KEYCLOAK-5556 support for POST for AuthorizationEndpoint

services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java

@@ -46,7 +46,10 @@ import org.keycloak.services.util.CacheControlUtil;
 import org.keycloak.sessions.AuthenticationSessionModel;
 import org.keycloak.util.TokenUtil;
 
+import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
@@ -92,10 +95,20 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
         event.event(EventType.LOGIN);
     }
 
+    @POST
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    public Response buildPost() {
+        logger.trace("Processing @POST request");
+        return process(httpRequest.getDecodedFormParameters());
+    }
+
     @GET
-    public Response build() {
-        MultivaluedMap<String, String> params = uriInfo.getQueryParameters();
-        String requestUri = uriInfo.getRequestUri().toString();
+    public Response buildGet() {
+        logger.trace("Processing @GET request");
+        return process(uriInfo.getQueryParameters());
+    }
+
+    private Response process(MultivaluedMap<String, String> params) {
         String clientId = params.getFirst(OIDCLoginProtocol.CLIENT_ID_PARAM);
 
         checkSsl();

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java

@@ -74,6 +74,8 @@ import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
+import javax.ws.rs.client.Entity;
+import javax.ws.rs.core.Form;
 
 import static org.keycloak.testsuite.admin.Users.getPasswordOf;
 
@@ -773,6 +775,17 @@ public class OAuthClient {
         return b.build(realm).toString();
     }
 
+    public Entity getLoginEntityForPOST() {
+        Form form = new Form()
+                .param(OAuth2Constants.SCOPE, TokenUtil.attachOIDCScope(scope))
+                .param(OAuth2Constants.RESPONSE_TYPE, responseType)
+                .param(OAuth2Constants.CLIENT_ID, clientId)
+                .param(OAuth2Constants.REDIRECT_URI, redirectUri)
+                .param(OAuth2Constants.STATE, this.state.getState());
+        
+        return Entity.form(form);
+    }
+
     public String getAccessTokenUrl() {
         UriBuilder b = OIDCLoginProtocolService.tokenUrl(UriBuilder.fromUri(baseUrl));
         return b.build(realm).toString();

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java

@@ -27,6 +27,7 @@ import org.keycloak.events.Errors;
 import org.keycloak.events.EventType;
 import org.keycloak.models.BrowserSecurityHeaders;
 import org.keycloak.models.Constants;
+import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.EventRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
@@ -41,6 +42,7 @@ import org.keycloak.testsuite.pages.ErrorPage;
 import org.keycloak.testsuite.pages.LoginPage;
 import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
 import org.keycloak.testsuite.util.OAuthClient;
+import org.keycloak.testsuite.util.Matchers;
 import org.keycloak.testsuite.util.RealmBuilder;
 import org.keycloak.testsuite.util.UserBuilder;
 import org.openqa.selenium.NoSuchElementException;
@@ -48,14 +50,18 @@ import org.openqa.selenium.NoSuchElementException;
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
 import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriBuilder;
 import java.util.Map;
 
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.is;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotEquals;
-import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.keycloak.testsuite.admin.ApiUtil.findClientByClientId;
+import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
 
 /**
  * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -110,14 +116,31 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
     public void testBrowserSecurityHeaders() {
         Client client = ClientBuilder.newClient();
         Response response = client.target(oauth.getLoginFormUrl()).request().get();
-        Assert.assertEquals(200, response.getStatus());
+        Assert.assertThat(response.getStatus(), is(equalTo(200)));
         for (Map.Entry<String, String> entry : BrowserSecurityHeaders.defaultHeaders.entrySet()) {
             String headerName = BrowserSecurityHeaders.headerAttributeMap.get(entry.getKey());
             String headerValue = response.getHeaderString(headerName);
             Assert.assertNotNull(headerValue);
-            Assert.assertEquals(headerValue, entry.getValue());
+            Assert.assertThat(headerValue, is(equalTo(entry.getValue())));
         }
         response.close();
+        client.close();
+    }
+
+    //KEYCLOAK-5556
+    @Test
+    public void testPOSTAuthenticationRequest() {
+        Client client = ClientBuilder.newClient();
+
+        //POST request to http://localhost:8180/auth/realms/test/protocol/openid-connect/auth;
+        UriBuilder b = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(AUTH_SERVER_ROOT));
+        Response response = client.target(b.build(oauth.getRealm())).request().post(oauth.getLoginEntityForPOST());
+        
+        Assert.assertThat(response.getStatus(), is(equalTo(200)));
+        Assert.assertThat(response, Matchers.body(containsString("Log In")));
+
+        response.close();
+        client.close();
     }
 
     @Test