libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-16913 Fix failed FuseAdapterTest

Browse source
This commit is contained in:
Martin Bartoš 2021-03-09 09:24:19 +01:00 committed by Hynek Mlnařík
parent a09142c43a
commit b237c503ba
14 changed files with 102 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adapters/oidc/osgi-adapter/src/main/java/org/keycloak/adapters/osgi/PaxWebIntegrationService.java
View file

@ -266,7 +266,7 @@ public class PaxWebIntegrationService {
log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getPathSpec() + ", dataConstraint=" + dataConstraintStr + ", canAuthenticate="
+ constraint.getAuthenticate() + ", roles=" + rolesList);
service.registerConstraintMapping(name, null, constraintMapping.getPathSpec(), dataConstraintStr, constraint.getAuthenticate(), rolesList, httpContext);
service.registerConstraintMapping(name, "", constraintMapping.getPathSpec(), dataConstraintStr, constraint.getAuthenticate(), rolesList, httpContext);
return true;
}
return false;

2
adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java
View file

@ -205,7 +205,7 @@ public class JettyHttpFacade implements HttpFacade {
@Override
public void resetCookie(String name, String path) {
setCookie(name, "", null, path, 0, false, false);
setCookie(name, "", path, null, 0, false, false);
}
@Override

2
testsuite/integration-arquillian/test-apps/fuse/README.md
View file

@ -48,7 +48,7 @@ You just need to download and run JBoss Fuse and then run those commands from th
```
KEYCLOAK_VERSION="2.2.1.Final"
features:addurl mvn:org.keycloak/keycloak-osgi-features/$KEYCLOAK_VERSION/xml/features
features:addurl mvn:org.keycloak.example.demo/keycloak-fuse-example-features/$KEYCLOAK_VERSION/xml/features
features:addurl mvn:org.keycloak.testsuite/fuse-example-keycloak-features/$KEYCLOAK_VERSION/xml/features
features:install keycloak-fuse-6.3-example
```

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxrs-fuse7-undertow/pom.xml
View file

@ -34,10 +34,10 @@
</keycloak.osgi.export>
<keycloak.osgi.import>
javax.ws.rs;version="[2,3)",
META-INF.cxf;version="[2.7,3.3)",
META-INF.cxf.osgi;version="[2.7,3.3)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.3)",
org.apache.cxf.*;version="[2.7,3.3)",
META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.4)",
com.fasterxml.jackson.jaxrs.json;version="[2.8,3)",
org.keycloak.*;version="${project.version}",
*;resolution:=optional

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxrs/pom.xml
View file

@ -34,10 +34,10 @@
</keycloak.osgi.export>
<keycloak.osgi.import>
javax.ws.rs;version="[2,3)",
META-INF.cxf;version="[2.7,3.2)",
META-INF.cxf.osgi;version="[2.7,3.2)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.2)",
org.apache.cxf.*;version="[2.7,3.2)",
META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.4)",
com.fasterxml.jackson.jaxrs.json;version="${jackson.version}",
org.eclipse.jetty.security;version="[8,10)",
org.eclipse.jetty.util.security;version="[8,10)",

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxws-fuse7-undertow/pom.xml
View file

@ -39,10 +39,10 @@
javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace,
javax.xml.ws,
META-INF.cxf;version="[2.7,3.3)",
META-INF.cxf.osgi;version="[2.7,3.3)";resolution:=optional,
org.apache.cxf.transport.http_undertow;version="[2.7,3.3)";resolution:=optional,
org.apache.cxf.transport.http_undertow.blueprint;version="[2.7,3.3)";resolution:=optional,
META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http_undertow;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http_undertow.blueprint;version="[2.7,3.4)";resolution:=optional,
org.keycloak.*;version="${project.version}",
*;resolution:=optional
</keycloak.osgi.import>

14
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxws/pom.xml
View file

@ -39,13 +39,13 @@
javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace,
javax.xml.ws,
META-INF.cxf;version="[2.7,3.2)",
META-INF.cxf.osgi;version="[2.7,3.2)";resolution:=optional,
org.apache.cxf.bus;version="[2.7,3.2)",
org.apache.cxf.bus.spring;version="[2.7,3.2)",
org.apache.cxf.bus.resource;version="[2.7,3.2)",
org.apache.cxf.transport.http;version="[2.7,3.2)",
org.apache.cxf.*;version="[2.7,3.2)",
META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.bus;version="[2.7,3.4)",
org.apache.cxf.bus.spring;version="[2.7,3.4)",
org.apache.cxf.bus.resource;version="[2.7,3.4)",
org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.4)",
org.springframework.beans.factory.config,
org.eclipse.jetty.security;version="[8,10)",
org.eclipse.jetty.util.security;version="[8,10)",

4
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse/pom.xml
View file

@ -36,8 +36,8 @@
javax.xml.namespace,
org.eclipse.jetty.security;version="[8.1,10)",
org.eclipse.jetty.util.security;version="[8.1,10)",
org.apache.cxf.service.model;version="[2.7,3.2)",
org.apache.cxf.*;version="[2.7,3.2)",
org.apache.cxf.service.model;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.4)",
org.keycloak.adapters.jetty;version="${project.version}",
org.keycloak.*;version="${project.version}",
*;resolution:=optional

57
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse/src/main/java/org/keycloak/example/ProductPortalServlet.java
View file

@ -31,10 +31,11 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.ws.Holder;
import javax.xml.ws.WebServiceException;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -51,27 +52,34 @@ public class ProductPortalServlet extends HttpServlet {
resp.setContentType("text/html");
// Send jaxws request
PrintWriter out = resp.getWriter();
out.println("<html><head><title>Product Portal Page</title></head><body>");
try (PrintWriter out = resp.getWriter()) {
out.println("<html><head><title>Product Portal Page</title></head><body>");
String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
.queryParam("redirect_uri", "http://localhost:8181/product-portal").build("demo").toString();
String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
.queryParam("referrer", "product-portal").build("demo").toString();
String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
.path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
.queryParam("redirect_uri", "http://localhost:8181/product-portal")
.build("demo")
.toString();
out.println("<p>Goto: <a href=\"/customer-portal\">customers</a> | <a href=\"" + logoutUri + "\">logout</a> | <a href=\"" + acctUri + "\">manage acct</a></p>");
out.println("Servlet User Principal <b>" + req.getUserPrincipal() + "</b> made this request.");
String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
.path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
.queryParam("referrer", "product-portal")
.build("demo")
.toString();
String unsecuredWsClientResponse = sendWsReq(req, "1", false);
String securedWsClientResponse = sendWsReq(req, "1", true);
String securedWsClient2Response = sendWsReq(req, "2", true);
out.println("<p>Goto: <a href=\"/customer-portal\">customers</a> | <a href=\"" + logoutUri + "\">logout</a> | <a href=\"" + acctUri + "\">manage acct</a></p>");
out.println("Servlet User Principal <b>" + req.getUserPrincipal() + "</b> made this request.");
out.println("<p>Product with ID 1 - unsecured request (it should end with failure): <b>" + unsecuredWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 2 - secured request: <b>" + securedWsClient2Response + "</b></p><br>");
out.println("</body></html>");
out.flush();
out.close();
String unsecuredWsClientResponse = sendWsReq(req, "1", false);
String securedWsClientResponse = sendWsReq(req, "1", true);
String securedWsClient2Response = sendWsReq(req, "2", true);
out.println("<p>Product with ID 1 - unsecured request (it should end with failure): <b>" + unsecuredWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 2 - secured request: <b>" + securedWsClient2Response + "</b></p><br>");
out.println("</body></html>");
out.flush();
}
}
private String sendWsReq(HttpServletRequest req, String productId, boolean secured) {
@ -79,18 +87,19 @@ public class ProductPortalServlet extends HttpServlet {
factory.setServiceClass(Product.class);
factory.setAddress("http://localhost:8282/ProductServiceCF");
Product simpleClient = (Product)factory.create();
java.lang.String _getProduct_productIdVal = productId;
javax.xml.ws.Holder<java.lang.String> _getProduct_productId = new javax.xml.ws.Holder<java.lang.String>(_getProduct_productIdVal);
javax.xml.ws.Holder<java.lang.String> _getProduct_name = new javax.xml.ws.Holder<java.lang.String>();
Product simpleClient = (Product) factory.create();
Holder<String> _getProduct_productId = new Holder<>(productId);
Holder<String> _getProduct_name = new Holder<>();
// Attach Authorization header
if (secured) {
Client clientProxy = ClientProxy.getClient(simpleClient);
KeycloakSecurityContext session = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("Authorization", Arrays.asList("Bearer " + session.getTokenString()));
if (session == null) throw new RuntimeException("Keycloak Security Context is null.");
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization", Collections.singletonList("Bearer " + session.getTokenString()));
clientProxy.getRequestContext().put(Message.PROTOCOL_HEADERS, headers);
}

6
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse7-undertow/pom.xml
View file

@ -38,9 +38,9 @@
javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace,
javax.xml.ws,
META-INF.cxf;version="[2.7,3.3)",
org.apache.cxf.transport.http;version="[2.7,3.3)",
org.apache.cxf.*;version="[2.7,3.3)",
META-INF.cxf;version="[2.7,3.4)",
org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.4)",
org.keycloak.*;version="${project.version}",
org.keycloak.adapters.authentication;version="${project.version}";resolution:=optional,
javax.servlet.*;version="[3.1,5)",

93
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/CustomerServlet.java
View file

@ -42,66 +42,51 @@ public class CustomerServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
PrintWriter pw = resp.getWriter();
KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
if (req.getRequestURI().endsWith("logout")) {
resp.setStatus(200);
pw.println("<html><body>");
pw.println("<div id=\"customer_portal_logout\">servlet logout ok</div>");
pw.println("</body></html>");
try (PrintWriter pw = resp.getWriter()) {
KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
if (req.getRequestURI().endsWith("logout")) {
resp.setStatus(200);
pw.println("<html><body>");
pw.println("<div id=\"customer_portal_logout\">servlet logout ok</div>");
pw.println("</body></html>");
//Clear principal form database-service by calling logout
StringBuilder result = new StringBuilder();
String urlBase = ServletTestUtils.getUrlBase();
URL url = new URL(urlBase + "/customer-db/");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("DELETE");
conn.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString());
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line = rd.readLine()) != null) {
result.append(line);
}
rd.close();
pw.println(result.toString());
// Call logout before pw.flush
req.logout();
pw.flush();
return;
}
//Clear principal form database-service by calling logout
StringBuilder result = new StringBuilder();
String urlBase = ServletTestUtils.getUrlBase();
URL url = new URL(urlBase + "/customer-db/");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("DELETE");
conn.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString());
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line = rd.readLine()) != null) {
result.append(line);
// Decide what to call based on the URL suffix
String serviceUrl;
if (req.getRequestURI().endsWith("/call-customer-db-audience-required")) {
serviceUrl = urlBase + "/customer-db-audience-required/";
} else {
serviceUrl = urlBase + "/customer-db/";
}
rd.close();
pw.println(result.toString());
// Call logout before pw.flush
req.logout();
String result = invokeService(serviceUrl, context);
resp.setContentType("text/html");
pw.println(result);
pw.flush();
return;
}
//try {
String urlBase = ServletTestUtils.getUrlBase();
// Decide what to call based on the URL suffix
String serviceUrl;
if (req.getRequestURI().endsWith("/call-customer-db-audience-required")) {
serviceUrl = urlBase + "/customer-db-audience-required/";
} else {
serviceUrl = urlBase + "/customer-db/";
}
String result = invokeService(serviceUrl, context);
resp.setContentType("text/html");
pw.println(result);
pw.flush();
//
// Response response = target.request().get();
// if (response.getStatus() != 401) { // assert response status == 401
// throw new AssertionError("Response status code is not 401.");
// }
// response.close();
// String html = target.request()
// .header(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString())
// .get(String.class);
// pw.println(html);
// pw.flush();
// } finally {
// client.close();
// }
}
private String invokeService(String serviceUrl, KeycloakSecurityContext context) throws IOException {

1
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/fuse/FuseAdapterTest.java
View file

@ -381,6 +381,7 @@ public class FuseAdapterTest extends AbstractExampleAdapterTest {
}
@Test
@AppServerContainer(value = ContainerConstants.APP_SERVER_FUSE63, skip = true)
public void testProductPortal() {
productPortal.navigateTo();
WaitUtils.waitForPageToLoad();

2
testsuite/integration-arquillian/util/pom.xml
View file

@ -109,7 +109,7 @@
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
<version>2.2.0</version>
<version>2.3.0</version>
</dependency>
</dependencies>
</project>

2
testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/fuse/FuseUtils.java
View file

@ -123,7 +123,7 @@ public class FuseUtils {
"system:property -p hawtio.keycloakServerConfig ${karaf.etc}/keycloak-bearer.json; " +
"system:property -p hawtio.roles admin,manager,viewer,ssh; " +
"system:property -p hawtio.rolePrincipalClasses org.keycloak.adapters.jaas.RolePrincipal,org.apache.karaf.jaas.boot.principal.RolePrincipal;" +
"restart io.hawt.hawtio-war",
"restart io.hawt.hawtio-osgi",
Result.EMPTY);
assertCommand(managementUser, managementPassword,