[KEYCLOAK-16497] - AuthzClient.create() fails when env variables are used in auth-server-url

This commit is contained in:
Pedro Igor 2021-01-04 16:52:53 -03:00
parent 60e4bd622f
commit 922d7da3ae
3 changed files with 58 additions and 2 deletions

View file

@ -23,6 +23,8 @@ import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.util.Objects; import java.util.Objects;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.keycloak.authorization.client.representation.ServerConfiguration; import org.keycloak.authorization.client.representation.ServerConfiguration;
import org.keycloak.authorization.client.resource.AuthorizationResource; import org.keycloak.authorization.client.resource.AuthorizationResource;
import org.keycloak.authorization.client.resource.ProtectionResource; import org.keycloak.authorization.client.resource.ProtectionResource;
@ -30,7 +32,7 @@ import org.keycloak.authorization.client.util.Http;
import org.keycloak.authorization.client.util.TokenCallable; import org.keycloak.authorization.client.util.TokenCallable;
import org.keycloak.common.util.KeycloakUriBuilder; import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.representations.AccessTokenResponse; import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.util.JsonSerialization; import org.keycloak.util.SystemPropertiesJsonParserFactory;
/** /**
* <p>This is class serves as an entry point for clients looking for access to Keycloak Authorization Services. * <p>This is class serves as an entry point for clients looking for access to Keycloak Authorization Services.
@ -72,7 +74,11 @@ public class AuthzClient {
} }
try { try {
return create(JsonSerialization.readValue(configStream, Configuration.class)); ObjectMapper mapper = new ObjectMapper(new SystemPropertiesJsonParserFactory());
mapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
return create(mapper.readValue(configStream, Configuration.class));
} catch (IOException e) { } catch (IOException e) {
throw new RuntimeException("Could not parse configuration.", e); throw new RuntimeException("Could not parse configuration.", e);
} }

View file

@ -42,6 +42,7 @@
<exclude.cluster>**/cluster/**/*Test.java</exclude.cluster> <exclude.cluster>**/cluster/**/*Test.java</exclude.cluster>
<exclude.crossdc>**/crossdc/**/*Test.java</exclude.crossdc> <exclude.crossdc>**/crossdc/**/*Test.java</exclude.crossdc>
<mvel.version>2.4.0.Final</mvel.version> <mvel.version>2.4.0.Final</mvel.version>
<systemrules.version>1.19.0</systemrules.version>
</properties> </properties>
<dependencies> <dependencies>
@ -135,6 +136,12 @@
<artifactId>jandex</artifactId> <artifactId>jandex</artifactId>
<version>2.1.3.Final</version> <version>2.1.3.Final</version>
</dependency> </dependency>
<dependency>
<groupId>com.github.stefanbirkner</groupId>
<artifactId>system-rules</artifactId>
<version>${systemrules.version}</version>
<scope>test</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>

View file

@ -0,0 +1,43 @@
package org.keycloak.testsuite.authz;
import java.io.ByteArrayInputStream;
import org.hamcrest.Matchers;
import org.junit.Rule;
import org.junit.Test;
import org.junit.contrib.java.lang.system.EnvironmentVariables;
import org.junit.rules.ExpectedException;
import org.keycloak.authorization.client.AuthzClient;
public class AuthzClientTest {
@Rule
public final EnvironmentVariables envVars = new EnvironmentVariables();
@Rule
public ExpectedException expectedException = ExpectedException.none();
@Test
public void testCreateWithEnvVars() {
envVars.set("KEYCLOAK_REALM", "test");
envVars.set("KEYCLOAK_AUTH_SERVER", "http://test");
expectedException.expect(RuntimeException.class);
expectedException.expectMessage(Matchers.containsString("Could not obtain configuration from server"));
AuthzClient.create(new ByteArrayInputStream(("{\n"
+ " \"realm\": \"${env.KEYCLOAK_REALM}\",\n"
+ " \"auth-server-url\": \"${env.KEYCLOAK_AUTH_SERVER}\",\n"
+ " \"ssl-required\": \"external\",\n"
+ " \"enable-cors\": true,\n"
+ " \"resource\": \"my-server\",\n"
+ " \"credentials\": {\n"
+ " \"secret\": \"${env.KEYCLOAK_SECRET}\"\n"
+ " },\n"
+ " \"confidential-port\": 0,\n"
+ " \"policy-enforcer\": {\n"
+ " \"enforcement-mode\": \"ENFORCING\"\n"
+ " }\n"
+ "}").getBytes()));
}
}