libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

[KEYCLOAK-4751] - More tests

Browse source
This commit is contained in:
Pedro Igor 2017-04-12 18:25:38 -03:00
parent 2a1a19f290
commit 964693077a
8 changed files with 391 additions and 204 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
testsuite/integration-arquillian/test-apps/servlet-authz/keycloak.-permissive-authz-service.json Normal file
View file

@ -0,0 +1,15 @@
{
"realm": "servlet-authz",
"realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
"auth-server-url" : "http://localhost:8180/auth",
"ssl-required" : "external",
"resource" : "servlet-authz-app",
"public-client" : false,
"credentials": {
"secret": "secret"
},
"policy-enforcer": {
"enforcement-mode" : "PERMISSIVE",
"on-deny-redirect-to" : "/servlet-authz-app/accessDenied.jsp"
}
}

52
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPermissiveModeAdapterTest.java Normal file
View file

@ -0,0 +1,52 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.adapter.example.authorization;
import static org.junit.Assert.assertTrue;
import java.io.File;
import java.io.IOException;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public abstract class AbstractPermissiveModeAdapterTest extends AbstractServletAuthzAdapterTest {
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
public static WebArchive deployment() throws IOException {
return exampleDeployment(RESOURCE_SERVER_ID)
.addAsWebInfResource(new File(TEST_APPS_HOME_DIR + "/servlet-authz-app/servlet-authz-realm.json"), "keycloak.-permissive-authz-service.json");
}
@Test
public void testCanAccessWhenPermissive() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
driver.navigate().to(getResourceServerUrl() + "/enforcing/resource");
assertTrue(driver.getTitle().equals("Error"));
assertTrue(driver.getPageSource().contains("Not Found"));
driver.navigate().to(getResourceServerUrl() + "/protected/admin");
assertTrue(wasDenied());
});
}
}

254
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractServletAuthzAdapterTest.java
View file

@ -17,7 +17,6 @@
package org.keycloak.testsuite.adapter.example.authorization; package org.keycloak.testsuite.adapter.example.authorization;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.util.IOUtil.loadJson; import static org.keycloak.testsuite.util.IOUtil.loadJson;
import static org.keycloak.testsuite.util.IOUtil.loadRealm; import static org.keycloak.testsuite.util.IOUtil.loadRealm;
import static org.keycloak.testsuite.util.WaitUtils.pause; import static org.keycloak.testsuite.util.WaitUtils.pause;
@ -25,35 +24,24 @@ import static org.keycloak.testsuite.util.WaitUtils.pause;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.MalformedURLException; import java.net.MalformedURLException;
import java.net.URL; import java.net.URL;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List; import java.util.List;
import org.jboss.arquillian.container.test.api.Deployer; import org.jboss.arquillian.container.test.api.Deployer;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.test.api.ArquillianResource; import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.BeforeClass; import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.admin.client.resource.AuthorizationResource; import org.keycloak.admin.client.resource.AuthorizationResource;
import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ClientsResource; import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation; import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation; import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.ProfileAssume; import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest; import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
import org.keycloak.testsuite.util.WaitUtils; import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.util.JsonSerialization;
import org.openqa.selenium.By; import org.openqa.selenium.By;
import org.openqa.selenium.WebElement; import org.openqa.selenium.WebElement;
@ -62,8 +50,8 @@ import org.openqa.selenium.WebElement;
*/ */
public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAdapterTest { public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAdapterTest {
private static final String REALM_NAME = "servlet-authz"; protected static final String REALM_NAME = "servlet-authz";
private static final String RESOURCE_SERVER_ID = "servlet-authz-app"; protected static final String RESOURCE_SERVER_ID = "servlet-authz-app";
@BeforeClass @BeforeClass
public static void enabled() { ProfileAssume.assumePreview(); } public static void enabled() { ProfileAssume.assumePreview(); }
@ -77,184 +65,13 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-authz-app/servlet-authz-realm.json"))); loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-authz-app/servlet-authz-realm.json")));
} }
@Deployment(name = RESOURCE_SERVER_ID, managed = false) protected void performTests(ExceptionRunnable assertion) {
public static WebArchive deployment() throws IOException { performTests(() -> importResourceServerSettings(), assertion);
return exampleDeployment(RESOURCE_SERVER_ID);
} }
@Test protected void performTests(ExceptionRunnable beforeDeploy, ExceptionRunnable assertion) {
public void testRegularUserPermissions() throws Exception {
performTests(() -> {
login("alice", "alice");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForAdmin"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertFalse(hasText("Do user premium thing"));
assertFalse(hasText("Do administration thing"));
navigateToUserPremiumPage();
assertTrue(wasDenied());
navigateToAdminPage();
assertTrue(wasDenied());
});
}
@Test
public void testUserPremiumPermissions() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForAdmin"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertTrue(hasText("Do user premium thing"));
assertFalse(hasText("Do administration thing"));
navigateToUserPremiumPage();
assertFalse(wasDenied());
navigateToAdminPage();
assertTrue(wasDenied());
});
}
@Test
public void testAdminPermissions() throws Exception {
performTests(() -> {
login("admin", "admin");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForAdmin"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertTrue(hasText("Do administration thing"));
assertFalse(hasText("Do user premium thing"));
navigateToUserPremiumPage();
assertTrue(wasDenied());
navigateToAdminPage();
assertFalse(wasDenied());
});
}
@Test
public void testGrantPremiumAccessToUser() throws Exception {
performTests(() -> {
login("alice", "alice");
assertFalse(wasDenied());
navigateToUserPremiumPage();
assertTrue(wasDenied());
for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
if ("Premium Resource Permission".equals(policy.getName())) {
policy.getConfig().put("applyPolicies", "[\"Any User Policy\"]");
getAuthorizationResource().policies().policy(policy.getId()).update(policy);
}
}
login("alice", "alice");
navigateToUserPremiumPage();
assertFalse(wasDenied());
for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
if ("Premium Resource Permission".equals(policy.getName())) {
policy.getConfig().put("applyPolicies", "[\"Only Premium User Policy\"]");
getAuthorizationResource().policies().policy(policy.getId()).update(policy);
}
}
login("alice", "alice");
navigateToUserPremiumPage();
assertTrue(wasDenied());
PolicyRepresentation onlyAlicePolicy = new PolicyRepresentation();
onlyAlicePolicy.setName("Temporary Premium Access Policy");
onlyAlicePolicy.setType("user");
HashMap<String, String> config = new HashMap<>();
UsersResource usersResource = realmsResouce().realm(REALM_NAME).users();
List<UserRepresentation> users = usersResource.search("alice", null, null, null, null, null);
assertFalse(users.isEmpty());
config.put("users", JsonSerialization.writeValueAsString(Arrays.asList(users.get(0).getId())));
onlyAlicePolicy.setConfig(config);
getAuthorizationResource().policies().create(onlyAlicePolicy);
for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
if ("Premium Resource Permission".equals(policy.getName())) {
policy.getConfig().put("applyPolicies", "[\"Temporary Premium Access Policy\"]");
getAuthorizationResource().policies().policy(policy.getId()).update(policy);
}
}
login("alice", "alice");
navigateToUserPremiumPage();
assertFalse(wasDenied());
});
}
@Test
public void testGrantAdministrativePermissions() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
navigateToAdminPage();
assertTrue(wasDenied());
RealmResource realmResource = realmsResouce().realm(REALM_NAME);
UsersResource usersResource = realmResource.users();
List<UserRepresentation> users = usersResource.search("jdoe", null, null, null, null, null);
assertFalse(users.isEmpty());
UserResource userResource = usersResource.get(users.get(0).getId());
RoleRepresentation adminRole = realmResource.roles().get("admin").toRepresentation();
userResource.roles().realmLevel().add(Arrays.asList(adminRole));
login("jdoe", "jdoe");
navigateToAdminPage();
assertFalse(wasDenied());
});
}
//KEYCLOAK-3830
@Test
public void testAccessPublicResource() throws Exception {
performTests(() -> {
driver.navigate().to(getResourceServerUrl() + "/public-html.html");
WaitUtils.waitForPageToLoad(driver);
assertTrue(hasText("This is public resource that should be accessible without login."));
});
}
private void performTests(TestRunnable assertion) {
try { try {
importResourceServerSettings(); beforeDeploy.run();
deployer.deploy(RESOURCE_SERVER_ID); deployer.deploy(RESOURCE_SERVER_ID);
assertion.run(); assertion.run();
} catch (FileNotFoundException cause) { } catch (FileNotFoundException cause) {
@ -266,11 +83,11 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
} }
} }
private boolean hasLink(String text) { protected boolean hasLink(String text) {
return getLink(text) != null; return getLink(text) != null;
} }
private boolean hasText(String text) { protected boolean hasText(String text) {
return this.driver.getPageSource().contains(text); return this.driver.getPageSource().contains(text);
} }
@ -278,11 +95,11 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
return this.driver.findElement(By.xpath("//a[text() = '" + text + "']")); return this.driver.findElement(By.xpath("//a[text() = '" + text + "']"));
} }
private void importResourceServerSettings() throws FileNotFoundException { protected void importResourceServerSettings() throws FileNotFoundException {
getAuthorizationResource().importSettings(loadJson(new FileInputStream(new File(TEST_APPS_HOME_DIR + "/servlet-authz-app/servlet-authz-app-authz-service.json")), ResourceServerRepresentation.class)); getAuthorizationResource().importSettings(loadJson(new FileInputStream(new File(TEST_APPS_HOME_DIR + "/servlet-authz-app/servlet-authz-app-authz-service.json")), ResourceServerRepresentation.class));
} }
private AuthorizationResource getAuthorizationResource() { protected AuthorizationResource getAuthorizationResource() {
return getClientResource(RESOURCE_SERVER_ID).authorization(); return getClientResource(RESOURCE_SERVER_ID).authorization();
} }
@ -300,7 +117,7 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
pause(500); pause(500);
} }
private void login(String username, String password) { protected void login(String username, String password) {
try { try {
navigateTo(); navigateTo();
Thread.sleep(2000); Thread.sleep(2000);
@ -323,11 +140,11 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
WaitUtils.waitUntilElement(By.xpath("//a[text() = 'Dynamic Menu']")); WaitUtils.waitUntilElement(By.xpath("//a[text() = 'Dynamic Menu']"));
} }
private boolean wasDenied() { protected boolean wasDenied() {
return this.driver.getPageSource().contains("You can not access this resource."); return this.driver.getPageSource().contains("You can not access this resource.");
} }
private URL getResourceServerUrl() { protected URL getResourceServerUrl() {
try { try {
return new URL(this.appServerContextRootPage + "/" + RESOURCE_SERVER_ID); return new URL(this.appServerContextRootPage + "/" + RESOURCE_SERVER_ID);
} catch (MalformedURLException e) { } catch (MalformedURLException e) {
@ -335,22 +152,57 @@ public abstract class AbstractServletAuthzAdapterTest extends AbstractExampleAda
} }
} }
private void navigateToDynamicMenuPage() { protected void navigateToDynamicMenuPage() {
navigateTo(); navigateTo();
getLink("Dynamic Menu").click(); getLink("Dynamic Menu").click();
} }
private void navigateToUserPremiumPage() { protected void navigateToUserPremiumPage() {
navigateTo(); navigateTo();
getLink("User Premium").click(); getLink("User Premium").click();
} }
private void navigateToAdminPage() { protected void navigateToAdminPage() {
navigateTo(); navigateTo();
getLink("Administration").click(); getLink("Administration").click();
} }
private interface TestRunnable { protected void updatePermissionPolicies(String permissionName, String... policyNames) {
for (PolicyRepresentation policy : getAuthorizationResource().policies().policies()) {
if (permissionName.equalsIgnoreCase(policy.getName())) {
StringBuilder policies = new StringBuilder("[");
for (String policyName : policyNames) {
if (policies.length() > 1) {
policies.append(",");
}
policies.append("\"").append(policyName).append("\"");
}
policies.append("]");
policy.getConfig().put("applyPolicies", policies.toString());
getAuthorizationResource().policies().policy(policy.getId()).update(policy);
}
}
}
protected void createUserPolicy(String name, String... userNames) {
UserPolicyRepresentation policy = new UserPolicyRepresentation();
policy.setName(name);
for (String userName : userNames) {
policy.addUser(userName);
}
assertFalse(policy.getUsers().isEmpty());
getAuthorizationResource().policies().users().create(policy);
}
protected interface ExceptionRunnable {
void run() throws Exception; void run() throws Exception;
} }
} }

208
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractServletAuthzFunctionalAdapterTest.java Normal file
View file

@ -0,0 +1,208 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.adapter.example.authorization;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.ResourcesResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.testsuite.util.WaitUtils;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public abstract class AbstractServletAuthzFunctionalAdapterTest extends AbstractServletAuthzAdapterTest {
@Deployment(name = RESOURCE_SERVER_ID, managed = false)
public static WebArchive deployment() throws IOException {
return exampleDeployment(RESOURCE_SERVER_ID);
}
@Test
public void testCanNotAccessWhenEnforcing() throws Exception {
performTests(() -> {
importResourceServerSettings();
ResourcesResource resources = getAuthorizationResource().resources();
ResourceRepresentation resource = resources.findByName("Protected Resource").get(0);
resource.setUri("/index.jsp");
resources.resource(resource.getId()).update(resource);
}, () -> {
login("jdoe", "jdoe");
driver.navigate().to(getResourceServerUrl().toString() + "/enforcing/resource");
assertTrue(wasDenied());
});
}
@Test
public void testRegularUserPermissions() throws Exception {
performTests(() -> {
login("alice", "alice");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForAdmin"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertFalse(hasText("Do user premium thing"));
assertFalse(hasText("Do administration thing"));
navigateToUserPremiumPage();
assertTrue(wasDenied());
navigateToAdminPage();
assertTrue(wasDenied());
});
}
@Test
public void testUserPremiumPermissions() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForAdmin"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertTrue(hasText("Do user premium thing"));
assertFalse(hasText("Do administration thing"));
navigateToUserPremiumPage();
assertFalse(wasDenied());
navigateToAdminPage();
assertTrue(wasDenied());
});
}
@Test
public void testAdminPermissions() throws Exception {
performTests(() -> {
login("admin", "admin");
assertFalse(wasDenied());
assertTrue(hasLink("User Premium"));
assertTrue(hasLink("Administration"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForUser"));
assertTrue(hasText("urn:servlet-authz:page:main:actionForAdmin"));
assertFalse(hasText("urn:servlet-authz:page:main:actionForPremiumUser"));
navigateToDynamicMenuPage();
assertTrue(hasText("Do user thing"));
assertTrue(hasText("Do administration thing"));
assertFalse(hasText("Do user premium thing"));
navigateToUserPremiumPage();
assertTrue(wasDenied());
navigateToAdminPage();
assertFalse(wasDenied());
});
}
@Test
public void testGrantPremiumAccessToUser() throws Exception {
performTests(() -> {
login("alice", "alice");
assertFalse(wasDenied());
navigateToUserPremiumPage();
assertTrue(wasDenied());
updatePermissionPolicies("Premium Resource Permission", "Any User Policy");
login("alice", "alice");
navigateToUserPremiumPage();
assertFalse(wasDenied());
updatePermissionPolicies("Premium Resource Permission", "Only Premium User Policy");
login("alice", "alice");
navigateToUserPremiumPage();
assertTrue(wasDenied());
createUserPolicy("Temporary Premium Access Policy", "alice");
updatePermissionPolicies("Premium Resource Permission", "Temporary Premium Access Policy");
login("alice", "alice");
navigateToUserPremiumPage();
assertFalse(wasDenied());
});
}
@Test
public void testGrantAdministrativePermissions() throws Exception {
performTests(() -> {
login("jdoe", "jdoe");
navigateToAdminPage();
assertTrue(wasDenied());
RealmResource realmResource = realmsResouce().realm(REALM_NAME);
UsersResource usersResource = realmResource.users();
List<UserRepresentation> users = usersResource.search("jdoe", null, null, null, null, null);
assertFalse(users.isEmpty());
UserResource userResource = usersResource.get(users.get(0).getId());
RoleRepresentation adminRole = realmResource.roles().get("admin").toRepresentation();
userResource.roles().realmLevel().add(Arrays.asList(adminRole));
login("jdoe", "jdoe");
navigateToAdminPage();
assertFalse(wasDenied());
});
}
//KEYCLOAK-3830
@Test
public void testAccessPublicResource() throws Exception {
performTests(() -> {
driver.navigate().to(getResourceServerUrl() + "/public-html.html");
WaitUtils.waitForPageToLoad(driver);
assertTrue(hasText("This is public resource that should be accessible without login."));
});
}
}

30
testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/example/authorization/EAP6PermissiveModeAdapterTest.java Normal file
View file

@ -0,0 +1,30 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.adapter.example.authorization;
import org.jboss.arquillian.container.test.api.RunAsClient;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
/**
*
* @author tkyjovsk
*/
@RunAsClient
@AppServerContainer("app-server-eap6")
public class EAP6PermissiveModeAdapterTest extends AbstractPermissiveModeAdapterTest {
}

2
testsuite/integration-arquillian/tests/other/adapters/jboss/eap6/src/test/java/org/keycloak/testsuite/adapter/example/authorization/EAP6ServletAuthzAdapterTest.java
View file

@ -25,6 +25,6 @@ import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
*/ */
@RunAsClient @RunAsClient
@AppServerContainer("app-server-eap6") @AppServerContainer("app-server-eap6")
public class EAP6ServletAuthzAdapterTest extends AbstractServletAuthzAdapterTest { public class EAP6ServletAuthzAdapterTest extends AbstractServletAuthzFunctionalAdapterTest {
} }

31
testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyPermissiveModeAdapterTest.java Normal file
View file

@ -0,0 +1,31 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.adapter.example.authorization;
import org.jboss.arquillian.container.test.api.RunAsClient;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
/**
*
* @author tkyjovsk
*/
@RunAsClient
@AppServerContainer("app-server-wildfly")
//@AdapterLibsLocationProperty("adapter.libs.wildfly")
public class WildflyPermissiveModeAdapterTest extends AbstractPermissiveModeAdapterTest {
}

3
testsuite/integration-arquillian/tests/other/adapters/jboss/wildfly/src/test/java/org/keycloak/testsuite/adapter/example/authorization/WildflyServletAuthzAdapterTest.java
View file

@ -17,7 +17,6 @@
package org.keycloak.testsuite.adapter.example.authorization; package org.keycloak.testsuite.adapter.example.authorization;
import org.jboss.arquillian.container.test.api.RunAsClient; import org.jboss.arquillian.container.test.api.RunAsClient;
import org.keycloak.testsuite.adapter.example.authorization.AbstractServletAuthzAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer; import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
/** /**
@ -27,6 +26,6 @@ import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
@RunAsClient @RunAsClient
@AppServerContainer("app-server-wildfly") @AppServerContainer("app-server-wildfly")
//@AdapterLibsLocationProperty("adapter.libs.wildfly") //@AdapterLibsLocationProperty("adapter.libs.wildfly")
public class WildflyServletAuthzAdapterTest extends AbstractServletAuthzAdapterTest { public class WildflyServletAuthzAdapterTest extends AbstractServletAuthzFunctionalAdapterTest {
} }