removable
|
||||
try (SimpleHttp.Response response = SimpleHttp
|
||||
try (SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("credentials/" + otpCredentialId), httpClient)
|
||||
.acceptJson()
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -982,7 +983,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertCredentialContainerExpected(password, PasswordCredentialModel.TYPE, CredentialTypeMetadata.Category.BASIC_AUTHENTICATION.toString(),
|
||||
"password-display-name", "password-help-text", "kcAuthenticatorPasswordClass",
|
||||
null, UserModel.RequiredAction.UPDATE_PASSWORD.toString(), false, 1);
|
||||
try (SimpleHttp.Response response = SimpleHttp
|
||||
try (SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("credentials/" + password.getUserCredentialMetadatas().get(0).getCredential().getId()), httpClient)
|
||||
.acceptJson()
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1070,11 +1071,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void testDeleteSessions() throws IOException {
|
||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
oauth.doLogin("view-account-access", "password");
|
||||
List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||
List<SessionRepresentation> sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||
assertEquals(2, sessions.size());
|
||||
int status = SimpleHttp.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus();
|
||||
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=false"), httpClient).acceptJson().auth(viewToken.getToken()).asStatus();
|
||||
assertEquals(200, status);
|
||||
sessions = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||
sessions = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});
|
||||
assertEquals(1, sessions.size());
|
||||
}
|
||||
|
||||
|
@ -1085,7 +1086,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1108,7 +1109,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.param("name", "In Use")
|
||||
|
@ -1135,7 +1136,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertNull(offlineTokenResponse.getErrorDescription());
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1172,14 +1173,14 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
ConsentRepresentation requestedConsent = new ConsentRepresentation();
|
||||
requestedConsent.setGrantedScopes(Collections.singletonList(consentScopeRepresentation));
|
||||
SimpleHttp
|
||||
SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
.auth(token.getToken())
|
||||
.asJson(ConsentRepresentation.class);
|
||||
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1187,7 +1188,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
});
|
||||
assertFalse(applications.isEmpty());
|
||||
|
||||
SimpleHttp
|
||||
SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1217,7 +1218,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1246,7 +1247,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
@Test
|
||||
public void listApplicationsWithoutPermission() throws IOException {
|
||||
TokenUtil token = new TokenUtil("no-account-access", "password");
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1258,7 +1259,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void getNotExistingApplication() throws IOException {
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications/" + appId), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(token.getToken())
|
||||
|
@ -1283,7 +1284,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,2);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1304,7 +1305,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
events.assertEmpty();
|
||||
|
||||
//cleanup
|
||||
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
.asResponse();
|
||||
|
@ -1317,7 +1318,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1331,7 +1332,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
requestedScopes = testRealm().clientScopes().findAll().subList(1,2);
|
||||
requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1354,7 +1355,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
events.assertEmpty();
|
||||
|
||||
//Cleanup
|
||||
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
.asResponse();
|
||||
|
@ -1368,7 +1369,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1386,7 +1387,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1404,7 +1405,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1424,7 +1425,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
events.assertEmpty();
|
||||
|
||||
//Cleanup
|
||||
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
.asResponse();
|
||||
|
@ -1438,7 +1439,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1452,7 +1453,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
requestedScopes = testRealm().clientScopes().findAll().subList(1,2);
|
||||
requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1475,7 +1476,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
events.assertEmpty();
|
||||
|
||||
//Cleanup
|
||||
SimpleHttp.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
.asResponse();
|
||||
|
@ -1489,7 +1490,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1507,7 +1508,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doPut(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1525,7 +1526,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation1 = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation1 = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1536,7 +1537,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals(1, consentRepresentation1.getGrantedScopes().size());
|
||||
assertEquals(requestedScopes.get(0).getId(), consentRepresentation1.getGrantedScopes().get(0).getId());
|
||||
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation2 = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1550,7 +1551,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void getConsentForNotExistingClient() throws IOException {
|
||||
tokenUtil = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1562,7 +1563,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void getNotExistingConsentForClient() throws IOException {
|
||||
tokenUtil = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1574,7 +1575,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void getConsentWithoutPermission() throws IOException {
|
||||
tokenUtil = new TokenUtil("no-account-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1590,7 +1591,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
List<ClientScopeRepresentation> requestedScopes = testRealm().clientScopes().findAll().subList(0,1);
|
||||
ConsentRepresentation requestedConsent = createRequestedConsent(requestedScopes);
|
||||
|
||||
ConsentRepresentation consentRepresentation = SimpleHttp
|
||||
ConsentRepresentation consentRepresentation = SimpleHttpDefault
|
||||
.doPost(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.json(requestedConsent)
|
||||
|
@ -1601,7 +1602,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals(1, consentRepresentation.getGrantedScopes().size());
|
||||
assertEquals(requestedScopes.get(0).getId(), consentRepresentation.getGrantedScopes().get(0).getId());
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1616,7 +1617,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
.assertEvent();
|
||||
events.assertEmpty();
|
||||
|
||||
response = SimpleHttp
|
||||
response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1628,7 +1629,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void deleteConsentForNotExistingClient() throws IOException {
|
||||
tokenUtil = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1640,7 +1641,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void deleteConsentWithoutPermission() throws IOException {
|
||||
tokenUtil = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/" + appId + "/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1658,14 +1659,14 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
tokenUtil = new TokenUtil("view-applications-access", "password");
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
SimpleHttp.Response response = SimpleHttpDefault
|
||||
.doDelete(getAccountUrl("applications/offline-client/consent"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
.asResponse();
|
||||
assertEquals(204, response.getStatus());
|
||||
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
List<ClientRepresentation> applications = SimpleHttpDefault
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
.header("Accept", "application/json")
|
||||
.auth(tokenUtil.getToken())
|
||||
|
@ -1692,7 +1693,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
public void testInvalidApiVersion() throws IOException {
|
||||
apiVersion = "v2-foo";
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient).auth(tokenUtil.getToken()).asResponse();
|
||||
assertEquals("API version not found", response.asJson().get("error").textValue());
|
||||
assertEquals(404, response.getStatus());
|
||||
}
|
||||
|
@ -1703,7 +1704,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
|
||||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
|
||||
.auth(tokenResponse.getAccessToken())
|
||||
.header("Accept", "application/json")
|
||||
.asResponse();
|
||||
|
@ -1719,7 +1720,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
|
||||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
|
||||
response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
|
||||
.auth(tokenResponse.getAccessToken())
|
||||
.header("Accept", "application/json")
|
||||
.asResponse();
|
||||
|
@ -1731,7 +1732,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
tokenResponse = oauth.doGrantAccessTokenRequest("password", "test-user@localhost", "password");
|
||||
assertNull(tokenResponse.getErrorDescription());
|
||||
|
||||
response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
|
||||
response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
|
||||
.auth(tokenResponse.getAccessToken())
|
||||
.header("Accept", "application/json")
|
||||
.asResponse();
|
||||
|
@ -1749,7 +1750,7 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
realmRep.setAccountTheme("custom-account-provider");
|
||||
adminClient.realm("test").update(realmRep);
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp.doGet(getAccountUrl(null), httpClient)
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient)
|
||||
.header("Accept", "text/html")
|
||||
.asResponse();
|
||||
assertEquals(200, response.getStatus());
|
||||
|
|
|
@ -43,6 +43,7 @@ import org.keycloak.representations.idm.UserProfileAttributeMetadata;
|
|||
import org.keycloak.representations.idm.UserProfileMetadata;
|
||||
import org.keycloak.representations.account.UserRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.forms.VerifyProfileTest;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
|
||||
|
@ -325,7 +326,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe
|
|||
user.setLastName(originalLastName);
|
||||
user.setEmail(originalEmail);
|
||||
user.setAttributes(originalAttributes);
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
System.out.println(response.asString());
|
||||
assertEquals(204, response.getStatus());
|
||||
}
|
||||
|
@ -384,7 +385,7 @@ public class AccountRestServiceWithUserProfileTest extends AbstractRestServiceTe
|
|||
}
|
||||
|
||||
protected UserRepresentation updateAndGet(UserRepresentation user) throws IOException {
|
||||
SimpleHttp a = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
|
||||
SimpleHttp a = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user);
|
||||
try {
|
||||
assertEquals(204, a.asStatus());
|
||||
} catch (AssertionError e) {
|
||||
|
|
|
@ -27,6 +27,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
|
@ -133,7 +134,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
|
|||
}
|
||||
|
||||
private SortedSet<LinkedAccountRepresentation> linkedAccountsRep() throws IOException {
|
||||
return SimpleHttp.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<SortedSet<LinkedAccountRepresentation>>() {});
|
||||
return SimpleHttpDefault.doGet(getAccountUrl("linked-accounts"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<SortedSet<LinkedAccountRepresentation>>() {});
|
||||
}
|
||||
|
||||
private LinkedAccountRepresentation findLinkedAccount(String providerAlias) throws IOException {
|
||||
|
@ -147,7 +148,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
|
|||
@Test
|
||||
|
||||
public void testBuildLinkedAccountUri() throws IOException {
|
||||
AccountLinkUriRepresentation rep = SimpleHttp.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client)
|
||||
AccountLinkUriRepresentation rep = SimpleHttpDefault.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client)
|
||||
.auth(tokenUtil.getToken())
|
||||
.asJson(new TypeReference<AccountLinkUriRepresentation>() {});
|
||||
URI brokerUri = rep.getAccountLinkUri();
|
||||
|
@ -198,7 +199,7 @@ public class LinkedAccountsRestServiceTest extends AbstractTestRealmKeycloakTest
|
|||
@Test
|
||||
public void testRemoveLinkedAccount() throws IOException {
|
||||
assertTrue(findLinkedAccount("github").isConnected());
|
||||
SimpleHttp.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse();
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("linked-accounts/github"), client).auth(tokenUtil.getToken()).acceptJson().asResponse();
|
||||
assertFalse(findLinkedAccount("github").isConnected());
|
||||
}
|
||||
|
||||
|
|
|
@ -41,6 +41,7 @@ import org.keycloak.services.resources.account.resources.AbstractResourceService
|
|||
import org.keycloak.services.resources.account.resources.AbstractResourceService.Permission;
|
||||
import org.keycloak.services.resources.account.resources.AbstractResourceService.Resource;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
@ -350,7 +351,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
permissions.add(permission);
|
||||
}
|
||||
|
||||
SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
|
||||
SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json(permissions).asResponse();
|
||||
|
||||
|
@ -386,7 +387,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
permissions.add(new Permission(users.get(users.size() - 1), "Scope A", "Scope B", "Scope C", "Scope D"));
|
||||
|
||||
String resourceId = sharedResource.getId();
|
||||
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json(permissions).asResponse();
|
||||
|
||||
|
@ -410,7 +411,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
public void failShareResourceInvalidPermissions() throws Exception {
|
||||
List<Permission> permissions = new ArrayList<>();
|
||||
|
||||
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient)
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(getMyResources().get(0).getId()) + "/permissions"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json(permissions).asResponse();
|
||||
|
||||
|
@ -446,16 +447,16 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
// test read access
|
||||
for (String url : Arrays.asList(resourcesUrl, sharedWithOthersUrl, sharedWithMeUrl, resourceUrl, permissionsUrl, requestsUrl)) {
|
||||
assertEquals( "no-account-access GET " + url, 403,
|
||||
SimpleHttp.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus());
|
||||
SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).asStatus());
|
||||
assertEquals("view-account-access GET " + url,200,
|
||||
SimpleHttp.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus());
|
||||
SimpleHttpDefault.doGet(url, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).asStatus());
|
||||
}
|
||||
|
||||
// test write access
|
||||
assertEquals( "no-account-access PUT " + permissionsUrl, 403,
|
||||
SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
|
||||
SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(noAccessTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
|
||||
assertEquals( "view-account-access PUT " + permissionsUrl, 403,
|
||||
SimpleHttp.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
|
||||
SimpleHttpDefault.doPut(permissionsUrl, httpClient).acceptJson().auth(viewProfileTokenUtil.getToken()).json(Collections.emptyList()).asStatus());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -475,7 +476,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
permissions.add(new Permission(users.get(users.size() - 1), "Scope B", "Scope D"));
|
||||
|
||||
String resourceId = sharedResource.getId();
|
||||
SimpleHttp.Response response = SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resourceId) + "/permissions"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json(permissions).asResponse();
|
||||
|
||||
|
@ -611,7 +612,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
}
|
||||
|
||||
SimpleHttp.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
|
||||
SimpleHttpDefault.doPut(getAccountUrl("resources/" + encodePathAsIs(resource.getId()) + "/permissions"), httpClient)
|
||||
.auth(tokenUtil.getToken())
|
||||
.json(requests).asResponse();
|
||||
|
||||
|
@ -706,7 +707,7 @@ public class ResourcesRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
private SimpleHttp get(String resource, String token) {
|
||||
return SimpleHttp.doGet(getAccountUrl("resources" + resource), httpClient).auth(token);
|
||||
return SimpleHttpDefault.doGet(getAccountUrl("resources" + resource), httpClient).auth(token);
|
||||
}
|
||||
|
||||
private AuthzClient createAuthzClient(ClientRepresentation client) {
|
||||
|
|
|
@ -38,6 +38,7 @@ import org.keycloak.representations.account.ClientRepresentation;
|
|||
import org.keycloak.representations.account.DeviceRepresentation;
|
||||
import org.keycloak.representations.account.SessionRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
@ -100,25 +101,25 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
|
||||
// Read sessions with no access
|
||||
assertEquals(403, SimpleHttp.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
assertEquals(403, SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
.auth(noaccessToken.getToken()).asStatus());
|
||||
|
||||
// Delete all sessions with no access
|
||||
assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
.auth(noaccessToken.getToken()).asStatus());
|
||||
|
||||
// Delete all sessions with read only
|
||||
assertEquals(403, SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
assertEquals(403, SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient).header("Accept", "application/json")
|
||||
.auth(viewToken.getToken()).asStatus());
|
||||
|
||||
// Delete single session with no access
|
||||
assertEquals(403,
|
||||
SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
|
||||
.auth(noaccessToken.getToken()).asStatus());
|
||||
|
||||
// Delete single session with read only
|
||||
assertEquals(403,
|
||||
SimpleHttp.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
|
||||
SimpleHttpDefault.doDelete(getAccountUrl("sessions/bogusId"), httpClient).header("Accept", "application/json")
|
||||
.auth(viewToken.getToken()).asStatus());
|
||||
}
|
||||
|
||||
|
@ -310,14 +311,14 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals(2, sessions.size());
|
||||
|
||||
// With `ViewToken` you can only read
|
||||
int status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson()
|
||||
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson()
|
||||
.auth(viewToken.getToken()).asStatus();
|
||||
assertEquals(403, status);
|
||||
sessions = getSessions(viewToken.getToken());
|
||||
assertEquals(2, sessions.size());
|
||||
|
||||
// Here you can delete the session
|
||||
status = SimpleHttp.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken())
|
||||
status = SimpleHttpDefault.doDelete(getAccountUrl("sessions/" + sessionId), httpClient).acceptJson().auth(tokenUtil.getToken())
|
||||
.asStatus();
|
||||
assertEquals(204, status);
|
||||
sessions = getSessions(tokenUtil.getToken());
|
||||
|
@ -333,18 +334,18 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals(3, getSessions().size());
|
||||
|
||||
String currentToken = tokenResponse.getAccessToken();
|
||||
int status = SimpleHttp.doDelete(getAccountUrl("sessions"), httpClient)
|
||||
int status = SimpleHttpDefault.doDelete(getAccountUrl("sessions"), httpClient)
|
||||
.acceptJson()
|
||||
.auth(currentToken).asStatus();
|
||||
assertEquals(204, status);
|
||||
assertEquals(1, getSessions(currentToken).size());
|
||||
|
||||
status = SimpleHttp.doDelete(getAccountUrl("sessions?current=true"), httpClient)
|
||||
status = SimpleHttpDefault.doDelete(getAccountUrl("sessions?current=true"), httpClient)
|
||||
.acceptJson()
|
||||
.auth(currentToken).asStatus();
|
||||
assertEquals(204, status);
|
||||
|
||||
status = SimpleHttp.doGet(getAccountUrl("sessions"), httpClient)
|
||||
status = SimpleHttpDefault.doGet(getAccountUrl("sessions"), httpClient)
|
||||
.acceptJson()
|
||||
.auth(currentToken).asStatus();
|
||||
assertEquals(401, status);
|
||||
|
@ -406,7 +407,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
private List<SessionRepresentation> getSessions(String sessionOne) throws IOException {
|
||||
return SimpleHttp
|
||||
return SimpleHttpDefault
|
||||
.doGet(getAccountUrl("sessions"), httpClient).auth(sessionOne)
|
||||
.asJson(new TypeReference<List<SessionRepresentation>>() {
|
||||
});
|
||||
|
@ -425,7 +426,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
private List<DeviceRepresentation> queryDevices(String token) throws IOException {
|
||||
return SimpleHttp
|
||||
return SimpleHttpDefault
|
||||
.doGet(getAccountUrl("sessions/devices"), httpClient).auth(token)
|
||||
.asJson(new TypeReference<List<DeviceRepresentation>>() {
|
||||
});
|
||||
|
@ -446,7 +447,7 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
}
|
||||
|
||||
private List<SessionRepresentation> getSessions() throws IOException {
|
||||
return SimpleHttp
|
||||
return SimpleHttpDefault
|
||||
.doGet(getAccountUrl("sessions"), httpClient).auth(tokenUtil.getToken())
|
||||
.asJson(new TypeReference<List<SessionRepresentation>>() {
|
||||
});
|
||||
|
|
|
@ -9,6 +9,7 @@ import org.junit.Test;
|
|||
import org.keycloak.broker.provider.util.SimpleHttp;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
|
@ -41,7 +42,7 @@ public class AdminConsoleLandingPageTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void landingPage() throws IOException {
|
||||
String body = SimpleHttp.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString();
|
||||
String body = SimpleHttpDefault.doGet(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", client).asString();
|
||||
|
||||
Map<String, String> config = getConfig(body);
|
||||
String authUrl = config.get("authUrl");
|
||||
|
|
|
@ -28,6 +28,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
|
|||
import org.keycloak.representations.AccessTokenResponse;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.updaters.Creator;
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
|
@ -71,7 +72,7 @@ public class AdminConsolePermissionsCalculatedTest extends AbstractKeycloakTest
|
|||
|
||||
String whoAmiUrl = suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/admin/master/console/whoami?currentRealm=master";
|
||||
|
||||
JsonNode jsonNode = SimpleHttp.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson();
|
||||
JsonNode jsonNode = SimpleHttpDefault.doGet(whoAmiUrl, client).auth(accessToken.getToken()).asJson();
|
||||
|
||||
assertTrue("Permissions for " + Config.getAdminRealm() + " realm.", jsonNode.at("/realm_access/" + Config.getAdminRealm()).isArray());
|
||||
}
|
||||
|
|
|
@ -11,6 +11,7 @@ import org.keycloak.broker.provider.util.SimpleHttp;
|
|||
import org.keycloak.representations.AccessTokenResponse;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
|
@ -101,7 +102,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nDisabledUserWithoutLocale() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_OFF), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_OFF, USER_WITHOUT_LOCALE))
|
||||
|
@ -112,7 +113,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nDisabledUserWithLocale() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_OFF), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_OFF, USER_WITH_LOCALE))
|
||||
|
@ -123,7 +124,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nEnabledUserWithoutLocale() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_ON), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))
|
||||
|
@ -134,7 +135,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nEnabledUserWithLocale() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_ON), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_ON, USER_WITH_LOCALE))
|
||||
|
@ -145,7 +146,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nEnabledAcceptLanguageHeader() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_ON), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))
|
||||
|
@ -157,7 +158,7 @@ public class AdminConsoleWhoAmILocaleTest extends AbstractKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testLocaleRealmI18nEnabledKeycloakLocaleCookie() throws Exception {
|
||||
JsonNode whoAmI = SimpleHttp
|
||||
JsonNode whoAmI = SimpleHttpDefault
|
||||
.doGet(whoAmiUrl(REALM_I18N_ON), client)
|
||||
.header("Accept", "application/json")
|
||||
.auth(accessToken(REALM_I18N_ON, USER_WITHOUT_LOCALE))
|
||||
|
|
|
@ -39,6 +39,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.updaters.RealmAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
@ -490,7 +491,7 @@ public final class KcOidcBrokerTest extends AbstractAdvancedBrokerTest {
|
|||
assertThat(errorPage.getError(), is("Page not found"));
|
||||
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse();
|
||||
SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse();
|
||||
assertThat(simple, notNullValue());
|
||||
assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode()));
|
||||
|
||||
|
|
|
@ -53,6 +53,7 @@ import org.keycloak.representations.idm.UserSessionRepresentation;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
|
||||
import org.keycloak.testsuite.updaters.Creator;
|
||||
import org.keycloak.testsuite.util.AccountHelper;
|
||||
|
@ -362,7 +363,7 @@ public final class KcOidcBrokerTransientSessionsTest extends AbstractAdvancedBro
|
|||
assertThat(errorPage.getError(), is("Page not found"));
|
||||
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp.Response simple = SimpleHttp.doGet(LINK, client).asResponse();
|
||||
SimpleHttp.Response simple = SimpleHttpDefault.doGet(LINK, client).asResponse();
|
||||
assertThat(simple, notNullValue());
|
||||
assertThat(simple.getStatus(), is(Response.Status.NOT_FOUND.getStatusCode()));
|
||||
|
||||
|
|
|
@ -21,6 +21,7 @@ import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
import org.keycloak.utils.MediaType;
|
||||
|
@ -166,7 +167,7 @@ public class UncaughtErrorPageTest extends AbstractKeycloakTest {
|
|||
URI uri = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/realms/master/testing/uncaught-error").build();
|
||||
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp.Response response = SimpleHttp.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doGet(uri.toString(), client).header("Accept", MediaType.TEXT_HTML_UTF_8).asResponse();
|
||||
|
||||
for (BrowserSecurityHeaders header : BrowserSecurityHeaders.values()) {
|
||||
String expectedValue = header.getDefaultValue();
|
||||
|
|
|
@ -45,6 +45,7 @@ import org.keycloak.representations.userprofile.config.UPConfig;
|
|||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.services.resources.account.AccountCredentialResource;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.forms.VerifyProfileTest;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
import org.keycloak.testsuite.util.LDAPTestUtils;
|
||||
|
@ -248,11 +249,11 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
RealmModel appRealm = ctx.getRealm();
|
||||
appRealm.setEditUsernameAllowed(false);
|
||||
});
|
||||
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
user.setEmail("john-alias@email.org");
|
||||
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
|
||||
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
|
||||
|
||||
UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
assertEquals("johnkeycloak", usernew.getUsername());
|
||||
assertEquals("John", usernew.getFirstName());
|
||||
assertEquals("Doe", usernew.getLastName());
|
||||
|
@ -261,7 +262,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
|
||||
//clean up
|
||||
usernew.setEmail("john@email.org");
|
||||
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
|
||||
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
|
||||
|
||||
}
|
||||
|
||||
|
@ -272,11 +273,11 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
RealmModel appRealm = ctx.getRealm();
|
||||
appRealm.setEditUsernameAllowed(false);
|
||||
});
|
||||
UserRepresentation user = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation user = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
user.setEmail("john-alias@email.org");
|
||||
SimpleHttp.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
|
||||
SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(user).auth(tokenUtil.getToken()).asStatus();
|
||||
|
||||
UserRepresentation usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
UserRepresentation usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
assertEquals("johnkeycloak", usernew.getUsername());
|
||||
assertEquals("John", usernew.getFirstName());
|
||||
assertEquals("Doe", usernew.getLastName());
|
||||
|
@ -288,7 +289,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
|
||||
//clean up
|
||||
usernew.setEmail("john@email.org");
|
||||
final int i = SimpleHttp.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
|
||||
final int i = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).json(usernew).auth(tokenUtil.getToken()).asStatus();
|
||||
|
||||
org.keycloak.representations.idm.UserRepresentation userRep = testRealm().users()
|
||||
.search(usernew.getUsername()).get(0);
|
||||
|
@ -300,7 +301,7 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
userRep.setAttributes(null);
|
||||
|
||||
testRealm().users().get(userRep.getId()).update(userRep);
|
||||
usernew = SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
usernew = SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
|
||||
// Metadata attributes still not present in account REST
|
||||
Assert.assertNull(usernew.getAttributes());
|
||||
|
@ -317,23 +318,23 @@ public class LDAPAccountRestApiTest extends AbstractLDAPTest {
|
|||
}
|
||||
|
||||
private UserRepresentation getProfile() throws IOException {
|
||||
return SimpleHttp.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
return SimpleHttpDefault.doGet(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).asJson(UserRepresentation.class);
|
||||
}
|
||||
|
||||
private void updateProfileExpectSuccess(UserRepresentation user) throws IOException {
|
||||
int status = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
int status = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asStatus();
|
||||
assertEquals(204, status);
|
||||
}
|
||||
|
||||
private void updateProfileExpectError(UserRepresentation user, int expectedStatus, String expectedMessage) throws IOException {
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(getAccountUrl(null), httpClient).auth(tokenUtil.getToken()).json(user).asResponse();
|
||||
assertEquals(expectedStatus, response.getStatus());
|
||||
assertEquals(expectedMessage, response.asJson(ErrorRepresentation.class).getErrorMessage());
|
||||
}
|
||||
|
||||
// Send REST request to get all credential containers and credentials of current user
|
||||
private List<AccountCredentialResource.CredentialContainer> getCredentials() throws IOException {
|
||||
return SimpleHttp.doGet(getAccountUrl("credentials"), httpClient)
|
||||
return SimpleHttpDefault.doGet(getAccountUrl("credentials"), httpClient)
|
||||
.auth(tokenUtil.getToken()).asJson(new TypeReference<List<AccountCredentialResource.CredentialContainer>>() {});
|
||||
}
|
||||
|
||||
|
|
|
@ -42,6 +42,7 @@ import org.keycloak.storage.UserStorageProvider;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.federation.BackwardsCompatibilityUserStorageFactory;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.LoginConfigTotpPage;
|
||||
|
@ -249,7 +250,7 @@ public class BackwardsCompatibilityUserStorageTest extends AbstractTestRealmKeyc
|
|||
String otpCredentialId = otpCreds.get(0).getCredential().getId();
|
||||
|
||||
// Delete OTP credential from federated storage
|
||||
int deleteStatus = SimpleHttp.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient)
|
||||
int deleteStatus = SimpleHttpDefault.doDelete(accountCredentialsUrl + "/" + otpCredentialId, httpClient)
|
||||
.auth(accountToken).acceptJson().asStatus();
|
||||
Assert.assertEquals(204, deleteStatus);
|
||||
|
||||
|
@ -352,7 +353,7 @@ public class BackwardsCompatibilityUserStorageTest extends AbstractTestRealmKeyc
|
|||
}
|
||||
|
||||
private List<CredentialMetadataRepresentation> getOtpCredentialFromAccountREST(String accountCredentialsUrl, CloseableHttpClient httpClient, TokenUtil tokenUtil) throws IOException {
|
||||
List<AccountCredentialResource.CredentialContainer> credentials = SimpleHttp.doGet(accountCredentialsUrl, httpClient)
|
||||
List<AccountCredentialResource.CredentialContainer> credentials = SimpleHttpDefault.doGet(accountCredentialsUrl, httpClient)
|
||||
.auth(tokenUtil.getToken()).asJson(new TypeReference<>() {});
|
||||
|
||||
return credentials.stream()
|
||||
|
|
|
@ -72,6 +72,7 @@ import org.keycloak.storage.UserStorageProvider;
|
|||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.exportimport.ExportImportUtil;
|
||||
import org.keycloak.testsuite.runonserver.RunHelpers;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
@ -1118,7 +1119,7 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest {
|
|||
protected void testResourceTag() {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
URI url = suiteContext.getAuthServerInfo().getUriBuilder().path("/auth").build();
|
||||
String response = SimpleHttp.doGet(url.toString(), client).asString();
|
||||
String response = SimpleHttpDefault.doGet(url.toString(), client).asString();
|
||||
Matcher m = Pattern.compile("resources/([^/]*)/common").matcher(response);
|
||||
assertTrue(m.find());
|
||||
assertTrue(m.group(1).matches("[a-zA-Z0-9_\\-.~]{5}"));
|
||||
|
|
|
@ -39,6 +39,7 @@ import org.keycloak.models.Constants;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
|
@ -301,10 +302,10 @@ public class OAuthRedirectUriTest extends AbstractKeycloakTest {
|
|||
CloseableHttpClient client = HttpClients.custom().setDefaultRequestConfig(globalConfig).setDefaultCookieStore(cookieStore).build();
|
||||
|
||||
try {
|
||||
String loginPage = SimpleHttp.doGet(loginUrl, client).asString();
|
||||
String loginPage = SimpleHttpDefault.doGet(loginUrl, client).asString();
|
||||
|
||||
String formAction = loginPage.split("action=\"")[1].split("\"")[0].replaceAll("&", "&");
|
||||
SimpleHttp.Response response = SimpleHttp.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse();
|
||||
SimpleHttp.Response response = SimpleHttpDefault.doPost(formAction, client).param("username", "test-user@localhost").param("password", "password").asResponse();
|
||||
|
||||
response.getStatus();
|
||||
assertThat(response.getFirstHeader("Location"), Matchers.startsWith("android-app://org.keycloak.examples.cordova/https/keycloak-cordova-example.github.io/login"));
|
||||
|
|
|
@ -61,6 +61,7 @@ import org.keycloak.representations.oidc.TokenMetadataRepresentation;
|
|||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
import org.keycloak.testsuite.util.ClientManager;
|
||||
|
@ -326,7 +327,7 @@ public class TokenRevocationTest extends AbstractKeycloakTest {
|
|||
|
||||
// Test account REST not possible
|
||||
String accountUrl = OAuthClient.AUTH_SERVER_ROOT + "/realms/test/account";
|
||||
SimpleHttp accountRequest = SimpleHttp.doGet(accountUrl, restHttpClient)
|
||||
SimpleHttp accountRequest = SimpleHttpDefault.doGet(accountUrl, restHttpClient)
|
||||
.auth(accessTokenString)
|
||||
.acceptJson();
|
||||
assertEquals(Status.UNAUTHORIZED.getStatusCode(), accountRequest.asStatus());
|
||||
|
|
|
@ -73,6 +73,7 @@ import org.keycloak.testsuite.Assert;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
|
||||
import org.keycloak.testsuite.client.resources.TestOIDCEndpointsApplicationResource;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
|
@ -1436,11 +1437,11 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
|
||||
private String createEncryptedRequestObject(String encAlg) throws IOException, JWEException {
|
||||
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
|
||||
OIDCConfigurationRepresentation representation = SimpleHttp
|
||||
OIDCConfigurationRepresentation representation = SimpleHttpDefault
|
||||
.doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration",
|
||||
httpClient).asJson(OIDCConfigurationRepresentation.class);
|
||||
String jwksUri = representation.getJwksUri();
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
|
||||
Map<String, PublicKey> keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION);
|
||||
String keyId = null;
|
||||
|
||||
|
@ -1523,11 +1524,11 @@ public class OIDCAdvancedRequestParamsTest extends AbstractTestRealmKeycloakTest
|
|||
|
||||
byte[] contentBytes = JsonSerialization.writeValueAsBytes(requestObject);
|
||||
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
|
||||
OIDCConfigurationRepresentation representation = SimpleHttp
|
||||
OIDCConfigurationRepresentation representation = SimpleHttpDefault
|
||||
.doGet(getAuthServerRoot().toString() + "realms/" + oauth.getRealm() + "/.well-known/openid-configuration",
|
||||
httpClient).asJson(OIDCConfigurationRepresentation.class);
|
||||
String jwksUri = representation.getJwksUri();
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, httpClient).asJson(JSONWebKeySet.class);
|
||||
Map<String, PublicKey> keysForUse = JWKSUtils.getKeysForUse(jsonWebKeySet, JWK.Use.ENCRYPTION);
|
||||
String keyId = jweHeader.getKeyId();
|
||||
|
||||
|
|
|
@ -47,6 +47,7 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.forms.BrowserFlowTest;
|
||||
import org.keycloak.testsuite.forms.LevelOfAssuranceFlowTest;
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
|
@ -288,10 +289,10 @@ public class OIDCWellKnownProviderTest extends AbstractKeycloakTest {
|
|||
public void certs() throws IOException {
|
||||
TokenSignatureUtil.registerKeyProvider(Algorithm.ES256, adminClient, testContext);
|
||||
|
||||
OIDCConfigurationRepresentation representation = SimpleHttp.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class);
|
||||
OIDCConfigurationRepresentation representation = SimpleHttpDefault.doGet(getAuthServerRoot().toString() + "realms/test/.well-known/openid-configuration", client).asJson(OIDCConfigurationRepresentation.class);
|
||||
String jwksUri = representation.getJwksUri();
|
||||
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttp.doGet(jwksUri, client).asJson(JSONWebKeySet.class);
|
||||
JSONWebKeySet jsonWebKeySet = SimpleHttpDefault.doGet(jwksUri, client).asJson(JSONWebKeySet.class);
|
||||
assertEquals(3, jsonWebKeySet.getKeys().length);
|
||||
}
|
||||
|
||||
|
|
|
@ -25,6 +25,7 @@ import org.keycloak.representations.idm.ClientInitialAccessPresentation;
|
|||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.broker.util.SimpleHttpDefault;
|
||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
@ -274,7 +275,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
|
|||
|
||||
private void assertWelcomePage(String expectedAdminUrl) throws IOException {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/", client);
|
||||
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/", client);
|
||||
|
||||
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
|
||||
get.header(entry.getKey(), entry.getValue());
|
||||
|
@ -288,7 +289,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
|
|||
|
||||
private void assertOldAdminPageJsPathSetCorrectly(String realm, String expectedAdminUrl) throws IOException {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
|
||||
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
|
||||
|
||||
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
|
||||
get.header(entry.getKey(), entry.getValue());
|
||||
|
@ -302,7 +303,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
|
|||
|
||||
private void assertAdminPage(String realm, String expectedFrontendUrl, String expectedAdminUrl) throws IOException, URISyntaxException {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
SimpleHttp get = SimpleHttp.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
|
||||
SimpleHttp get = SimpleHttpDefault.doGet(AUTH_SERVER_ROOT + "/admin/" + realm + "/console/", client);
|
||||
|
||||
for (Map.Entry<String, String> entry : createRequestHeaders(expectedAdminUrl).entrySet()) {
|
||||
get.header(entry.getKey(), entry.getValue());
|
||||
|
|
Loading…
Reference in a new issue