KEYCLOAK-4273 Fix failing MSAD tests

This commit is contained in:
mposolda 2017-01-23 21:47:51 +01:00
parent 8717cd0090
commit 9fea9f6fe0
3 changed files with 32 additions and 13 deletions

View file

@ -109,7 +109,6 @@ public class LDAPGroupMapperTest {
LDAPObject group1 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group1", descriptionAttrName, "group1 - description"); LDAPObject group1 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group1", descriptionAttrName, "group1 - description");
LDAPObject group11 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group11"); LDAPObject group11 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group11");
LDAPObject group12 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group12", descriptionAttrName, "group12 - description"); LDAPObject group12 = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group12", descriptionAttrName, "group12 - description");
LDAPObject groupSpecialCharacters = LDAPTestUtils.createLDAPGroup(manager.getSession(), appRealm, ldapModel, "group-spec,ia*l_characžter)s", descriptionAttrName, "group-special-characters");
LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, "not-used", group1, group11, false); LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, "not-used", group1, group11, false);
LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, "not-used", group1, group12, true); LDAPUtils.addMember(ldapFedProvider, MembershipType.DN, LDAPConstants.MEMBER, "not-used", group1, group12, true);
@ -134,14 +133,11 @@ public class LDAPGroupMapperTest {
LDAPObject james = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jameskeycloak", "James", "Brown", "james@email.org", null, "8910"); LDAPObject james = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jameskeycloak", "James", "Brown", "james@email.org", null, "8910");
LDAPTestUtils.updateLDAPPassword(ldapFedProvider, james, "Password1"); LDAPTestUtils.updateLDAPPassword(ldapFedProvider, james, "Password1");
LDAPObject james2 = LDAPTestUtils.addLDAPUser(ldapFedProvider, appRealm, "jamees,key*cložak)ppp", "James2", "Brown2", "james2@email.org", null, "89102"); postSetup(appRealm, ldapFedProvider);
LDAPTestUtils.updateLDAPPassword(ldapFedProvider, james2, "Password1");
postSetup();
} }
void postSetup() { void postSetup(RealmModel appRealm, LDAPStorageProvider ldapProvider) {
LDAPGroupMapperTest.ldapModel = this.ldapModel; LDAPGroupMapperTest.ldapModel = this.ldapModel;
LDAPGroupMapperTest.descriptionAttrName = this.descriptionAttrName; LDAPGroupMapperTest.descriptionAttrName = this.descriptionAttrName;
} }

View file

@ -62,7 +62,11 @@ public class LDAPMSADMapperTest {
private static LDAPRule ldapRule = new LDAPRule((Map<String, String> ldapConfig) -> { private static LDAPRule ldapRule = new LDAPRule((Map<String, String> ldapConfig) -> {
String vendor = ldapConfig.get(LDAPConstants.VENDOR); String vendor = ldapConfig.get(LDAPConstants.VENDOR);
return !(vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY));
// TODO: This is skipped as it requires that MSAD server is set to not allow weak passwords (There needs to be pwdProperties=1 set on MSAD side).
// TODO: Currently we can't rely on it. See KEYCLOAK-4276
return true;
// return !(vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY));
}); });

View file

@ -17,16 +17,13 @@
package org.keycloak.testsuite.federation.storage.ldap; package org.keycloak.testsuite.federation.storage.ldap;
import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import org.junit.After; import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.ClassRule; import org.junit.ClassRule;
import org.junit.FixMethodOrder; import org.junit.FixMethodOrder;
import org.junit.Rule; import org.junit.Rule;
@ -40,11 +37,15 @@ import org.keycloak.component.ComponentModel;
import org.keycloak.models.Constants; import org.keycloak.models.Constants;
import org.keycloak.models.GroupModel; import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.UserRepresentation; import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode; import org.keycloak.storage.ldap.mappers.membership.LDAPGroupMapperMode;
import org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory;
import org.keycloak.storage.ldap.mappers.membership.group.GroupMapperConfig; import org.keycloak.storage.ldap.mappers.membership.group.GroupMapperConfig;
import org.keycloak.testsuite.OAuthClient; import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.pages.AppPage; import org.keycloak.testsuite.pages.AppPage;
@ -66,7 +67,16 @@ import static org.keycloak.testsuite.Constants.AUTH_SERVER_ROOT;
@FixMethodOrder(MethodSorters.NAME_ASCENDING) @FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class LDAPSpecialCharsTest { public class LDAPSpecialCharsTest {
private static LDAPRule ldapRule = new LDAPRule();
// Skip this test for MSAD with sAMAccountName as it is not allowed to use specialCharacters in sAMAccountName attribute
private static LDAPRule ldapRule = new LDAPRule((Map<String, String> ldapConfig) -> {
String vendor = ldapConfig.get(LDAPConstants.VENDOR);
String usernameAttr = ldapConfig.get(LDAPConstants.USERNAME_LDAP_ATTRIBUTE);
return (vendor.equals(LDAPConstants.VENDOR_ACTIVE_DIRECTORY) && usernameAttr.equalsIgnoreCase(LDAPConstants.SAM_ACCOUNT_NAME));
});
static ComponentModel ldapModel = null; static ComponentModel ldapModel = null;
static String descriptionAttrName = null; static String descriptionAttrName = null;
@ -75,9 +85,18 @@ public class LDAPSpecialCharsTest {
private static KeycloakRule keycloakRule = new KeycloakRule(new LDAPGroupMapperTest.GroupTestKeycloakSetup(ldapRule) { private static KeycloakRule keycloakRule = new KeycloakRule(new LDAPGroupMapperTest.GroupTestKeycloakSetup(ldapRule) {
@Override @Override
protected void postSetup() { protected void postSetup(RealmModel appRealm, LDAPStorageProvider ldapProvider) {
LDAPSpecialCharsTest.ldapModel = this.ldapModel; LDAPSpecialCharsTest.ldapModel = this.ldapModel;
LDAPSpecialCharsTest.descriptionAttrName = this.descriptionAttrName; LDAPSpecialCharsTest.descriptionAttrName = this.descriptionAttrName;
LDAPObject groupSpecialCharacters = LDAPTestUtils.createLDAPGroup(session, appRealm, ldapModel, "group-spec,ia*l_characžter)s", descriptionAttrName, "group-special-characters");
// Resync LDAP groups to Keycloak DB
ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(appRealm, ldapModel, "groupsMapper");
new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(appRealm);
LDAPObject james2 = LDAPTestUtils.addLDAPUser(ldapProvider, appRealm, "jamees,key*cložak)ppp", "James2", "Brown2", "james2@email.org", null, "89102");
LDAPTestUtils.updateLDAPPassword(ldapProvider, james2, "Password1");
} }
}); });