KEYCLOAK-2971: Added basic oidc broker testing to the new testsuite

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/broker/KcOidcBrokerConstants.java

@@ -0,0 +1,17 @@
+package org.keycloak.testsuite.broker;
+
+class KcOidcBrokerConstants {
+
+    final static String REALM_PROV_NAME = "provider";
+    final static String REALM_CONS_NAME = "consumer";
+
+    final static String IDP_ALIAS = "kc-oidc-idp";
+    final static String IDP_PROVIDER_ID = "keycloak-oidc";
+
+    final static String CLIENT_ID = "brokerapp";
+    final static String CLIENT_SECRET = "secret";
+
+    final static String USER_LOGIN = "testuser";
+    final static String USER_EMAIL = "user@localhost.com";
+    final static String USER_PASSWORD = "password";
+}

testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/UpdateAccountInformationPage.java

@@ -0,0 +1,62 @@
+package org.keycloak.testsuite.pages;
+
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+
+public class UpdateAccountInformationPage extends AbstractPage {
+
+    @FindBy(id = "username")
+    private WebElement usernameInput;
+
+    @FindBy(id = "email")
+    private WebElement emailInput;
+
+    @FindBy(id = "firstName")
+    private WebElement firstNameInput;
+
+    @FindBy(id = "lastName")
+    private WebElement lastNameInput;
+
+    @FindBy(css = "input[type=\"submit\"]")
+    private WebElement submitButton;
+
+    public void updateAccountInformation(String userName,
+                                         String email,
+                                         String firstName,
+                                         String lastName) {
+        usernameInput.clear();
+        usernameInput.sendKeys(userName);
+
+        emailInput.clear();
+        emailInput.sendKeys(email);
+
+        firstNameInput.clear();
+        firstNameInput.sendKeys(firstName);
+
+        lastNameInput.clear();
+        lastNameInput.sendKeys(lastName);
+
+        submitButton.click();
+    }
+
+    public void updateAccountInformation(String firstName,
+                                         String lastName) {
+        firstNameInput.clear();
+        firstNameInput.sendKeys(firstName);
+
+        lastNameInput.clear();
+        lastNameInput.sendKeys(lastName);
+
+        submitButton.click();
+    }
+
+    @Override
+    public boolean isCurrent() {
+        return driver.getTitle().equalsIgnoreCase("update account information");
+    }
+
+    @Override
+    public void open() throws Exception {
+
+    }
+}

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/AbstractBrokerTest.java

@@ -0,0 +1,150 @@
+package org.keycloak.testsuite.broker;
+
+import org.jboss.arquillian.graphene.page.Page;
+import org.junit.Before;
+import org.junit.Test;
+import org.keycloak.admin.client.resource.RealmResource;
+import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.IdentityProviderRepresentation;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.representations.idm.UserRepresentation;
+import org.keycloak.testsuite.AbstractKeycloakTest;
+import org.keycloak.testsuite.Assert;
+import org.keycloak.testsuite.pages.LoginPage;
+import org.keycloak.testsuite.pages.UpdateAccountInformationPage;
+
+import java.util.List;
+
+import static org.keycloak.testsuite.admin.ApiUtil.createUserWithAdminClient;
+import static org.keycloak.testsuite.admin.ApiUtil.resetUserPassword;
+
+public abstract class AbstractBrokerTest extends AbstractKeycloakTest {
+
+    protected abstract RealmRepresentation createProviderRealm();
+    protected abstract RealmRepresentation createConsumerRealm();
+
+    protected abstract List<ClientRepresentation> createProviderClients();
+    protected abstract List<ClientRepresentation> createConsumerClients();
+
+    protected abstract IdentityProviderRepresentation setUpIdentityProvider();
+
+    protected abstract String providerRealmName();
+    protected abstract String consumerRealmName();
+
+    protected abstract String getUserLogin();
+    protected abstract String getUserPassword();
+    protected abstract String getUserEmail();
+
+    protected abstract String getIDPAlias();
+
+    @Page
+    protected LoginPage accountLoginPage;
+    @Page
+    protected UpdateAccountInformationPage updateAccountInformationPage;
+
+    @Override
+    public void addTestRealms(List<RealmRepresentation> testRealms) {
+        RealmRepresentation providerRealm = createProviderRealm();
+        RealmRepresentation consumerRealm = createConsumerRealm();
+
+        testRealms.add(providerRealm);
+        testRealms.add(consumerRealm);
+    }
+
+    @Before
+    public void createUser() {
+        log.debug("creating user for realm " + providerRealmName());
+
+        UserRepresentation user = new UserRepresentation();
+        user.setUsername(getUserLogin());
+        user.setEmail(getUserEmail());
+        user.setEmailVerified(true);
+        user.setEnabled(true);
+
+        RealmResource realmResource = adminClient.realm(providerRealmName());
+        String userId = createUserWithAdminClient(realmResource, user);
+
+        resetUserPassword(realmResource.users().get(userId), getUserPassword(), false);
+    }
+
+    @Before
+    public void addIdentityProviderToProviderRealm() {
+        log.debug("adding identity provider to realm " + consumerRealmName());
+
+        RealmResource realm = adminClient.realm(consumerRealmName());
+        realm.identityProviders().create(setUpIdentityProvider());
+    }
+
+    @Before
+    public void addClients() {
+        List<ClientRepresentation> clients = createProviderClients();
+        if (clients != null) {
+            RealmResource providerRealm = adminClient.realm(providerRealmName());
+            for (ClientRepresentation client : clients) {
+                log.debug("adding client " + client.getName() + " to realm " + providerRealmName());
+
+                providerRealm.clients().create(client);
+            }
+        }
+
+        clients = createConsumerClients();
+        if (clients != null) {
+            RealmResource consumerRealm = adminClient.realm(consumerRealmName());
+            for (ClientRepresentation client : clients) {
+                log.debug("adding client " + client.getName() + " to realm " + consumerRealmName());
+
+                consumerRealm.clients().create(client);
+            }
+        }
+    }
+
+    protected String getAuthRoot() {
+        return suiteContext.getAuthServerInfo().getContextRoot().toString();
+    }
+
+    protected IdentityProviderRepresentation createIdentityProvider(String alias, String providerId) {
+        IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
+
+        identityProviderRepresentation.setAlias(alias);
+        identityProviderRepresentation.setProviderId(providerId);
+        identityProviderRepresentation.setEnabled(true);
+
+        return identityProviderRepresentation;
+    }
+
+    @Test
+    public void tryToLogInAsUserInIDP() {
+        driver.navigate().to(getAuthRoot() + "/auth/realms/" + consumerRealmName() + "/account");
+
+        accountLoginPage.clickSocial(getIDPAlias());
+
+        Assert.assertTrue("Driver should be on the provider realm page right now",
+                driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
+
+        accountLoginPage.login(getUserLogin(), getUserPassword());
+
+        Assert.assertTrue("We must be on update user profile page right now",
+                updateAccountInformationPage.isCurrent());
+
+        Assert.assertTrue("We must be on correct realm right now",
+                driver.getCurrentUrl().contains("/auth/realms/" + consumerRealmName() + "/"));
+
+        updateAccountInformationPage.updateAccountInformation("Firstname", "Lastname");
+
+        UsersResource consumerUsers = adminClient.realm(consumerRealmName()).users();
+        List<UserRepresentation> users = consumerUsers.search("", 0, 5);
+        Assert.assertTrue("There must be at least one user", users.size() > 0);
+
+        boolean foundUser = false;
+        for (UserRepresentation user : users) {
+            if (user.getUsername().equals(getUserLogin()) && user.getEmail().equals(getUserEmail())) {
+                foundUser = true;
+                break;
+            }
+        }
+
+        Assert.assertTrue("There must be user " + getUserLogin() + " in realm " + consumerRealmName(),
+                foundUser);
+    }
+}

testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/KcOidcBrokerTest.java

@@ -0,0 +1,101 @@
+package org.keycloak.testsuite.broker;
+
+import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.IdentityProviderRepresentation;
+import org.keycloak.representations.idm.RealmRepresentation;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import static org.keycloak.testsuite.broker.KcOidcBrokerConstants.*;
+
+public class KcOidcBrokerTest extends AbstractBrokerTest {
+
+    @Override
+    protected RealmRepresentation createProviderRealm() {
+        RealmRepresentation realm = new RealmRepresentation();
+        realm.setRealm(REALM_PROV_NAME);
+        realm.setEnabled(true);
+
+        return realm;
+    }
+
+    @Override
+    protected RealmRepresentation createConsumerRealm() {
+        RealmRepresentation realm = new RealmRepresentation();
+        realm.setRealm(REALM_CONS_NAME);
+        realm.setEnabled(true);
+
+        return realm;
+    }
+
+    @Override
+    protected List<ClientRepresentation> createProviderClients() {
+        ClientRepresentation client = new ClientRepresentation();
+        client.setId(CLIENT_ID);
+        client.setName(CLIENT_ID);
+        client.setSecret(CLIENT_SECRET);
+        client.setEnabled(true);
+
+        client.setRedirectUris(Collections.singletonList(getAuthRoot() +
+                "/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_ALIAS + "/endpoint/*"));
+
+        return Collections.singletonList(client);
+    }
+
+    @Override
+    protected List<ClientRepresentation> createConsumerClients() {
+        return null;
+    }
+
+    @Override
+    protected IdentityProviderRepresentation setUpIdentityProvider() {
+        IdentityProviderRepresentation idp = createIdentityProvider(IDP_ALIAS, IDP_PROVIDER_ID);
+
+        Map<String, String> config = idp.getConfig();
+
+        config.put("clientId", CLIENT_ID);
+        config.put("clientSecret", CLIENT_SECRET);
+        config.put("prompt", "login");
+        config.put("authorizationUrl", getAuthRoot() + "/auth/realms/" + REALM_PROV_NAME + "/protocol/openid-connect/auth");
+        config.put("tokenUrl", getAuthRoot() + "/auth/realms/" + REALM_PROV_NAME + "/protocol/openid-connect/token");
+        config.put("logoutUrl", getAuthRoot() + "/auth/realms/" + REALM_PROV_NAME + "/protocol/openid-connect/logout");
+        config.put("userInfoUrl", getAuthRoot() + "/auth/realms/" + REALM_PROV_NAME + "/protocol/openid-connect/userinfo");
+        config.put("defaultScope", "email profile");
+        config.put("backchannelSupported", "true");
+
+        return idp;
+    }
+
+    @Override
+    protected String getUserLogin() {
+        return USER_LOGIN;
+    }
+
+    @Override
+    protected String getUserPassword() {
+        return USER_PASSWORD;
+    }
+
+    @Override
+    protected String getUserEmail() {
+        return USER_EMAIL;
+    }
+
+    @Override
+    protected String providerRealmName() {
+        return REALM_PROV_NAME;
+    }
+
+    @Override
+    protected String consumerRealmName() {
+        return REALM_CONS_NAME;
+    }
+
+    @Override
+    protected String getIDPAlias() {
+        return IDP_ALIAS;
+    }
+
+}