From 6e7b36e82f42349ed7f1979ea77479bdbda17a68 Mon Sep 17 00:00:00 2001 From: Stefan Guilhen Date: Fri, 16 Aug 2024 00:06:05 -0300 Subject: [PATCH] Add migration tests for the IDP changes Signed-off-by: Stefan Guilhen --- .../migration/migrators/MigrateTo22_0_0.java | 10 +++++++- .../migration/AbstractMigrationTest.java | 16 ++++++++++++- .../JsonFileImport1903MigrationTest.java | 1 + .../JsonFileImport198MigrationTest.java | 1 + .../JsonFileImport255MigrationTest.java | 1 + .../JsonFileImport343MigrationTest.java | 1 + .../JsonFileImport483MigrationTest.java | 1 + .../JsonFileImport903MigrationTest.java | 1 + .../testsuite/migration/MigrationTest.java | 2 ++ .../migration-realm-19.0.3.json | 23 ++++++++++++++++++- .../migration-realm-24.0.4.json | 23 ++++++++++++++++++- 11 files changed, 76 insertions(+), 4 deletions(-) diff --git a/model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo22_0_0.java b/model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo22_0_0.java index a6496124a7..86778622cd 100644 --- a/model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo22_0_0.java +++ b/model/storage-private/src/main/java/org/keycloak/migration/migrators/MigrateTo22_0_0.java @@ -41,7 +41,15 @@ public class MigrateTo22_0_0 implements Migration { @Override public void migrate(KeycloakSession session) { - session.realms().getRealmsStream().forEach(realm -> removeHttpChallengeFlow(session, realm)); + session.realms().getRealmsStream().forEach(realm -> { + RealmModel currentRealm = session.getContext().getRealm(); + session.getContext().setRealm(realm); + try { + removeHttpChallengeFlow(session, realm); + } finally { + session.getContext().setRealm(currentRealm); + } + }); //login, account, email themes are handled by JpaUpdate22_0_0_RemoveRhssoThemes } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java index 3469c92b11..73733dcd0a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java @@ -41,6 +41,7 @@ import org.keycloak.models.AccountRoles; import org.keycloak.models.AdminRoles; import org.keycloak.models.AuthenticationExecutionModel; import org.keycloak.models.Constants; +import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.LDAPConstants; import org.keycloak.models.UserModel; import org.keycloak.models.utils.DefaultAuthenticationFlows; @@ -58,6 +59,7 @@ import org.keycloak.representations.idm.AuthenticationFlowRepresentation; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientScopeRepresentation; import org.keycloak.representations.idm.ComponentRepresentation; +import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.representations.idm.KeysMetadataRepresentation; import org.keycloak.representations.idm.MappingsRepresentation; import org.keycloak.representations.idm.ProtocolMapperRepresentation; @@ -106,6 +108,7 @@ import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.hasEntry; import static org.hamcrest.Matchers.hasItem; import static org.hamcrest.Matchers.hasSize; +import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.nullValue; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; @@ -118,7 +121,6 @@ import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT; import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT_LINKS; import static org.keycloak.models.AccountRoles.VIEW_GROUPS; import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID; -import static org.keycloak.testsuite.AbstractKeycloakTest.PREFERRED_DEFAULT_LOGIN_THEME; import static org.keycloak.testsuite.Assert.assertNames; import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER; import static org.keycloak.userprofile.DeclarativeUserProfileProvider.UP_COMPONENT_CONFIG_KEY; @@ -428,6 +430,11 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { testClientContainsExpectedClientScopes(); } + protected void testMigrationTo26_0_0(boolean testIdentityProviderConfigMigration) { + if (testIdentityProviderConfigMigration) { + testIdentityProviderConfigMigration(migrationRealm2); + } + } private void testClientContainsExpectedClientScopes() { // Test OIDC client contains expected client scopes @@ -1337,4 +1344,11 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { assertTrue(rep.isEnabled()); assertFalse(rep.isDefaultAction()); } + + private void testIdentityProviderConfigMigration(final RealmResource realm) { + IdentityProviderRepresentation rep = realm.identityProviders().get("gitlab").toRepresentation(); + // gitlab identity provider should have it's hideOnLoginPage attribute migrated from the config to the provider itself. + assertThat(rep.isHideOnLogin(), is(true)); + assertThat(rep.getConfig().containsKey(IdentityProviderModel.LEGACY_HIDE_ON_LOGIN_ATTR), is(false)); + } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport1903MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport1903MigrationTest.java index 39c83f5b82..2409364189 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport1903MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport1903MigrationTest.java @@ -69,6 +69,7 @@ public class JsonFileImport1903MigrationTest extends AbstractJsonFileImportMigra testMigrationTo23_x(true); testMigrationTo24_x(true, true); testMigrationTo25_0_0(); + testMigrationTo26_0_0(true); } @Test diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport198MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport198MigrationTest.java index 3e903071c0..9dbec7ff8f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport198MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport198MigrationTest.java @@ -80,6 +80,7 @@ public class JsonFileImport198MigrationTest extends AbstractJsonFileImportMigrat testMigrationTo23_x(false); testMigrationTo24_x(false); testMigrationTo25_0_0(); + testMigrationTo26_0_0(false); } @Override diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport255MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport255MigrationTest.java index 74c3aa0030..c484b74124 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport255MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport255MigrationTest.java @@ -74,6 +74,7 @@ public class JsonFileImport255MigrationTest extends AbstractJsonFileImportMigrat testMigrationTo23_x(false); testMigrationTo24_x(false); testMigrationTo25_0_0(); + testMigrationTo26_0_0(false); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport343MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport343MigrationTest.java index 6085b2120b..8795c96f2b 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport343MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport343MigrationTest.java @@ -69,6 +69,7 @@ public class JsonFileImport343MigrationTest extends AbstractJsonFileImportMigrat testMigrationTo23_x(false); testMigrationTo24_x(false); testMigrationTo25_0_0(); + testMigrationTo26_0_0(false); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport483MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport483MigrationTest.java index ff5efa54a3..829d257577 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport483MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport483MigrationTest.java @@ -63,6 +63,7 @@ public class JsonFileImport483MigrationTest extends AbstractJsonFileImportMigrat testMigrationTo23_x(false); testMigrationTo24_x(false); testMigrationTo25_0_0(); + testMigrationTo26_0_0(false); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport903MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport903MigrationTest.java index ae363b77b0..a4f42c4012 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport903MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/JsonFileImport903MigrationTest.java @@ -56,6 +56,7 @@ public class JsonFileImport903MigrationTest extends AbstractJsonFileImportMigrat testMigrationTo23_x(false); testMigrationTo24_x(false); testMigrationTo25_0_0(); + testMigrationTo26_0_0(false); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java index 2826ee7089..502966c059 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/MigrationTest.java @@ -71,6 +71,7 @@ public class MigrationTest extends AbstractMigrationTest { testMigrationTo23_x(true); testMigrationTo24_x(true, true); testMigrationTo25_0_0(); + testMigrationTo26_0_0(true); } @Test @@ -83,5 +84,6 @@ public class MigrationTest extends AbstractMigrationTest { testExtremelyLongClientAttribute(migrationRealm); testMigrationTo25_0_0(); + testMigrationTo26_0_0(true); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-19.0.3.json b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-19.0.3.json index e4edcf94fe..2c4ca1b7e7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-19.0.3.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-19.0.3.json @@ -2933,7 +2933,28 @@ "enabledEventTypes" : [ ], "adminEventsEnabled" : false, "adminEventsDetailsEnabled" : false, - "identityProviders" : [ ], + "identityProviders" : [ { + "alias" : "gitlab", + "internalId" : "6ff5ce97-5018-4bde-863a-d55ce7f6a40c", + "providerId" : "gitlab", + "enabled" : true, + "updateProfileFirstLoginMode" : "on", + "trustEmail" : false, + "storeToken" : false, + "addReadTokenRoleOnCreate" : false, + "authenticateByDefault" : false, + "linkOnly" : false, + "config" : { + "hideOnLoginPage" : "true", + "clientId" : "gitlab-client", + "acceptsPromptNoneForwardFromClient" : "false", + "disableUserInfo" : "false", + "syncMode" : "LEGACY", + "filteredByClaim" : "false", + "clientSecret" : "secret", + "caseSensitiveOriginalUsername" : "false" + } + } ], "identityProviderMappers" : [ ], "components" : { "org.keycloak.storage.UserStorageProvider": [ diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-24.0.4.json b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-24.0.4.json index 43032a493b..c97257cbb6 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-24.0.4.json +++ b/testsuite/integration-arquillian/tests/base/src/test/resources/migration-test/migration-realm-24.0.4.json @@ -5160,7 +5160,28 @@ "enabledEventTypes" : [ ], "adminEventsEnabled" : false, "adminEventsDetailsEnabled" : false, - "identityProviders" : [ ], + "identityProviders" : [ { + "alias" : "gitlab", + "internalId" : "6ff5ce97-5018-4bde-863a-d55ce7f6a40c", + "providerId" : "gitlab", + "enabled" : true, + "updateProfileFirstLoginMode" : "on", + "trustEmail" : false, + "storeToken" : false, + "addReadTokenRoleOnCreate" : false, + "authenticateByDefault" : false, + "linkOnly" : false, + "config" : { + "hideOnLoginPage" : "true", + "clientId" : "gitlab-client", + "acceptsPromptNoneForwardFromClient" : "false", + "disableUserInfo" : "false", + "syncMode" : "LEGACY", + "filteredByClaim" : "false", + "clientSecret" : "secret", + "caseSensitiveOriginalUsername" : "false" + } + } ], "identityProviderMappers" : [ ], "components" : { "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {