Add migration tests for the IDP changes

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo22_0_0.java

@@ -41,7 +41,15 @@ public class MigrateTo22_0_0 implements Migration {
 
     @Override
     public void migrate(KeycloakSession session) {
-        session.realms().getRealmsStream().forEach(realm -> removeHttpChallengeFlow(session, realm));
+        session.realms().getRealmsStream().forEach(realm -> {
+            RealmModel currentRealm = session.getContext().getRealm();
+            session.getContext().setRealm(realm);
+            try {
+                removeHttpChallengeFlow(session, realm);
+            } finally {
+                session.getContext().setRealm(currentRealm);
+            }
+        });
         //login, account, email themes are handled by JpaUpdate22_0_0_RemoveRhssoThemes
     }
 

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java

@@ -41,6 +41,7 @@ import org.keycloak.models.AccountRoles;
 import org.keycloak.models.AdminRoles;
 import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.models.Constants;
+import org.keycloak.models.IdentityProviderModel;
 import org.keycloak.models.LDAPConstants;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.DefaultAuthenticationFlows;
@@ -58,6 +59,7 @@ import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.ClientScopeRepresentation;
 import org.keycloak.representations.idm.ComponentRepresentation;
+import org.keycloak.representations.idm.IdentityProviderRepresentation;
 import org.keycloak.representations.idm.KeysMetadataRepresentation;
 import org.keycloak.representations.idm.MappingsRepresentation;
 import org.keycloak.representations.idm.ProtocolMapperRepresentation;
@@ -106,6 +108,7 @@ import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasEntry;
 import static org.hamcrest.Matchers.hasItem;
 import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
@@ -118,7 +121,6 @@ import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT;
 import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT_LINKS;
 import static org.keycloak.models.AccountRoles.VIEW_GROUPS;
 import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
-import static org.keycloak.testsuite.AbstractKeycloakTest.PREFERRED_DEFAULT_LOGIN_THEME;
 import static org.keycloak.testsuite.Assert.assertNames;
 import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
 import static org.keycloak.userprofile.DeclarativeUserProfileProvider.UP_COMPONENT_CONFIG_KEY;
@@ -428,6 +430,11 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest {
         testClientContainsExpectedClientScopes();
     }
 
+    protected void testMigrationTo26_0_0(boolean testIdentityProviderConfigMigration) {
+        if (testIdentityProviderConfigMigration) {
+            testIdentityProviderConfigMigration(migrationRealm2);
+        }
+    }
 
     private void testClientContainsExpectedClientScopes() {
         // Test OIDC client contains expected client scopes
@@ -1337,4 +1344,11 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest {
         assertTrue(rep.isEnabled());
         assertFalse(rep.isDefaultAction());
     }
+
+    private void testIdentityProviderConfigMigration(final RealmResource realm) {
+        IdentityProviderRepresentation rep = realm.identityProviders().get("gitlab").toRepresentation();
+        // gitlab identity provider should have it's hideOnLoginPage attribute migrated from the config to the provider itself.
+        assertThat(rep.isHideOnLogin(), is(true));
+        assertThat(rep.getConfig().containsKey(IdentityProviderModel.LEGACY_HIDE_ON_LOGIN_ATTR), is(false));
+    }
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport1903MigrationTest.java

@@ -69,6 +69,7 @@ public class JsonFileImport1903MigrationTest extends AbstractJsonFileImportMigra
         testMigrationTo23_x(true);
         testMigrationTo24_x(true, true);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(true);
     }
 
     @Test

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport198MigrationTest.java

@@ -80,6 +80,7 @@ public class JsonFileImport198MigrationTest extends AbstractJsonFileImportMigrat
         testMigrationTo23_x(false);
         testMigrationTo24_x(false);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(false);
     }
 
     @Override

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport255MigrationTest.java

@@ -74,6 +74,7 @@ public class JsonFileImport255MigrationTest extends AbstractJsonFileImportMigrat
         testMigrationTo23_x(false);
         testMigrationTo24_x(false);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(false);
     }
 
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport343MigrationTest.java

@@ -69,6 +69,7 @@ public class JsonFileImport343MigrationTest extends AbstractJsonFileImportMigrat
         testMigrationTo23_x(false);
         testMigrationTo24_x(false);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(false);
     }
 
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport483MigrationTest.java

@@ -63,6 +63,7 @@ public class JsonFileImport483MigrationTest extends AbstractJsonFileImportMigrat
         testMigrationTo23_x(false);
         testMigrationTo24_x(false);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(false);
     }
 
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport903MigrationTest.java

@@ -56,6 +56,7 @@ public class JsonFileImport903MigrationTest extends AbstractJsonFileImportMigrat
         testMigrationTo23_x(false);
         testMigrationTo24_x(false);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(false);
     }
 
 }

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java

@@ -71,6 +71,7 @@ public class MigrationTest extends AbstractMigrationTest {
         testMigrationTo23_x(true);
         testMigrationTo24_x(true, true);
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(true);
     }
 
     @Test
@@ -83,5 +84,6 @@ public class MigrationTest extends AbstractMigrationTest {
         testExtremelyLongClientAttribute(migrationRealm);
 
         testMigrationTo25_0_0();
+        testMigrationTo26_0_0(true);
     }
 }

testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-19.0.3.json

@@ -2933,7 +2933,28 @@
   "enabledEventTypes" : [ ],
   "adminEventsEnabled" : false,
   "adminEventsDetailsEnabled" : false,
-  "identityProviders" : [ ],
+  "identityProviders" : [ {
+    "alias" : "gitlab",
+    "internalId" : "6ff5ce97-5018-4bde-863a-d55ce7f6a40c",
+    "providerId" : "gitlab",
+    "enabled" : true,
+    "updateProfileFirstLoginMode" : "on",
+    "trustEmail" : false,
+    "storeToken" : false,
+    "addReadTokenRoleOnCreate" : false,
+    "authenticateByDefault" : false,
+    "linkOnly" : false,
+    "config" : {
+      "hideOnLoginPage" : "true",
+      "clientId" : "gitlab-client",
+      "acceptsPromptNoneForwardFromClient" : "false",
+      "disableUserInfo" : "false",
+      "syncMode" : "LEGACY",
+      "filteredByClaim" : "false",
+      "clientSecret" : "secret",
+      "caseSensitiveOriginalUsername" : "false"
+    }
+  } ],
   "identityProviderMappers" : [ ],
   "components" : {
     "org.keycloak.storage.UserStorageProvider": [

testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-24.0.4.json

@@ -5160,7 +5160,28 @@
   "enabledEventTypes" : [ ],
   "adminEventsEnabled" : false,
   "adminEventsDetailsEnabled" : false,
-  "identityProviders" : [ ],
+  "identityProviders" : [ {
+    "alias" : "gitlab",
+    "internalId" : "6ff5ce97-5018-4bde-863a-d55ce7f6a40c",
+    "providerId" : "gitlab",
+    "enabled" : true,
+    "updateProfileFirstLoginMode" : "on",
+    "trustEmail" : false,
+    "storeToken" : false,
+    "addReadTokenRoleOnCreate" : false,
+    "authenticateByDefault" : false,
+    "linkOnly" : false,
+    "config" : {
+      "hideOnLoginPage" : "true",
+      "clientId" : "gitlab-client",
+      "acceptsPromptNoneForwardFromClient" : "false",
+      "disableUserInfo" : "false",
+      "syncMode" : "LEGACY",
+      "filteredByClaim" : "false",
+      "clientSecret" : "secret",
+      "caseSensitiveOriginalUsername" : "false"
+    }
+  } ],
   "identityProviderMappers" : [ ],
   "components" : {
     "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {