parent
e4804de9e3
commit
a861d633e2
5 changed files with 54 additions and 48 deletions
|
@ -189,6 +189,10 @@ and then execute the following command from the project root directory:
|
|||
mvn -f testsuite/integration-arquillian/pom.xml clean install -Pauth-server-quarkus -Dtest=OIDCProtocolMappersTest
|
||||
```
|
||||
|
||||
### Resolving DNS names when running tests
|
||||
|
||||
In order to avoid using external services for DNS resolution, the tests are executed using a local host file by setting the `-Djdk.net.hosts.file=${project.build.testOutputDirectory}/hosts_file` system property.
|
||||
|
||||
## Documentation
|
||||
|
||||
The documentation is a set of guides available from the [docs](../docs/guides/src/main/server) module. Please,
|
||||
|
|
|
@ -104,6 +104,7 @@
|
|||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<configuration>
|
||||
<argLine>-Djdk.net.hosts.file=${project.build.testOutputDirectory}/hosts_file</argLine>
|
||||
<systemPropertyVariables>
|
||||
<kc.quarkus.tests.dist>${kc.quarkus.tests.dist}</kc.quarkus.tests.dist>
|
||||
</systemPropertyVariables>
|
||||
|
|
|
@ -42,104 +42,104 @@ public class HostnameDistTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
public void testSchemeAndPortFromRequestWhenNoProxySet() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
||||
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org:8080/");
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/");
|
||||
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.org:8443/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true" })
|
||||
public void testForceHttpsSchemeAndPortWhenStrictHttpsEnabled() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("http://localhost:8080", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org:8443/");
|
||||
assertFrontEndUrl("http://localhost:8080", "https://mykeycloak.org:8443/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-port=8443", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-port=8443", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
public void testForceHostnamePortWhenNoProxyIsSet() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org:8443/");
|
||||
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org:8443/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge" })
|
||||
public void testUseDefaultPortsWhenProxyIsSet() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io/");
|
||||
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org/");
|
||||
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge", "--hostname-strict-https=false" })
|
||||
public void testUseDefaultPortsWhenProxyIsSetNoStrictHttps() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io/");
|
||||
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "https://mykeycloak.127.0.0.1.nip.io/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org/");
|
||||
assertFrontEndUrl("https://mykeycloak.org:8443", "https://mykeycloak.org/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge", "--hostname-strict-https=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--proxy=edge", "--hostname-strict-https=true" })
|
||||
public void testUseDefaultPortsAndHttpsSchemeWhenProxyIsSetAndStrictHttpsEnabled() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
public void testBackEndUrlFromRequest() {
|
||||
assertBackEndUrl("http://localhost:8080", "http://localhost:8080/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
public void testBackEndUrlSameAsFrontEndUrl() {
|
||||
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
||||
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-path=/auth", "--hostname-strict=true", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-path=/auth", "--hostname-strict=true", "--hostname-strict-backchannel=true", "--http-enabled=true", "--hostname-strict-https=false" })
|
||||
public void testSetHostnamePath() {
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/auth/");
|
||||
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/auth/");
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/auth/");
|
||||
assertBackEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/auth/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--https-port=8543", "--hostname-strict-https=true", "--http-enabled=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--https-port=8543", "--hostname-strict-https=true", "--http-enabled=true" })
|
||||
public void testDefaultTlsPortChangeWhenHttpPortSet() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "https://mykeycloak.127.0.0.1.nip.io:8543/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "https://mykeycloak.org:8543/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-strict-https=true", "--hostname-port=8543", "--http-enabled=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-strict-https=true", "--hostname-port=8543", "--http-enabled=true" })
|
||||
public void testWelcomePageAdminUrl() {
|
||||
Assert.assertTrue(when().get("http://mykeycloak.127.0.0.1.nip.io:8080").asString().contains("http://mykeycloak.127.0.0.1.nip.io:8080/admin/"));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443").asString().contains("https://mykeycloak.127.0.0.1.nip.io:8443/admin/"));
|
||||
Assert.assertTrue(when().get("http://mykeycloak.org:8080").asString().contains("http://mykeycloak.org:8080/admin/"));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.org:8443").asString().contains("https://mykeycloak.org:8443/admin/"));
|
||||
Assert.assertTrue(when().get("http://localhost:8080").asString().contains("http://localhost:8080/admin/"));
|
||||
Assert.assertTrue(when().get("https://localhost:8443").asString().contains("https://localhost:8443/admin/"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-admin=mykeycloakadmin.127.0.0.1.nip.io", "--http-enabled=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--hostname-admin=mykeycloakadmin.127.0.0.1.nip.io", "--http-enabled=true" })
|
||||
public void testHostnameAdminSet() {
|
||||
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/admin/master/console").asString().contains("\"authUrl\": \"https://mykeycloakadmin.127.0.0.1.nip.io:8443\""));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Sign in to your account"));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.org:8443/admin/master/console").asString().contains("\"authUrl\": \"https://mykeycloakadmin.127.0.0.1.nip.io:8443\""));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.org:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Sign in to your account"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--hostname=mykeycloak.127.0.0.1.nip.io", "--http-enabled=true" })
|
||||
@Launch({ "start", "--hostname=mykeycloak.org", "--http-enabled=true" })
|
||||
public void testInvalidRedirectUriWhenAdminNotSet() {
|
||||
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Invalid parameter: redirect_uri"));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.org:8443/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https://mykeycloakadmin.127.0.0.1.nip.io:8443/admin/master/console&state=02234324-d91e-4bf2-8396-57498e96b12a&response_mode=fragment&response_type=code&scope=openid&nonce=f8f3812e-e349-4bbf-8d15-cbba4927f5e5&code_challenge=7qjD_v11WGkt1ig-ZFHxJdrEvuTlzjFRgRGQ_5ADcko&code_challenge_method=S256").asString().contains("Invalid parameter: redirect_uri"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--proxy=edge", "--hostname-url=http://mykeycloak.127.0.0.1.nip.io:1234" })
|
||||
@Launch({ "start", "--proxy=edge", "--hostname-url=http://mykeycloak.org:1234" })
|
||||
public void testFrontendUrl() {
|
||||
assertFrontEndUrl("https://mykeycloak.127.0.0.1.nip.io:8443", "http://mykeycloak.127.0.0.1.nip.io:1234/");
|
||||
assertFrontEndUrl("https://mykeycloak.org:8443", "http://mykeycloak.org:1234/");
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start", "--proxy=edge", "--hostname=mykeycloak.127.0.0.1.nip.io", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234" })
|
||||
@Launch({ "start", "--proxy=edge", "--hostname=mykeycloak.org", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234" })
|
||||
public void testAdminUrl() {
|
||||
Assert.assertTrue(when().get("https://mykeycloak.127.0.0.1.nip.io:8443").asString().contains("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin/"));
|
||||
Assert.assertTrue(when().get("https://mykeycloak.org:8443").asString().contains("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin/"));
|
||||
}
|
||||
|
||||
private OIDCConfigurationRepresentation getServerMetadata(String baseUrl) {
|
||||
|
|
|
@ -44,38 +44,38 @@ public class ProxyDistTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.127.0.0.1.nip.io" })
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.org" })
|
||||
public void testSchemeAndPortFromRequestWhenNoProxySet() {
|
||||
assertFrontEndUrl("http://mykeycloak.127.0.0.1.nip.io:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.127.0.0.1.nip.io:8080/");
|
||||
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.127.0.0.1.nip.io:8443/");
|
||||
assertFrontEndUrl("http://mykeycloak.org:8080", "http://mykeycloak.org:8080/");
|
||||
assertFrontEndUrl("http://localhost:8080", "http://mykeycloak.org:8080/");
|
||||
assertFrontEndUrl("https://localhost:8443", "https://mykeycloak.org:8443/");
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://localhost:8080").then().body(containsString("http://localhost:8080/admin"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=edge" })
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.org", "--proxy=edge" })
|
||||
public void testXForwardedHeadersWithEdge() {
|
||||
assertXForwardedHeaders();
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.127.0.0.1.nip.io", "--proxy=reencrypt" })
|
||||
@Launch({ "start-dev", "--hostname=mykeycloak.org", "--proxy=reencrypt" })
|
||||
public void testXForwardedHeadersWithReencrypt() {
|
||||
assertXForwardedHeaders();
|
||||
}
|
||||
|
||||
@Test
|
||||
@Launch({ "start-dev", "--hostname-url=http://mykeycloak.127.0.0.1.nip.io:1234", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234", "--proxy=edge" })
|
||||
@Launch({ "start-dev", "--hostname-url=http://mykeycloak.org:1234", "--hostname-admin-url=http://mykeycloakadmin.127.0.0.1.nip.io:1234", "--proxy=edge" })
|
||||
public void testIgnoreForwardedHeadersWhenFrontendUrlSet() {
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://mykeycloak.127.0.0.1.nip.io:8080").then().body(containsString("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin"));
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://mykeycloak.org:8080").then().body(containsString("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin"));
|
||||
given().header("X-Forwarded-Proto", "https").when().get("http://localhost:8080").then().body(containsString("http://mykeycloakadmin.127.0.0.1.nip.io:1234/admin"));
|
||||
}
|
||||
|
||||
private void assertXForwardedHeaders() {
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://mykeycloak.127.0.0.1.nip.io:8080").then().body(containsString("http://test:8080/admin"));
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://mykeycloak.org:8080").then().body(containsString("http://test:8080/admin"));
|
||||
given().header("X-Forwarded-Host", "test").when().get("http://localhost:8080").then().body(containsString("http://test:8080/admin"));
|
||||
given().header("X-Forwarded-Host", "test").when().get("https://localhost:8443").then().body(containsString("https://test:8443/admin"));
|
||||
//given().header("X-Forwarded-Host", "mykeycloak.127.0.0.1.nip.io").when().get("https://localhost:8443/admin/master/console").then().body(containsString("<script src=\"/js/keycloak.js?version="));
|
||||
//given().header("X-Forwarded-Host", "mykeycloak.org").when().get("https://localhost:8443/admin/master/console").then().body(containsString("<script src=\"/js/keycloak.js?version="));
|
||||
given().header("X-Forwarded-Proto", "https").when().get("http://localhost:8080").then().body(containsString("https://localhost/admin"));
|
||||
given().header("X-Forwarded-Proto", "https").header("X-Forwarded-Port", "8443").when().get("http://localhost:8080").then().body(containsString("https://localhost:8443/admin"));
|
||||
}
|
||||
|
|
1
quarkus/tests/integration/src/test/resources/hosts_file
Normal file
1
quarkus/tests/integration/src/test/resources/hosts_file
Normal file
|
@ -0,0 +1 @@
|
|||
127.0.0.1 mykeycloak.org
|
Loading…
Reference in a new issue