diff --git a/.github/actions/build-keycloak/action.yml b/.github/actions/build-keycloak/action.yml
index 312ef809ee..6a670d2b43 100644
--- a/.github/actions/build-keycloak/action.yml
+++ b/.github/actions/build-keycloak/action.yml
@@ -24,10 +24,6 @@ runs:
with:
create-cache-if-it-doesnt-exist: true
- - id: phantomjs-cache
- name: PhantomJS cache
- uses: ./.github/actions/phantomjs-cache
-
- id: frontend-plugin-cache
name: Frontend Plugin Cache
uses: ./.github/actions/frontend-plugin-cache
diff --git a/.github/actions/integration-test-setup/action.yml b/.github/actions/integration-test-setup/action.yml
index 70a8d3ec82..9af8675344 100644
--- a/.github/actions/integration-test-setup/action.yml
+++ b/.github/actions/integration-test-setup/action.yml
@@ -25,10 +25,6 @@ runs:
name: Maven cache
uses: ./.github/actions/maven-cache
- - id: phantomjs-cache
- name: PhantomJS cache
- uses: ./.github/actions/phantomjs-cache
-
- id: frontend-plugin-cache
name: Frontend Plugin Cache
uses: ./.github/actions/frontend-plugin-cache
diff --git a/.github/actions/phantomjs-cache/action.yml b/.github/actions/phantomjs-cache/action.yml
deleted file mode 100644
index 616d2657b9..0000000000
--- a/.github/actions/phantomjs-cache/action.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-name: PhantomJS Cache
-description: Caches PhantomJS driver
-
-inputs:
- version:
- description: PhantomJS Driver version
- required: false
- default: 2.1.1
-
-runs:
- using: composite
- steps:
- - id: cache-phantomjs-driver
- name: PhantomJS Driver cache
- uses: actions/cache@v4
- with:
- path: ~/.arquillian/drone
- key: phantomjs-${{ inputs.version }}
-
- - id: download-phantomjs-driver
- name: Download PhantomJS Driver
- if: steps.cache-phantomjs-driver.outputs.cache-hit != 'true'
- shell: bash
- run: |
- mkdir -p ~/.arquillian/drone/phantomjs/${{ inputs.version }}/
- curl -L https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2 --output ~/.arquillian/drone/phantomjs/${{ inputs.version }}/phantomjs-${{ inputs.version }}-linux-x86_64.tar.bz2
diff --git a/testsuite/integration-arquillian/pom.xml b/testsuite/integration-arquillian/pom.xml
index c4d371bfef..5e9fc6dae8 100644
--- a/testsuite/integration-arquillian/pom.xml
+++ b/testsuite/integration-arquillian/pom.xml
@@ -626,30 +626,6 @@
false
-
-
-
- phantomjs-openssl-workaround
-
-
- unix
-
-
-
-
-
-
- maven-surefire-plugin
-
-
- /dev/null
-
-
-
-
-
-
-
diff --git a/testsuite/integration-arquillian/servers/auth-server/common/pki/root/ca/certs/clients/test-user-san-cert-test-user-key@localhost.p12 b/testsuite/integration-arquillian/servers/auth-server/common/pki/root/ca/certs/clients/test-user-san-cert-test-user-key@localhost.p12
new file mode 100644
index 0000000000..9abd651e9f
Binary files /dev/null and b/testsuite/integration-arquillian/servers/auth-server/common/pki/root/ca/certs/clients/test-user-san-cert-test-user-key@localhost.p12 differ
diff --git a/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml b/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
index 423545438c..626eedf1f6 100644
--- a/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
@@ -63,7 +63,7 @@
copy-resources
- ${auth.server.home}
+ ${auth.server.home}/conf
${common.resources}/keystore
@@ -71,6 +71,7 @@
ca.crt
client.crt
client.key
+ client.p12
client-ca.crt
client-ca.key
*.crl
@@ -80,7 +81,9 @@
${common.resources}/pki/root/ca
certs/clients/test-user-san@localhost.cert.pem
+ certs/clients/test-user-san@localhost.p12
certs/clients/test-user@localhost.key.pem
+ certs/clients/test-user-san-cert-test-user-key@localhost.p12
diff --git a/testsuite/integration-arquillian/tests/base/pom.xml b/testsuite/integration-arquillian/tests/base/pom.xml
index cdbba92ddb..a61c8b0592 100644
--- a/testsuite/integration-arquillian/tests/base/pom.xml
+++ b/testsuite/integration-arquillian/tests/base/pom.xml
@@ -46,9 +46,9 @@
1.19.0
${basedir}/../../servers/auth-server/common
3.8.1
- 11
- 11
- 11
+ 17
+ 17
+ 17
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakDronePostSetup.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakDronePostSetup.java
index 285e0f8333..77ec5c8551 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakDronePostSetup.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakDronePostSetup.java
@@ -39,10 +39,16 @@ import org.openqa.selenium.firefox.FirefoxOptions;
import org.openqa.selenium.htmlunit.HtmlUnitDriver;
import org.openqa.selenium.remote.RemoteWebDriver;
+import java.io.File;
+import java.net.MalformedURLException;
+
/**
* @author Marek Posolda
*/
public class KeycloakDronePostSetup {
+ public static final String HTML_UNIT_SSL_KEYSTORE_PROP = "htmlunit-ssl-keystore";
+ public static final String HTML_UNIT_SSL_KEYSTORE_PASSWORD_PROP = "htmlunit-ssl-keystore-password";
+ public static final String HTML_UNIT_SSL_KEYSTORE_TYPE_PROP = "htmlunit-ssl-keystore-type";
@Inject
@ClassScoped // needed in BrowserDriverIgnoreDecider
@@ -54,22 +60,19 @@ public class KeycloakDronePostSetup {
DronePoint dronePoint = event.getDronePoint();
Object drone = droneContext.get(dronePoint).getInstance();
- if (drone instanceof RemoteWebDriver) {
- RemoteWebDriver remoteWebDriver = (RemoteWebDriver) drone;
+ if (drone instanceof RemoteWebDriver remoteWebDriver) {
log.infof("Detected browser: %s %s", remoteWebDriver.getCapabilities().getBrowserName(), remoteWebDriver.getCapabilities().getBrowserVersion());
webDriverProducer.set(remoteWebDriver);
}
- if (drone instanceof WebDriver && !(drone instanceof AppiumDriver)) {
- WebDriver webDriver = (WebDriver) drone;
+ if (drone instanceof WebDriver webDriver && !(drone instanceof AppiumDriver)) {
configureDriverSettings(webDriver);
webDriverProducer.set(webDriver);
} else {
log.warn("Drone is not instanceof WebDriver for a desktop browser! Drone is " + drone);
}
- if (drone instanceof GrapheneProxyInstance) {
- GrapheneProxyInstance droneProxy = (GrapheneProxyInstance) drone;
+ if (drone instanceof GrapheneProxyInstance droneProxy) {
if (drone instanceof HtmlUnitDriver) {
droneProxy.registerInterceptor(new HtmlUnitInterceptor());
}
@@ -89,11 +92,11 @@ public class KeycloakDronePostSetup {
driver.manage().window().maximize();
configureFirefoxDriver(driver);
+ configureHtmlUnitDriver(driver);
}
private void configureFirefoxDriver(WebDriver driver) {
- if (driver instanceof FirefoxDriver) {
- FirefoxDriver firefoxDriver = (FirefoxDriver) driver;
+ if (driver instanceof FirefoxDriver firefoxDriver) {
Capabilities capabilities = firefoxDriver.getCapabilities();
FirefoxOptions options = new FirefoxOptions(capabilities);
// disables extension automatic updates as we don't need it when running the test suite
@@ -102,6 +105,28 @@ public class KeycloakDronePostSetup {
}
}
+ private void configureHtmlUnitDriver(WebDriver driver) {
+ if (driver instanceof HtmlUnitDriver htmlUnitDriver) {
+ final var keystore = System.getProperty(HTML_UNIT_SSL_KEYSTORE_PROP);
+ final var keystorePassword = System.getProperty(HTML_UNIT_SSL_KEYSTORE_PASSWORD_PROP);
+ final var keystoreType = System.getProperty(HTML_UNIT_SSL_KEYSTORE_TYPE_PROP);
+
+ log.info("Check HtmlUnit driver TLS settings");
+
+ if (keystore != null && keystorePassword != null && keystoreType != null) {
+ log.infof("Keystore '%s', password '%s', type '%s'", keystore, keystorePassword, keystoreType);
+
+ var options = htmlUnitDriver.getWebClient().getOptions();
+ options.setUseInsecureSSL(true);
+ try {
+ options.setSSLClientCertificateKeyStore(new File(keystore).toURI().toURL(), keystorePassword, keystoreType);
+ } catch (MalformedURLException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+ }
+
public static class HtmlUnitInterceptor implements Interceptor {
@Override
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakWebDriverConfigurator.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakWebDriverConfigurator.java
index 67e7fcf4b4..85bf910fe1 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakWebDriverConfigurator.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/drone/KeycloakWebDriverConfigurator.java
@@ -27,7 +27,6 @@ import org.jboss.arquillian.drone.webdriver.spi.BrowserCapabilities;
import org.jboss.arquillian.drone.webdriver.spi.BrowserCapabilitiesRegistry;
import org.jboss.logging.Logger;
import org.openqa.selenium.Capabilities;
-import org.openqa.selenium.phantomjs.PhantomJSDriverService;
import org.openqa.selenium.remote.CapabilityType;
import org.openqa.selenium.remote.DesiredCapabilities;
@@ -53,7 +52,6 @@ public class KeycloakWebDriverConfigurator {
DesiredCapabilities capabilitiesToAdd = new DesiredCapabilities();
updateCapabilityKeys("htmlUnit", webDriverCfg, capabilitiesToAdd);
updateCapabilityKeys("appium", webDriverCfg, capabilitiesToAdd);
- configurePhantomJSDriver(webDriverCfg, capabilitiesToAdd);
acceptAllSSLCerts(webDriverCfg, capabilitiesToAdd);
BrowserCapabilities browserCap = registryInstance.get().getEntryFor(webDriverCfg.getBrowser());
@@ -64,21 +62,6 @@ public class KeycloakWebDriverConfigurator {
capabilitiesToAdd.setCapability(CapabilityType.ACCEPT_INSECURE_CERTS, true);
}
- private void configurePhantomJSDriver(WebDriverConfiguration webDriverCfg, DesiredCapabilities capabilitiesToAdd) {
- if (!webDriverCfg.getBrowser().equals("phantomjs")) {
- return;
- }
-
- String cliArgs = System.getProperty("keycloak.phantomjs.cli.args");
-
- if (cliArgs == null) {
- cliArgs = "--ignore-ssl-errors=true --web-security=false";
- }
-
- capabilitiesToAdd.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, cliArgs);
- }
-
-
// This is to ensure that default value of capabilities like "version" will be used just for the HtmlUnitDriver, but not for other drivers.
// Hence in configs we have "htmlUnit.version" instead of "version"
private void updateCapabilityKeys(String browser, WebDriverConfiguration webDriverCfg, DesiredCapabilities capabilitiesToAdd, String... exclude) {
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/PhantomJSBrowser.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/HtmlUnitBrowser.java
similarity index 96%
rename from testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/PhantomJSBrowser.java
rename to testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/HtmlUnitBrowser.java
index f8ce1db2a8..82a4dcb21b 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/PhantomJSBrowser.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/HtmlUnitBrowser.java
@@ -26,5 +26,5 @@ import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.FIELD, ElementType.PARAMETER})
@Qualifier
-public @interface PhantomJSBrowser {
+public @interface HtmlUnitBrowser {
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
index db5360d4c5..f3e3a060e1 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
@@ -77,8 +77,6 @@ public class ConsoleProtectionTest extends AbstractAdapterTest {
@Before
public void beforeConsoleProtectionTest() throws IOException, OperationException {
- Assume.assumeTrue("This testClass doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser")));
-
try (OnlineManagementClient clientWorkerNodeClient = AppServerTestEnricher.getManagementClient()) {
Operations operations = new Operations(clientWorkerNodeClient);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
index d81ab903fa..e66827641b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
@@ -1,7 +1,6 @@
package org.keycloak.testsuite.javascript;
import org.jboss.arquillian.graphene.page.Page;
-import org.junit.Assume;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -318,8 +317,6 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void grantBrowserBasedApp() {
- Assume.assumeTrue("This test doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser")));
-
ClientResource clientResource = ApiUtil.findClientResourceByClientId(adminClient.realm(REALM_NAME), CLIENT_ID);
ClientRepresentation client = clientResource.toRepresentation();
try {
@@ -455,13 +452,10 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
// Possibility of 0 and 401 is caused by this issue: https://issues.redhat.com/browse/KEYCLOAK-12686
.sendXMLHttpRequest(request, response -> assertThat(response, hasEntry(is("status"), anyOf(is(0L), is(401L)))))
.refresh();
- if (!"phantomjs".equals(System.getProperty("js.browser"))) {
- // I have no idea why, but this request doesn't work with phantomjs, it works in chrome
- testExecutor.logInAndInit(defaultArguments(), unauthorizedUser, this::assertInitAuth)
- .sendXMLHttpRequest(request, output -> assertThat(output, hasEntry("status", 403L)))
- .logout(this::assertOnTestAppUrl)
- .refresh();
- }
+ testExecutor.logInAndInit(defaultArguments(), unauthorizedUser, this::assertInitAuth)
+ .sendXMLHttpRequest(request, output -> assertThat(output, hasEntry("status", 403L)))
+ .logout(this::assertOnTestAppUrl)
+ .refresh();
testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.sendXMLHttpRequest(request, assertResponseStatus(200));
}
@@ -711,10 +705,6 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void spaceInRealmNameTest() {
- // Unfortunately this test doesn't work on phantomjs
- // it looks like phantomjs double encode %20 => %25%20
- Assume.assumeTrue("This test doesn't work with phantomjs", !"phantomjs".equals(System.getProperty("js.browser")));
-
try {
adminClient.realm(REALM_NAME).update(RealmBuilder.edit(adminClient.realm(REALM_NAME).toRepresentation()).name(SPACE_REALM_NAME).build());
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/welcomepage/WelcomePageTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/welcomepage/WelcomePageTest.java
index 8b85457c28..f689959e60 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/welcomepage/WelcomePageTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/welcomepage/WelcomePageTest.java
@@ -33,7 +33,7 @@ import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.auth.page.WelcomePage;
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
import org.keycloak.testsuite.util.DroneUtils;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
import java.net.InetAddress;
@@ -54,15 +54,15 @@ import static org.keycloak.testsuite.util.URLUtils.navigateToUri;
public class WelcomePageTest extends AbstractKeycloakTest {
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Page
- @PhantomJSBrowser
+ @HtmlUnitBrowser
protected OIDCLogin loginPage;
@Page
- @PhantomJSBrowser
+ @HtmlUnitBrowser
protected WelcomePage welcomePage;
@Override
@@ -80,7 +80,7 @@ public class WelcomePageTest extends AbstractKeycloakTest {
Assume.assumeThat("Test skipped",
suiteContext.getAuthServerInfo().isJBossBased(),
Matchers.is(true));
- DroneUtils.replaceDefaultWebDriver(this, phantomJS);
+ DroneUtils.replaceDefaultWebDriver(this, htmlUnit);
setDefaultPageUriParameters();
}
@@ -150,8 +150,7 @@ public class WelcomePageTest extends AbstractKeycloakTest {
public void test_5_AccessCreatedAdminAccount() throws Exception {
welcomePage.navigateTo();
welcomePage.navigateToAdminConsole();
- // TODO PhantomJS is not loading the new admin console for some reason, so is not redirecting to the login page. It works with Chrome though.
- Assert.assertEquals("Keycloak Administration Console", phantomJS.getTitle());
+ Assert.assertEquals("Keycloak Administration Console", htmlUnit.getTitle());
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
index 5419181294..aff6c0e402 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
@@ -18,6 +18,7 @@
package org.keycloak.testsuite.x509;
+import jakarta.ws.rs.core.Response;
import org.hamcrest.Matchers;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.logging.Logger;
@@ -62,14 +63,14 @@ import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.AssertAdminEvents;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.DroneUtils;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.userprofile.UserProfileConstants;
+import org.keycloak.utils.StringUtil;
import org.openqa.selenium.WebDriver;
-import jakarta.ws.rs.core.Response;
import java.lang.reflect.Field;
import java.net.URI;
import java.util.ArrayList;
@@ -90,7 +91,11 @@ import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorC
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN;
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN_CN;
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN_EMAIL;
+import static org.keycloak.testsuite.drone.KeycloakDronePostSetup.HTML_UNIT_SSL_KEYSTORE_PASSWORD_PROP;
+import static org.keycloak.testsuite.drone.KeycloakDronePostSetup.HTML_UNIT_SSL_KEYSTORE_PROP;
+import static org.keycloak.testsuite.drone.KeycloakDronePostSetup.HTML_UNIT_SSL_KEYSTORE_TYPE_PROP;
import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.utils.StringUtil.isBlank;
/**
* @author Peter Nalyvayko
@@ -126,7 +131,7 @@ public abstract class AbstractX509AuthenticationTest extends AbstractTestRealmKe
protected AuthenticationExecutionInfoRepresentation directGrantExecution;
- private static SetSystemProperty phantomjsCliArgs;
+ private static final List systemProperties = new ArrayList<>(10);
@Rule
public AssertEvents events = new AssertEvents(this);
@@ -135,15 +140,15 @@ public abstract class AbstractX509AuthenticationTest extends AbstractTestRealmKe
public AssertAdminEvents assertAdminEvents = new AssertAdminEvents(this);
@Page
- @PhantomJSBrowser
+ @HtmlUnitBrowser
protected AppPage appPage;
@Page
- @PhantomJSBrowser
+ @HtmlUnitBrowser
protected X509IdentityConfirmationPage loginConfirmationPage;
@Page
- @PhantomJSBrowser
+ @HtmlUnitBrowser
protected LoginPage loginPage;
@@ -160,48 +165,31 @@ public abstract class AbstractX509AuthenticationTest extends AbstractTestRealmKe
@BeforeClass
public static void onBeforeTestClass() {
- configurePhantomJS("/ca.crt", "/client.crt", "/client.key", "password");
+ configureHtmlUnit("/client.p12");
}
@AfterClass
public static void onAfterTestClass() {
- phantomjsCliArgs.revert();
+ systemProperties.forEach(SetSystemProperty::revert);
}
- /**
- * Setup phantom JS to be used for mutual TLS testing. All file paths are relative to "authServerHome"
- *
- * @param certificatesPath
- * @param clientCertificateFile
- * @param clientKeyFile
- * @param clientKeyPassword
- */
- protected static void configurePhantomJS(String certificatesPath, String clientCertificateFile, String clientKeyFile, String clientKeyPassword) {
+ protected static void configureHtmlUnit(String keystore) {
+ configureHtmlUnit(keystore, "password", "pkcs12");
+ }
+
+ protected static void configureHtmlUnit(String keystore, String keystorePassword, String keystoreType) {
String authServerHome = getAuthServerHome();
if (authServerHome != null && System.getProperty("auth.server.ssl.required") != null) {
- StringBuilder cliArgs = new StringBuilder();
-
- cliArgs.append("--ignore-ssl-errors=true ");
- cliArgs.append("--web-security=false ");
- if (certificatesPath != null) {
- cliArgs.append("--ssl-certificates-path=").append(authServerHome).append(certificatesPath).append(" ");
+ if (isBlank(keystore) || isBlank(keystorePassword) || isBlank(keystoreType)) {
+ throw new IllegalArgumentException("You need to specify keystore name, password, and type.");
}
- if (clientCertificateFile != null) {
- cliArgs.append("--ssl-client-certificate-file=").append(authServerHome).append(clientCertificateFile).append(" ");
- }
- if (clientKeyFile != null) {
- cliArgs.append("--ssl-client-key-file=").append(authServerHome).append(clientKeyFile).append(" ");
- }
- if (clientKeyPassword != null) {
- cliArgs.append("--ssl-client-key-passphrase=").append(clientKeyPassword).append(" ");
- }
-
- phantomjsCliArgs = new SetSystemProperty("keycloak.phantomjs.cli.args", cliArgs.toString());
+ systemProperties.add(new SetSystemProperty(HTML_UNIT_SSL_KEYSTORE_PROP, authServerHome + keystore));
+ systemProperties.add(new SetSystemProperty(HTML_UNIT_SSL_KEYSTORE_PASSWORD_PROP, keystorePassword));
+ systemProperties.add(new SetSystemProperty(HTML_UNIT_SSL_KEYSTORE_TYPE_PROP, keystoreType));
}
}
-
private static boolean isAuthServerJBoss() {
return Boolean.parseBoolean(System.getProperty("auth.server.jboss"));
}
@@ -219,6 +207,10 @@ public abstract class AbstractX509AuthenticationTest extends AbstractTestRealmKe
authServerHome = authServerHome + "/standalone/configuration";
}
+ if (AuthServerTestEnricher.isAuthServerQuarkus()) {
+ authServerHome = authServerHome + "/conf";
+ }
+
return authServerHome;
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserCRLTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserCRLTest.java
index 5020646f95..0eb9efe039 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserCRLTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserCRLTest.java
@@ -29,7 +29,7 @@ import org.keycloak.models.Constants;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.util.ContainerAssume;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
import static org.hamcrest.Matchers.containsString;
@@ -46,13 +46,13 @@ public class X509BrowserCRLTest extends AbstractX509AuthenticationTest {
public static CRLRule crlRule = new CRLRule();
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@@ -176,6 +176,9 @@ public class X509BrowserCRLTest extends AbstractX509AuthenticationTest {
@Test
public void loginWithMultipleRevocationListsUsingInvalidCert() {
+ // not sure why it is failing on Undertow - works with Quarkus
+ ContainerAssume.assumeNotAuthServerUndertow();
+
X509AuthenticatorConfigModel config =
new X509AuthenticatorConfigModel()
.setCRLEnabled(true)
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginIssuerDnTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginIssuerDnTest.java
index 5e9d62b796..d3eeafc585 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginIssuerDnTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginIssuerDnTest.java
@@ -27,10 +27,9 @@ import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
-
/**
* @author Sebastian Loesch
* @date 02/14/2019
@@ -39,12 +38,12 @@ import org.openqa.selenium.WebDriver;
public class X509BrowserLoginIssuerDnTest extends AbstractX509AuthenticationTest {
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@BeforeClass
@@ -59,8 +58,7 @@ public class X509BrowserLoginIssuerDnTest extends AbstractX509AuthenticationTest
@BeforeClass
public static void onBeforeTestClass() {
- configurePhantomJS("/ca.crt", "/certs/clients/test-user-san@localhost.cert.pem",
- "/certs/clients/test-user@localhost.key.pem", "password");
+ configureHtmlUnit("/certs/clients/test-user-san-cert-test-user-key@localhost.p12");
}
private String setup(boolean canonicalDnEnabled) throws Exception {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectAltNameTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectAltNameTest.java
index 8be212dced..f1795e551c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectAltNameTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectAltNameTest.java
@@ -20,8 +20,9 @@ package org.keycloak.testsuite.x509;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.junit.Ignore;
import org.junit.Test;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
/**
@@ -33,18 +34,17 @@ import org.openqa.selenium.WebDriver;
public class X509BrowserLoginSubjectAltNameTest extends AbstractX509AuthenticationTest {
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@BeforeClass
public static void onBeforeTestClass() {
- configurePhantomJS("/ca.crt", "/certs/clients/test-user-san@localhost.cert.pem",
- "/certs/clients/test-user@localhost.key.pem", "password");
+ configureHtmlUnit("/certs/clients/test-user-san-cert-test-user-key@localhost.p12");
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectDnTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectDnTest.java
index 7d95c66ef1..be196b018f 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectDnTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginSubjectDnTest.java
@@ -17,17 +17,12 @@
package org.keycloak.testsuite.x509;
-import java.security.NoSuchProviderException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-
import org.jboss.arquillian.drone.api.annotation.Drone;
-import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
/**
@@ -38,28 +33,17 @@ import org.openqa.selenium.WebDriver;
public class X509BrowserLoginSubjectDnTest extends AbstractX509AuthenticationTest {
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
- }
-
- @BeforeClass
- public static void checkAssumption() {
- try {
- CertificateFactory.getInstance("X.509", "SUN");
- }
- catch (CertificateException | NoSuchProviderException e) {
- Assume.assumeNoException("Test assumes the SUN security provider", e);
- }
+ replaceDefaultWebDriver(htmlUnit);
}
@BeforeClass
public static void onBeforeTestClass() {
- configurePhantomJS("/ca.crt", "/certs/clients/test-user-san@localhost.cert.pem",
- "/certs/clients/test-user@localhost.key.pem", "password");
+ configureHtmlUnit("/certs/clients/test-user-san-cert-test-user-key@localhost.p12");
}
private String setup(boolean canonicalDnEnabled) throws Exception {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginTest.java
index 5f99432da6..470e04add0 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509BrowserLoginTest.java
@@ -20,7 +20,7 @@ package org.keycloak.testsuite.x509;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.keycloak.testsuite.AssertEvents;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
@@ -58,18 +58,15 @@ import org.openqa.selenium.WebDriver;
public class X509BrowserLoginTest extends AbstractX509AuthenticationTest {
-
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
-
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
-
@Test
public void loginAsUserFromCertSubjectEmail() throws Exception {
// Login using an e-mail extracted from certificate's subject DN
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509DirectGrantTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509DirectGrantTest.java
index 5e43eb90e8..0b03444d70 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509DirectGrantTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509DirectGrantTest.java
@@ -20,7 +20,6 @@ package org.keycloak.testsuite.x509;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.junit.Assert;
-import org.junit.Assume;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
@@ -32,11 +31,10 @@ import org.keycloak.representations.AccessToken;
import org.keycloak.representations.RefreshToken;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.sessions.AuthenticationSessionProvider;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
import jakarta.ws.rs.core.Response;
@@ -58,12 +56,12 @@ import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorC
public class X509DirectGrantTest extends AbstractX509AuthenticationTest {
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java
index 1c266fe633..4f5d48f97f 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderFailOpenTest.java
@@ -14,7 +14,7 @@ import org.jboss.arquillian.drone.api.annotation.Drone;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.testsuite.util.OAuthClient;
@@ -35,12 +35,12 @@ public class X509OCSPResponderFailOpenTest extends AbstractX509AuthenticationTes
private Undertow ocspResponder;
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderSpecificCertTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderSpecificCertTest.java
index 084c9ef618..c7e5f54208 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderSpecificCertTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderSpecificCertTest.java
@@ -37,7 +37,7 @@ import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorC
import io.undertow.Undertow;
import io.undertow.server.handlers.BlockingHandler;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
/**
@@ -58,12 +58,12 @@ public class X509OCSPResponderSpecificCertTest extends AbstractX509Authenticatio
private Undertow ocspResponder;
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java
index 36018d3eb2..a2bfbb252a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509OCSPResponderTest.java
@@ -44,7 +44,7 @@ import java.nio.file.Paths;
import java.util.function.Supplier;
import org.apache.commons.io.IOUtils;
import org.apache.http.impl.client.CloseableHttpClient;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
/**
@@ -65,12 +65,12 @@ public class X509OCSPResponderTest extends AbstractX509AuthenticationTest {
private Undertow ocspResponder;
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlUnit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlUnit);
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509SingleCertificateBrowserCRLTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509SingleCertificateBrowserCRLTest.java
index b3678145ee..73bc8053c7 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509SingleCertificateBrowserCRLTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/X509SingleCertificateBrowserCRLTest.java
@@ -24,7 +24,7 @@ import org.junit.Test;
import org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel;
import org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.IdentityMapperType;
import org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType;
-import org.keycloak.testsuite.util.PhantomJSBrowser;
+import org.keycloak.testsuite.util.HtmlUnitBrowser;
import org.openqa.selenium.WebDriver;
/**
@@ -37,18 +37,18 @@ public class X509SingleCertificateBrowserCRLTest extends AbstractX509Authenticat
public static CRLRule crlRule = new CRLRule();
@Drone
- @PhantomJSBrowser
- private WebDriver phantomJS;
+ @HtmlUnitBrowser
+ private WebDriver htmlunit;
@Before
public void replaceTheDefaultDriver() {
- replaceDefaultWebDriver(phantomJS);
+ replaceDefaultWebDriver(htmlunit);
}
@BeforeClass
public static void onBeforeTestClass() {
// configure single certificate without CA cert
- configurePhantomJS(null, "/client-ca.crt", "/client-ca.key", "password");
+ configureHtmlUnit("/client-ca.jks", "secret", "jks");
}
@Test
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index 1b201f2f7c..cb3d8df584 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -91,9 +91,10 @@
${chromeDriverVersion}
-
- phantomjs
- ${webdriverDownloadBinaries}
+
+ htmlunit
+ ${htmlUnitBrowserVersion}
+ cssEnabled=false;historyPageCacheLimit=1
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 5f55c476fe..d220bc4729 100644
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -290,7 +290,7 @@
${containers.home}/auth-server-undertow
- *.jks,*.crt,*.truststore,*.crl,*.key,certs/clients/*
+ *.jks,*.p12,*.crt,*.truststore,*.crl,*.key,certs/clients/*
${auth.server.undertow.skip.unpack}
@@ -1626,11 +1626,6 @@
org.jboss.arquillian.protocol
arquillian-protocol-servlet
-
- org.jboss.arquillian.extension
- arquillian-phantom-driver
- 1.2.1.Final
-
org.jboss.arquillian.graphene
arquillian-browser-screenshooter