libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-16913 Fix failed FuseAdapterTest

Browse source
This commit is contained in:
Martin Bartoš 2021-03-09 09:24:19 +01:00 committed by Hynek Mlnařík
parent a09142c43a
commit b237c503ba
14 changed files with 102 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adapters/oidc/osgi-adapter/src/main/java/org/keycloak/adapters/osgi/PaxWebIntegrationService.java
View file

@ -266,7 +266,7 @@ public class PaxWebIntegrationService {
log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getPathSpec() + ", dataConstraint=" + dataConstraintStr + ", canAuthenticate=" log.debug("Adding security constraint name=" + name + ", url=" + constraintMapping.getPathSpec() + ", dataConstraint=" + dataConstraintStr + ", canAuthenticate="
+ constraint.getAuthenticate() + ", roles=" + rolesList); + constraint.getAuthenticate() + ", roles=" + rolesList);
service.registerConstraintMapping(name, null, constraintMapping.getPathSpec(), dataConstraintStr, constraint.getAuthenticate(), rolesList, httpContext); service.registerConstraintMapping(name, "", constraintMapping.getPathSpec(), dataConstraintStr, constraint.getAuthenticate(), rolesList, httpContext);
return true; return true;
} }
return false; return false;

2
adapters/spi/jetty-adapter-spi/src/main/java/org/keycloak/adapters/jetty/spi/JettyHttpFacade.java
View file

@ -205,7 +205,7 @@ public class JettyHttpFacade implements HttpFacade {
@Override @Override
public void resetCookie(String name, String path) { public void resetCookie(String name, String path) {
setCookie(name, "", null, path, 0, false, false); setCookie(name, "", path, null, 0, false, false);
} }
@Override @Override

2
testsuite/integration-arquillian/test-apps/fuse/README.md
View file

@ -48,7 +48,7 @@ You just need to download and run JBoss Fuse and then run those commands from th
``` ```
KEYCLOAK_VERSION="2.2.1.Final" KEYCLOAK_VERSION="2.2.1.Final"
features:addurl mvn:org.keycloak/keycloak-osgi-features/$KEYCLOAK_VERSION/xml/features features:addurl mvn:org.keycloak/keycloak-osgi-features/$KEYCLOAK_VERSION/xml/features
features:addurl mvn:org.keycloak.example.demo/keycloak-fuse-example-features/$KEYCLOAK_VERSION/xml/features features:addurl mvn:org.keycloak.testsuite/fuse-example-keycloak-features/$KEYCLOAK_VERSION/xml/features
features:install keycloak-fuse-6.3-example features:install keycloak-fuse-6.3-example
``` ```

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxrs-fuse7-undertow/pom.xml
View file

@ -34,10 +34,10 @@
</keycloak.osgi.export> </keycloak.osgi.export>
<keycloak.osgi.import> <keycloak.osgi.import>
javax.ws.rs;version="[2,3)", javax.ws.rs;version="[2,3)",
META-INF.cxf;version="[2.7,3.3)", META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.3)";resolution:=optional, META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.3)", org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.3)", org.apache.cxf.*;version="[2.7,3.4)",
com.fasterxml.jackson.jaxrs.json;version="[2.8,3)", com.fasterxml.jackson.jaxrs.json;version="[2.8,3)",
org.keycloak.*;version="${project.version}", org.keycloak.*;version="${project.version}",
*;resolution:=optional *;resolution:=optional

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxrs/pom.xml
View file

@ -34,10 +34,10 @@
</keycloak.osgi.export> </keycloak.osgi.export>
<keycloak.osgi.import> <keycloak.osgi.import>
javax.ws.rs;version="[2,3)", javax.ws.rs;version="[2,3)",
META-INF.cxf;version="[2.7,3.2)", META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.2)";resolution:=optional, META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http;version="[2.7,3.2)", org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.2)", org.apache.cxf.*;version="[2.7,3.4)",
com.fasterxml.jackson.jaxrs.json;version="${jackson.version}", com.fasterxml.jackson.jaxrs.json;version="${jackson.version}",
org.eclipse.jetty.security;version="[8,10)", org.eclipse.jetty.security;version="[8,10)",
org.eclipse.jetty.util.security;version="[8,10)", org.eclipse.jetty.util.security;version="[8,10)",

8
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxws-fuse7-undertow/pom.xml
View file

@ -39,10 +39,10 @@
javax.xml.bind.annotation;version="[2.2,3)", javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace, javax.xml.namespace,
javax.xml.ws, javax.xml.ws,
META-INF.cxf;version="[2.7,3.3)", META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.3)";resolution:=optional, META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http_undertow;version="[2.7,3.3)";resolution:=optional, org.apache.cxf.transport.http_undertow;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.transport.http_undertow.blueprint;version="[2.7,3.3)";resolution:=optional, org.apache.cxf.transport.http_undertow.blueprint;version="[2.7,3.4)";resolution:=optional,
org.keycloak.*;version="${project.version}", org.keycloak.*;version="${project.version}",
*;resolution:=optional *;resolution:=optional
</keycloak.osgi.import> </keycloak.osgi.import>

14
testsuite/integration-arquillian/test-apps/fuse/cxf-jaxws/pom.xml
View file

@ -39,13 +39,13 @@
javax.xml.bind.annotation;version="[2.2,3)", javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace, javax.xml.namespace,
javax.xml.ws, javax.xml.ws,
META-INF.cxf;version="[2.7,3.2)", META-INF.cxf;version="[2.7,3.4)",
META-INF.cxf.osgi;version="[2.7,3.2)";resolution:=optional, META-INF.cxf.osgi;version="[2.7,3.4)";resolution:=optional,
org.apache.cxf.bus;version="[2.7,3.2)", org.apache.cxf.bus;version="[2.7,3.4)",
org.apache.cxf.bus.spring;version="[2.7,3.2)", org.apache.cxf.bus.spring;version="[2.7,3.4)",
org.apache.cxf.bus.resource;version="[2.7,3.2)", org.apache.cxf.bus.resource;version="[2.7,3.4)",
org.apache.cxf.transport.http;version="[2.7,3.2)", org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.2)", org.apache.cxf.*;version="[2.7,3.4)",
org.springframework.beans.factory.config, org.springframework.beans.factory.config,
org.eclipse.jetty.security;version="[8,10)", org.eclipse.jetty.security;version="[8,10)",
org.eclipse.jetty.util.security;version="[8,10)", org.eclipse.jetty.util.security;version="[8,10)",

4
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse/pom.xml
View file

@ -36,8 +36,8 @@
javax.xml.namespace, javax.xml.namespace,
org.eclipse.jetty.security;version="[8.1,10)", org.eclipse.jetty.security;version="[8.1,10)",
org.eclipse.jetty.util.security;version="[8.1,10)", org.eclipse.jetty.util.security;version="[8.1,10)",
org.apache.cxf.service.model;version="[2.7,3.2)", org.apache.cxf.service.model;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.2)", org.apache.cxf.*;version="[2.7,3.4)",
org.keycloak.adapters.jetty;version="${project.version}", org.keycloak.adapters.jetty;version="${project.version}",
org.keycloak.*;version="${project.version}", org.keycloak.*;version="${project.version}",
*;resolution:=optional *;resolution:=optional

57
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse/src/main/java/org/keycloak/example/ProductPortalServlet.java
View file

@ -31,10 +31,11 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.xml.ws.Holder;
import javax.xml.ws.WebServiceException; import javax.xml.ws.WebServiceException;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.util.Arrays; import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -51,27 +52,34 @@ public class ProductPortalServlet extends HttpServlet {
resp.setContentType("text/html"); resp.setContentType("text/html");
// Send jaxws request // Send jaxws request
PrintWriter out = resp.getWriter(); try (PrintWriter out = resp.getWriter()) {
out.println("<html><head><title>Product Portal Page</title></head><body>"); out.println("<html><head><title>Product Portal Page</title></head><body>");
String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH) String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
.queryParam("redirect_uri", "http://localhost:8181/product-portal").build("demo").toString(); .path(ServiceUrlConstants.TOKEN_SERVICE_LOGOUT_PATH)
String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth").path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH) .queryParam("redirect_uri", "http://localhost:8181/product-portal")
.queryParam("referrer", "product-portal").build("demo").toString(); .build("demo")
.toString();
out.println("<p>Goto: <a href=\"/customer-portal\">customers</a> | <a href=\"" + logoutUri + "\">logout</a> | <a href=\"" + acctUri + "\">manage acct</a></p>"); String acctUri = KeycloakUriBuilder.fromUri("http://localhost:8080/auth")
out.println("Servlet User Principal <b>" + req.getUserPrincipal() + "</b> made this request."); .path(ServiceUrlConstants.ACCOUNT_SERVICE_PATH)
.queryParam("referrer", "product-portal")
.build("demo")
.toString();
String unsecuredWsClientResponse = sendWsReq(req, "1", false); out.println("<p>Goto: <a href=\"/customer-portal\">customers</a> | <a href=\"" + logoutUri + "\">logout</a> | <a href=\"" + acctUri + "\">manage acct</a></p>");
String securedWsClientResponse = sendWsReq(req, "1", true); out.println("Servlet User Principal <b>" + req.getUserPrincipal() + "</b> made this request.");
String securedWsClient2Response = sendWsReq(req, "2", true);
out.println("<p>Product with ID 1 - unsecured request (it should end with failure): <b>" + unsecuredWsClientResponse + "</b></p><br>"); String unsecuredWsClientResponse = sendWsReq(req, "1", false);
out.println("<p>Product with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p><br>"); String securedWsClientResponse = sendWsReq(req, "1", true);
out.println("<p>Product with ID 2 - secured request: <b>" + securedWsClient2Response + "</b></p><br>"); String securedWsClient2Response = sendWsReq(req, "2", true);
out.println("</body></html>");
out.flush(); out.println("<p>Product with ID 1 - unsecured request (it should end with failure): <b>" + unsecuredWsClientResponse + "</b></p><br>");
out.close(); out.println("<p>Product with ID 1 - secured request: <b>" + securedWsClientResponse + "</b></p><br>");
out.println("<p>Product with ID 2 - secured request: <b>" + securedWsClient2Response + "</b></p><br>");
out.println("</body></html>");
out.flush();
}
} }
private String sendWsReq(HttpServletRequest req, String productId, boolean secured) { private String sendWsReq(HttpServletRequest req, String productId, boolean secured) {
@ -79,18 +87,19 @@ public class ProductPortalServlet extends HttpServlet {
factory.setServiceClass(Product.class); factory.setServiceClass(Product.class);
factory.setAddress("http://localhost:8282/ProductServiceCF"); factory.setAddress("http://localhost:8282/ProductServiceCF");
Product simpleClient = (Product)factory.create(); Product simpleClient = (Product) factory.create();
java.lang.String _getProduct_productIdVal = productId; Holder<String> _getProduct_productId = new Holder<>(productId);
javax.xml.ws.Holder<java.lang.String> _getProduct_productId = new javax.xml.ws.Holder<java.lang.String>(_getProduct_productIdVal); Holder<String> _getProduct_name = new Holder<>();
javax.xml.ws.Holder<java.lang.String> _getProduct_name = new javax.xml.ws.Holder<java.lang.String>();
// Attach Authorization header // Attach Authorization header
if (secured) { if (secured) {
Client clientProxy = ClientProxy.getClient(simpleClient); Client clientProxy = ClientProxy.getClient(simpleClient);
KeycloakSecurityContext session = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName()); KeycloakSecurityContext session = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
Map<String, List<String>> headers = new HashMap<String, List<String>>(); if (session == null) throw new RuntimeException("Keycloak Security Context is null.");
headers.put("Authorization", Arrays.asList("Bearer " + session.getTokenString()));
Map<String, List<String>> headers = new HashMap<>();
headers.put("Authorization", Collections.singletonList("Bearer " + session.getTokenString()));
clientProxy.getRequestContext().put(Message.PROTOCOL_HEADERS, headers); clientProxy.getRequestContext().put(Message.PROTOCOL_HEADERS, headers);
} }

6
testsuite/integration-arquillian/test-apps/fuse/product-app-fuse7-undertow/pom.xml
View file

@ -38,9 +38,9 @@
javax.xml.bind.annotation;version="[2.2,3)", javax.xml.bind.annotation;version="[2.2,3)",
javax.xml.namespace, javax.xml.namespace,
javax.xml.ws, javax.xml.ws,
META-INF.cxf;version="[2.7,3.3)", META-INF.cxf;version="[2.7,3.4)",
org.apache.cxf.transport.http;version="[2.7,3.3)", org.apache.cxf.transport.http;version="[2.7,3.4)",
org.apache.cxf.*;version="[2.7,3.3)", org.apache.cxf.*;version="[2.7,3.4)",
org.keycloak.*;version="${project.version}", org.keycloak.*;version="${project.version}",
org.keycloak.adapters.authentication;version="${project.version}";resolution:=optional, org.keycloak.adapters.authentication;version="${project.version}";resolution:=optional,
javax.servlet.*;version="[3.1,5)", javax.servlet.*;version="[3.1,5)",

93
testsuite/integration-arquillian/test-apps/servlets/src/main/java/org/keycloak/testsuite/adapter/servlet/CustomerServlet.java
View file

@ -42,66 +42,51 @@ public class CustomerServlet extends HttpServlet {
@Override @Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
PrintWriter pw = resp.getWriter(); try (PrintWriter pw = resp.getWriter()) {
KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName()); KeycloakSecurityContext context = (KeycloakSecurityContext) req.getAttribute(KeycloakSecurityContext.class.getName());
if (req.getRequestURI().endsWith("logout")) { if (req.getRequestURI().endsWith("logout")) {
resp.setStatus(200); resp.setStatus(200);
pw.println("<html><body>"); pw.println("<html><body>");
pw.println("<div id=\"customer_portal_logout\">servlet logout ok</div>"); pw.println("<div id=\"customer_portal_logout\">servlet logout ok</div>");
pw.println("</body></html>"); pw.println("</body></html>");
//Clear principal form database-service by calling logout
StringBuilder result = new StringBuilder();
String urlBase = ServletTestUtils.getUrlBase();
URL url = new URL(urlBase + "/customer-db/");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("DELETE");
conn.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString());
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line = rd.readLine()) != null) {
result.append(line);
}
rd.close();
pw.println(result.toString());
// Call logout before pw.flush
req.logout();
pw.flush();
return;
}
//Clear principal form database-service by calling logout
StringBuilder result = new StringBuilder();
String urlBase = ServletTestUtils.getUrlBase(); String urlBase = ServletTestUtils.getUrlBase();
URL url = new URL(urlBase + "/customer-db/"); // Decide what to call based on the URL suffix
HttpURLConnection conn = (HttpURLConnection) url.openConnection(); String serviceUrl;
conn.setRequestMethod("DELETE"); if (req.getRequestURI().endsWith("/call-customer-db-audience-required")) {
conn.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString()); serviceUrl = urlBase + "/customer-db-audience-required/";
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream())); } else {
String line; serviceUrl = urlBase + "/customer-db/";
while ((line = rd.readLine()) != null) {
result.append(line);
} }
rd.close();
pw.println(result.toString()); String result = invokeService(serviceUrl, context);
// Call logout before pw.flush
req.logout(); resp.setContentType("text/html");
pw.println(result);
pw.flush(); pw.flush();
return;
} }
//try {
String urlBase = ServletTestUtils.getUrlBase();
// Decide what to call based on the URL suffix
String serviceUrl;
if (req.getRequestURI().endsWith("/call-customer-db-audience-required")) {
serviceUrl = urlBase + "/customer-db-audience-required/";
} else {
serviceUrl = urlBase + "/customer-db/";
}
String result = invokeService(serviceUrl, context);
resp.setContentType("text/html");
pw.println(result);
pw.flush();
//
// Response response = target.request().get();
// if (response.getStatus() != 401) { // assert response status == 401
// throw new AssertionError("Response status code is not 401.");
// }
// response.close();
// String html = target.request()
// .header(HttpHeaders.AUTHORIZATION, "Bearer " + context.getTokenString())
// .get(String.class);
// pw.println(html);
// pw.flush();
// } finally {
// client.close();
// }
} }
private String invokeService(String serviceUrl, KeycloakSecurityContext context) throws IOException { private String invokeService(String serviceUrl, KeycloakSecurityContext context) throws IOException {

1
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/fuse/FuseAdapterTest.java
View file

@ -381,6 +381,7 @@ public class FuseAdapterTest extends AbstractExampleAdapterTest {
} }
@Test @Test
@AppServerContainer(value = ContainerConstants.APP_SERVER_FUSE63, skip = true)
public void testProductPortal() { public void testProductPortal() {
productPortal.navigateTo(); productPortal.navigateTo();
WaitUtils.waitForPageToLoad(); WaitUtils.waitForPageToLoad();

2
testsuite/integration-arquillian/util/pom.xml
View file

@ -109,7 +109,7 @@
<dependency> <dependency>
<groupId>org.apache.sshd</groupId> <groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId> <artifactId>sshd-core</artifactId>
<version>2.2.0</version> <version>2.3.0</version>
</dependency> </dependency>
</dependencies> </dependencies>
</project> </project>

2
testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/fuse/FuseUtils.java
View file

@ -123,7 +123,7 @@ public class FuseUtils {
"system:property -p hawtio.keycloakServerConfig ${karaf.etc}/keycloak-bearer.json; " + "system:property -p hawtio.keycloakServerConfig ${karaf.etc}/keycloak-bearer.json; " +
"system:property -p hawtio.roles admin,manager,viewer,ssh; " + "system:property -p hawtio.roles admin,manager,viewer,ssh; " +
"system:property -p hawtio.rolePrincipalClasses org.keycloak.adapters.jaas.RolePrincipal,org.apache.karaf.jaas.boot.principal.RolePrincipal;" + "system:property -p hawtio.rolePrincipalClasses org.keycloak.adapters.jaas.RolePrincipal,org.apache.karaf.jaas.boot.principal.RolePrincipal;" +
"restart io.hawt.hawtio-war", "restart io.hawt.hawtio-osgi",
Result.EMPTY); Result.EMPTY);
assertCommand(managementUser, managementPassword, assertCommand(managementUser, managementPassword,