KEYCLOAK-6750 Adapt Tomcat adapter tests to new structure
This commit is contained in:
parent
4cde8d8534
commit
8a750c7fca
243 changed files with 1077 additions and 10554 deletions
|
@ -32,7 +32,7 @@
|
|||
|
||||
<properties>
|
||||
<fuse7.version>7.0.1-SNAPSHOT</fuse7.version>
|
||||
<tomcat.version>8.0.14</tomcat.version>
|
||||
<tomcat.version>${tomcat8.version}</tomcat.version>
|
||||
<jetty9.version>9.4.2.v20170220</jetty9.version>
|
||||
</properties>
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
<name>Keycloak Tomcat 7 Integration</name>
|
||||
<properties>
|
||||
<!--<tomcat.version>8.0.14</tomcat.version>-->
|
||||
<tomcat.version>7.0.52</tomcat.version>
|
||||
<tomcat.version>${tomcat7.version}</tomcat.version>
|
||||
</properties>
|
||||
<description />
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
<maven.compiler.target>1.7</maven.compiler.target>
|
||||
<maven.compiler.source>1.7</maven.compiler.source>
|
||||
|
||||
<tomcat.version>8.0.14</tomcat.version>
|
||||
<tomcat.version>${tomcat8.version}</tomcat.version>
|
||||
</properties>
|
||||
<description />
|
||||
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
<name>Keycloak Tomcat 7 SAML Integration</name>
|
||||
<properties>
|
||||
<!--<tomcat.version>8.0.14</tomcat.version>-->
|
||||
<tomcat.version>7.0.52</tomcat.version>
|
||||
<tomcat.version>${tomcat7.version}</tomcat.version>
|
||||
</properties>
|
||||
<description />
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
<maven.compiler.target>1.7</maven.compiler.target>
|
||||
<maven.compiler.source>1.7</maven.compiler.source>
|
||||
|
||||
<tomcat.version>8.0.14</tomcat.version>
|
||||
<tomcat.version>${tomcat8.version}</tomcat.version>
|
||||
</properties>
|
||||
<description />
|
||||
|
||||
|
|
5
pom.xml
5
pom.xml
|
@ -150,6 +150,11 @@
|
|||
|
||||
<!-- Surefire Settings -->
|
||||
<surefire.memory.settings>-Xms512m -Xmx2048m -XX:MetaspaceSize=96m -XX:MaxMetaspaceSize=256m</surefire.memory.settings>
|
||||
|
||||
<!-- Tomcat versions -->
|
||||
<tomcat7.version>7.0.92</tomcat7.version>
|
||||
<tomcat8.version>8.5.38</tomcat8.version>
|
||||
<tomcat9.version>9.0.16</tomcat9.version>
|
||||
</properties>
|
||||
|
||||
<url>http://keycloak.org</url>
|
||||
|
|
|
@ -96,7 +96,7 @@ Each version has its corresponding profile:
|
|||
|
||||
Here's how to run the tests with Jetty `9.4`:
|
||||
|
||||
mvn -f testsuite/integration-arquillian/tests/base/pom.xml \
|
||||
mvn -f testsuite/integration-arquillian/pom.xml \
|
||||
-Papp-server-jetty94 \
|
||||
-Dtest=org.keycloak.testsuite.adapter.**.*Test
|
||||
|
||||
|
@ -108,6 +108,19 @@ Here's how to run the tests with Jetty `9.4`:
|
|||
-Papp-server-wildfly \
|
||||
-Dtest=org.keycloak.testsuite.adapter.**
|
||||
|
||||
### Tomcat
|
||||
|
||||
We run testsuite with Tomcat 7, 8 and 9. For specific versions see properties `${tomcat[7,8,9].version}` in parent [pom.xml](../../pom.xml).
|
||||
|
||||
To run tests on Tomcat:
|
||||
|
||||
````
|
||||
mvn -f testsuite/integration-arquillian/pom.xml \
|
||||
clean install \
|
||||
-Papp-server-tomcat[7,8,9] \
|
||||
-Dtest=org.keycloak.testsuite.adapter.**
|
||||
````
|
||||
|
||||
### Wildfly with legacy non-elytron adapter
|
||||
|
||||
mvn -f testsuite/integration-arquillian/pom.xml \
|
||||
|
|
|
@ -175,7 +175,6 @@ integration-arquillian
|
|||
│
|
||||
├──adapters (common settings for all adapter test modules - will be moved into base)
|
||||
│ ├──jboss
|
||||
│ ├──tomcat
|
||||
│ └──karaf
|
||||
│
|
||||
├──console
|
||||
|
|
|
@ -64,6 +64,9 @@
|
|||
<arquillian-jetty9-container.version>1.0.0.CR3</arquillian-jetty9-container.version>
|
||||
<arquillian-container-karaf.version>2.2.0.Final</arquillian-container-karaf.version>
|
||||
<arquillian-infinispan-container.version>1.2.0.Beta2</arquillian-infinispan-container.version>
|
||||
<arquillian-tomcat7-container-version>1.0.1.Final</arquillian-tomcat7-container-version>
|
||||
<arquillian-tomcat8-container-version>1.0.1.Final</arquillian-tomcat8-container-version>
|
||||
<arquillian-tomcat9-container-version>1.0.1.Final</arquillian-tomcat9-container-version>
|
||||
<undertow-embedded.version>1.0.0.Alpha2</undertow-embedded.version>
|
||||
<version.org.wildfly.extras.creaper>1.6.1</version.org.wildfly.extras.creaper>
|
||||
<testcontainers.version>1.5.1</testcontainers.version>
|
||||
|
|
|
@ -29,7 +29,7 @@ The artifacts are used by the Arquillian TestSuite.
|
|||
- Karaf 3
|
||||
- Fuse 6.1, 6.2
|
||||
- Tomcat
|
||||
- Tomcat 7, 8
|
||||
- Tomcat 7, 8, 9
|
||||
|
||||
|
||||
### Load Balancer
|
||||
|
|
|
@ -44,3 +44,4 @@ Submodules are enabled with profiles: `-Papp-server-MODULE`
|
|||
### Modules
|
||||
* __`tomcat7` Tomcat 7__
|
||||
* __`tomcat8` Tomcat 8__
|
||||
* __`tomcat9` Tomcat 9__
|
||||
|
|
Binary file not shown.
|
@ -26,7 +26,7 @@
|
|||
<xsl:template match="//*[local-name()='tomcat-users']">
|
||||
<xsl:copy>
|
||||
<xsl:apply-templates select="node()|@*"/>
|
||||
<user username="manager" password="arquillian" roles="manager-script"/>
|
||||
<user username="manager" password="arquillian" roles="manager-script,manager-gui"/>
|
||||
</xsl:copy>
|
||||
</xsl:template>
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat</artifactId>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat-common</artifactId>
|
||||
<name>App Server - Tomcat common classes</name>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-spi</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-util</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
|
@ -0,0 +1,12 @@
|
|||
package org.keycloak.testsuite.adapter.servlet;
|
||||
|
||||
import javax.ws.rs.ApplicationPath;
|
||||
import javax.ws.rs.core.Application;
|
||||
|
||||
/**
|
||||
* Basic auth app.
|
||||
*/
|
||||
@ApplicationPath("/")
|
||||
public class TomcatConfigApplication extends Application {
|
||||
|
||||
}
|
|
@ -0,0 +1,81 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
import org.jboss.arquillian.core.spi.Validate;
|
||||
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
|
||||
import org.keycloak.testsuite.arquillian.container.AppServerContainerProvider;
|
||||
import org.keycloak.testsuite.utils.arquillian.tomcat.TomcatAppServerConfigurationUtils;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
public abstract class AbstractTomcatAppServerProvider implements AppServerContainerProvider {
|
||||
|
||||
private final String catalinaHome;
|
||||
private final String bindHttpPort;
|
||||
private final String jmxPort;
|
||||
private final String startupTimeoutInSeconds;
|
||||
private final String USER = "manager";
|
||||
private final String PASS = "arquillian";
|
||||
|
||||
|
||||
public AbstractTomcatAppServerProvider() {
|
||||
catalinaHome = System.getProperty("app.server.home");
|
||||
bindHttpPort = determineHttpPort();
|
||||
jmxPort = System.getProperty("app.server.management.port");
|
||||
startupTimeoutInSeconds = System.getProperty("app.server.startup.timeout");
|
||||
|
||||
Validate.notNullOrEmpty(catalinaHome, "app.server.home is not set.");
|
||||
Validate.notNullOrEmpty(bindHttpPort, "app.server.http.port is not set.");
|
||||
Validate.notNullOrEmpty(jmxPort, "app.server.management.port is not set.");
|
||||
Validate.notNullOrEmpty(startupTimeoutInSeconds, "app.server.startup.timeout is not set.");
|
||||
}
|
||||
|
||||
protected abstract String getContainerClassName();
|
||||
|
||||
private String determineHttpPort() {
|
||||
String httpPort = System.getProperty("app.server.http.port");
|
||||
|
||||
String portOffset = System.getProperty("app.server.port.offset", "0");
|
||||
if (!portOffset.equals("0")) {
|
||||
httpPort = String.valueOf(Integer.valueOf(httpPort) + Integer.valueOf(portOffset));
|
||||
}
|
||||
|
||||
return httpPort;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Node> getContainers() {
|
||||
List<Node> containers = new ArrayList<>();
|
||||
|
||||
containers.add(standaloneContainer());
|
||||
|
||||
return containers;
|
||||
}
|
||||
|
||||
private Node standaloneContainer() {
|
||||
Node container = new Node("container");
|
||||
container.attribute("mode", "manual");
|
||||
container.attribute("qualifier", AppServerContainerProvider.APP_SERVER + "-" + getName());
|
||||
|
||||
return TomcatAppServerConfigurationUtils
|
||||
.getStandaloneConfiguration(container, getContainerClassName(), catalinaHome,
|
||||
bindHttpPort, jmxPort, USER, PASS, startupTimeoutInSeconds);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,78 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||
import org.jboss.arquillian.test.spi.TestClass;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.shrinkwrap.api.Archive;
|
||||
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||
import org.keycloak.testsuite.adapter.servlet.TomcatConfigApplication;
|
||||
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
|
||||
import org.keycloak.testsuite.utils.arquillian.tomcat.TomcatDeploymentArchiveProcessorUtils;
|
||||
|
||||
public class CommonTomcatDeploymentArchiveProcessor implements ApplicationArchiveProcessor {
|
||||
|
||||
private final Logger log = Logger.getLogger(CommonTomcatDeploymentArchiveProcessor.class);
|
||||
|
||||
@Override
|
||||
public void process(Archive<?> archive, TestClass testClass) {
|
||||
if (DeploymentArchiveProcessorUtils.checkRunOnServerDeployment(archive)) return;
|
||||
|
||||
modifyOIDCAdapterConfig(archive, DeploymentArchiveProcessorUtils.ADAPTER_CONFIG_PATH);
|
||||
|
||||
DeploymentArchiveProcessorUtils.SAML_CONFIGS.forEach(path -> modifySAMLAdapterConfig(archive, path));
|
||||
|
||||
TomcatDeploymentArchiveProcessorUtils.copyWarClasspathFilesToCommonTomcatClasspath(archive);
|
||||
|
||||
// KEYCLOAK-9606 - might be unnecessary, however for now we need to test what is in docs
|
||||
TomcatDeploymentArchiveProcessorUtils.replaceKEYCLOAKMethodWithBASIC(archive);
|
||||
|
||||
if (containsSAMLAdapterConfig(archive)) {
|
||||
TomcatDeploymentArchiveProcessorUtils.replaceOIDCValveWithSAMLValve(archive);
|
||||
}
|
||||
|
||||
if (TomcatDeploymentArchiveProcessorUtils.isJaxRSApp(archive)) {
|
||||
TomcatDeploymentArchiveProcessorUtils.removeServletConfigurationInWebXML(archive);
|
||||
|
||||
if (!TomcatDeploymentArchiveProcessorUtils.containsApplicationConfigClass(archive)) {
|
||||
((WebArchive) archive).addClass(TomcatConfigApplication.class);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private boolean containsSAMLAdapterConfig(Archive<?> archive) {
|
||||
return DeploymentArchiveProcessorUtils.SAML_CONFIGS
|
||||
.stream()
|
||||
.anyMatch(archive::contains);
|
||||
}
|
||||
|
||||
private void modifyOIDCAdapterConfig(Archive<?> archive, String adapterConfigPath) {
|
||||
if (!archive.contains(adapterConfigPath)) return;
|
||||
|
||||
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
|
||||
|
||||
DeploymentArchiveProcessorUtils.modifyOIDCAdapterConfig(archive, adapterConfigPath);
|
||||
}
|
||||
|
||||
private void modifySAMLAdapterConfig(Archive<?> archive, String adapterConfigPath) {
|
||||
if (!archive.contains(adapterConfigPath)) return;
|
||||
|
||||
log.debug("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
|
||||
DeploymentArchiveProcessorUtils.modifySAMLAdapterConfig(archive, adapterConfigPath);
|
||||
}
|
||||
}
|
|
@ -30,9 +30,20 @@
|
|||
<name>App Server - Tomcat</name>
|
||||
|
||||
<properties>
|
||||
<common.resources>${project.parent.basedir}/common</common.resources>
|
||||
<common.resources>${project.parent.basedir}/common/common-files</common.resources>
|
||||
<assembly.xml>${project.parent.basedir}/assembly.xml</assembly.xml>
|
||||
<app.server.tomcat.home>${containers.home}/${app.server.tomcat.unpacked.folder.name}</app.server.tomcat.home>
|
||||
<tomcat.resteasy.version>${resteasy.version}</tomcat.resteasy.version>
|
||||
<skip.dependencies.for.tomcat7>true</skip.dependencies.for.tomcat7>
|
||||
<skip.dependencies.for.tomcat8>true</skip.dependencies.for.tomcat8>
|
||||
|
||||
<tomcat.scannotation.version>1.0.3</tomcat.scannotation.version>
|
||||
<tomcat.javassist.version>3.18.2-GA</tomcat.javassist.version>
|
||||
<tomcat.javaee-api.version>7.0</tomcat.javaee-api.version>
|
||||
<tomcat.org.glassfish.web.el-impl.version>2.2</tomcat.org.glassfish.web.el-impl.version>
|
||||
<tomcat.reactive-streams.version>1.0.2</tomcat.reactive-streams.version>
|
||||
<tomcat.javax.json.bind-api.version>1.0</tomcat.javax.json.bind-api.version>
|
||||
<tomcat.validation-api.version>1.0.0.GA</tomcat.validation-api.version>
|
||||
</properties>
|
||||
|
||||
<profiles>
|
||||
|
@ -40,7 +51,7 @@
|
|||
<id>app-server-tomcat-submodules</id>
|
||||
<activation>
|
||||
<file>
|
||||
<exists>src</exists>
|
||||
<exists>src/tomcat-submodule</exists>
|
||||
</file>
|
||||
</activation>
|
||||
<build>
|
||||
|
@ -99,29 +110,98 @@
|
|||
</configuration>
|
||||
</execution>
|
||||
<execution>
|
||||
<id>libs-for-tomcat</id>
|
||||
<id>libs-for-tomcat-7</id>
|
||||
<phase>generate-test-resources</phase>
|
||||
<goals>
|
||||
<goal>copy</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<skip>${skip.dependencies.for.tomcat7}</skip>
|
||||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-client</artifactId>
|
||||
<artifactId>resteasy-jaxrs</artifactId>
|
||||
<version>${tomcat.resteasy.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.scannotation</groupId>
|
||||
<artifactId>scannotation</artifactId>
|
||||
<version>${tomcat.scannotation.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.javassist</groupId>
|
||||
<artifactId>javassist</artifactId>
|
||||
<version>${tomcat.javassist.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>javax</groupId>
|
||||
<artifactId>javaee-api</artifactId>
|
||||
<version>${tomcat.javaee-api.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<!-- JSP compilation failed without this -->
|
||||
<groupId>org.glassfish.web</groupId>
|
||||
<artifactId>el-impl</artifactId>
|
||||
<version>${tomcat.org.glassfish.web.el-impl.version}</version>
|
||||
</artifactItem>
|
||||
</artifactItems>
|
||||
<outputDirectory>${app.server.tomcat.home}/lib</outputDirectory>
|
||||
<overWriteIfNewer>true</overWriteIfNewer>
|
||||
</configuration>
|
||||
</execution>
|
||||
<execution>
|
||||
<id>libs-for-tomcat-8-and-9</id>
|
||||
<phase>generate-test-resources</phase>
|
||||
<goals>
|
||||
<goal>copy</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<skip>${skip.dependencies.for.tomcat8}</skip>
|
||||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>org.jboss.spec.javax.ws.rs</groupId>
|
||||
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
|
||||
<version>${jboss-jaxrs-api_2.1_spec}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-jaxrs</artifactId>
|
||||
<version>${tomcat.resteasy.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>commons-io</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
<version>1.4</version>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-servlet-initializer</artifactId>
|
||||
<version>${tomcat.resteasy.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpcore</artifactId>
|
||||
<version>${apache.httpcomponents.httpcore.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.reactivestreams</groupId>
|
||||
<artifactId>reactive-streams</artifactId>
|
||||
<version>${tomcat.reactive-streams.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
<version>${jackson.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>org.jboss.logging</groupId>
|
||||
<artifactId>jboss-logging</artifactId>
|
||||
<version>${jboss.logging.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>javax.json.bind</groupId>
|
||||
<artifactId>javax.json.bind-api</artifactId>
|
||||
<version>${tomcat.javax.json.bind-api.version}</version>
|
||||
</artifactItem>
|
||||
<artifactItem>
|
||||
<groupId>javax.validation</groupId>
|
||||
<artifactId>validation-api</artifactId>
|
||||
<version>${tomcat.validation-api.version}</version>
|
||||
</artifactItem>
|
||||
</artifactItems>
|
||||
<outputDirectory>${app.server.tomcat.home}/lib</outputDirectory>
|
||||
|
@ -155,50 +235,6 @@
|
|||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<artifactId>maven-antrun-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>parametrize-server-ports</id>
|
||||
<phase>process-test-resources</phase>
|
||||
<goals>
|
||||
<goal>run</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<tasks>
|
||||
<replace file="${app.server.tomcat.home}/conf/server.xml">
|
||||
<replacetoken>8005</replacetoken>
|
||||
<replacevalue>${tomcat.server.port}</replacevalue>
|
||||
</replace>
|
||||
<replace file="${app.server.tomcat.home}/conf/server.xml">
|
||||
<replacetoken>8080</replacetoken>
|
||||
<replacevalue>${tomcat.http.port}</replacevalue>
|
||||
</replace>
|
||||
<replace file="${app.server.tomcat.home}/conf/server.xml">
|
||||
<replacetoken>8443</replacetoken>
|
||||
<replacevalue>${tomcat.server.port}</replacevalue>
|
||||
</replace>
|
||||
<replace file="${app.server.tomcat.home}/conf/server.xml">
|
||||
<replacetoken>8009</replacetoken>
|
||||
<replacevalue>${tomcat.ajp.port}</replacevalue>
|
||||
</replace>
|
||||
|
||||
<propertyfile
|
||||
file="${app.server.tomcat.home}/conf/catalina.properties"
|
||||
comment="Parametrized Tomcat Ports in server.xml">
|
||||
<entry key="tomcat.server.port" value="8005"/>
|
||||
<entry key="tomcat.http.port" value="8080"/>
|
||||
<entry key="tomcat.https.port" value="8443"/>
|
||||
<entry key="tomcat.ajp.port" value="8009"/>
|
||||
</propertyfile>
|
||||
|
||||
</tasks>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<artifactId>maven-assembly-plugin</artifactId>
|
||||
<executions>
|
||||
|
@ -273,6 +309,34 @@
|
|||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-keycloak-truststore</id>
|
||||
<phase>generate-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${app.server.tomcat.home}/lib</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>${common.resources}</directory>
|
||||
<includes>
|
||||
<include>keycloak.truststore</include>
|
||||
</includes>
|
||||
<filtering>true</filtering>
|
||||
</resource>
|
||||
</resources>
|
||||
<nonFilteredFileExtensions>
|
||||
<nonFilteredFileExtension>truststore</nonFilteredFileExtension>
|
||||
</nonFilteredFileExtensions>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
|
@ -281,22 +345,23 @@
|
|||
<id>app-server-tomcat7</id>
|
||||
<modules>
|
||||
<module>tomcat7</module>
|
||||
<module>common</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat8</id>
|
||||
<modules>
|
||||
<module>tomcat8</module>
|
||||
<module>common</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat9</id>
|
||||
<modules>
|
||||
<module>tomcat9</module>
|
||||
<module>common</module>
|
||||
</modules>
|
||||
</profile>
|
||||
|
||||
</profiles>
|
||||
|
||||
|
||||
</project>
|
||||
|
|
|
@ -26,8 +26,7 @@
|
|||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat7</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>App Server - Tomcat - Tomcat 7</name>
|
||||
<name>App Server - Tomcat 7</name>
|
||||
|
||||
<properties>
|
||||
<app.server.tomcat>tomcat7</app.server.tomcat>
|
||||
|
@ -39,6 +38,22 @@
|
|||
|
||||
<app.server.oidc.adapter.artifactId>keycloak-tomcat7-adapter-dist</app.server.oidc.adapter.artifactId>
|
||||
<app.server.saml.adapter.artifactId>keycloak-saml-tomcat7-adapter-dist</app.server.saml.adapter.artifactId>
|
||||
|
||||
<!-- newer resteasy-jaxrs is not compatible with annotation-api which is provided by Tomcat7 -->
|
||||
<tomcat.resteasy.version>2.3.1.GA</tomcat.resteasy.version>
|
||||
<skip.dependencies.for.tomcat7>false</skip.dependencies.for.tomcat7>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat-common</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<artifactId>arquillian-tomcat-managed-7</artifactId>
|
||||
<version>${arquillian-tomcat7-container-version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
@ -14,17 +14,17 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.adapter.example;
|
||||
package org.keycloak.testsuite.arquillian.tomcat;
|
||||
|
||||
import org.keycloak.testsuite.adapter.example.authorization.AbstractPhotozExampleAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||
import org.jboss.arquillian.core.spi.LoadableExtension;
|
||||
import org.keycloak.testsuite.arquillian.tomcat.container.Tomcat7DeploymentArchiveProcessor;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat8")
|
||||
//@AdapterLibsLocationProperty("adapter.libs.wildfly")
|
||||
public class Tomcat8PhotozExampleAdapterTest extends AbstractPhotozExampleAdapterTest {
|
||||
public class Tomcat7AppServerArquillianExtension implements LoadableExtension {
|
||||
|
||||
@Override
|
||||
public void register(ExtensionBuilder builder) {
|
||||
builder.service(ApplicationArchiveProcessor.class, Tomcat7DeploymentArchiveProcessor.class);
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.jboss.arquillian.container.tomcat.managed.Tomcat7ManagedContainer;
|
||||
import org.jboss.arquillian.core.spi.Validate;
|
||||
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
|
||||
import org.keycloak.testsuite.arquillian.container.AppServerContainerProvider;
|
||||
import org.keycloak.testsuite.utils.arquillian.tomcat.TomcatAppServerConfigurationUtils;
|
||||
|
||||
public class Tomcat7AppServerProvider extends AbstractTomcatAppServerProvider {
|
||||
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "tomcat7";
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getContainerClassName() {
|
||||
return Tomcat7ManagedContainer.class.getName();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,113 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||
import org.jboss.arquillian.test.spi.TestClass;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.shrinkwrap.api.Archive;
|
||||
import org.jboss.shrinkwrap.api.asset.StringAsset;
|
||||
import org.keycloak.testsuite.utils.annotation.UseServletFilter;
|
||||
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
|
||||
import org.keycloak.testsuite.utils.arquillian.tomcat.TomcatDeploymentArchiveProcessorUtils;
|
||||
import org.keycloak.testsuite.utils.io.IOUtil;
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.Element;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import static org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils.WEBXML_PATH;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.documentToString;
|
||||
|
||||
public class Tomcat7DeploymentArchiveProcessor extends CommonTomcatDeploymentArchiveProcessor {
|
||||
|
||||
@Override
|
||||
public void process(Archive<?> archive, TestClass testClass) {
|
||||
super.process(archive, testClass);
|
||||
if (DeploymentArchiveProcessorUtils.checkRunOnServerDeployment(archive)) return;
|
||||
|
||||
Set<Class<?>> configClasses = TomcatDeploymentArchiveProcessorUtils.getApplicationConfigClasses(archive);
|
||||
|
||||
if (!configClasses.isEmpty()) {
|
||||
// Tomcat 7 doesn't work with resteasy-servlet-initializer therefore we need to configure Tomcat the old way
|
||||
// jax-rs docs: http://docs.jboss.org/resteasy/docs/3.6.1.Final/userguide/html_single/#d4e161
|
||||
Document webXmlDoc;
|
||||
try {
|
||||
webXmlDoc = IOUtil.loadXML(
|
||||
archive.get(WEBXML_PATH).getAsset().openStream());
|
||||
} catch (Exception ex) {
|
||||
throw new RuntimeException("Error when processing " + archive.getName(), ex);
|
||||
}
|
||||
|
||||
addContextParam(webXmlDoc);
|
||||
addServlet(webXmlDoc, configClasses.iterator().next().getName());
|
||||
addServletMapping(webXmlDoc);
|
||||
|
||||
archive.add(new StringAsset((documentToString(webXmlDoc))), DeploymentArchiveProcessorUtils.WEBXML_PATH);
|
||||
}
|
||||
}
|
||||
|
||||
private void addServletMapping(Document doc) {
|
||||
Element servletMapping = doc.createElement("servlet-mapping");
|
||||
Element servetName = doc.createElement("servlet-name");
|
||||
Element urlPattern = doc.createElement("url-pattern");
|
||||
|
||||
servetName.setTextContent("Resteasy");
|
||||
urlPattern.setTextContent("/*");
|
||||
|
||||
servletMapping.appendChild(servetName);
|
||||
servletMapping.appendChild(urlPattern);
|
||||
IOUtil.appendChildInDocument(doc, "web-app", servletMapping);
|
||||
}
|
||||
|
||||
private void addServlet(Document doc, String configClassName) {
|
||||
Element servlet = doc.createElement("servlet");
|
||||
Element servletName = doc.createElement("servlet-name");
|
||||
Element servletClass = doc.createElement("servlet-class");
|
||||
Element initParam = doc.createElement("init-param");
|
||||
Element paramName = doc.createElement("param-name");
|
||||
Element paramValue = doc.createElement("param-value");
|
||||
|
||||
servletName.setTextContent("Resteasy");
|
||||
servletClass.setTextContent("org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher");
|
||||
paramName.setTextContent("javax.ws.rs.Application");
|
||||
paramValue.setTextContent(configClassName);
|
||||
|
||||
servlet.appendChild(servletName);
|
||||
servlet.appendChild(servletClass);
|
||||
|
||||
initParam.appendChild(paramName);
|
||||
initParam.appendChild(paramValue);
|
||||
|
||||
servlet.appendChild(initParam);
|
||||
|
||||
IOUtil.appendChildInDocument(doc, "web-app", servlet);
|
||||
}
|
||||
|
||||
private void addContextParam(Document doc) {
|
||||
Element contextParam = doc.createElement("context-param");
|
||||
Element paramName = doc.createElement("param-name");
|
||||
Element paramValue = doc.createElement("param-value");
|
||||
|
||||
paramName.setTextContent("resteasy.scan.resources");
|
||||
paramValue.setTextContent("true");
|
||||
|
||||
contextParam.appendChild(paramName);
|
||||
contextParam.appendChild(paramValue);
|
||||
IOUtil.appendChildInDocument(doc, "web-app", contextParam);
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.Tomcat7AppServerArquillianExtension
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.container.Tomcat7AppServerProvider
|
|
@ -0,0 +1 @@
|
|||
|
|
@ -26,8 +26,7 @@
|
|||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat8</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>App Server - Tomcat - Tomcat 8</name>
|
||||
<name>App Server - Tomcat 8</name>
|
||||
|
||||
<properties>
|
||||
<app.server.tomcat>tomcat8</app.server.tomcat>
|
||||
|
@ -39,6 +38,20 @@
|
|||
|
||||
<app.server.oidc.adapter.artifactId>keycloak-tomcat8-adapter-dist</app.server.oidc.adapter.artifactId>
|
||||
<app.server.saml.adapter.artifactId>keycloak-saml-tomcat8-adapter-dist</app.server.saml.adapter.artifactId>
|
||||
<skip.dependencies.for.tomcat8>false</skip.dependencies.for.tomcat8>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat-common</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<artifactId>arquillian-tomcat-managed-8</artifactId>
|
||||
<version>${arquillian-tomcat8-container-version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.arquillian.tomcat;
|
||||
|
||||
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||
import org.jboss.arquillian.core.spi.LoadableExtension;
|
||||
import org.keycloak.testsuite.arquillian.tomcat.container.CommonTomcatDeploymentArchiveProcessor;
|
||||
|
||||
public class Tomcat8AppServerArquillianExtension implements LoadableExtension {
|
||||
|
||||
@Override
|
||||
public void register(ExtensionBuilder builder) {
|
||||
builder.service(ApplicationArchiveProcessor.class, CommonTomcatDeploymentArchiveProcessor.class);
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.jboss.arquillian.container.tomcat.managed.Tomcat8ManagedContainer;
|
||||
import org.jboss.arquillian.core.spi.Validate;
|
||||
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
|
||||
import org.keycloak.testsuite.arquillian.container.AppServerContainerProvider;
|
||||
import org.keycloak.testsuite.utils.arquillian.tomcat.TomcatAppServerConfigurationUtils;
|
||||
|
||||
public class Tomcat8AppServerProvider extends AbstractTomcatAppServerProvider {
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "tomcat8";
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getContainerClassName() {
|
||||
return Tomcat8ManagedContainer.class.getName();
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.Tomcat8AppServerArquillianExtension
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.container.Tomcat8AppServerProvider
|
|
@ -0,0 +1 @@
|
|||
|
|
@ -26,8 +26,7 @@
|
|||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat9</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<name>App Server - Tomcat - Tomcat 9</name>
|
||||
<name>App Server - Tomcat 9</name>
|
||||
|
||||
<properties>
|
||||
<app.server.tomcat>tomcat9</app.server.tomcat>
|
||||
|
@ -37,8 +36,24 @@
|
|||
<app.server.tomcat.version>${tomcat9.version}</app.server.tomcat.version>
|
||||
<app.server.tomcat.unpacked.folder.name>apache-tomcat-${tomcat9.version}</app.server.tomcat.unpacked.folder.name>
|
||||
|
||||
<!-- KEYCLOAK-9598 - There are no adapters for Tomcat 9 for now we use adapters for Tomcat 8 -->
|
||||
<app.server.oidc.adapter.artifactId>keycloak-tomcat8-adapter-dist</app.server.oidc.adapter.artifactId>
|
||||
<app.server.saml.adapter.artifactId>keycloak-saml-tomcat8-adapter-dist</app.server.saml.adapter.artifactId>
|
||||
<skip.dependencies.for.tomcat8>false</skip.dependencies.for.tomcat8>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat-common</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<!-- There is no arquillian container for Tomcat 9 yet, for now we use container for Tomcat 8 -->
|
||||
<artifactId>arquillian-tomcat-managed-8</artifactId>
|
||||
<version>${arquillian-tomcat9-container-version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
/*
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.arquillian.tomcat;
|
||||
|
||||
import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor;
|
||||
import org.jboss.arquillian.core.spi.LoadableExtension;
|
||||
import org.keycloak.testsuite.arquillian.tomcat.container.CommonTomcatDeploymentArchiveProcessor;
|
||||
|
||||
public class Tomcat9AppServerArquillianExtension implements LoadableExtension {
|
||||
|
||||
@Override
|
||||
public void register(ExtensionBuilder builder) {
|
||||
builder.service(ApplicationArchiveProcessor.class, CommonTomcatDeploymentArchiveProcessor.class);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* Copyright 2018 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
@ -14,17 +14,20 @@
|
|||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.adapter.example;
|
||||
|
||||
import org.keycloak.testsuite.adapter.example.authorization.DefaultAuthzConfigAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
package org.keycloak.testsuite.arquillian.tomcat.container;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat8")
|
||||
//@AdapterLibsLocationProperty("adapter.libs.wildfly")
|
||||
public class Tomcat8DefaultAuthzConfigAdapterTest extends DefaultAuthzConfigAdapterTest {
|
||||
import org.jboss.arquillian.container.tomcat.managed.Tomcat8ManagedContainer;
|
||||
|
||||
public class Tomcat9AppServerProvider extends AbstractTomcatAppServerProvider {
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "tomcat9";
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getContainerClassName() {
|
||||
return Tomcat8ManagedContainer.class.getName();
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.Tomcat9AppServerArquillianExtension
|
|
@ -0,0 +1 @@
|
|||
org.keycloak.testsuite.arquillian.tomcat.container.Tomcat9AppServerProvider
|
|
@ -0,0 +1 @@
|
|||
|
|
@ -36,9 +36,6 @@
|
|||
<eap6.version>7.5.21.Final-redhat-1</eap6.version>
|
||||
<eap71.version>7.1.5.GA-redhat-00002</eap71.version>
|
||||
<jboss.as.version>7.1.1.Final</jboss.as.version>
|
||||
<tomcat7.version>7.0.68</tomcat7.version>
|
||||
<tomcat8.version>8.0.32</tomcat8.version>
|
||||
<tomcat9.version>9.0.0.M3</tomcat9.version>
|
||||
<karaf3.version>3.0.3</karaf3.version>
|
||||
<fuse61.version>6.1.0.redhat-379</fuse61.version>
|
||||
<!--<fuse62.version>6.2.0.redhat-133</fuse62.version>-->
|
||||
|
|
|
@ -15,6 +15,6 @@
|
|||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-portal">
|
||||
<Context path="/hello-world-authz-service">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
|
@ -15,6 +15,6 @@
|
|||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-portal">
|
||||
<Context path="/servlet-authz-app">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
|
@ -15,6 +15,6 @@
|
|||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-portal">
|
||||
<Context path="/servlet-policy-enforcer">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
|
@ -25,7 +25,6 @@ import org.keycloak.adapters.spi.AuthenticationError;
|
|||
import org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.POST;
|
||||
|
@ -48,7 +47,7 @@ import java.util.List;
|
|||
* @version $Revision: 1 $
|
||||
*/
|
||||
@Path("/")
|
||||
public class SendUsernameServlet extends HttpServlet {
|
||||
public class SendUsernameServlet {
|
||||
|
||||
private static boolean checkRoles = false;
|
||||
private static SamlAuthenticationError authError;
|
||||
|
@ -60,7 +59,7 @@ public class SendUsernameServlet extends HttpServlet {
|
|||
|
||||
@GET
|
||||
@NoCache
|
||||
public Response doGet(@QueryParam("checkRoles") boolean checkRolesFlag) throws ServletException, IOException {
|
||||
public Response doGet(@QueryParam("checkRoles") boolean checkRolesFlag) throws IOException {
|
||||
System.out.println("In SendUsername Servlet doGet() check roles is " + (checkRolesFlag || checkRoles));
|
||||
if (httpServletRequest.getUserPrincipal() != null && (checkRolesFlag || checkRoles) && !checkRoles()) {
|
||||
return Response.status(Response.Status.FORBIDDEN).entity("Forbidden").build();
|
||||
|
@ -71,7 +70,7 @@ public class SendUsernameServlet extends HttpServlet {
|
|||
|
||||
@POST
|
||||
@NoCache
|
||||
public Response doPost(@QueryParam("checkRoles") boolean checkRolesFlag) throws ServletException, IOException {
|
||||
public Response doPost(@QueryParam("checkRoles") boolean checkRolesFlag) {
|
||||
System.out.println("In SendUsername Servlet doPost() check roles is " + (checkRolesFlag || checkRoles));
|
||||
|
||||
if (httpServletRequest.getUserPrincipal() != null && (checkRolesFlag || checkRoles) && !checkRoles()) {
|
||||
|
@ -94,14 +93,14 @@ public class SendUsernameServlet extends HttpServlet {
|
|||
|
||||
@GET
|
||||
@Path("{path}")
|
||||
public Response doGetElseWhere(@PathParam("path") String path, @QueryParam("checkRoles") boolean checkRolesFlag) throws ServletException, IOException {
|
||||
public Response doGetElseWhere(@PathParam("path") String path, @QueryParam("checkRoles") boolean checkRolesFlag) throws IOException {
|
||||
System.out.println("In SendUsername Servlet doGetElseWhere() - path: " + path);
|
||||
return doGet(checkRolesFlag);
|
||||
}
|
||||
|
||||
@POST
|
||||
@Path("{path}")
|
||||
public Response doPostElseWhere(@PathParam("path") String path, @QueryParam("checkRoles") boolean checkRolesFlag) throws ServletException, IOException {
|
||||
public Response doPostElseWhere(@PathParam("path") String path, @QueryParam("checkRoles") boolean checkRolesFlag) throws IOException {
|
||||
System.out.println("In SendUsername Servlet doPostElseWhere() - path: " + path);
|
||||
return doPost(checkRolesFlag);
|
||||
}
|
||||
|
|
|
@ -817,6 +817,105 @@
|
|||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat7</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>app.server</name>
|
||||
<value>tomcat7</value>
|
||||
</property>
|
||||
</activation>
|
||||
<properties>
|
||||
<app.server>tomcat7</app.server> <!--in case the profile is called directly-->
|
||||
<app.server.skip.unpack>false</app.server.skip.unpack>
|
||||
<app.server.artifactId>integration-arquillian-servers-app-server-tomcat7</app.server.artifactId><!-- Need to override -->
|
||||
<app.server.port.offset>0</app.server.port.offset>
|
||||
<app.server.http.port>8080</app.server.http.port>
|
||||
<app.server.management.port>9990</app.server.management.port>
|
||||
</properties>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat7</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.commonjava.maven.plugins</groupId>
|
||||
<artifactId>directory-maven-plugin</artifactId>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat8</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>app.server</name>
|
||||
<value>tomcat8</value>
|
||||
</property>
|
||||
</activation>
|
||||
<properties>
|
||||
<app.server>tomcat8</app.server> <!--in case the profile is called directly-->
|
||||
<app.server.skip.unpack>false</app.server.skip.unpack>
|
||||
<app.server.artifactId>integration-arquillian-servers-app-server-tomcat8</app.server.artifactId><!-- Need to override -->
|
||||
<app.server.port.offset>0</app.server.port.offset>
|
||||
<app.server.http.port>8080</app.server.http.port>
|
||||
<app.server.management.port>9990</app.server.management.port>
|
||||
</properties>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat8</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.commonjava.maven.plugins</groupId>
|
||||
<artifactId>directory-maven-plugin</artifactId>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat9</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>app.server</name>
|
||||
<value>tomcat9</value>
|
||||
</property>
|
||||
</activation>
|
||||
<properties>
|
||||
<app.server>tomcat9</app.server> <!--in case the profile is called directly-->
|
||||
<app.server.skip.unpack>false</app.server.skip.unpack>
|
||||
<app.server.artifactId>integration-arquillian-servers-app-server-tomcat9</app.server.artifactId><!-- Need to override -->
|
||||
<app.server.port.offset>0</app.server.port.offset>
|
||||
<app.server.http.port>8080</app.server.http.port>
|
||||
<app.server.management.port>9990</app.server.management.port>
|
||||
</properties>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-servers-app-server-tomcat9</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.commonjava.maven.plugins</groupId>
|
||||
<artifactId>directory-maven-plugin</artifactId>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>auth-servers-crossdc-undertow</id>
|
||||
<properties>
|
||||
|
|
|
@ -267,7 +267,7 @@ public class AppServerTestEnricher {
|
|||
}
|
||||
|
||||
public static boolean isTomcatAppServer() {
|
||||
return CURRENT_APP_SERVER.equals("tomcat");
|
||||
return CURRENT_APP_SERVER.startsWith("tomcat");
|
||||
}
|
||||
|
||||
public static boolean isEAP6AppServer() {
|
||||
|
|
|
@ -42,4 +42,8 @@ public interface ContainerConstants {
|
|||
public static final String APP_SERVER_JETTY93 = APP_SERVER_PREFIX + "jetty93";
|
||||
public static final String APP_SERVER_JETTY92 = APP_SERVER_PREFIX + "jetty92";
|
||||
|
||||
public static final String APP_SERVER_TOMCAT7 = APP_SERVER_PREFIX + "tomcat7";
|
||||
public static final String APP_SERVER_TOMCAT8 = APP_SERVER_PREFIX + "tomcat8";
|
||||
public static final String APP_SERVER_TOMCAT9 = APP_SERVER_PREFIX + "tomcat9";
|
||||
|
||||
}
|
||||
|
|
|
@ -89,7 +89,7 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
|
|||
log.info("Setting redirect-uris in test realm '" + tr.getRealm() + "' as " + (isRelative() ? "" : "non-") + "relative");
|
||||
|
||||
modifyClientRedirectUris(tr, "http://localhost:8080", "");
|
||||
modifyClientRedirectUris(tr, "^(/.*/\\*)",
|
||||
modifyClientRedirectUris(tr, "^(.*/\\*)",
|
||||
"http://localhost:" + System.getProperty("app.server.http.port", "8280") + "$1",
|
||||
"http://localhost:" + System.getProperty("auth.server.http.port", "8180") + "$1",
|
||||
"https://localhost:" + System.getProperty("app.server.https.port", "8643") + "$1",
|
||||
|
@ -102,6 +102,8 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
|
|||
"https://localhost:" + System.getProperty("auth.server.http.port", "8543"));
|
||||
|
||||
modifyClientUrls(tr, "http://localhost:8080", "");
|
||||
modifySamlMasterURLs(tr, "http://localhost:8080", "");
|
||||
modifySAMLClientsAttributes(tr, "http://localhost:8080", "");
|
||||
|
||||
if (isRelative()) {
|
||||
modifyClientUrls(tr, appServerContextRootPage.toString(), "");
|
||||
|
@ -109,8 +111,8 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
|
|||
modifySAMLClientsAttributes(tr, "8080", System.getProperty("auth.server.http.port", "8180"));
|
||||
} else {
|
||||
modifyClientUrls(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
|
||||
modifySamlMasterURLs(tr, "8080", AUTH_SERVER_PORT);
|
||||
modifySAMLClientsAttributes(tr, "http://localhost:8080", appServerContextRootPage.toString());
|
||||
modifySamlMasterURLs(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
|
||||
modifySAMLClientsAttributes(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
|
||||
modifyClientJWKSUrl(tr, "^(/.*)", appServerContextRootPage.toString() + "$1");
|
||||
}
|
||||
if (AUTH_SERVER_SSL_REQUIRED) {
|
||||
|
|
|
@ -20,7 +20,7 @@ package org.keycloak.testsuite.adapter;
|
|||
import org.apache.commons.io.IOUtils;
|
||||
import org.jboss.shrinkwrap.api.ShrinkWrap;
|
||||
import org.jboss.shrinkwrap.api.asset.StringAsset;
|
||||
import org.jboss.shrinkwrap.api.spec.JavaArchive;
|
||||
import org.jboss.shrinkwrap.api.importer.ZipImporter;
|
||||
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||
import org.junit.Assert;
|
||||
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
|
||||
|
@ -30,7 +30,6 @@ import java.io.IOException;
|
|||
import java.net.URL;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.function.Consumer;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -63,8 +62,9 @@ public abstract class AbstractExampleAdapterTest extends AbstractAdapterTest {
|
|||
}
|
||||
|
||||
protected static WebArchive exampleDeployment(String name, Consumer<WebArchive> additionalResources) {
|
||||
WebArchive webArchive = ShrinkWrap.createFromZipFile(WebArchive.class,
|
||||
new File(EXAMPLES_HOME + "/" + name + "-" + EXAMPLES_VERSION_SUFFIX + ".war"))
|
||||
WebArchive webArchive = ShrinkWrap.create(ZipImporter.class, name + ".war")
|
||||
.importFrom(new File(EXAMPLES_HOME + "/" + name + "-" + EXAMPLES_VERSION_SUFFIX + ".war"))
|
||||
.as(WebArchive.class)
|
||||
.addAsWebInfResource(jbossDeploymentStructure, JBOSS_DEPLOYMENT_STRUCTURE_XML);
|
||||
|
||||
additionalResources.accept(webArchive);
|
||||
|
@ -92,8 +92,9 @@ public abstract class AbstractExampleAdapterTest extends AbstractAdapterTest {
|
|||
URL webXML = Paths.get(EXAMPLES_WEB_XML).toUri().toURL();
|
||||
String webXmlContent = IOUtils.toString(webXML.openStream(), "UTF-8")
|
||||
.replace("%CONTEXT_PATH%", contextPath);
|
||||
WebArchive webArchive = ShrinkWrap.createFromZipFile(WebArchive.class,
|
||||
new File(EXAMPLES_HOME + "/" + name + "-" + EXAMPLES_VERSION_SUFFIX + ".war"))
|
||||
WebArchive webArchive = ShrinkWrap.create(ZipImporter.class, name + ".war")
|
||||
.importFrom(new File(EXAMPLES_HOME + "/" + name + "-" + EXAMPLES_VERSION_SUFFIX + ".war"))
|
||||
.as(WebArchive.class)
|
||||
.addAsWebInfResource(jbossDeploymentStructure, JBOSS_DEPLOYMENT_STRUCTURE_XML)
|
||||
.add(new StringAsset(webXmlContent), "/WEB-INF/web.xml");
|
||||
|
||||
|
|
|
@ -52,6 +52,9 @@ import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class DefaultAuthzConfigAdapterTest extends AbstractExampleAdapterTest {
|
||||
|
||||
private static final String REALM_NAME = "hello-world-authz";
|
||||
|
|
|
@ -16,17 +16,18 @@
|
|||
*/
|
||||
package org.keycloak.testsuite.adapter.example.authorization;
|
||||
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
||||
import org.jboss.arquillian.container.test.api.Deployment;
|
||||
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
||||
|
||||
import static org.assertj.core.api.Java6Assertions.assertThat;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
|
@ -36,6 +37,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class PermissiveModeAdapterTest extends AbstractBaseServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
@ -50,11 +54,11 @@ public class PermissiveModeAdapterTest extends AbstractBaseServletAuthzAdapterTe
|
|||
login("jdoe", "jdoe");
|
||||
driver.navigate().to(getResourceServerUrl() + "/enforcing/resource");
|
||||
|
||||
if (System.getProperty("app.server","").startsWith("eap6")) {
|
||||
assertTrue(driver.getPageSource().contains("HTTP Status 404"));
|
||||
if (AppServerTestEnricher.isEAP6AppServer() || AppServerTestEnricher.isTomcatAppServer()) {
|
||||
assertThat(driver.getPageSource()).contains("HTTP Status 404");
|
||||
} else {
|
||||
assertTrue(driver.getTitle().equals("Error"));
|
||||
assertTrue(driver.getPageSource().contains("Not Found"));
|
||||
assertThat(driver.getTitle()).isEqualTo("Error");
|
||||
assertThat(driver.getPageSource()).contains("Not Found");
|
||||
}
|
||||
|
||||
driver.navigate().to(getResourceServerUrl() + "/protected/admin");
|
||||
|
|
|
@ -34,6 +34,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletAuthzCIPAdapterTest extends AbstractServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
|
|
@ -36,6 +36,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletAuthzCacheDisabledAdapterTest extends AbstractServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
|
|
@ -35,6 +35,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletAuthzCacheLifespanAdapterTest extends AbstractServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
|
|
@ -34,6 +34,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletAuthzLazyLoadPathsAdapterTest extends AbstractServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
|
|
@ -32,6 +32,9 @@ import org.keycloak.testsuite.arquillian.containers.ContainerConstants;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletAuthzNoLazyLoadPathsAdapterTest extends AbstractServletAuthzAdapterTest {
|
||||
|
||||
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
|
||||
|
|
|
@ -58,6 +58,9 @@ import org.openqa.selenium.By;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_UNDERTOW)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
||||
|
||||
protected static final String REALM_NAME = "servlet-policy-enforcer-authz";
|
||||
|
|
|
@ -126,9 +126,6 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
|
|||
servlet.setClientId("client-linking");
|
||||
servlet.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
|
||||
String uri = "/client-linking";
|
||||
if (!isRelative()) {
|
||||
uri = appServerContextRootPage.toString() + uri;
|
||||
}
|
||||
servlet.setAdminUrl(uri);
|
||||
servlet.setDirectAccessGrantsEnabled(true);
|
||||
servlet.setBaseUrl(uri);
|
||||
|
|
|
@ -132,6 +132,9 @@ import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class DemoServletsAdapterTest extends AbstractServletsAdapterTest {
|
||||
|
||||
// Javascript browser needed KEYCLOAK-4703
|
||||
|
|
|
@ -172,6 +172,9 @@ import org.xml.sax.SAXException;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class SAMLServletAdapterTest extends AbstractServletsAdapterTest {
|
||||
@Page
|
||||
protected BadClientSalesPostSigServlet badClientSalesPostSigServletPage;
|
||||
|
|
|
@ -55,6 +55,9 @@ import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLo
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
public class SessionServletAdapterTest extends AbstractServletsAdapterTest {
|
||||
|
||||
@Page
|
||||
|
@ -208,3 +211,4 @@ public class SessionServletAdapterTest extends AbstractServletsAdapterTest {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -175,7 +175,7 @@
|
|||
"enabled": true,
|
||||
"baseUrl": "/",
|
||||
"redirectUris": [
|
||||
"http://localhost:8280/*"
|
||||
"http://localhost:8080/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
|
|
|
@ -100,7 +100,6 @@
|
|||
<modules>
|
||||
<module>jboss</module>
|
||||
<module>karaf</module>
|
||||
<module>tomcat</module>
|
||||
<module>was</module>
|
||||
<module>wls</module>
|
||||
</modules>
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
|
||||
xmlns:xalan="http://xml.apache.org/xalan"
|
||||
xmlns:a="http://jboss.org/schema/arquillian"
|
||||
version="2.0"
|
||||
exclude-result-prefixes="xalan a">
|
||||
|
||||
<xsl:output method="xml" version="1.0" encoding="UTF-8" indent="yes" xalan:indent-amount="4" standalone="no"/>
|
||||
<xsl:strip-space elements="*"/>
|
||||
|
||||
<xsl:template match="/a:arquillian">
|
||||
<xsl:copy>
|
||||
<xsl:apply-templates select="node()|@*"/>
|
||||
|
||||
<container qualifier="app-server-${{app.server}}" mode="manual" >
|
||||
<configuration>
|
||||
<property name="enabled">true</property>
|
||||
<property name="adapterImplClass">org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer</property>
|
||||
<property name="catalinaHome">${app.server.home}</property>
|
||||
<property name="catalinaBase">${app.server.home}</property>
|
||||
<property name="bindHttpPort">${app.server.http.port}</property>
|
||||
<property name="jmxPort">${app.server.management.port}</property>
|
||||
<property name="user">manager</property>
|
||||
<property name="pass">arquillian</property>
|
||||
<property name="javaVmArguments">${adapter.test.props}</property>
|
||||
</configuration>
|
||||
</container>
|
||||
|
||||
</xsl:copy>
|
||||
</xsl:template>
|
||||
|
||||
|
||||
<xsl:template match="@*|node()">
|
||||
<xsl:copy>
|
||||
<xsl:apply-templates select="@*|node()" />
|
||||
</xsl:copy>
|
||||
</xsl:template>
|
||||
|
||||
|
||||
</xsl:stylesheet>
|
|
@ -1,65 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-tests-adapters</artifactId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
|
||||
|
||||
<packaging>pom</packaging>
|
||||
|
||||
<name>Adapter Tests - Tomcat</name>
|
||||
|
||||
<properties>
|
||||
<common.resources>${project.parent.basedir}/common</common.resources>
|
||||
<!--TODO: implement "port offset" for tomcat-->
|
||||
<app.server.port.offset>0</app.server.port.offset>
|
||||
<app.server.http.port>8080</app.server.http.port>
|
||||
<app.server.management.port>9990</app.server.management.port>
|
||||
</properties>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>app-server-tomcat7</id>
|
||||
<modules>
|
||||
<module>tomcat7</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat8</id>
|
||||
<modules>
|
||||
<module>tomcat8</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>app-server-tomcat9</id>
|
||||
<modules>
|
||||
<module>tomcat9</module>
|
||||
</modules>
|
||||
</profile>
|
||||
</profiles>
|
||||
|
||||
</project>
|
|
@ -1,46 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat7</artifactId>
|
||||
|
||||
<name>Adapter Tests - Tomcat - Tomcat 7</name>
|
||||
|
||||
<properties>
|
||||
<app.server>tomcat7</app.server>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<artifactId>arquillian-tomcat-managed-7</artifactId>
|
||||
<version>1.0.0.CR7</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.DemoServletsAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat7")
|
||||
public class Tomcat7OIDCAdapterTest extends DemoServletsAdapterTest {
|
||||
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.SessionServletAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat7")
|
||||
public class Tomcat7OIDCSessionAdapterTest extends SessionServletAdapterTest {
|
||||
|
||||
}
|
|
@ -1,46 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat8</artifactId>
|
||||
|
||||
<name>Adapter Tests - Tomcat - Tomcat 8</name>
|
||||
|
||||
<properties>
|
||||
<app.server>tomcat8</app.server>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<artifactId>arquillian-tomcat-managed-7</artifactId>
|
||||
<version>1.0.0.CR7</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.DemoServletsAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat8")
|
||||
public class Tomcat8OIDCAdapterTest extends DemoServletsAdapterTest {
|
||||
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.SessionServletAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat8")
|
||||
public class Tomcat8OIDCSessionAdapterTest extends SessionServletAdapterTest {
|
||||
|
||||
}
|
|
@ -1,46 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat</artifactId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>integration-arquillian-tests-adapters-tomcat9</artifactId>
|
||||
|
||||
<name>Adapter Tests - Tomcat - Tomcat 9</name>
|
||||
|
||||
<properties>
|
||||
<app.server>tomcat9</app.server>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jboss.arquillian.container</groupId>
|
||||
<artifactId>arquillian-tomcat-managed-7</artifactId>
|
||||
<version>1.0.0.CR7</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.DemoServletsAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat9")
|
||||
public class Tomcat9OIDCAdapterTest extends DemoServletsAdapterTest {
|
||||
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
package org.keycloak.testsuite.adapter;
|
||||
|
||||
import org.keycloak.testsuite.adapter.servlet.SessionServletAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author tkyjovsk
|
||||
*/
|
||||
@AppServerContainer("app-server-tomcat9")
|
||||
public class Tomcat9OIDCSessionAdapterTest extends SessionServletAdapterTest {
|
||||
|
||||
}
|
|
@ -71,5 +71,21 @@
|
|||
<artifactId>jastow</artifactId>
|
||||
<version>2.1.0.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-lang3</artifactId>
|
||||
<version>3.5</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
<version>2.6</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.spec.javax.ws.rs</groupId>
|
||||
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
|
||||
<version>1.0.1.Final</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
|
@ -18,6 +18,8 @@ package org.keycloak.testsuite.utils.arquillian;
|
|||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import javax.xml.xpath.XPath;
|
||||
import javax.xml.xpath.XPathConstants;
|
||||
import javax.xml.xpath.XPathExpression;
|
||||
|
@ -59,6 +61,8 @@ public class DeploymentArchiveProcessorUtils {
|
|||
public static final String SAML_ADAPTER_CONFIG_PATH_TENANT1 = "/WEB-INF/classes/tenant1-keycloak-saml.xml";
|
||||
public static final String SAML_ADAPTER_CONFIG_PATH_TENANT2 = "/WEB-INF/classes/tenant2-keycloak-saml.xml";
|
||||
public static final String TRUSTSTORE_PASSWORD = "secret";
|
||||
public static final Collection<String> SAML_CONFIGS = Arrays.asList(SAML_ADAPTER_CONFIG_PATH,
|
||||
SAML_ADAPTER_CONFIG_PATH_TENANT1, SAML_ADAPTER_CONFIG_PATH_TENANT2);
|
||||
|
||||
/**
|
||||
* @return true iff archive's name equals run-on-server-classes.war
|
||||
|
|
|
@ -0,0 +1,49 @@
|
|||
package org.keycloak.testsuite.utils.arquillian.tomcat;
|
||||
|
||||
import org.jboss.shrinkwrap.descriptor.spi.node.Node;
|
||||
|
||||
public class TomcatAppServerConfigurationUtils {
|
||||
|
||||
private static void createChild(Node configuration, String name, String text) {
|
||||
configuration.createChild("property").attribute("name", name).text(text);
|
||||
}
|
||||
|
||||
/**
|
||||
* Original XSL transformation
|
||||
* <p>
|
||||
* <container qualifier="app-server-${{app.server}}" mode="manual" >
|
||||
* <configuration>
|
||||
* <property name="enabled">true</property>
|
||||
* <property name="adapterImplClass">org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer</property>
|
||||
* <property name="catalinaHome">${app.server.home}</property>
|
||||
* <property name="catalinaBase">${app.server.home}</property>
|
||||
* <property name="bindHttpPort">${app.server.http.port}</property>
|
||||
* <property name="jmxPort">${app.server.management.port}</property>
|
||||
* <property name="user">manager</property>
|
||||
* <property name="pass">arquillian</property>
|
||||
* <property name="javaVmArguments">${adapter.test.props}</property>
|
||||
* </configuration>
|
||||
* </container>
|
||||
*
|
||||
* @return arquillian configuration for tomcat container
|
||||
*/
|
||||
public static Node getStandaloneConfiguration(Node container, String adapterImplClass,
|
||||
String catalinaHome, String bindHttpPort, String jmxPort,
|
||||
String user, String pass, String startupTimeoutInSeconds) {
|
||||
Node configuration = container.createChild("configuration");
|
||||
createChild(configuration, "enabled", "true");
|
||||
createChild(configuration, "adapterImplClass", adapterImplClass);
|
||||
createChild(configuration, "catalinaHome", catalinaHome);
|
||||
createChild(configuration, "catalinaBase", catalinaHome);
|
||||
createChild(configuration, "bindHttpPort", bindHttpPort);
|
||||
createChild(configuration, "jmxPort", jmxPort);
|
||||
createChild(configuration, "user", user);
|
||||
createChild(configuration, "pass", pass);
|
||||
createChild(configuration, "javaVmArguments",
|
||||
System.getProperty("adapter.test.props", " ") + " " +
|
||||
System.getProperty("app.server.jboss.jvm.debug.args", " "));
|
||||
createChild(configuration,"startupTimeoutInSeconds", startupTimeoutInSeconds);
|
||||
|
||||
return container;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,138 @@
|
|||
package org.keycloak.testsuite.utils.arquillian.tomcat;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.shrinkwrap.api.Archive;
|
||||
import org.jboss.shrinkwrap.api.Node;
|
||||
import org.jboss.shrinkwrap.api.asset.ClassAsset;
|
||||
import org.jboss.shrinkwrap.api.asset.StringAsset;
|
||||
import org.jboss.shrinkwrap.api.spec.WebArchive;
|
||||
import org.keycloak.testsuite.utils.arquillian.DeploymentArchiveProcessorUtils;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import javax.ws.rs.ApplicationPath;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.documentToString;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.loadXML;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.modifyDocElementValue;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.removeElementFromDoc;
|
||||
|
||||
public class TomcatDeploymentArchiveProcessorUtils {
|
||||
|
||||
private static final String WAR_CLASSPATH = "/WEB-INF/classes/";
|
||||
private static final String CONTEXT_PATH = "/META-INF/context.xml";
|
||||
private static final String OIDC_VALVE_CLASS = "org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve";
|
||||
private static final String SAML_VALVE_CLASS = "org.keycloak.adapters.saml.tomcat.SamlAuthenticatorValve";
|
||||
private static final Logger LOG = Logger.getLogger(DeploymentArchiveProcessorUtils.class);
|
||||
|
||||
|
||||
/**
|
||||
* Tomcat doesn't load files (e. g. secure-portal keystore) from webarchive classpath
|
||||
* we need to copy it to common classpath /catalina_home/lib
|
||||
* @param archive
|
||||
*/
|
||||
public static void copyWarClasspathFilesToCommonTomcatClasspath(Archive<?> archive) {
|
||||
Stream<Node> contentOfArchiveClasspath = archive.getContent(archivePath ->
|
||||
archivePath.get().startsWith(WAR_CLASSPATH)).values().stream() // get all nodes in WAR classpath
|
||||
.filter(node -> StringUtils.countMatches(node.toString(), "/")
|
||||
== StringUtils.countMatches(WAR_CLASSPATH, "/") // get only files not directories
|
||||
&& node.toString().contains("."));
|
||||
|
||||
|
||||
String catalinaHome = System.getProperty("app.server.home");
|
||||
contentOfArchiveClasspath.forEach(
|
||||
(Node node) -> {
|
||||
Path p = Paths.get(node.toString());
|
||||
File outputFile = new File(catalinaHome + "/lib/" + p.getFileName().toString());
|
||||
if (!outputFile.exists()) {
|
||||
try {
|
||||
Files.copy(node.getAsset().openStream(), outputFile.toPath());
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException("Couldn't copy classpath files from deployed war to common classpath of tomcat", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
public static void replaceKEYCLOAKMethodWithBASIC(Archive<?> archive) {
|
||||
if (!archive.contains(DeploymentArchiveProcessorUtils.WEBXML_PATH)) return;
|
||||
|
||||
try {
|
||||
Document webXmlDoc = loadXML(archive.get(DeploymentArchiveProcessorUtils.WEBXML_PATH).getAsset().openStream());
|
||||
|
||||
LOG.debug("Setting BASIC as auth-method in WEB.XML for " + archive.getName());
|
||||
modifyDocElementValue(webXmlDoc, "auth-method", "KEYCLOAK-SAML", "BASIC");
|
||||
modifyDocElementValue(webXmlDoc, "auth-method", "KEYCLOAK", "BASIC");
|
||||
|
||||
archive.add(new StringAsset((documentToString(webXmlDoc))), DeploymentArchiveProcessorUtils.WEBXML_PATH);
|
||||
} catch (IllegalArgumentException ex) {
|
||||
throw new RuntimeException("Error when processing " + archive.getName(), ex);
|
||||
}
|
||||
}
|
||||
|
||||
public static void removeServletConfigurationInWebXML(Archive<?> archive) {
|
||||
if (!archive.contains(DeploymentArchiveProcessorUtils.WEBXML_PATH)) return;
|
||||
|
||||
try {
|
||||
Document webXmlDoc = loadXML(archive.get(DeploymentArchiveProcessorUtils.WEBXML_PATH).getAsset().openStream());
|
||||
|
||||
LOG.debug("Removing web.xml servlet configuration for " + archive.getName());
|
||||
removeElementFromDoc(webXmlDoc, "web-app/servlet");
|
||||
removeElementFromDoc(webXmlDoc, "web-app/servlet-mapping");
|
||||
|
||||
archive.add(new StringAsset((documentToString(webXmlDoc))), DeploymentArchiveProcessorUtils.WEBXML_PATH);
|
||||
} catch (IllegalArgumentException ex) {
|
||||
throw new RuntimeException("Error when processing " + archive.getName(), ex);
|
||||
}
|
||||
}
|
||||
|
||||
public static void replaceOIDCValveWithSAMLValve(Archive<?> archive) {
|
||||
try {
|
||||
String contextXmlContent = IOUtils.toString(archive.get(CONTEXT_PATH).getAsset().openStream(), "UTF-8")
|
||||
.replace(OIDC_VALVE_CLASS, SAML_VALVE_CLASS);
|
||||
archive.add(new StringAsset(contextXmlContent), CONTEXT_PATH);
|
||||
} catch (IOException ex) {
|
||||
throw new RuntimeException(ex);
|
||||
}
|
||||
}
|
||||
|
||||
public static boolean isJaxRSApp(Archive<?> archive) {
|
||||
WebArchive webArchive = (WebArchive) archive;
|
||||
Set<Class<?>> classes = webArchive.getContent(archivePath ->
|
||||
archivePath.get().startsWith("/WEB-INF/classes/") &&
|
||||
archivePath.get().endsWith(".class")
|
||||
).values().stream()
|
||||
.filter(node -> node.getAsset() instanceof ClassAsset)
|
||||
.map(node -> ((ClassAsset)node.getAsset()).getSource())
|
||||
.filter(clazz -> clazz.isAnnotationPresent(javax.ws.rs.Path.class))
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
return !classes.isEmpty();
|
||||
}
|
||||
|
||||
public static Set<Class<?>> getApplicationConfigClasses(Archive<?> archive) {
|
||||
WebArchive webArchive = (WebArchive) archive;
|
||||
return webArchive.getContent(archivePath ->
|
||||
archivePath.get().startsWith("/WEB-INF/classes/") &&
|
||||
archivePath.get().endsWith(".class")
|
||||
).values().stream()
|
||||
.filter(node -> node.getAsset() instanceof ClassAsset)
|
||||
.map(node -> ((ClassAsset)node.getAsset()).getSource())
|
||||
.filter(clazz -> clazz.isAnnotationPresent(ApplicationPath.class))
|
||||
.collect(Collectors.toSet());
|
||||
}
|
||||
|
||||
public static boolean containsApplicationConfigClass(Archive<?> archive) {
|
||||
return !getApplicationConfigClasses(archive).isEmpty();
|
||||
}
|
||||
}
|
|
@ -1,653 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.helper.adapter;
|
||||
|
||||
import org.keycloak.testsuite.pages.InputPage;
|
||||
import org.junit.Assert;
|
||||
import org.junit.rules.ExternalResource;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.adapters.OIDCAuthenticationError;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.common.util.Time;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.utils.SessionTimeoutHelper;
|
||||
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.managers.ResourceAdminManager;
|
||||
import org.keycloak.testsuite.KeycloakServer;
|
||||
import org.keycloak.testsuite.OAuthClient;
|
||||
import org.keycloak.testsuite.pages.AccountSessionsPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
import org.keycloak.testsuite.rule.ErrorServlet;
|
||||
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||
import org.keycloak.testsuite.rule.WebResource;
|
||||
import org.keycloak.testsuite.rule.WebRule;
|
||||
import org.keycloak.util.BasicAuthHelper;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import javax.ws.rs.client.Client;
|
||||
import javax.ws.rs.client.ClientBuilder;
|
||||
import javax.ws.rs.client.Entity;
|
||||
import javax.ws.rs.client.WebTarget;
|
||||
import javax.ws.rs.core.Form;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
|
||||
/**
|
||||
* Tests Jetty/Tomcat Adapter
|
||||
*
|
||||
* Methods from this class are used by testsuite/jetty/* and testsuite/tomcat* modules
|
||||
*
|
||||
* TODO: remove this when testsuite/jetty/* and testsuite/tomcat* modules will be migrated to arquillian testsuite
|
||||
*
|
||||
* @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
|
||||
* @author <a href="mailto:john.ament@spartasystems.com">John Ament</a>
|
||||
*/
|
||||
public class AdapterTestStrategy extends ExternalResource {
|
||||
|
||||
protected String AUTH_SERVER_URL = "http://localhost:8081/auth";
|
||||
protected String APP_SERVER_BASE_URL = "http://localhost:8081";
|
||||
protected AbstractKeycloakRule keycloakRule;
|
||||
// some servlet containers redirect to root + "/" if you visit root context
|
||||
protected String slash = "";
|
||||
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
@WebResource
|
||||
protected WebDriver driver;
|
||||
|
||||
@WebResource
|
||||
protected OAuthClient oauth;
|
||||
|
||||
@WebResource
|
||||
protected LoginPage loginPage;
|
||||
|
||||
@WebResource
|
||||
protected InputPage inputPage;
|
||||
|
||||
@WebResource
|
||||
protected AccountSessionsPage accountSessionsPage;
|
||||
|
||||
protected String LOGIN_URL = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(AUTH_SERVER_URL)).build("demo").toString();
|
||||
|
||||
public AdapterTestStrategy(String AUTH_SERVER_URL, String APP_SERVER_BASE_URL, AbstractKeycloakRule keycloakRule) {
|
||||
this.AUTH_SERVER_URL = AUTH_SERVER_URL;
|
||||
this.APP_SERVER_BASE_URL = APP_SERVER_BASE_URL;
|
||||
this.keycloakRule = keycloakRule;
|
||||
}
|
||||
|
||||
public AdapterTestStrategy(String AUTH_SERVER_URL, String APP_SERVER_BASE_URL, AbstractKeycloakRule keycloakRule, boolean addSlash) {
|
||||
this.AUTH_SERVER_URL = AUTH_SERVER_URL;
|
||||
this.APP_SERVER_BASE_URL = APP_SERVER_BASE_URL;
|
||||
this.keycloakRule = keycloakRule;
|
||||
// some servlet containers redirect to root + "/" if you visit root context
|
||||
if (addSlash) slash = "/";
|
||||
}
|
||||
|
||||
public static RealmModel baseAdapterTestInitialization(KeycloakSession session, RealmManager manager, RealmModel adminRealm, Class<?> clazz) {
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(clazz.getResourceAsStream("/adapter-test/demorealm.json"), RealmRepresentation.class);
|
||||
RealmModel demoRealm = manager.importRealm(representation);
|
||||
return demoRealm;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
super.before();
|
||||
webRule.before();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
super.after();
|
||||
webRule.after();
|
||||
|
||||
// Revert notBefore
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
RealmModel realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
UserModel user = session.users().getUserByUsername("bburke@redhat.com", realm);
|
||||
session.users().setNotBeforeForUser(realm, user, 0);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
}
|
||||
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/input-portal" + slash);
|
||||
inputPage.execute("hello");
|
||||
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/input-portal/secured/post");
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("parameter=hello"));
|
||||
// test that user principal and KeycloakSecurityContext available
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal/insecure");
|
||||
System.out.println("insecure: ");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("Insecure Page"));
|
||||
if (System.getProperty("insecure.user.principal.unsupported") == null)
|
||||
Assert.assertTrue(driver.getPageSource().contains("UserPrincipal"));
|
||||
|
||||
// test logout
|
||||
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
// test unsecured POST KEYCLOAK-901
|
||||
|
||||
Client client = ClientBuilder.newClient();
|
||||
Form form = new Form();
|
||||
form.param("parameter", "hello");
|
||||
String text = client.target(APP_SERVER_BASE_URL + "/input-portal/unsecured").request().post(Entity.form(form), String.class);
|
||||
Assert.assertTrue(text.contains("parameter=hello"));
|
||||
client.close();
|
||||
|
||||
}
|
||||
|
||||
|
||||
public void testLoginSSOAndLogout() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/product-portal" + slash);
|
||||
pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// View stats
|
||||
try (Keycloak adminClient = Keycloak.getInstance("http://localhost:8081/auth", "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID)) {
|
||||
List<Map<String, String>> stats = adminClient.realm("demo").getClientSessionStats();
|
||||
Map<String, String> customerPortalStats = null;
|
||||
Map<String, String> productPortalStats = null;
|
||||
for (Map<String, String> s : stats) {
|
||||
if (s.get("clientId").equals("customer-portal")) {
|
||||
customerPortalStats = s;
|
||||
} else if (s.get("clientId").equals("product-portal")) {
|
||||
productPortalStats = s;
|
||||
}
|
||||
}
|
||||
Assert.assertEquals(1, Integer.parseInt(customerPortalStats.get("active")));
|
||||
Assert.assertEquals(1, Integer.parseInt(productPortalStats.get("active")));
|
||||
}
|
||||
|
||||
// test logout
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/customer-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-3509
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public void testLoginEncodedRedirectUri() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal?encodeTest=a%3Cb");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/product-portal" + slash + "?encodeTest=a%3Cb");
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("iPhone"));
|
||||
Assert.assertTrue(pageSource.contains("uriEncodeTest=true"));
|
||||
|
||||
// test logout
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/product-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
}
|
||||
|
||||
|
||||
public void testServletRequestLogout() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/product-portal" + slash);
|
||||
pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("iPhone") && pageSource.contains("iPad"));
|
||||
|
||||
// back
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
// test logout
|
||||
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal/logout");
|
||||
Assert.assertTrue(driver.getPageSource().contains("servlet logout ok"));
|
||||
|
||||
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
String currentUrl = driver.getCurrentUrl();
|
||||
Assert.assertTrue(currentUrl.startsWith(LOGIN_URL));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
|
||||
}
|
||||
|
||||
public void testLoginSSOIdle() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
RealmModel realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
int originalIdle = realm.getSsoSessionIdleTimeout();
|
||||
realm.setSsoSessionIdleTimeout(1);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
// Needs to add some additional time due the tolerance allowed by IDLE_TIMEOUT_WINDOW_SECONDS
|
||||
Time.setOffset(2 + SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS);
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
session = keycloakRule.startSession();
|
||||
realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
realm.setSsoSessionIdleTimeout(originalIdle);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
Time.setOffset(0);
|
||||
}
|
||||
|
||||
public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
RealmModel realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
int originalIdle = realm.getSsoSessionIdleTimeout();
|
||||
realm.setSsoSessionIdleTimeout(1);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
// Needs to add some additional time due the tolerance allowed by IDLE_TIMEOUT_WINDOW_SECONDS
|
||||
Time.setOffset(2 + SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS);
|
||||
|
||||
session = keycloakRule.startSession();
|
||||
realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
session.sessions().removeExpired(realm);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
session = keycloakRule.startSession();
|
||||
realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
// need to cleanup so other tests don't fail, so invalidate http sessions on remote clients.
|
||||
UserModel user = session.users().getUserByUsername("bburke@redhat.com", realm);
|
||||
new ResourceAdminManager(session).logoutUser(null, realm, user, session);
|
||||
realm.setSsoSessionIdleTimeout(originalIdle);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
Time.setOffset(0);
|
||||
}
|
||||
|
||||
public void testLoginSSOMax() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/customer-portal");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/customer-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("Bill Burke") && pageSource.contains("Stian Thorgersen"));
|
||||
|
||||
KeycloakSession session = keycloakRule.startSession();
|
||||
RealmModel realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
int original = realm.getSsoSessionMaxLifespan();
|
||||
realm.setSsoSessionMaxLifespan(1);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
Time.setOffset(2);
|
||||
|
||||
|
||||
// test SSO
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/product-portal");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
session = keycloakRule.startSession();
|
||||
realm = session.realms().getRealmByName("demo");
|
||||
session.getContext().setRealm(realm);
|
||||
realm.setSsoSessionMaxLifespan(original);
|
||||
session.getTransactionManager().commit();
|
||||
session.close();
|
||||
|
||||
Time.setOffset(0);
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-518
|
||||
* @throws Exception
|
||||
*/
|
||||
public void testNullBearerToken() throws Exception {
|
||||
Client client = ClientBuilder.newClient();
|
||||
WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db/");
|
||||
Response response = target.request().get();
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
response.close();
|
||||
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
response.close();
|
||||
client.close();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-1368
|
||||
* @throws Exception
|
||||
*/
|
||||
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||
ErrorServlet.authError = null;
|
||||
Client client = ClientBuilder.newClient();
|
||||
WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db-error-page/");
|
||||
|
||||
Response response = target.request().get();
|
||||
|
||||
// TODO: follow redirects automatically if possible
|
||||
if (response.getStatus() == 302) {
|
||||
String location = response.getHeaderString(HttpHeaders.LOCATION);
|
||||
response.close();
|
||||
response = client.target(location).request().get();
|
||||
}
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
String errorPageResponse = response.readEntity(String.class);
|
||||
Assert.assertTrue(errorPageResponse.contains("Error Page"));
|
||||
response.close();
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
OIDCAuthenticationError error = (OIDCAuthenticationError) ErrorServlet.authError;
|
||||
Assert.assertEquals(OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, error.getReason());
|
||||
|
||||
ErrorServlet.authError = null;
|
||||
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
|
||||
// TODO: follow redirects automatically if possible
|
||||
if (response.getStatus() == 302) {
|
||||
String location = response.getHeaderString(HttpHeaders.LOCATION);
|
||||
response.close();
|
||||
response = client.target(location).request().get();
|
||||
}
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
errorPageResponse = response.readEntity(String.class);
|
||||
Assert.assertTrue(errorPageResponse.contains("Error Page"));
|
||||
response.close();
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
error = (OIDCAuthenticationError) ErrorServlet.authError;
|
||||
Assert.assertEquals(OIDCAuthenticationError.Reason.INVALID_TOKEN, error.getReason());
|
||||
|
||||
client.close();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-518
|
||||
* @throws Exception
|
||||
*/
|
||||
public void testBadUser() throws Exception {
|
||||
Client client = ClientBuilder.newClient();
|
||||
UriBuilder builder = UriBuilder.fromUri(AUTH_SERVER_URL);
|
||||
URI uri = OIDCLoginProtocolService.tokenUrl(builder).build("demo");
|
||||
WebTarget target = client.target(uri);
|
||||
String header = BasicAuthHelper.createHeader("customer-portal", "password");
|
||||
Form form = new Form();
|
||||
form.param(OAuth2Constants.GRANT_TYPE, OAuth2Constants.PASSWORD)
|
||||
.param("username", "monkey@redhat.com")
|
||||
.param("password", "password");
|
||||
Response response = target.request()
|
||||
.header(HttpHeaders.AUTHORIZATION, header)
|
||||
.post(Entity.form(form));
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
response.close();
|
||||
client.close();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-732
|
||||
*
|
||||
* @throws Throwable
|
||||
*/
|
||||
public void testSingleSessionInvalidated() throws Throwable {
|
||||
AdapterTestStrategy browser1 = this;
|
||||
AdapterTestStrategy browser2 = new AdapterTestStrategy(AUTH_SERVER_URL, APP_SERVER_BASE_URL, keycloakRule);
|
||||
|
||||
loginAndCheckSession(browser1.driver, browser1.loginPage);
|
||||
|
||||
// Open browser2
|
||||
browser2.webRule.before();
|
||||
try {
|
||||
loginAndCheckSession(browser2.driver, browser2.loginPage);
|
||||
|
||||
// Logout in browser1
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/session-portal").build("demo").toString();
|
||||
browser1.driver.navigate().to(logoutUri);
|
||||
Assert.assertTrue(browser1.driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
// Assert that I am logged out in browser1
|
||||
browser1.driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
Assert.assertTrue(browser1.driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
|
||||
// Assert that I am still logged in browser2 and same session is still preserved
|
||||
browser2.driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
Assert.assertEquals(browser2.driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/session-portal" + slash);
|
||||
String pageSource = browser2.driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("Counter=3"));
|
||||
|
||||
browser2.driver.navigate().to(logoutUri);
|
||||
Assert.assertTrue(browser2.driver.getCurrentUrl().startsWith(LOGIN_URL));
|
||||
} finally {
|
||||
browser2.webRule.after();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-741
|
||||
*/
|
||||
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
|
||||
final AtomicInteger origTokenLifespan = new AtomicInteger();
|
||||
|
||||
// Delete adminUrl and set short accessTokenLifespan
|
||||
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
|
||||
ClientModel sessionPortal = demoRealm.getClientByClientId("session-portal");
|
||||
sessionPortal.setManagementUrl(null);
|
||||
|
||||
origTokenLifespan.set(demoRealm.getAccessTokenLifespan());
|
||||
demoRealm.setAccessTokenLifespan(1);
|
||||
}
|
||||
}, "demo");
|
||||
|
||||
// Login
|
||||
loginAndCheckSession(driver, loginPage);
|
||||
|
||||
// Logout
|
||||
String logoutUri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(AUTH_SERVER_URL))
|
||||
.queryParam(OAuth2Constants.REDIRECT_URI, APP_SERVER_BASE_URL + "/session-portal").build("demo").toString();
|
||||
driver.navigate().to(logoutUri);
|
||||
|
||||
// Wait until accessToken is expired
|
||||
Time.setOffset(2);
|
||||
|
||||
// Assert that http session was invalidated
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
String currentUrl = driver.getCurrentUrl();
|
||||
Assert.assertTrue(currentUrl.startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/session-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("Counter=1"));
|
||||
|
||||
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel demoRealm) {
|
||||
ClientModel sessionPortal = demoRealm.getClientByClientId("session-portal");
|
||||
sessionPortal.setManagementUrl(APP_SERVER_BASE_URL + "/session-portal");
|
||||
|
||||
demoRealm.setAccessTokenLifespan(origTokenLifespan.get());
|
||||
}
|
||||
|
||||
}, "demo");
|
||||
|
||||
Time.setOffset(0);
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-942
|
||||
*/
|
||||
public void testAdminApplicationLogout() throws Throwable {
|
||||
// login as bburke
|
||||
loginAndCheckSession(driver, loginPage);
|
||||
|
||||
// logout mposolda with admin client
|
||||
try (Keycloak keycloakAdmin = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID)) {
|
||||
UserRepresentation mposolda = keycloakAdmin.realm("demo").users().search("mposolda", null, null, null, null, null).get(0);
|
||||
keycloakAdmin.realm("demo").users().get(mposolda.getId()).logout();
|
||||
|
||||
// bburke should be still logged with original httpSession in our browser window
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/session-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("Counter=3"));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-1216
|
||||
*/
|
||||
public void testAccountManagementSessionsLogout() throws Throwable {
|
||||
// login as bburke
|
||||
loginAndCheckSession(driver, loginPage);
|
||||
|
||||
// logout sessions in account management
|
||||
accountSessionsPage.realm("demo");
|
||||
accountSessionsPage.open();
|
||||
Assert.assertTrue(accountSessionsPage.isCurrent());
|
||||
accountSessionsPage.logoutAll();
|
||||
|
||||
// Assert I need to login again (logout was propagated to the app)
|
||||
loginAndCheckSession(driver, loginPage);
|
||||
}
|
||||
|
||||
protected void loginAndCheckSession(WebDriver driver, LoginPage loginPage) {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
String currentUrl = driver.getCurrentUrl();
|
||||
Assert.assertTrue(currentUrl.startsWith(LOGIN_URL));
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/session-portal" + slash);
|
||||
String pageSource = driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("Counter=1"));
|
||||
|
||||
// Counter increased now
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/session-portal");
|
||||
pageSource = driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("Counter=2"));
|
||||
|
||||
}
|
||||
}
|
|
@ -1,675 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.helper.adapter;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.junit.Assert;
|
||||
import org.junit.rules.ExternalResource;
|
||||
import org.keycloak.adapters.saml.SamlAuthenticationError;
|
||||
import org.keycloak.adapters.saml.SamlPrincipal;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.util.KeyUtils;
|
||||
import org.keycloak.common.util.Retry;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.ProtocolMapperModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.protocol.saml.mappers.*;
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.saml.BaseSAML2BindingBuilder;
|
||||
import org.keycloak.saml.SAML2ErrorResponseBuilder;
|
||||
import org.keycloak.saml.SignatureAlgorithm;
|
||||
import org.keycloak.saml.common.constants.GeneralConstants;
|
||||
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
|
||||
import org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.KeycloakServer;
|
||||
import org.keycloak.testsuite.PageUtils;
|
||||
import org.keycloak.testsuite.adapter.servlet.SamlSPFacade;
|
||||
import org.keycloak.testsuite.pages.InputPage;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
import org.keycloak.testsuite.rule.ErrorServlet;
|
||||
import org.keycloak.testsuite.rule.KeycloakRule;
|
||||
import org.keycloak.testsuite.rule.WebResource;
|
||||
import org.keycloak.testsuite.rule.WebRule;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import javax.ws.rs.client.Client;
|
||||
import javax.ws.rs.client.ClientBuilder;
|
||||
import javax.ws.rs.client.Entity;
|
||||
import javax.ws.rs.core.Form;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.util.*;
|
||||
import java.util.logging.Level;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertThat;
|
||||
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class SamlAdapterTestStrategy extends ExternalResource {
|
||||
protected String AUTH_SERVER_URL = "http://localhost:8081/auth";
|
||||
protected String APP_SERVER_BASE_URL = "http://localhost:8081";
|
||||
protected AbstractKeycloakRule keycloakRule;
|
||||
|
||||
private static final String REALM_PRIVATE_KEY_STR = "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=";
|
||||
private static PrivateKey REALM_PRIVATE_KEY;
|
||||
private static final String REALM_PUBLIC_KEY_STR = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB";
|
||||
private static PublicKey REALM_PUBLIC_KEY;
|
||||
|
||||
static {
|
||||
try {
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
byte[] encoded = Base64.getDecoder().decode(REALM_PUBLIC_KEY_STR);
|
||||
REALM_PUBLIC_KEY = (PublicKey) kf.generatePublic(new X509EncodedKeySpec(encoded));
|
||||
|
||||
encoded = Base64.getDecoder().decode(REALM_PRIVATE_KEY_STR);
|
||||
REALM_PRIVATE_KEY = (PrivateKey) kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
|
||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException ex) {
|
||||
Logger.getLogger(SamlAdapterTestStrategy.class.getName()).log(Level.SEVERE, null, ex);
|
||||
}
|
||||
}
|
||||
|
||||
public SamlAdapterTestStrategy(String AUTH_SERVER_URL, String APP_SERVER_BASE_URL, AbstractKeycloakRule keycloakRule) {
|
||||
this.AUTH_SERVER_URL = AUTH_SERVER_URL;
|
||||
this.APP_SERVER_BASE_URL = APP_SERVER_BASE_URL;
|
||||
this.keycloakRule = keycloakRule;
|
||||
}
|
||||
|
||||
public WebRule webRule = new WebRule(this);
|
||||
|
||||
|
||||
@WebResource
|
||||
protected WebDriver driver;
|
||||
@WebResource
|
||||
protected LoginPage loginPage;
|
||||
@WebResource
|
||||
protected InputPage inputPage;
|
||||
|
||||
@Override
|
||||
protected void before() throws Throwable {
|
||||
super.before();
|
||||
webRule.before();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void after() {
|
||||
super.after();
|
||||
webRule.after();
|
||||
}
|
||||
|
||||
public static RealmModel baseAdapterTestInitialization(KeycloakSession session, RealmManager manager, RealmModel adminRealm, Class<?> clazz) {
|
||||
RealmRepresentation representation = KeycloakServer.loadJson(clazz.getResourceAsStream("/keycloak-saml/testsaml.json"), RealmRepresentation.class);
|
||||
RealmModel demoRealm = manager.importRealm(representation);
|
||||
return demoRealm;
|
||||
}
|
||||
|
||||
|
||||
|
||||
protected void checkLoggedOut(String mainUrl, boolean postBinding) {
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println("*** logout pagesource ***");
|
||||
System.out.println(pageSource);
|
||||
System.out.println("driver url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(pageSource.contains("request-path: /logout.jsp"));
|
||||
driver.navigate().to(mainUrl);
|
||||
checkAtLoginPage(postBinding);
|
||||
}
|
||||
|
||||
protected void checkAtLoginPage(boolean postBinding) {
|
||||
if (postBinding) assertAtLoginPagePostBinding();
|
||||
else assertAtLoginPageRedirectBinding();
|
||||
}
|
||||
|
||||
protected void assertAtLoginPageRedirectBinding() {
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(AUTH_SERVER_URL + "/realms/demo/protocol/saml"));
|
||||
}
|
||||
protected void assertAtLoginPagePostBinding() {
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(AUTH_SERVER_URL + "/realms/demo/login-actions/authenticate"));
|
||||
}
|
||||
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
// test login to customer-portal which does a bearer request to customer-db
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal");
|
||||
System.err.println("*********** Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(APP_SERVER_BASE_URL + "/input-portal"));
|
||||
inputPage.execute("hello");
|
||||
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke@redhat.com", "password");
|
||||
System.out.println("Current url: " + driver.getCurrentUrl());
|
||||
Assert.assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/input-portal/secured/post");
|
||||
String pageSource = driver.getPageSource();
|
||||
System.out.println(pageSource);
|
||||
Assert.assertTrue(pageSource.contains("parameter=hello"));
|
||||
// test that user principal and KeycloakSecurityContext available
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal/insecure");
|
||||
System.out.println("insecure: ");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("Insecure Page"));
|
||||
if (System.getProperty("insecure.user.principal.unsupported") == null) Assert.assertTrue(driver.getPageSource().contains("UserPrincipal"));
|
||||
|
||||
// test logout
|
||||
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/input-portal?GLO=true");
|
||||
|
||||
// test unsecured POST KEYCLOAK-901
|
||||
|
||||
Client client = ClientBuilder.newClient();
|
||||
Form form = new Form();
|
||||
form.param("parameter", "hello");
|
||||
String text = client.target(APP_SERVER_BASE_URL + "/input-portal/unsecured").request().post(Entity.form(form), String.class);
|
||||
Assert.assertTrue(text.contains("parameter=hello"));
|
||||
client.close();
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
public void testErrorHandlingUnsigned() throws Exception {
|
||||
ErrorServlet.authError = null;
|
||||
Client client = ClientBuilder.newClient();
|
||||
// make sure
|
||||
Response response = client.target(APP_SERVER_BASE_URL + "/employee-sig/").request().get();
|
||||
response.close();
|
||||
SAML2ErrorResponseBuilder builder = new SAML2ErrorResponseBuilder()
|
||||
.destination(APP_SERVER_BASE_URL + "/employee-sig/saml")
|
||||
.issuer(AUTH_SERVER_URL + "/realms/demo")
|
||||
.status(JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get());
|
||||
BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder()
|
||||
.relayState(null);
|
||||
Document document = builder.buildDocument();
|
||||
URI uri = binding.redirectBinding(document).generateURI(APP_SERVER_BASE_URL + "/employee-sig/saml", false);
|
||||
response = client.target(uri).request().get();
|
||||
String errorPage = response.readEntity(String.class);
|
||||
response.close();
|
||||
Assert.assertTrue(errorPage.contains("Error Page"));
|
||||
client.close();
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
SamlAuthenticationError error = (SamlAuthenticationError)ErrorServlet.authError;
|
||||
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
|
||||
Assert.assertNotNull(error.getStatus());
|
||||
ErrorServlet.authError = null;
|
||||
|
||||
}
|
||||
|
||||
public void testErrorHandlingSigned() throws Exception {
|
||||
ErrorServlet.authError = null;
|
||||
Client client = ClientBuilder.newClient();
|
||||
// make sure
|
||||
Response response = client.target(APP_SERVER_BASE_URL + "/employee-sig/").request().get();
|
||||
response.close();
|
||||
SAML2ErrorResponseBuilder builder = new SAML2ErrorResponseBuilder()
|
||||
.destination(APP_SERVER_BASE_URL + "/employee-sig/saml")
|
||||
.issuer(AUTH_SERVER_URL + "/realms/demo")
|
||||
.status(JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get());
|
||||
BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder()
|
||||
.relayState(null)
|
||||
.signatureAlgorithm(SignatureAlgorithm.RSA_SHA256)
|
||||
.signWith(KeyUtils.createKeyId(REALM_PRIVATE_KEY), REALM_PRIVATE_KEY, REALM_PUBLIC_KEY)
|
||||
.signDocument();
|
||||
Document document = builder.buildDocument();
|
||||
URI uri = binding.generateRedirectUri(GeneralConstants.SAML_RESPONSE_KEY, APP_SERVER_BASE_URL + "/employee-sig/saml", document);
|
||||
response = client.target(uri).request().get();
|
||||
String errorPage = response.readEntity(String.class);
|
||||
response.close();
|
||||
Assert.assertTrue(errorPage.contains("Error Page"));
|
||||
client.close();
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
SamlAuthenticationError error = (SamlAuthenticationError)ErrorServlet.authError;
|
||||
Assert.assertEquals(SamlAuthenticationError.Reason.ERROR_STATUS, error.getReason());
|
||||
Assert.assertNotNull(error.getStatus());
|
||||
ErrorServlet.authError = null;
|
||||
|
||||
}
|
||||
|
||||
public void testPostSimpleLoginLogout() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post/");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post/", true);
|
||||
}
|
||||
|
||||
public void testPostPassiveLoginLogout(boolean forbiddenIfNotauthenticated) {
|
||||
// first request on passive app - no login page shown, user not logged in as we are in passive mode.
|
||||
// Shown page depends on used authentication mechanism, some may return forbidden error, some return requested page with anonymous user (not logged in)
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
|
||||
assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/saml", driver.getCurrentUrl());
|
||||
System.out.println(driver.getPageSource());
|
||||
if (forbiddenIfNotauthenticated) {
|
||||
Assert.assertTrue(driver.getPageSource().contains("HTTP status code: 403"));
|
||||
} else {
|
||||
Assert.assertTrue(driver.getPageSource().contains("principal=null"));
|
||||
}
|
||||
|
||||
// login user by asking login from other app
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post/");
|
||||
loginPage.login("bburke", "password");
|
||||
|
||||
// navigate to the passive app again, we have to be logged in now
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
|
||||
assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/", driver.getCurrentUrl());
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
|
||||
// logout from both app
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive?GLO=true");
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post?GLO=true");
|
||||
|
||||
// refresh passive app page, not logged in again as we are in passive mode
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-passive/");
|
||||
assertEquals(APP_SERVER_BASE_URL + "/sales-post-passive/saml", driver.getCurrentUrl());
|
||||
Assert.assertFalse(driver.getPageSource().contains("bburke"));
|
||||
}
|
||||
|
||||
public void testPostSimpleUnauthorized(CheckAuthError error) {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("unauthorized", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post/");
|
||||
System.out.println(driver.getPageSource());
|
||||
error.check(driver);
|
||||
}
|
||||
|
||||
public void testPostSimpleLoginLogoutIdpInitiated() {
|
||||
driver.navigate().to(AUTH_SERVER_URL + "/realms/demo/protocol/saml/clients/sales-post");
|
||||
loginPage.login("bburke", "password");
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(APP_SERVER_BASE_URL + "/sales-post"));
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post/", true);
|
||||
}
|
||||
|
||||
public void testPostSimpleLoginLogoutIdpInitiatedRedirectTo() {
|
||||
driver.navigate().to(AUTH_SERVER_URL + "/realms/demo/protocol/saml/clients/sales-post2");
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post2/foo");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post2?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post2/", true);
|
||||
}
|
||||
|
||||
public void testPostSignedLoginLogout() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig/", true);
|
||||
|
||||
}
|
||||
public void testPostSignedResponseAndAssertionLoginLogout() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-assertion-and-response-sig/", true);
|
||||
|
||||
}
|
||||
public void testPostSignedLoginLogoutTransientNameID() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-transient/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig-transient/");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertFalse(driver.getPageSource().contains("bburke"));
|
||||
Assert.assertTrue(driver.getPageSource().contains("principal=G-"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-transient?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig-transient/", true);
|
||||
|
||||
}
|
||||
public void testPostSignedLoginLogoutPersistentNameID() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-persistent/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig-persistent/");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertFalse(driver.getPageSource().contains("bburke"));
|
||||
Assert.assertTrue(driver.getPageSource().contains("principal=G-"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-persistent?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig-persistent/", true);
|
||||
|
||||
}
|
||||
public void testPostSignedLoginLogoutEmailNameID() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-email/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig-email/");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertTrue(driver.getPageSource().contains("principal=bburke@redhat.com"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig-email?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-sig-email/", true);
|
||||
|
||||
}
|
||||
|
||||
public void testRelayStateEncoding() throws Exception {
|
||||
// this test has a hardcoded SAMLRequest and we hack a SP face servlet to get the SAMLResponse so we can look
|
||||
// at the relay state
|
||||
SamlSPFacade.samlResponse = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee/");
|
||||
assertAtLoginPageRedirectBinding();
|
||||
System.out.println(driver.getCurrentUrl());
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee/");
|
||||
assertEquals(SamlSPFacade.sentRelayState, SamlSPFacade.RELAY_STATE);
|
||||
Assert.assertNotNull(SamlSPFacade.samlResponse);
|
||||
|
||||
}
|
||||
|
||||
public void testAttributes() throws Exception {
|
||||
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
ClientModel app = appRealm.getClientByClientId(APP_SERVER_BASE_URL + "/employee2/");
|
||||
app.addProtocolMapper(GroupMembershipMapper.create("groups", "group", null, null, true));
|
||||
app.addProtocolMapper(UserAttributeStatementMapper.createAttributeMapper("topAttribute", "topAttribute", "topAttribute", "Basic", null));
|
||||
app.addProtocolMapper(UserAttributeStatementMapper.createAttributeMapper("level2Attribute", "level2Attribute", "level2Attribute", "Basic", null));
|
||||
app.addProtocolMapper(ScriptBasedMapper.create("test-script-mapper1", "script-single-value", "Basic", null, "'hello_' + user.getUsername()", true));
|
||||
app.addProtocolMapper(ScriptBasedMapper.create("test-script-mapper2", "script-multiple-values-single-attribute-array", "Basic", null, "Java.to(['A', 'B', 'C'], Java.type('java.lang.String[]'))", true));
|
||||
app.addProtocolMapper(ScriptBasedMapper.create("test-script-mapper3", "script-multiple-values-single-attribute-list", "Basic", null, "new java.util.ArrayList(['D', 'E', 'F'])", true));
|
||||
app.addProtocolMapper(ScriptBasedMapper.create("test-script-mapper4", "script-multiple-values-multiple-attributes-set", "Basic", null, "new java.util.HashSet(['G', 'H', 'I'])", false));
|
||||
}
|
||||
}, "demo");
|
||||
{
|
||||
SendUsernameServlet.sentPrincipal = null;
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee2/");
|
||||
assertAtLoginPagePostBinding();
|
||||
List<String> requiredRoles = new LinkedList<>();
|
||||
requiredRoles.add("manager");
|
||||
requiredRoles.add("user");
|
||||
SendUsernameServlet.checkRoles = requiredRoles;
|
||||
loginPage.login("level2GroupUser", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee2/");
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
SamlPrincipal principal = (SamlPrincipal) SendUsernameServlet.sentPrincipal;
|
||||
Assert.assertNotNull(principal);
|
||||
assertEquals("level2@redhat.com", principal.getAttribute(X500SAMLProfileConstants.EMAIL.get()));
|
||||
assertEquals("true", principal.getAttribute("topAttribute"));
|
||||
assertEquals("true", principal.getAttribute("level2Attribute"));
|
||||
List<String> groups = principal.getAttributes("group");
|
||||
Assert.assertNotNull(groups);
|
||||
Set<String> groupSet = new HashSet<>();
|
||||
assertEquals("level2@redhat.com", principal.getFriendlyAttribute("email"));
|
||||
assertEquals("hello_level2groupuser", principal.getAttribute("script-single-value"));
|
||||
assertThat(principal.getAttributes("script-multiple-values-single-attribute-array"), containsInAnyOrder("A","B","C"));
|
||||
assertEquals(1, principal.getAssertion().getAttributeStatements().stream().
|
||||
flatMap(x -> x.getAttributes().stream()).
|
||||
filter(x -> x.getAttribute().getName().equals("script-multiple-values-single-attribute-array"))
|
||||
.count());
|
||||
assertThat(principal.getAttributes("script-multiple-values-single-attribute-list"), containsInAnyOrder("D","E","F"));
|
||||
assertEquals(1, principal.getAssertion().getAttributeStatements().stream().
|
||||
flatMap(x -> x.getAttributes().stream()).
|
||||
filter(x -> x.getAttribute().getName().equals("script-multiple-values-single-attribute-list"))
|
||||
.count());
|
||||
assertThat(principal.getAttributes("script-multiple-values-multiple-attributes-set"), containsInAnyOrder("G","H","I"));
|
||||
assertEquals(3, principal.getAssertion().getAttributeStatements().stream().
|
||||
flatMap(x -> x.getAttributes().stream()).
|
||||
filter(x -> x.getAttribute().getName().equals("script-multiple-values-multiple-attributes-set"))
|
||||
.count());
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee2/?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/employee2/", true);
|
||||
|
||||
}
|
||||
{
|
||||
SendUsernameServlet.sentPrincipal = null;
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee2/");
|
||||
assertAtLoginPagePostBinding();
|
||||
List<String> requiredRoles = new LinkedList<>();
|
||||
requiredRoles.add("manager");
|
||||
requiredRoles.add("employee");
|
||||
requiredRoles.add("user");
|
||||
SendUsernameServlet.checkRoles = requiredRoles;
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee2/");
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
SamlPrincipal principal = (SamlPrincipal) SendUsernameServlet.sentPrincipal;
|
||||
Assert.assertNotNull(principal);
|
||||
assertEquals("bburke@redhat.com", principal.getAttribute(X500SAMLProfileConstants.EMAIL.get()));
|
||||
assertEquals("bburke@redhat.com", principal.getFriendlyAttribute("email"));
|
||||
assertEquals("617", principal.getAttribute("phone"));
|
||||
Assert.assertNull(principal.getFriendlyAttribute("phone"));
|
||||
assertEquals("hello_bburke", principal.getAttribute("script-single-value"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee2/?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/employee2/", true);
|
||||
|
||||
}
|
||||
keycloakRule.update(new KeycloakRule.KeycloakSetup() {
|
||||
@Override
|
||||
public void config(RealmManager manager, RealmModel adminstrationRealm, RealmModel appRealm) {
|
||||
ClientModel app = appRealm.getClientByClientId(APP_SERVER_BASE_URL + "/employee2/");
|
||||
for (ProtocolMapperModel mapper : app.getProtocolMappers()) {
|
||||
if (mapper.getName().equals("role-list")) {
|
||||
app.removeProtocolMapper(mapper);
|
||||
mapper.setId(null);
|
||||
mapper.getConfig().put(RoleListMapper.SINGLE_ROLE_ATTRIBUTE, "true");
|
||||
mapper.getConfig().put(AttributeStatementHelper.SAML_ATTRIBUTE_NAME, "memberOf");
|
||||
app.addProtocolMapper(mapper);
|
||||
}
|
||||
}
|
||||
app.addProtocolMapper(HardcodedAttributeMapper.create("hardcoded-attribute", "hardcoded-attribute", "Basic", null, "hard"));
|
||||
app.addProtocolMapper(HardcodedRole.create("hardcoded-role", "hardcoded-role"));
|
||||
app.addProtocolMapper(RoleNameMapper.create("renamed-role", "manager", "el-jefe"));
|
||||
app.addProtocolMapper(RoleNameMapper.create("renamed-employee-role", APP_SERVER_BASE_URL + "/employee/.employee", "pee-on"));
|
||||
}
|
||||
}, "demo");
|
||||
|
||||
System.out.println(">>>>>>>>>> single role attribute <<<<<<<<");
|
||||
|
||||
{
|
||||
SendUsernameServlet.sentPrincipal = null;
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee2/");
|
||||
assertAtLoginPagePostBinding();
|
||||
List<String> requiredRoles = new LinkedList<>();
|
||||
requiredRoles.add("el-jefe");
|
||||
requiredRoles.add("user");
|
||||
requiredRoles.add("hardcoded-role");
|
||||
requiredRoles.add("pee-on");
|
||||
SendUsernameServlet.checkRoles = requiredRoles;
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee2/");
|
||||
SendUsernameServlet.checkRoles = null;
|
||||
SamlPrincipal principal = (SamlPrincipal) SendUsernameServlet.sentPrincipal;
|
||||
Assert.assertNotNull(principal);
|
||||
assertEquals("hard", principal.getAttribute("hardcoded-attribute"));
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public void testRedirectSignedLoginLogout() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig/");
|
||||
assertAtLoginPageRedirectBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig/", false);
|
||||
|
||||
}
|
||||
|
||||
public void testRedirectSignedLoginLogoutFrontNoSSO() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
|
||||
assertAtLoginPageRedirectBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig-front/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig-front/", false);
|
||||
|
||||
}
|
||||
|
||||
public void testRedirectSignedLoginLogoutFront() {
|
||||
// visit 1st app an logg in
|
||||
System.out.println("visit 1st app ");
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig/");
|
||||
assertAtLoginPageRedirectBinding();
|
||||
System.out.println("login to form");
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
|
||||
// visit 2nd app
|
||||
System.out.println("visit 2nd app ");
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/employee-sig-front/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
|
||||
// visit 3rd app
|
||||
System.out.println("visit 3rd app ");
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-post-sig/");
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
|
||||
// logout of first app
|
||||
System.out.println("GLO");
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/employee-sig/", false);
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/employee-sig-front/");
|
||||
String currentUrl = driver.getCurrentUrl();
|
||||
Assert.assertTrue(currentUrl.startsWith(AUTH_SERVER_URL + "/realms/demo/protocol/saml"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
|
||||
}
|
||||
|
||||
public void testPostEncryptedLoginLogout() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-enc/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
Retry.execute(new Runnable() {
|
||||
@Override
|
||||
public void run() {
|
||||
assertEquals(APP_SERVER_BASE_URL + "/sales-post-enc/", driver.getCurrentUrl());
|
||||
}
|
||||
}, 10, 100);
|
||||
Assert.assertTrue(driver.getPageSource().contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-post-enc?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-post-enc/", true);
|
||||
|
||||
}
|
||||
public void testPostBadClientSignature() {
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/bad-client-sales-post-sig/");
|
||||
System.out.println(driver.getCurrentUrl());
|
||||
Assert.assertTrue(driver.getCurrentUrl().startsWith(AUTH_SERVER_URL + "/realms/demo/protocol/saml"));
|
||||
assertEquals(PageUtils.getPageTitle(driver), "We're sorry...");
|
||||
|
||||
}
|
||||
public static interface CheckAuthError {
|
||||
void check(WebDriver driver);
|
||||
}
|
||||
|
||||
public void testPostBadRealmSignature() {
|
||||
ErrorServlet.authError = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/bad-realm-sales-post-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/bad-realm-sales-post-sig/saml");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
SamlAuthenticationError error = (SamlAuthenticationError)ErrorServlet.authError;
|
||||
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
|
||||
ErrorServlet.authError = null;
|
||||
}
|
||||
|
||||
public void testPostBadAssertionSignature() {
|
||||
ErrorServlet.authError = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/bad-assertion-sales-post-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/bad-assertion-sales-post-sig/saml");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
SamlAuthenticationError error = (SamlAuthenticationError)ErrorServlet.authError;
|
||||
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
|
||||
ErrorServlet.authError = null;
|
||||
}
|
||||
|
||||
public void testMissingAssertionSignature() {
|
||||
ErrorServlet.authError = null;
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/missing-assertion-sig/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/missing-assertion-sig/saml");
|
||||
System.out.println(driver.getPageSource());
|
||||
Assert.assertNotNull(ErrorServlet.authError);
|
||||
SamlAuthenticationError error = (SamlAuthenticationError)ErrorServlet.authError;
|
||||
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
|
||||
ErrorServlet.authError = null;
|
||||
}
|
||||
|
||||
public void testMetadataPostSignedLoginLogout() throws Exception {
|
||||
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-metadata/");
|
||||
assertAtLoginPagePostBinding();
|
||||
loginPage.login("bburke", "password");
|
||||
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/sales-metadata/");
|
||||
String pageSource = driver.getPageSource();
|
||||
Assert.assertTrue(pageSource.contains("bburke"));
|
||||
driver.navigate().to(APP_SERVER_BASE_URL + "/sales-metadata?GLO=true");
|
||||
checkLoggedOut(APP_SERVER_BASE_URL + "/sales-metadata/", true);
|
||||
|
||||
}
|
||||
|
||||
public static void uploadSP(String AUTH_SERVER_URL) {
|
||||
try {
|
||||
Keycloak keycloak = Keycloak.getInstance(AUTH_SERVER_URL, "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID, (String) null);
|
||||
RealmResource admin = keycloak.realm("demo");
|
||||
|
||||
admin.toRepresentation();
|
||||
|
||||
ClientRepresentation clientRep = admin.convertClientDescription(IOUtils.toString(SamlAdapterTestStrategy.class.getResourceAsStream("/keycloak-saml/sp-metadata.xml")));
|
||||
Response response = admin.clients().create(clientRep);
|
||||
|
||||
assertEquals(201, response.getStatus());
|
||||
|
||||
keycloak.close();
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,140 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.helper.adapter;
|
||||
|
||||
import io.undertow.security.idm.Account;
|
||||
import io.undertow.security.idm.Credential;
|
||||
import io.undertow.security.idm.IdentityManager;
|
||||
import io.undertow.server.handlers.resource.Resource;
|
||||
import io.undertow.server.handlers.resource.ResourceChangeListener;
|
||||
import io.undertow.server.handlers.resource.ResourceManager;
|
||||
import io.undertow.server.handlers.resource.URLResource;
|
||||
import io.undertow.servlet.api.DeploymentInfo;
|
||||
import io.undertow.servlet.api.FilterInfo;
|
||||
import io.undertow.servlet.api.ServletInfo;
|
||||
import org.keycloak.adapters.saml.servlet.SamlFilter;
|
||||
import org.keycloak.adapters.saml.undertow.SamlServletExtension;
|
||||
import org.keycloak.testsuite.helper.adapter.SendUsernameServlet;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
|
||||
import javax.servlet.DispatcherType;
|
||||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public abstract class SamlKeycloakRule extends AbstractKeycloakRule {
|
||||
|
||||
public static class TestResourceManager implements ResourceManager {
|
||||
|
||||
private final String basePath;
|
||||
|
||||
public TestResourceManager(String basePath){
|
||||
this.basePath = basePath;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Resource getResource(String path) throws IOException {
|
||||
String temp = path;
|
||||
String fullPath = basePath + temp;
|
||||
URL url = getClass().getResource(fullPath);
|
||||
if (url == null) {
|
||||
System.out.println("url is null: " + fullPath);
|
||||
}
|
||||
return new URLResource(url, url.openConnection(), path);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isResourceChangeListenerSupported() {
|
||||
throw new RuntimeException();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void registerResourceChangeListener(ResourceChangeListener listener) {
|
||||
throw new RuntimeException();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeResourceChangeListener(ResourceChangeListener listener) {
|
||||
throw new RuntimeException();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws IOException {
|
||||
throw new RuntimeException();
|
||||
}
|
||||
}
|
||||
|
||||
public static class TestIdentityManager implements IdentityManager {
|
||||
@Override
|
||||
public Account verify(Account account) {
|
||||
return account;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Account verify(String userName, Credential credential) {
|
||||
throw new RuntimeException("WTF");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Account verify(Credential credential) {
|
||||
throw new RuntimeException();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void setupKeycloak() {
|
||||
String realmJson = getRealmJson();
|
||||
server.importRealm(getClass().getResourceAsStream(realmJson));
|
||||
initWars();
|
||||
}
|
||||
|
||||
public abstract void initWars();
|
||||
|
||||
public void initializeSamlSecuredWar(String warResourcePath, String contextPath, String warDeploymentName, ClassLoader classLoader) {
|
||||
|
||||
ServletInfo regularServletInfo = new ServletInfo("servlet", SendUsernameServlet.class)
|
||||
.addMapping("/*");
|
||||
|
||||
FilterInfo samlFilter = new FilterInfo("saml-filter", SamlFilter.class);
|
||||
|
||||
|
||||
ResourceManager resourceManager = new TestResourceManager(warResourcePath);
|
||||
|
||||
DeploymentInfo deploymentInfo = new DeploymentInfo()
|
||||
.setClassLoader(classLoader)
|
||||
.setIdentityManager(new TestIdentityManager())
|
||||
.setContextPath(contextPath)
|
||||
.setDeploymentName(warDeploymentName)
|
||||
.setResourceManager(resourceManager)
|
||||
.addServlets(regularServletInfo)
|
||||
.addFilter(samlFilter)
|
||||
.addFilterUrlMapping("saml-filter", "/*", DispatcherType.REQUEST)
|
||||
.addServletExtension(new SamlServletExtension());
|
||||
addErrorPage("/error.html", deploymentInfo);
|
||||
server.getServer().deploy(deploymentInfo);
|
||||
}
|
||||
|
||||
public String getRealmJson() {
|
||||
return "/keycloak-saml/testsaml.json";
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -1,95 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.helper.adapter;
|
||||
|
||||
import org.junit.Assert;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
import java.security.Principal;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class SendUsernameServlet extends HttpServlet {
|
||||
|
||||
public static Principal sentPrincipal;
|
||||
public static List<String> checkRoles;
|
||||
|
||||
@Override
|
||||
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
|
||||
System.out.println("In SendUsername Servlet doGet()");
|
||||
if (checkRoles != null) {
|
||||
for (String role : checkRoles) {
|
||||
System.out.println("check role: " + role);
|
||||
//Assert.assertTrue(req.isUserInRole(role));
|
||||
if (!req.isUserInRole(role)) {
|
||||
resp.sendError(403);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
resp.setContentType("text/plain");
|
||||
OutputStream stream = resp.getOutputStream();
|
||||
Principal principal = req.getUserPrincipal();
|
||||
stream.write("request-path: ".getBytes());
|
||||
if (req.getPathInfo() != null) stream.write(req.getPathInfo().getBytes());
|
||||
stream.write("\n".getBytes());
|
||||
stream.write("principal=".getBytes());
|
||||
if (principal == null) {
|
||||
stream.write("null".getBytes());
|
||||
return;
|
||||
}
|
||||
String name = principal.getName();
|
||||
stream.write(name.getBytes());
|
||||
sentPrincipal = principal;
|
||||
|
||||
}
|
||||
@Override
|
||||
protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
|
||||
System.out.println("In SendUsername Servlet doPost()");
|
||||
if (checkRoles != null) {
|
||||
for (String role : checkRoles) {
|
||||
System.out.println("check role: " + role);
|
||||
Assert.assertTrue(req.isUserInRole(role));
|
||||
}
|
||||
|
||||
}
|
||||
resp.setContentType("text/plain");
|
||||
OutputStream stream = resp.getOutputStream();
|
||||
Principal principal = req.getUserPrincipal();
|
||||
stream.write("request-path: ".getBytes());
|
||||
stream.write(req.getPathInfo().getBytes());
|
||||
stream.write("\n".getBytes());
|
||||
stream.write("principal=".getBytes());
|
||||
if (principal == null) {
|
||||
stream.write("null".getBytes());
|
||||
return;
|
||||
}
|
||||
String name = principal.getName();
|
||||
stream.write(name.getBytes());
|
||||
sentPrincipal = principal;
|
||||
}
|
||||
}
|
|
@ -1,74 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.pages;
|
||||
|
||||
import org.keycloak.services.Urls;
|
||||
import org.keycloak.testsuite.Constants;
|
||||
import org.openqa.selenium.By;
|
||||
import org.openqa.selenium.WebElement;
|
||||
import org.openqa.selenium.support.FindBy;
|
||||
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class AccountSessionsPage extends AbstractAccountPage {
|
||||
|
||||
private String realmName = "test";
|
||||
|
||||
private String path = Urls.accountSessionsPage(UriBuilder.fromUri(Constants.AUTH_SERVER_ROOT).build(), "test").toString();
|
||||
|
||||
@FindBy(id = "logout-all-sessions")
|
||||
private WebElement logoutAllLink;
|
||||
|
||||
public boolean isCurrent() {
|
||||
return driver.getTitle().contains("Account Management") && driver.getCurrentUrl().endsWith("/account/sessions");
|
||||
}
|
||||
|
||||
public void realm(String realmName) {
|
||||
this.realmName = realmName;
|
||||
}
|
||||
|
||||
public String getPath() {
|
||||
return Urls.accountSessionsPage(UriBuilder.fromUri(Constants.AUTH_SERVER_ROOT).build(), realmName).toString();
|
||||
}
|
||||
|
||||
public void open() {
|
||||
driver.navigate().to(getPath());
|
||||
}
|
||||
|
||||
public void logoutAll() {
|
||||
logoutAllLink.click();
|
||||
}
|
||||
|
||||
public List<List<String>> getSessions() {
|
||||
List<List<String>> table = new LinkedList<List<String>>();
|
||||
for (WebElement r : driver.findElements(By.tagName("tr"))) {
|
||||
List<String> row = new LinkedList<String>();
|
||||
for (WebElement col : r.findElements(By.tagName("td"))) {
|
||||
row.add(col.getText());
|
||||
}
|
||||
table.add(row);
|
||||
}
|
||||
table.remove(0);
|
||||
return table;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,52 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.pages;
|
||||
|
||||
import org.keycloak.testsuite.pages.AbstractPage;
|
||||
import org.openqa.selenium.WebElement;
|
||||
import org.openqa.selenium.support.FindBy;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class InputPage extends AbstractPage {
|
||||
@FindBy(id = "parameter")
|
||||
private WebElement parameter;
|
||||
|
||||
@FindBy(name = "submit")
|
||||
private WebElement submit;
|
||||
|
||||
public void execute(String param) {
|
||||
parameter.clear();
|
||||
parameter.sendKeys(param);
|
||||
|
||||
submit.click();
|
||||
}
|
||||
|
||||
|
||||
public boolean isCurrent() {
|
||||
return driver.getTitle().equals("Input Page");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void open() {
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -44,34 +44,11 @@
|
|||
</build>
|
||||
<modules>
|
||||
<module>integration-deprecated</module>
|
||||
<module>tomcat8</module>
|
||||
<module>integration-arquillian</module>
|
||||
<module>utils</module>
|
||||
</modules>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>community</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>!product</name>
|
||||
</property>
|
||||
</activation>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-deploy-plugin</artifactId>
|
||||
<configuration>
|
||||
<skip>true</skip>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<modules>
|
||||
<module>tomcat7</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>performance</id>
|
||||
<modules>
|
||||
|
|
|
@ -1,398 +0,0 @@
|
|||
<?xml version="1.0"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<parent>
|
||||
<artifactId>keycloak-testsuite-pom</artifactId>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<version>5.0.0-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>keycloak-testsuite-tomcat7</artifactId>
|
||||
<name>Keycloak Tomcat 7 Integration TestSuite</name>
|
||||
<properties>
|
||||
<maven.compiler.target>1.7</maven.compiler.target>
|
||||
<maven.compiler.source>1.7</maven.compiler.source>
|
||||
|
||||
<!--<tomcat.version>8.0.14</tomcat.version>-->
|
||||
<tomcat.version>7.0.59</tomcat.version>
|
||||
</properties>
|
||||
<description />
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-catalina</artifactId>
|
||||
<version>7.0.59</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-util</artifactId>
|
||||
<version>7.0.59</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.tomcat.embed</groupId>
|
||||
<artifactId>tomcat-embed-core</artifactId>
|
||||
<version>7.0.59</version>
|
||||
</dependency>
|
||||
|
||||
<!-- Undertow's fork of Jasper JSP parser -->
|
||||
<dependency>
|
||||
<groupId>io.undertow.jastow</groupId>
|
||||
<artifactId>jastow</artifactId>
|
||||
<version>2.0.0.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.spec.javax.servlet.jsp</groupId>
|
||||
<artifactId>jboss-jsp-api_2.3_spec</artifactId>
|
||||
<version>1.0.1.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-dependencies-server-all</artifactId>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-admin-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>log4j</groupId>
|
||||
<artifactId>log4j</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.spec.javax.servlet</groupId>
|
||||
<artifactId>jboss-servlet-api_3.0_spec</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.spec.javax.ws.rs</groupId>
|
||||
<artifactId>jboss-jaxrs-api_2.1_spec</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-jaxrs</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-saml-tomcat7-adapter</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-servlet-api</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>tomcat-catalina</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.apache.tomcat</groupId>
|
||||
<artifactId>catalina</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-multipart-provider</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-jackson2-provider</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-undertow</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.zxing</groupId>
|
||||
<artifactId>javase</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-ldap-federation</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-kerberos-federation</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-undertow-adapter</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-tomcat7-adapter</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.logging</groupId>
|
||||
<artifactId>jboss-logging</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.undertow</groupId>
|
||||
<artifactId>undertow-servlet</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.undertow</groupId>
|
||||
<artifactId>undertow-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-annotations</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hamcrest</groupId>
|
||||
<artifactId>hamcrest-all</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.h2database</groupId>
|
||||
<artifactId>h2</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.icegreen</groupId>
|
||||
<artifactId>greenmail</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-api</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.infinispan</groupId>
|
||||
<artifactId>infinispan-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.seleniumhq.selenium</groupId>
|
||||
<artifactId>selenium-java</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>xml-apis</groupId>
|
||||
<artifactId>xml-apis</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.seleniumhq.selenium</groupId>
|
||||
<artifactId>selenium-chrome-driver</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-testsuite-integration-deprecated</artifactId>
|
||||
<type>test-jar</type>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-test-apps-servlets</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-jar-plugin</artifactId>
|
||||
<version>2.2</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>test-jar</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-deploy-plugin</artifactId>
|
||||
<configuration>
|
||||
<skip>true</skip>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.codehaus.mojo</groupId>
|
||||
<artifactId>exec-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<workingDirectory>${project.basedir}</workingDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>keycloak-server</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.codehaus.mojo</groupId>
|
||||
<artifactId>exec-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<mainClass>org.keycloak.testsuite.KeycloakServer</mainClass>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>mail-server</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.codehaus.mojo</groupId>
|
||||
<artifactId>exec-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<mainClass>org.keycloak.testsuite.MailServer</mainClass>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>totp</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.codehaus.mojo</groupId>
|
||||
<artifactId>exec-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<mainClass>org.keycloak.testsuite.TotpGenerator</mainClass>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
|
||||
<profile>
|
||||
<id>jpa</id>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<configuration>
|
||||
<systemPropertyVariables>
|
||||
<keycloak.realm.provider>jpa</keycloak.realm.provider>
|
||||
<keycloak.user.provider>jpa</keycloak.user.provider>
|
||||
<keycloak.eventStore.provider>jpa</keycloak.eventStore.provider>
|
||||
</systemPropertyVariables>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
|
||||
<!-- MySQL -->
|
||||
<profile>
|
||||
<activation>
|
||||
<property>
|
||||
<name>keycloak.connectionsJpa.driver</name>
|
||||
<value>com.mysql.jdbc.Driver</value>
|
||||
</property>
|
||||
</activation>
|
||||
<id>mysql</id>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>mysql</groupId>
|
||||
<artifactId>mysql-connector-java</artifactId>
|
||||
<version>${mysql.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</profile>
|
||||
|
||||
<!-- PostgreSQL -->
|
||||
<profile>
|
||||
<activation>
|
||||
<property>
|
||||
<name>keycloak.connectionsJpa.driver</name>
|
||||
<value>org.postgresql.Driver</value>
|
||||
</property>
|
||||
</activation>
|
||||
<id>postgresql</id>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.postgresql</groupId>
|
||||
<artifactId>postgresql</artifactId>
|
||||
<version>${postgresql.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</profile>
|
||||
|
||||
<profile>
|
||||
<id>clean-jpa</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.liquibase</groupId>
|
||||
<artifactId>liquibase-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<changeLogFile>META-INF/jpa-changelog-master.xml</changeLogFile>
|
||||
|
||||
<url>${keycloak.connectionsJpa.url}</url>
|
||||
<driver>${keycloak.connectionsJpa.driver}</driver>
|
||||
<username>${keycloak.connectionsJpa.user}</username>
|
||||
<password>${keycloak.connectionsJpa.password}</password>
|
||||
|
||||
<promptOnNonLocalDatabase>false</promptOnNonLocalDatabase>
|
||||
</configuration>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>clean-jpa</id>
|
||||
<phase>clean</phase>
|
||||
<goals>
|
||||
<goal>dropAll</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
</profiles>
|
||||
</project>
|
|
@ -1,205 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite;
|
||||
|
||||
import org.apache.catalina.startup.Tomcat;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.helper.adapter.AdapterTestStrategy;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
|
||||
import java.io.File;
|
||||
import java.net.URL;
|
||||
import java.util.regex.Matcher;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class Tomcat7Test {
|
||||
@ClassRule
|
||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
AdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
|
||||
}
|
||||
};
|
||||
|
||||
static Tomcat tomcat = null;
|
||||
|
||||
@BeforeClass
|
||||
public static void initTomcat() throws Exception {
|
||||
tomcat = new Tomcat();
|
||||
String baseDir = getBaseDirectory();
|
||||
tomcat.setBaseDir(baseDir);
|
||||
tomcat.setPort(8082);
|
||||
|
||||
System.setProperty("app.server.base.url", "http://localhost:8082");
|
||||
System.setProperty("my.host.name", "localhost");
|
||||
URL dir = Tomcat7Test.class.getResource("/adapter-test/demorealm.json");
|
||||
File base = new File(dir.getFile()).getParentFile();
|
||||
tomcat.addWebapp("/customer-portal", new File(base, "customer-portal").toString());
|
||||
tomcat.addWebapp("/customer-db", new File(base, "customer-db").toString());
|
||||
tomcat.addWebapp("/customer-db-error-page", new File(base, "customer-db-error-page").toString());
|
||||
tomcat.addWebapp("/product-portal", new File(base, "product-portal").toString());
|
||||
tomcat.addWebapp("/secure-portal", new File(base, "secure-portal").toString());
|
||||
tomcat.addWebapp("/session-portal", new File(base, "session-portal").toString());
|
||||
tomcat.addWebapp("/input-portal", new File(base, "input-portal").toString());
|
||||
|
||||
tomcat.start();
|
||||
//tomcat.getServer().await();
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void shutdownTomcat() throws Exception {
|
||||
tomcat.stop();
|
||||
tomcat.destroy();
|
||||
}
|
||||
|
||||
@Rule
|
||||
public AdapterTestStrategy testStrategy = new AdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule);
|
||||
|
||||
@Test
|
||||
public void testLoginSSOAndLogout() throws Exception {
|
||||
testStrategy.testLoginSSOAndLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLoginEncodedRedirectUri() throws Exception {
|
||||
testStrategy.testLoginEncodedRedirectUri();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
testStrategy.testSavedPostRequest();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testServletRequestLogout() throws Exception {
|
||||
testStrategy.testServletRequestLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLoginSSOIdle() throws Exception {
|
||||
testStrategy.testLoginSSOIdle();
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLoginSSOIdleRemoveExpiredUserSessions() throws Exception {
|
||||
testStrategy.testLoginSSOIdleRemoveExpiredUserSessions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLoginSSOMax() throws Exception {
|
||||
testStrategy.testLoginSSOMax();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-518
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testNullBearerToken() throws Exception {
|
||||
testStrategy.testNullBearerToken();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-1368
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testNullBearerTokenCustomErrorPage() throws Exception {
|
||||
testStrategy.testNullBearerTokenCustomErrorPage();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* KEYCLOAK-518
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testBadUser() throws Exception {
|
||||
testStrategy.testBadUser();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-732
|
||||
*
|
||||
* @throws Throwable
|
||||
*/
|
||||
@Test
|
||||
public void testSingleSessionInvalidated() throws Throwable {
|
||||
testStrategy.testSingleSessionInvalidated();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-741
|
||||
*/
|
||||
@Test
|
||||
public void testSessionInvalidatedAfterFailedRefresh() throws Throwable {
|
||||
testStrategy.testSessionInvalidatedAfterFailedRefresh();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-942
|
||||
*/
|
||||
@Test
|
||||
public void testAdminApplicationLogout() throws Throwable {
|
||||
testStrategy.testAdminApplicationLogout();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-1216
|
||||
*/
|
||||
@Test
|
||||
public void testAccountManagementSessionsLogout() throws Throwable {
|
||||
testStrategy.testAccountManagementSessionsLogout();
|
||||
}
|
||||
|
||||
|
||||
private static String getBaseDirectory() {
|
||||
String dirPath = null;
|
||||
String relativeDirPath = "testsuite" + File.separator + "tomcat7" + File.separator + "target";
|
||||
|
||||
if (System.getProperties().containsKey("maven.home")) {
|
||||
dirPath = System.getProperty("user.dir").replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
|
||||
} else {
|
||||
for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) {
|
||||
if (c.contains(File.separator + "testsuite" + File.separator + "tomcat7")) {
|
||||
dirPath = c.replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
String absolutePath = new File(dirPath).getAbsolutePath();
|
||||
return absolutePath;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
|
@ -1,207 +0,0 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite;
|
||||
|
||||
import org.apache.catalina.startup.Tomcat;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Assert;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.testsuite.helper.adapter.SamlAdapterTestStrategy;
|
||||
import org.keycloak.testsuite.rule.AbstractKeycloakRule;
|
||||
import org.openqa.selenium.WebDriver;
|
||||
|
||||
import java.io.File;
|
||||
import java.net.URL;
|
||||
import java.util.regex.Matcher;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class TomcatSamlTest {
|
||||
@Rule
|
||||
public SamlAdapterTestStrategy testStrategy = new SamlAdapterTestStrategy("http://localhost:8081/auth", "http://localhost:8082", keycloakRule);
|
||||
@ClassRule
|
||||
public static AbstractKeycloakRule keycloakRule = new AbstractKeycloakRule() {
|
||||
@Override
|
||||
protected void configure(KeycloakSession session, RealmManager manager, RealmModel adminRealm) {
|
||||
SamlAdapterTestStrategy.baseAdapterTestInitialization(session, manager, adminRealm, getClass());
|
||||
}
|
||||
};
|
||||
|
||||
static Tomcat tomcat = null;
|
||||
|
||||
@BeforeClass
|
||||
public static void initTomcat() throws Exception {
|
||||
tomcat = new Tomcat();
|
||||
String baseDir = getBaseDirectory();
|
||||
tomcat.setBaseDir(baseDir);
|
||||
tomcat.setPort(8082);
|
||||
|
||||
System.setProperty("app.server.base.url", "http://localhost:8082");
|
||||
System.setProperty("my.host.name", "localhost");
|
||||
URL dir = TomcatSamlTest.class.getResource("/keycloak-saml/testsaml.json");
|
||||
File base = new File(dir.getFile()).getParentFile();
|
||||
tomcat.addWebapp("/sales-post", new File(base, "simple-post").toString());
|
||||
tomcat.addWebapp("/sales-post-sig", new File(base, "signed-post").toString());
|
||||
tomcat.addWebapp("/sales-post-sig-email", new File(base, "signed-post-email").toString());
|
||||
tomcat.addWebapp("/sales-post-sig-transient", new File(base, "signed-post-transient").toString());
|
||||
tomcat.addWebapp("/sales-post-sig-persistent", new File(base, "signed-post-persistent").toString());
|
||||
tomcat.addWebapp("/sales-metadata", new File(base, "signed-metadata").toString());
|
||||
tomcat.addWebapp("/employee-sig", new File(base, "signed-get").toString());
|
||||
tomcat.addWebapp("/employee2", new File(base, "mappers").toString());
|
||||
tomcat.addWebapp("/employee-sig-front", new File(base, "signed-front-get").toString());
|
||||
tomcat.addWebapp("/bad-client-sales-post-sig", new File(base, "bad-client-signed-post").toString());
|
||||
tomcat.addWebapp("/bad-realm-sales-post-sig", new File(base, "bad-realm-signed-post").toString());
|
||||
tomcat.addWebapp("/sales-post-enc", new File(base, "encrypted-post").toString());
|
||||
tomcat.addWebapp("/sales-post2", new File(base, "simple-post2").toString());
|
||||
tomcat.addWebapp("/input-portal", new File(base, "simple-input").toString());
|
||||
SamlAdapterTestStrategy.uploadSP("http://localhost:8081/auth");
|
||||
|
||||
|
||||
tomcat.start();
|
||||
//tomcat.getServer().await();
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void shutdownTomcat() throws Exception {
|
||||
tomcat.stop();
|
||||
tomcat.destroy();
|
||||
}
|
||||
@Test
|
||||
public void testSavedPostRequest() throws Exception {
|
||||
testStrategy.testSavedPostRequest();
|
||||
}
|
||||
@Test
|
||||
public void testPostSimpleLoginLogoutIdpInitiatedRedirectTo() {
|
||||
testStrategy.testPostSimpleLoginLogoutIdpInitiatedRedirectTo();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testErrorHandlingSigned() throws Exception {
|
||||
testStrategy.testErrorHandlingSigned();
|
||||
}
|
||||
@Test
|
||||
public void testErrorHandlingUnsigned() throws Exception {
|
||||
testStrategy.testErrorHandlingUnsigned();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSimpleLoginLogout() {
|
||||
testStrategy.testPostSimpleLoginLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSimpleLoginLogoutIdpInitiated() {
|
||||
testStrategy.testPostSimpleLoginLogoutIdpInitiated();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSignedLoginLogout() {
|
||||
testStrategy.testPostSignedLoginLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSignedLoginLogoutTransientNameID() {
|
||||
testStrategy.testPostSignedLoginLogoutTransientNameID();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSignedLoginLogoutPersistentNameID() {
|
||||
testStrategy.testPostSignedLoginLogoutPersistentNameID();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSignedLoginLogoutEmailNameID() {
|
||||
testStrategy.testPostSignedLoginLogoutEmailNameID();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAttributes() throws Exception {
|
||||
testStrategy.testAttributes();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRedirectSignedLoginLogout() {
|
||||
testStrategy.testRedirectSignedLoginLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRedirectSignedLoginLogoutFrontNoSSO() {
|
||||
testStrategy.testRedirectSignedLoginLogoutFrontNoSSO();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRedirectSignedLoginLogoutFront() {
|
||||
testStrategy.testRedirectSignedLoginLogoutFront();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostEncryptedLoginLogout() {
|
||||
testStrategy.testPostEncryptedLoginLogout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostBadClientSignature() {
|
||||
testStrategy.testPostBadClientSignature();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostBadRealmSignature() {
|
||||
testStrategy.testPostBadRealmSignature();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostSimpleUnauthorized() {
|
||||
testStrategy.testPostSimpleUnauthorized( new SamlAdapterTestStrategy.CheckAuthError() {
|
||||
@Override
|
||||
public void check(WebDriver driver) {
|
||||
Assert.assertTrue(driver.getPageSource().contains("forbidden"));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testMetadataPostSignedLoginLogout() throws Exception {
|
||||
testStrategy.testMetadataPostSignedLoginLogout();
|
||||
}
|
||||
|
||||
private static String getBaseDirectory() {
|
||||
String dirPath = null;
|
||||
String relativeDirPath = "testsuite" + File.separator + "tomcat7" + File.separator + "target";
|
||||
|
||||
if (System.getProperties().containsKey("maven.home")) {
|
||||
dirPath = System.getProperty("user.dir").replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
|
||||
} else {
|
||||
for (String c : System.getProperty("java.class.path").split(File.pathSeparator)) {
|
||||
if (c.contains(File.separator + "testsuite" + File.separator + "tomcat7")) {
|
||||
dirPath = c.replaceFirst("testsuite.tomcat7.*", Matcher.quoteReplacement(relativeDirPath));
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
String absolutePath = new File(dirPath).getAbsolutePath();
|
||||
return absolutePath;
|
||||
}
|
||||
}
|
|
@ -1,20 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-db-error-page">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
|
@ -1,10 +0,0 @@
|
|||
{
|
||||
"realm" : "demo",
|
||||
"resource" : "customer-db",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-server-url": "http://localhost:8081/auth",
|
||||
"ssl-required" : "external",
|
||||
"bearer-only" : true,
|
||||
"enable-cors" : true
|
||||
|
||||
}
|
|
@ -1,96 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>adapter-test</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet>
|
||||
<servlet-name>Error Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Error Servlet</servlet-name>
|
||||
<url-pattern>/error.html</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<error-page>
|
||||
<error-code>400</error-code>
|
||||
<location>/error.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>401</error-code>
|
||||
<location>/error.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>403</error-code>
|
||||
<location>/error.html</location>
|
||||
</error-page>
|
||||
|
||||
<error-page>
|
||||
<error-code>500</error-code>
|
||||
<location>/error.html</location>
|
||||
</error-page>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Users</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>user</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Errors</web-resource-name>
|
||||
<url-pattern>/error.html</url-pattern>
|
||||
</web-resource-collection>
|
||||
</security-constraint>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>demo</realm-name>
|
||||
<form-login-config>
|
||||
<form-login-page>/error.html</form-login-page>
|
||||
<form-error-page>/error.html</form-error-page>
|
||||
</form-login-config>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>admin</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
|
@ -1,10 +0,0 @@
|
|||
{
|
||||
"realm" : "demo",
|
||||
"resource" : "customer-db",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-server-url": "http://localhost:8081/auth",
|
||||
"ssl-required" : "external",
|
||||
"bearer-only" : true,
|
||||
"enable-cors" : true
|
||||
|
||||
}
|
|
@ -1,57 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>adapter-test</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerDatabaseServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Users</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>user</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>demo</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>admin</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
"realm": "demo",
|
||||
"resource": "customer-portal",
|
||||
"realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-server-url": "http://localhost:8081/auth",
|
||||
"ssl-required" : "external",
|
||||
"expose-token": true,
|
||||
"credentials": {
|
||||
"secret": "password"
|
||||
}
|
||||
}
|
|
@ -1,76 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>adapter-test</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.CustomerServlet</servlet-class>
|
||||
</servlet>
|
||||
<servlet>
|
||||
<servlet-name>Error Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.rule.ErrorServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Error Servlet</servlet-name>
|
||||
<url-pattern>/error.html</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Users</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>user</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Errors</web-resource-name>
|
||||
<url-pattern>/error.html</url-pattern>
|
||||
</web-resource-collection>
|
||||
</security-constraint>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>demo</realm-name>
|
||||
<form-login-config>
|
||||
<form-login-page>/error.html</form-login-page>
|
||||
<form-error-page>/error.html</form-error-page>
|
||||
</form-login-config>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>admin</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
|
@ -1,164 +0,0 @@
|
|||
{
|
||||
"id": "demo",
|
||||
"realm": "demo",
|
||||
"enabled": true,
|
||||
"accessTokenLifespan": 3000,
|
||||
"accessCodeLifespan": 10,
|
||||
"accessCodeLifespanUserAction": 6000,
|
||||
"sslRequired": "external",
|
||||
"registrationAllowed": false,
|
||||
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
||||
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"requiredCredentials": [ "password" ],
|
||||
"users" : [
|
||||
{
|
||||
"username" : "bburke@redhat.com",
|
||||
"enabled": true,
|
||||
"email" : "bburke@redhat.com",
|
||||
"firstName": "Bill",
|
||||
"lastName": "Burke",
|
||||
"credentials" : [
|
||||
{ "type" : "password",
|
||||
"value" : "password" }
|
||||
],
|
||||
"realmRoles": [ "user" ],
|
||||
"applicationRoles": {
|
||||
"account": [ "manage-account" ]
|
||||
}
|
||||
},
|
||||
{
|
||||
"username" : "mposolda",
|
||||
"enabled": true,
|
||||
"email" : "mposolda@redhat.com",
|
||||
"firstName": "Marek",
|
||||
"lastName": "Posolda",
|
||||
"credentials" : [
|
||||
{ "type" : "password",
|
||||
"value" : "password" }
|
||||
],
|
||||
"realmRoles": [ "user" ],
|
||||
"applicationRoles": {
|
||||
"account": [ "manage-account" ]
|
||||
}
|
||||
}
|
||||
],
|
||||
"roles" : {
|
||||
"realm" : [
|
||||
{
|
||||
"name": "user",
|
||||
"description": "User privileges"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"description": "Administrator privileges"
|
||||
}
|
||||
]
|
||||
},
|
||||
"scopeMappings": [
|
||||
{
|
||||
"client": "third-party",
|
||||
"roles": ["user"]
|
||||
},
|
||||
{
|
||||
"client": "customer-portal",
|
||||
"roles": ["user"]
|
||||
},
|
||||
{
|
||||
"client": "product-portal",
|
||||
"roles": ["user"]
|
||||
}
|
||||
|
||||
],
|
||||
"applications": [
|
||||
{
|
||||
"name": "customer-portal",
|
||||
"enabled": true,
|
||||
"adminUrl": "http://localhost:8082/customer-portal",
|
||||
"baseUrl": "http://localhost:8082/customer-portal",
|
||||
"directAccessGrantsEnabled": true,
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/customer-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
{
|
||||
"name": "customer-cookie-portal",
|
||||
"enabled": true,
|
||||
"baseUrl": "http://localhost:8082/customer-cookie-portal",
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/customer-cookie-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
{
|
||||
"name": "customer-portal-js",
|
||||
"enabled": true,
|
||||
"publicClient": true,
|
||||
"adminUrl": "http://localhost:8082/customer-portal-js",
|
||||
"baseUrl": "http://localhost:8082/customer-portal-js",
|
||||
"redirectUris": [
|
||||
"http://localhost:8080/customer-portal-js/*"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "customer-portal-cli",
|
||||
"enabled": true,
|
||||
"publicClient": true,
|
||||
"redirectUris": [
|
||||
"urn:ietf:wg:oauth:2.0:oob",
|
||||
"http://localhost"
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "product-portal",
|
||||
"enabled": true,
|
||||
"adminUrl": "http://localhost:8082/product-portal",
|
||||
"baseUrl": "http://localhost:8082/product-portal",
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/product-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
{
|
||||
"name": "secure-portal",
|
||||
"enabled": true,
|
||||
"adminUrl": "http://localhost:8082/secure-portal",
|
||||
"baseUrl": "http://localhost:8082/secure-portal",
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/secure-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
{
|
||||
"name": "session-portal",
|
||||
"enabled": true,
|
||||
"adminUrl": "http://localhost:8082/session-portal",
|
||||
"baseUrl": "http://localhost:8082/session-portal",
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/session-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
},
|
||||
{
|
||||
"name": "input-portal",
|
||||
"enabled": true,
|
||||
"adminUrl": "http://localhost:8082/input-portal",
|
||||
"baseUrl": "http://localhost:8082/input-portal",
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/input-portal/*"
|
||||
],
|
||||
"secret": "password"
|
||||
}
|
||||
],
|
||||
"oauthClients": [
|
||||
{
|
||||
"name": "third-party",
|
||||
"enabled": true,
|
||||
"redirectUris": [
|
||||
"http://localhost:8082/oauth-client/*",
|
||||
"http://localhost:8082/oauth-client-cdi/*"
|
||||
],
|
||||
"secret": "password"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -1,10 +0,0 @@
|
|||
{
|
||||
"realm" : "demo",
|
||||
"resource" : "input-portal",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-server-url" : "http://${my.host.name}:8081/auth",
|
||||
"ssl-required" : "external",
|
||||
"credentials" : {
|
||||
"secret": "password"
|
||||
}
|
||||
}
|
|
@ -1,57 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>adapter-test</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.InputServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Users</web-resource-name>
|
||||
<url-pattern>/secured/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>user</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>demo</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>admin</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
|
@ -1,20 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-portal">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
|
@ -1,10 +0,0 @@
|
|||
{
|
||||
"realm" : "demo",
|
||||
"resource" : "product-portal",
|
||||
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||
"auth-server-url" : "http://localhost:8081/auth",
|
||||
"ssl-required" : "external",
|
||||
"credentials" : {
|
||||
"secret": "password"
|
||||
}
|
||||
}
|
|
@ -1,57 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<module-name>adapter-test</module-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<servlet-class>org.keycloak.testsuite.adapter.servlet.ProductServlet</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>Servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<security-constraint>
|
||||
<web-resource-collection>
|
||||
<web-resource-name>Users</web-resource-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</web-resource-collection>
|
||||
<auth-constraint>
|
||||
<role-name>user</role-name>
|
||||
</auth-constraint>
|
||||
</security-constraint>
|
||||
|
||||
<login-config>
|
||||
<auth-method>BASIC</auth-method>
|
||||
<realm-name>demo</realm-name>
|
||||
</login-config>
|
||||
|
||||
<security-role>
|
||||
<role-name>admin</role-name>
|
||||
</security-role>
|
||||
<security-role>
|
||||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
|
@ -1,20 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<Context path="/customer-portal">
|
||||
<Valve className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
|
||||
</Context>
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue