KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed
This commit is contained in:
parent
0e172d1632
commit
b74f69c5ac
39 changed files with 426 additions and 343 deletions
|
@ -92,6 +92,10 @@ import javax.ws.rs.core.Context;
|
|||
import javax.ws.rs.core.Cookie;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.lang.reflect.Method;
|
||||
import java.text.ParseException;
|
||||
|
@ -101,6 +105,7 @@ import java.util.Date;
|
|||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
|
@ -831,6 +836,25 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
|||
return new TestJavascriptResource();
|
||||
}
|
||||
|
||||
private void setFeatureInProfileFile(File file, Profile.Feature featureProfile, String newState) {
|
||||
Properties properties = new Properties();
|
||||
if (file.isFile() && file.exists()) {
|
||||
try (FileInputStream fis = new FileInputStream(file)) {
|
||||
properties.load(fis);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException("Unable to read profile.properties file");
|
||||
}
|
||||
}
|
||||
|
||||
properties.setProperty("feature." + featureProfile.toString().toLowerCase(), newState);
|
||||
|
||||
try (FileOutputStream fos = new FileOutputStream(file)) {
|
||||
properties.store(fos, null);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException("Unable to write to profile.properties file");
|
||||
}
|
||||
}
|
||||
|
||||
@POST
|
||||
@Path("/enable-feature/{feature}")
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
|
@ -848,6 +872,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
|||
return Response.ok().build();
|
||||
|
||||
System.setProperty("keycloak.profile.feature." + featureProfile.toString().toLowerCase(), "enabled");
|
||||
|
||||
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
|
||||
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
|
||||
if (jbossServerConfigDir != null) {
|
||||
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "enabled");
|
||||
}
|
||||
|
||||
Profile.init();
|
||||
|
||||
if (Profile.isFeatureEnabled(featureProfile))
|
||||
|
@ -873,6 +904,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
|||
return Response.ok().build();
|
||||
|
||||
System.getProperties().remove("keycloak.profile.feature." + featureProfile.toString().toLowerCase());
|
||||
|
||||
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
|
||||
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
|
||||
if (jbossServerConfigDir != null) {
|
||||
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "disabled");
|
||||
}
|
||||
|
||||
Profile.init();
|
||||
|
||||
if (!Profile.isFeatureEnabled(featureProfile))
|
||||
|
|
|
@ -76,7 +76,7 @@ public class ProfileAssume {
|
|||
Assume.assumeTrue("Ignoring test as community profile is not enabled", profile.equals("community"));
|
||||
}
|
||||
|
||||
private static boolean isFeatureEnabled(Profile.Feature feature) {
|
||||
public static boolean isFeatureEnabled(Profile.Feature feature) {
|
||||
updateProfile();
|
||||
return !disabledFeatures.contains(feature.name());
|
||||
}
|
||||
|
|
|
@ -149,6 +149,10 @@ public final class TestContext {
|
|||
}
|
||||
|
||||
public KeycloakTestingClient getTestingClient() {
|
||||
if (testingClient == null) {
|
||||
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
|
||||
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
|
||||
}
|
||||
return testingClient;
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
package org.keycloak.testsuite.arquillian.annotation;
|
||||
|
||||
import org.keycloak.common.Profile;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.lang.annotation.Repeatable;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
@Retention(RUNTIME)
|
||||
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||
@Repeatable(DisableFeatures.class)
|
||||
@Inherited
|
||||
public @interface DisableFeature {
|
||||
Profile.Feature value();
|
||||
boolean skipRestart() default false;
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
package org.keycloak.testsuite.arquillian.annotation;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
@Retention(RUNTIME)
|
||||
@Inherited
|
||||
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||
public @interface DisableFeatures {
|
||||
DisableFeature[] value() default {};
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
package org.keycloak.testsuite.arquillian.annotation;
|
||||
|
||||
import org.keycloak.common.Profile;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.lang.annotation.Repeatable;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
@Retention(RUNTIME)
|
||||
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||
@Repeatable(EnableFeatures.class)
|
||||
@Inherited
|
||||
public @interface EnableFeature {
|
||||
Profile.Feature value();
|
||||
boolean skipRestart() default false;
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
package org.keycloak.testsuite.arquillian.annotation;
|
||||
|
||||
import java.lang.annotation.Documented;
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
@Retention(RUNTIME)
|
||||
@Inherited
|
||||
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||
public @interface EnableFeatures {
|
||||
EnableFeature[] value() default {};
|
||||
}
|
|
@ -52,9 +52,4 @@ public @interface RestartContainer {
|
|||
* @return Wait time in milliseconds after database initialization.
|
||||
*/
|
||||
long intializeDatabaseWait() default 0;
|
||||
|
||||
/**
|
||||
* @return Array of features, which should be enabled.
|
||||
*/
|
||||
Profile.Feature[] enableFeatures() default {};
|
||||
}
|
||||
|
|
|
@ -140,14 +140,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
|||
if (restartContainer.withoutKeycloakAddUserFile()) {
|
||||
copyKeycloakAddUserFile();
|
||||
}
|
||||
|
||||
if (restartContainer.enableFeatures().length != 0) {
|
||||
changeStateOfFeatures(restartContainer, false);
|
||||
// Auth-server has to be restarted again. If not, the features will not to be disabled.
|
||||
container.fire(new StopManualContainers());
|
||||
container.fire(new StopSuiteContainers());
|
||||
container.fire(new StartSuiteContainers());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -158,10 +150,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
|||
if (restartContainer.withoutKeycloakAddUserFile()) {
|
||||
removeKeycloakAddUserFile();
|
||||
}
|
||||
|
||||
if (restartContainer.enableFeatures().length != 0) {
|
||||
changeStateOfFeatures(restartContainer, true);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -263,81 +251,4 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Change state of features, which are contained in {@code enableFeatures} param.
|
||||
* This method either enable or disable features.
|
||||
* If auth-server is JBossBased, then the features are either enabled or disabled via {@code profile.properties}.
|
||||
*
|
||||
* @param restartContainer to pass more information from test annotation.
|
||||
* @param enableFeatures if the features will be enabled or disabled.
|
||||
*/
|
||||
private void changeStateOfFeatures(RestartContainer restartContainer, boolean enableFeatures) {
|
||||
Optional<Container> authServerOptional = containerRegistry.get().getContainers().stream()
|
||||
.filter(f -> f.getName().startsWith("auth-server-")).findFirst();
|
||||
|
||||
if (authServerOptional.isPresent()) {
|
||||
Container authServer = authServerOptional.get();
|
||||
boolean isJbossBased = new ContainerInfo(authServer).isJBossBased();
|
||||
|
||||
if (isJbossBased) {
|
||||
ContainerDef conf = authServer.getContainerConfiguration();
|
||||
String jbossHome = conf.getContainerProperty("jbossHome");
|
||||
Path fileProps = null;
|
||||
if (jbossHome != null) {
|
||||
try {
|
||||
Path dir = Paths.get(jbossHome + "/standalone/configuration");
|
||||
fileProps = dir.resolve("profile.properties");
|
||||
|
||||
if (enableFeatures) {
|
||||
Path file = Files.createFile(fileProps);
|
||||
Properties props = new Properties();
|
||||
Arrays.stream(restartContainer.enableFeatures()).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), "enabled"));
|
||||
PrintWriter pw = new PrintWriter(file.toFile());
|
||||
props.list(pw);
|
||||
pw.close();
|
||||
} else {
|
||||
Files.deleteIfExists(fileProps);
|
||||
}
|
||||
} catch (FileAlreadyExistsException ex) {
|
||||
changeFeaturesInExistingProps(restartContainer, fileProps, true);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (enableFeatures) {
|
||||
Arrays.stream(restartContainer.enableFeatures())
|
||||
.forEach(f -> System.setProperty("keycloak.profile.feature." + f.toString().toLowerCase(), "enabled"));
|
||||
} else {
|
||||
Arrays.stream(restartContainer.enableFeatures())
|
||||
.forEach(f -> System.getProperties().remove("keycloak.profile.feature." + f.toString().toLowerCase()));
|
||||
}
|
||||
}
|
||||
Profile.init();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If exists {@code profile.properties} file, then another properties are only appended to the file.
|
||||
*
|
||||
* @param restartContainer to pass more information from test annotation
|
||||
* @param file path to profile.properties
|
||||
* @param enableFeatures if features will be enabled or disabled
|
||||
*/
|
||||
private void changeFeaturesInExistingProps(RestartContainer restartContainer, Path file, boolean enableFeatures) {
|
||||
Profile.Feature[] features = restartContainer.enableFeatures();
|
||||
String state = enableFeatures ? "enabled" : "disabled";
|
||||
|
||||
if (features.length != 0) {
|
||||
Properties props = new Properties();
|
||||
try {
|
||||
props.load(Files.newBufferedReader(file));
|
||||
Arrays.stream(features).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), state));
|
||||
props.store(Files.newBufferedWriter(file), "");
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,175 @@
|
|||
package org.keycloak.testsuite.arquillian.containers;
|
||||
|
||||
import org.jboss.arquillian.container.spi.event.ContainerMultiControlEvent;
|
||||
import org.jboss.arquillian.container.spi.event.StartClassContainers;
|
||||
import org.jboss.arquillian.container.spi.event.StartContainer;
|
||||
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
|
||||
import org.jboss.arquillian.container.spi.event.StopContainer;
|
||||
import org.jboss.arquillian.container.spi.event.StopManualContainers;
|
||||
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
||||
import org.jboss.arquillian.core.api.Event;
|
||||
import org.jboss.arquillian.core.api.Instance;
|
||||
import org.jboss.arquillian.core.api.annotation.Inject;
|
||||
import org.jboss.arquillian.core.api.annotation.Observes;
|
||||
import org.jboss.arquillian.test.spi.event.suite.After;
|
||||
import org.jboss.arquillian.test.spi.event.suite.AfterClass;
|
||||
import org.jboss.arquillian.test.spi.event.suite.Before;
|
||||
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.SuiteContext;
|
||||
import org.keycloak.testsuite.arquillian.TestContext;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeatures;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeatures;
|
||||
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
||||
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
|
||||
import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
|
||||
|
||||
import java.lang.reflect.AnnotatedElement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.function.BiConsumer;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static org.hamcrest.CoreMatchers.is;
|
||||
import static org.junit.Assert.assertThat;
|
||||
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getManagementClient;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class KeycloakContainerFeaturesController {
|
||||
|
||||
@Inject
|
||||
private Instance<TestContext> testContextInstance;
|
||||
@Inject
|
||||
private Instance<SuiteContext> suiteContextInstance;
|
||||
@Inject
|
||||
private Event<StartContainer> startContainerEvent;
|
||||
@Inject
|
||||
private Event<StopContainer> stopContainerEvent;
|
||||
|
||||
public enum FeatureAction {
|
||||
ENABLE(KeycloakTestingClient::enableFeature),
|
||||
DISABLE(KeycloakTestingClient::disableFeature);
|
||||
|
||||
private BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer;
|
||||
|
||||
FeatureAction(BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer) {
|
||||
this.featureConsumer = featureConsumer;
|
||||
}
|
||||
|
||||
public void accept(KeycloakTestingClient testingClient, Profile.Feature feature) {
|
||||
featureConsumer.accept(testingClient, feature);
|
||||
}
|
||||
}
|
||||
|
||||
public enum State {
|
||||
BEFORE,
|
||||
AFTER
|
||||
}
|
||||
|
||||
private class UpdateFeature {
|
||||
private Profile.Feature feature;
|
||||
private boolean skipRestart;
|
||||
private FeatureAction action;
|
||||
|
||||
public UpdateFeature(Profile.Feature feature, boolean skipRestart, FeatureAction action) {
|
||||
this.feature = feature;
|
||||
this.skipRestart = skipRestart;
|
||||
this.action = action;
|
||||
}
|
||||
|
||||
/**
|
||||
* All features we want to enable/disable must be disabled/enabled
|
||||
* otherwise at the end of a test the environment will be in an inconsistent state because we would disable/enable
|
||||
* some feature which was enabled/disabled before test
|
||||
*
|
||||
*/
|
||||
private void assertValid() {
|
||||
assertThat("An annotation requested to " + action.name()
|
||||
+ " feature " + feature.name() + " however it was already in that state" ,
|
||||
ProfileAssume.isFeatureEnabled(feature),
|
||||
is(!(action == FeatureAction.ENABLE)));
|
||||
}
|
||||
|
||||
private void assertPerformed() {
|
||||
assertThat("An annotation requested to " + action.name() +
|
||||
" feature " + feature.name() + ", however after performing this operation " +
|
||||
"the feature is not in desired state" ,
|
||||
ProfileAssume.isFeatureEnabled(feature),
|
||||
is(action == FeatureAction.ENABLE));
|
||||
}
|
||||
|
||||
public void performAction() {
|
||||
assertValid();
|
||||
action.accept(testContextInstance.get().getTestingClient(), feature);
|
||||
}
|
||||
}
|
||||
|
||||
public void restartAuthServer() throws Exception {
|
||||
if (AuthServerTestEnricher.AUTH_SERVER_CONTAINER.equals("auth-server-remote")) {
|
||||
OnlineManagementClient client = getManagementClient();
|
||||
Administration administration = new Administration(client);
|
||||
administration.reload();
|
||||
client.close();
|
||||
} else {
|
||||
stopContainerEvent.fire(new StopContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
|
||||
startContainerEvent.fire(new StartContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
|
||||
}
|
||||
}
|
||||
|
||||
private void updateFeatures(List<UpdateFeature> updateFeatures) throws Exception {
|
||||
updateFeatures.forEach(UpdateFeature::performAction);
|
||||
|
||||
if (updateFeatures.stream().anyMatch(updateFeature -> !updateFeature.skipRestart)) {
|
||||
restartAuthServer();
|
||||
testContextInstance.get().reconnectAdminClient();
|
||||
}
|
||||
|
||||
updateFeatures.forEach(UpdateFeature::assertPerformed);
|
||||
}
|
||||
|
||||
private void checkAnnotatedElementForFeatureAnnotations(AnnotatedElement annotatedElement, State state) throws Exception {
|
||||
List<UpdateFeature> updateFeatureList = new ArrayList<>(0);
|
||||
|
||||
if (annotatedElement.isAnnotationPresent(EnableFeatures.class) || annotatedElement.isAnnotationPresent(EnableFeature.class)) {
|
||||
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(EnableFeature.class))
|
||||
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
|
||||
state == State.BEFORE ? FeatureAction.ENABLE : FeatureAction.DISABLE))
|
||||
.collect(Collectors.toList()));
|
||||
}
|
||||
|
||||
if (annotatedElement.isAnnotationPresent(DisableFeatures.class) || annotatedElement.isAnnotationPresent(DisableFeature.class)) {
|
||||
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(DisableFeature.class))
|
||||
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
|
||||
state == State.BEFORE ? FeatureAction.DISABLE : FeatureAction.ENABLE))
|
||||
.collect(Collectors.toList()));
|
||||
}
|
||||
|
||||
if (!updateFeatureList.isEmpty()) {
|
||||
updateFeatures(updateFeatureList);
|
||||
}
|
||||
}
|
||||
|
||||
public void handleEnableFeaturesAnnotationBeforeClass(@Observes(precedence = 1) BeforeClass event) throws Exception {
|
||||
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.BEFORE);
|
||||
}
|
||||
|
||||
public void handleEnableFeaturesAnnotationBeforeTest(@Observes(precedence = 1) Before event) throws Exception {
|
||||
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.BEFORE);
|
||||
}
|
||||
|
||||
public void handleEnableFeaturesAnnotationAfterTest(@Observes(precedence = 2) After event) throws Exception {
|
||||
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.AFTER);
|
||||
}
|
||||
|
||||
public void handleEnableFeaturesAnnotationAfterClass(@Observes(precedence = 2) AfterClass event) throws Exception {
|
||||
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.AFTER);
|
||||
}
|
||||
|
||||
}
|
|
@ -112,6 +112,7 @@ public class KeycloakContainerTestExtension implements LoadableExtension {
|
|||
.observer(RemoteTestExecuter.class)
|
||||
.observer(DeploymentCommandObserver.class)
|
||||
.observer(ContainerCommandObserver.class)
|
||||
.observer(RemoteResourceCommandObserver.class);
|
||||
.observer(RemoteResourceCommandObserver.class)
|
||||
.observer(KeycloakContainerFeaturesController.class);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,10 +19,12 @@ package org.keycloak.testsuite.client;
|
|||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
|
||||
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.testsuite.client.resources.TestApplicationResource;
|
||||
import org.keycloak.testsuite.client.resources.TestExampleCompanyResource;
|
||||
import org.keycloak.testsuite.client.resources.TestSamlApplicationResource;
|
||||
|
@ -31,6 +33,8 @@ import org.keycloak.testsuite.runonserver.*;
|
|||
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
|
||||
*/
|
||||
|
@ -71,6 +75,18 @@ public class KeycloakTestingClient implements AutoCloseable {
|
|||
return target.path("/realms/" + realm).proxy(TestingResource.class);
|
||||
}
|
||||
|
||||
public void enableFeature(Profile.Feature feature) {
|
||||
try (Response response = testing().enableFeature(feature.toString())) {
|
||||
assertEquals(200, response.getStatus());
|
||||
}
|
||||
}
|
||||
|
||||
public void disableFeature(Profile.Feature feature) {
|
||||
try (Response response = testing().disableFeature(feature.toString())) {
|
||||
assertEquals(200, response.getStatus());
|
||||
}
|
||||
}
|
||||
|
||||
public TestApplicationResource testApp() { return target.proxy(TestApplicationResource.class); }
|
||||
|
||||
public TestSamlApplicationResource testSamlApp() { return target.proxy(TestSamlApplicationResource.class); }
|
||||
|
|
|
@ -152,7 +152,6 @@ public abstract class AbstractKeycloakTest {
|
|||
private PropertiesConfiguration constantsProperties;
|
||||
|
||||
private boolean resetTimeOffset;
|
||||
private List<Profile.Feature> enabledFeatures = new ArrayList<>();
|
||||
|
||||
@Before
|
||||
public void beforeAbstractKeycloakTest() throws Exception {
|
||||
|
@ -230,10 +229,6 @@ public abstract class AbstractKeycloakTest {
|
|||
testContext.getCleanups().clear();
|
||||
}
|
||||
|
||||
for (Profile.Feature feature : enabledFeatures) {
|
||||
disableFeature(feature);
|
||||
}
|
||||
|
||||
postAfterAbstractKeycloak();
|
||||
|
||||
// Remove all browsers from queue
|
||||
|
@ -329,11 +324,6 @@ public abstract class AbstractKeycloakTest {
|
|||
public KeycloakTestingClient getTestingClient() {
|
||||
if (testingClient == null) {
|
||||
testingClient = testContext.getTestingClient();
|
||||
if (testingClient == null) {
|
||||
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
|
||||
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
|
||||
testContext.setTestingClient(testingClient);
|
||||
}
|
||||
}
|
||||
return testingClient;
|
||||
}
|
||||
|
@ -639,17 +629,4 @@ public abstract class AbstractKeycloakTest {
|
|||
}
|
||||
return in;
|
||||
}
|
||||
|
||||
protected void enableFeature(Profile.Feature feature) {
|
||||
enabledFeatures.add(feature);
|
||||
try (Response response = getTestingClient().testing().enableFeature(feature.toString())) {
|
||||
assertEquals(200, response.getStatus());
|
||||
}
|
||||
}
|
||||
|
||||
protected void disableFeature(Profile.Feature feature) {
|
||||
try (Response response = getTestingClient().testing().disableFeature(feature.toString())) {
|
||||
assertEquals(200, response.getStatus());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,7 +19,6 @@ package org.keycloak.testsuite.account;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
|
@ -31,17 +30,21 @@ import org.apache.http.impl.client.HttpClientBuilder;
|
|||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.broker.provider.util.SimpleHttp;
|
||||
import org.keycloak.representations.account.SessionRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
@EnableFeature(value = ACCOUNT_API, skipRestart = true)
|
||||
public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
@Rule
|
||||
|
@ -55,34 +58,17 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
|||
@Before
|
||||
public void before() {
|
||||
httpClient = HttpClientBuilder.create().build();
|
||||
try {
|
||||
checkIfFeatureWorks(false);
|
||||
Response response = testingClient.testing().enableFeature(ACCOUNT_API.toString());
|
||||
assertEquals(200, response.getStatus());
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
checkIfFeatureWorks(true);
|
||||
} catch (Exception e) {
|
||||
disableFeature();
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
@After
|
||||
public void after() {
|
||||
try {
|
||||
disableFeature();
|
||||
httpClient.close();
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
private void disableFeature() {
|
||||
Response response = testingClient.testing().disableFeature(ACCOUNT_API.toString());
|
||||
assertEquals(200, response.getStatus());
|
||||
checkIfFeatureWorks(false);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||
testRealm.getUsers().add(UserBuilder.create().username("no-account-access").password("password").build());
|
||||
|
@ -96,6 +82,12 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
|||
return suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/test/account" + (resource != null ? "/" + resource : "");
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = ACCOUNT_API, skipRestart = true)
|
||||
public void testFeatureDoesntWorkWhenDisabled() {
|
||||
checkIfFeatureWorks(false);
|
||||
}
|
||||
|
||||
// Check if the feature really works
|
||||
private void checkIfFeatureWorks(boolean shouldWorks) {
|
||||
try {
|
||||
|
|
|
@ -30,6 +30,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.services.resources.account.AccountCredentialResource;
|
||||
import org.keycloak.services.resources.account.AccountCredentialResource.PasswordUpdate;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.TokenUtil;
|
||||
|
||||
import java.io.IOException;
|
||||
|
@ -41,7 +42,6 @@ import java.util.Map;
|
|||
import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||
import static org.junit.Assert.*;
|
||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
|
@ -191,8 +191,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void testProfilePreviewPermissions() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
|
||||
|
@ -219,15 +217,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void testGetPasswordDetails() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
getPasswordDetails();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testPostPasswordUpdate() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
//Get the time of lastUpdate
|
||||
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
|
||||
|
||||
|
@ -251,8 +245,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void testPasswordConfirmation() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
|
||||
|
||||
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
|
||||
|
@ -294,8 +286,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void listApplications() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
List<ClientRepresentation> applications = SimpleHttp
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
|
@ -308,8 +298,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void listApplicationsWithoutPermission() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-account-access", "password");
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
.doGet(getAccountUrl("applications"), httpClient)
|
||||
|
@ -321,8 +309,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getWebConsoleApplication() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
ClientRepresentation webConsole = SimpleHttp
|
||||
|
@ -335,8 +321,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getWebConsoleApplicationWithoutPermission() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-account-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -349,8 +333,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getNotExistingApplication() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -363,8 +345,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -389,8 +369,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void updateConsentForClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -435,8 +413,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForNotExistingClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
|
||||
|
@ -459,8 +435,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForClientWithoutPermission() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -483,8 +457,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForClientWithPut() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -509,8 +481,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void updateConsentForClientWithPut() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -555,8 +525,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForNotExistingClientWithPut() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
|
||||
|
@ -579,8 +547,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void createConsentForClientWithoutPermissionWithPut() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -603,8 +569,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getConsentForClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -638,8 +602,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getConsentForNotExistingClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -652,8 +614,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getNotExistingConsentForClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -666,8 +626,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void getConsentWithoutPermission() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -680,8 +638,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void deleteConsentForClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
|
||||
|
@ -720,8 +676,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void deleteConsentForNotExistingClient() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||
String appId = "not-existing";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
@ -735,8 +689,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void deleteConsentWithoutPermission() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||
String appId = "security-admin-console";
|
||||
SimpleHttp.Response response = SimpleHttp
|
||||
|
|
|
@ -21,7 +21,6 @@ import static org.junit.Assert.assertNotNull;
|
|||
import static org.junit.Assert.assertThat;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
@ -96,8 +95,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
|
||||
@Test
|
||||
public void testProfilePreviewPermissions() throws IOException {
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
|
||||
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||
|
||||
|
@ -124,13 +121,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
.auth(viewToken.getToken()).asStatus());
|
||||
}
|
||||
|
||||
@Before
|
||||
@Override
|
||||
public void before() {
|
||||
super.before();
|
||||
assumeFeatureEnabled(ACCOUNT_API);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetSessions() throws Exception {
|
||||
oauth.setDriver(secondBrowser);
|
||||
|
@ -364,8 +354,8 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
|||
assertEquals("Other", device.getDevice());
|
||||
|
||||
List<SessionRepresentation> sessions = device.getSessions();
|
||||
assertEquals(2, sessions.size());
|
||||
SessionRepresentation session = sessions.stream().filter(rep -> rep.getCurrent() != null && rep.getCurrent()).findFirst().get();
|
||||
assertEquals(1, sessions.size());
|
||||
SessionRepresentation session = sessions.get(0);
|
||||
assertEquals("127.0.0.1", session.getIpAddress());
|
||||
assertEquals(device.getLastAccess(), session.getLastAccess());
|
||||
|
||||
|
|
|
@ -74,6 +74,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
|
|||
import org.keycloak.testsuite.adapter.page.PhotozClientAuthzTestApp;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
|
@ -93,6 +94,7 @@ import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhotozJavascriptExecutorTest {
|
||||
|
||||
protected static final String RESOURCE_SERVER_ID = "photoz-restful-api";
|
||||
|
@ -165,7 +167,6 @@ public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhoto
|
|||
|
||||
@Override
|
||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
RealmRepresentation realm = loadRealm(new File(TEST_APPS_HOME_DIR + "/photoz/photoz-realm.json"));
|
||||
|
||||
realm.setAccessTokenLifespan(30 + TOKEN_LIFESPAN_LEEWAY); // seconds
|
||||
|
|
|
@ -28,6 +28,7 @@ import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
|||
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.UIUtils;
|
||||
import org.openqa.selenium.By;
|
||||
import org.openqa.selenium.WebElement;
|
||||
|
@ -50,6 +51,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampleAdapterTest {
|
||||
|
||||
protected static final String REALM_NAME = "servlet-authz";
|
||||
|
@ -58,11 +60,6 @@ public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampl
|
|||
@ArquillianResource
|
||||
private Deployer deployer;
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||
testRealms.add(
|
||||
|
|
|
@ -46,6 +46,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
|||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.util.UIUtils;
|
||||
import org.openqa.selenium.By;
|
||||
|
@ -62,6 +63,7 @@ import org.openqa.selenium.By;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
||||
|
||||
protected static final String REALM_NAME = "servlet-policy-enforcer-authz";
|
||||
|
@ -72,7 +74,6 @@ public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
|||
|
||||
@Override
|
||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
testRealms.add(
|
||||
loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-policy-enforcer/servlet-policy-enforcer-authz-realm.json")));
|
||||
}
|
||||
|
|
|
@ -34,6 +34,7 @@ import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
|||
import org.keycloak.testsuite.adapter.page.AngularCorsProductTestApp;
|
||||
import org.keycloak.testsuite.adapter.page.CorsDatabaseServiceTestApp;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.auth.page.account.Account;
|
||||
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
|
||||
|
@ -51,6 +52,8 @@ import java.util.regex.Pattern;
|
|||
import static junit.framework.TestCase.assertNotNull;
|
||||
import org.junit.Assume;
|
||||
import org.keycloak.testsuite.util.DroneUtils;
|
||||
|
||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
||||
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
|
||||
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
||||
|
@ -71,6 +74,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
|
||||
|
||||
public static final String CORS = "cors";
|
||||
|
@ -109,7 +113,6 @@ public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
|
|||
|
||||
@Override
|
||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
testRealms.add(
|
||||
loadRealm(new File(TEST_APPS_HOME_DIR + "/cors/cors-realm.json")));
|
||||
}
|
||||
|
|
|
@ -59,6 +59,8 @@ import org.keycloak.testsuite.ProfileAssume;
|
|||
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
|
||||
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.broker.BrokerTestTools;
|
||||
|
@ -100,6 +102,7 @@ import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SE
|
|||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||
public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest {
|
||||
public static final String CHILD_IDP = "child";
|
||||
public static final String PARENT_IDP = "parent-idp";
|
||||
|
@ -206,30 +209,23 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
|
|||
|
||||
}
|
||||
|
||||
@Before
|
||||
public void enableFeature() throws Exception {
|
||||
try {
|
||||
addIdpUser();
|
||||
addChildUser();
|
||||
createBroker();
|
||||
|
||||
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
||||
Response response = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
||||
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
|
||||
checkFeature(Response.Status.OK.getStatusCode());
|
||||
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
} catch (Exception e) {
|
||||
disableFeature();
|
||||
throw e;
|
||||
}
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||
@UncaughtServerErrorExpected
|
||||
public void testFeatureDisabled() throws Exception {
|
||||
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
||||
}
|
||||
|
||||
@After
|
||||
public void disableFeature() throws Exception {
|
||||
Response response = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
||||
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
|
||||
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
||||
@Test
|
||||
public void testFeatureEnabled() throws Exception {
|
||||
checkFeature(Response.Status.OK.getStatusCode());
|
||||
}
|
||||
|
||||
@Before
|
||||
public void beforeTest() throws Exception {
|
||||
addIdpUser();
|
||||
addChildUser();
|
||||
createBroker();
|
||||
}
|
||||
|
||||
public void addIdpUser() {
|
||||
|
|
|
@ -49,6 +49,7 @@ import org.keycloak.services.resources.admin.permissions.GroupPermissionManageme
|
|||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||
|
@ -86,19 +87,6 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
|||
testRealms.add(testRealmRep);
|
||||
}
|
||||
|
||||
@After
|
||||
public void checkTokenExchangeFeature() throws Exception {
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE)) {
|
||||
disableTokenExchange();
|
||||
}
|
||||
}
|
||||
|
||||
private void disableTokenExchange() throws Exception {
|
||||
Response featureResponse = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
||||
Assert.assertEquals(200, featureResponse.getStatus());
|
||||
checkTokenExchange(false);
|
||||
}
|
||||
|
||||
public static void setupDemo(KeycloakSession session) {
|
||||
RealmModel realm = session.realms().getRealmByName(TEST);
|
||||
realm.addRole("realm-role");
|
||||
|
@ -867,6 +855,12 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void testTokenExchangeDisabled() throws Exception {
|
||||
checkTokenExchange(false);
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-7406
|
||||
*
|
||||
|
@ -874,22 +868,13 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
|||
*/
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||
public void testWithTokenExchange() throws Exception {
|
||||
try {
|
||||
checkTokenExchange(false);
|
||||
|
||||
Response featureResponse = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
||||
Assert.assertEquals(200, featureResponse.getStatus());
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
|
||||
String exchanged = checkTokenExchange(true);
|
||||
Assert.assertNotNull(exchanged);
|
||||
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
|
||||
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
|
||||
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
|
||||
}
|
||||
} finally {
|
||||
disableTokenExchange();
|
||||
String exchanged = checkTokenExchange(true);
|
||||
Assert.assertNotNull(exchanged);
|
||||
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
|
||||
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
|
||||
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -30,6 +30,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
|
|||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.admin.client.AbstractClientTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
import org.keycloak.testsuite.util.UserBuilder;
|
||||
|
@ -44,15 +45,11 @@ import java.util.List;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public abstract class AbstractAuthorizationTest extends AbstractClientTest {
|
||||
|
||||
protected static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setDefaultPageUriParameters() {
|
||||
super.setDefaultPageUriParameters();
|
||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.testsuite.admin.client.authorization;
|
|||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||
|
||||
import java.util.Collections;
|
||||
|
||||
|
@ -33,16 +34,13 @@ import org.keycloak.common.Profile;
|
|||
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.Logic;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class JSPolicyManagementTest extends AbstractPolicyManagementTest {
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCreate() {
|
||||
|
|
|
@ -20,6 +20,7 @@ import static org.junit.Assert.assertEquals;
|
|||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||
|
||||
import java.io.BufferedInputStream;
|
||||
import java.io.ByteArrayInputStream;
|
||||
|
@ -66,6 +67,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
|||
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
|
@ -76,6 +78,7 @@ import org.keycloak.testsuite.util.UserBuilder;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
|
||||
|
||||
protected static final String REALM_NAME = "authz-test";
|
||||
|
@ -109,11 +112,6 @@ public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
|
|||
.directAccessGrants())
|
||||
.build());
|
||||
}
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEnforceUMAAccessWithClaimsUsingBearerToken() {
|
||||
|
|
|
@ -78,6 +78,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
|||
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
|
@ -89,6 +90,7 @@ import org.keycloak.util.JsonSerialization;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class PolicyEnforcerTest extends AbstractKeycloakTest {
|
||||
|
||||
private static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
||||
|
@ -127,7 +129,6 @@ public class PolicyEnforcerTest extends AbstractKeycloakTest {
|
|||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
initAuthorizationSettings(getClientResource(RESOURCE_SERVER_CLIENT_ID));
|
||||
}
|
||||
|
||||
|
|
|
@ -26,6 +26,7 @@ import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
|||
import org.keycloak.representations.idm.authorization.Logic;
|
||||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
|
||||
|
@ -39,13 +40,12 @@ import static org.junit.Assert.fail;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@RestartContainer(enableFeatures = Profile.Feature.AUTHZ_DROOLS_POLICY)
|
||||
@EnableFeature(Profile.Feature.AUTHZ_DROOLS_POLICY)
|
||||
public class RulesPolicyManagementTest extends AbstractPolicyManagementTest {
|
||||
|
||||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
|
||||
ContainerAssume.assumeNotAuthServerRemote();
|
||||
}
|
||||
|
||||
|
|
|
@ -1,23 +1,18 @@
|
|||
package org.keycloak.testsuite.authz;
|
||||
|
||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.jose.jws.JWSInput;
|
||||
import org.keycloak.jose.jws.JWSInputException;
|
||||
import org.keycloak.representations.AccessToken;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public abstract class AbstractAuthzTest extends AbstractKeycloakTest {
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
protected AccessToken toAccessToken(String rpt) {
|
||||
AccessToken accessToken;
|
||||
|
||||
|
|
|
@ -46,7 +46,8 @@ import org.keycloak.representations.idm.authorization.PermissionTicketRepresenta
|
|||
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.UmaPermissionRepresentation;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.GroupBuilder;
|
||||
import org.keycloak.testsuite.util.RealmBuilder;
|
||||
|
@ -142,13 +143,12 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
|
|||
|
||||
@Test
|
||||
public void testCreateDeprecatedFeaturesEnabled() {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
testCreate();
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public void testCreateDeprecatedFeaturesDisabled() {
|
||||
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
testCreate();
|
||||
}
|
||||
|
||||
|
@ -337,19 +337,18 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
|
|||
|
||||
@Test
|
||||
public void testUpdateDeprecatedFeaturesEnabled() {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
testUpdate();
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public void testUpdateDeprecatedFeaturesDisabled() {
|
||||
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
testUpdate();
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public void testUploadScriptDisabled() {
|
||||
disableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
ResourceRepresentation resource = new ResourceRepresentation();
|
||||
|
||||
resource.setName("Resource A");
|
||||
|
|
|
@ -38,6 +38,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.ExecutionBuilder;
|
||||
import org.keycloak.testsuite.util.FlowBuilder;
|
||||
|
@ -53,6 +54,7 @@ import java.util.Map;
|
|||
*
|
||||
* @author <a href="mailto:thomas.darimont@gmail.com">Thomas Darimont</a>
|
||||
*/
|
||||
@EnableFeature(Profile.Feature.UPLOAD_SCRIPTS)
|
||||
public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
||||
|
||||
@Page
|
||||
|
@ -65,13 +67,6 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
|
||||
public static final String EXECUTION_ID = "scriptAuth";
|
||||
|
||||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
// TODO: we should probably enable SCRIPTS automatically when UPLOAD_SCRIPTS is enabled
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||
|
||||
|
@ -236,3 +231,4 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
return configRep;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -42,6 +42,8 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
|
|||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
|
@ -66,10 +68,9 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
|
|||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||
public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||
|
||||
private final Profile.Feature FEATURE = Profile.Feature.TOKEN_EXCHANGE;
|
||||
|
||||
@Rule
|
||||
public AssertEvents events = new AssertEvents(this);
|
||||
|
||||
|
@ -78,30 +79,24 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
|||
return RunOnServerDeployment.create(ClientTokenExchangeTest.class);
|
||||
}
|
||||
|
||||
@Before
|
||||
public void enableFeature() {
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||
public void checkFeatureDisabled() {
|
||||
// Required feature should return Status code 501 - Feature doesn't work
|
||||
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
||||
Assert.assertEquals(501, checkTokenExchange().getStatus());
|
||||
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
||||
}
|
||||
|
||||
// Test if required feature is enabled in Profiles.
|
||||
Response response = testingClient.testing().enableFeature(FEATURE.toString());
|
||||
Assert.assertEquals(200, response.getStatus());
|
||||
|
||||
@Test
|
||||
public void checkFeatureEnabled() {
|
||||
// Test if the required feature really works.
|
||||
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
||||
Assert.assertEquals(200, checkTokenExchange().getStatus());
|
||||
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
||||
}
|
||||
|
||||
@After
|
||||
public void disableFeature() {
|
||||
// Test if required feature is disabled.
|
||||
Response response = testingClient.testing().disableFeature(FEATURE.toString());
|
||||
Assert.assertEquals(200, response.getStatus());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
||||
RealmRepresentation testRealmRep = new RealmRepresentation();
|
||||
|
@ -221,8 +216,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
|||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void testExchange() throws Exception {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
|
||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||
|
||||
oauth.realm(TEST);
|
||||
|
@ -265,8 +258,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
|||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void testImpersonation() throws Exception {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
|
||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||
|
||||
oauth.realm(TEST);
|
||||
|
@ -349,8 +340,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
|||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void testBadImpersonator() throws Exception {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
|
||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||
|
||||
oauth.realm(TEST);
|
||||
|
@ -393,8 +382,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
|||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void testDirectImpersonation() throws Exception {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
||||
|
||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||
Client httpClient = ClientBuilder.newClient();
|
||||
|
||||
|
|
|
@ -48,6 +48,7 @@ import org.keycloak.testsuite.Assert;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.ClientManager;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.testsuite.util.ProtocolMapperUtil;
|
||||
|
@ -129,8 +130,8 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS) // This requires also SCRIPTS feature, therefore we need to restart container
|
||||
public void testTokenScriptMapping() {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
||||
{
|
||||
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
|||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
|
||||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
|
@ -52,9 +53,8 @@ import java.util.Map;
|
|||
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
|
||||
import static org.junit.Assert.*;
|
||||
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
|
||||
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
|
||||
@EnableFeature(OPENSHIFT_INTEGRATION)
|
||||
public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
private static boolean flowConfigured;
|
||||
|
@ -93,8 +93,6 @@ public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakT
|
|||
|
||||
@Before
|
||||
public void enablePassthroughAuthenticator() {
|
||||
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
|
||||
|
||||
if (!flowConfigured) {
|
||||
HashMap<String, String> data = new HashMap<>();
|
||||
data.put("newName", "testsuite-client-dummy");
|
||||
|
|
|
@ -20,7 +20,6 @@ package org.keycloak.testsuite.openshift;
|
|||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
|
||||
|
||||
import javax.ws.rs.core.Response;
|
||||
|
@ -56,6 +55,7 @@ import org.keycloak.storage.openshift.OpenshiftClientStorageProviderFactory;
|
|||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||
import org.keycloak.testsuite.pages.AppPage;
|
||||
import org.keycloak.testsuite.pages.ConsentPage;
|
||||
|
@ -70,7 +70,7 @@ import org.keycloak.testsuite.util.OAuthClient;
|
|||
*
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
|
||||
@EnableFeature(OPENSHIFT_INTEGRATION)
|
||||
public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
private static Undertow OPENSHIFT_API_SERVER;
|
||||
|
@ -154,7 +154,6 @@ public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakT
|
|||
public void onBefore() {
|
||||
ContainerAssume.assumeNotAuthServerRemote();
|
||||
|
||||
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
|
||||
ComponentRepresentation provider = new ComponentRepresentation();
|
||||
|
||||
provider.setName("openshift-client-storage");
|
||||
|
|
|
@ -52,6 +52,8 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.forms.AbstractFlowTest;
|
||||
import org.keycloak.testsuite.pages.LoginPage;
|
||||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
|
@ -64,6 +66,7 @@ import org.keycloak.util.JsonSerialization;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(SCRIPTS)
|
||||
public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
||||
|
||||
public static final String EXECUTION_ID = "scriptAuth";
|
||||
|
@ -183,7 +186,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
*/
|
||||
@Test
|
||||
public void loginShouldWorkWithScriptAuthenticator() {
|
||||
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
|
||||
configureFlows();
|
||||
|
||||
loginPage.open();
|
||||
|
@ -198,7 +200,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
*/
|
||||
@Test
|
||||
public void loginShouldFailWithScriptAuthenticator() {
|
||||
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
|
||||
configureFlows();
|
||||
|
||||
loginPage.open();
|
||||
|
@ -209,8 +210,8 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(SCRIPTS)
|
||||
public void testScriptAuthenticatorNotAvailable() {
|
||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
||||
assertFalse(testRealm().flows().getAuthenticatorProviders().stream().anyMatch(
|
||||
provider -> ScriptBasedAuthenticatorFactory.PROVIDER_ID.equals(provider.get("id"))));
|
||||
}
|
||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.testsuite.script;
|
|||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.keycloak.common.Profile.Feature.SCRIPTS;
|
||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
|
||||
import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SERVER_CURRENT;
|
||||
|
@ -46,6 +47,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
|||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.util.ContainerAssume;
|
||||
import org.keycloak.testsuite.util.OAuthClient;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
@ -95,15 +97,14 @@ public class DeployedScriptMapperTest extends AbstractTestRealmKeycloakTest {
|
|||
|
||||
@Test
|
||||
public void testScriptMapperNotAvailable() {
|
||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
||||
assertFalse(adminClient.serverInfo().getInfo().getProtocolMapperTypes().get(OIDCLoginProtocol.LOGIN_PROTOCOL).stream()
|
||||
.anyMatch(
|
||||
mapper -> ScriptBasedOIDCProtocolMapper.PROVIDER_ID.equals(mapper.getId())));
|
||||
}
|
||||
|
||||
@Test
|
||||
@EnableFeature(SCRIPTS)
|
||||
public void testTokenScriptMapping() {
|
||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
|
||||
{
|
||||
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
||||
|
||||
|
|
|
@ -52,6 +52,7 @@ import org.keycloak.representations.idm.authorization.ResourcePermissionRepresen
|
|||
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||
import org.keycloak.testsuite.ProfileAssume;
|
||||
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.authz.AbstractAuthzTest;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
|
@ -119,15 +120,15 @@ public class DeployedScriptPolicyTest extends AbstractAuthzTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public void testJSPolicyProviderNotAvailable() {
|
||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
||||
assertFalse(getAuthorizationResource().policies().policyProviders().stream().anyMatch(rep -> "js".equals(rep.getType())));
|
||||
}
|
||||
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public void failCreateJSPolicy() {
|
||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
||||
JSPolicyRepresentation grantPolicy = new JSPolicyRepresentation();
|
||||
|
||||
grantPolicy.setName("JS Policy");
|
||||
|
|
|
@ -43,6 +43,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
|||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.GroupBuilder;
|
||||
|
@ -51,13 +52,9 @@ import org.keycloak.testsuite.util.UserBuilder;
|
|||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class AggregatePolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Before
|
||||
public void configureTest() {
|
||||
super.configureTest();
|
||||
|
|
|
@ -26,18 +26,15 @@ import org.junit.Before;
|
|||
import org.junit.Test;
|
||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||
import org.keycloak.representations.idm.authorization.Logic;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||
public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
||||
|
||||
@Before
|
||||
public void onBefore() {
|
||||
enableFeature(UPLOAD_SCRIPTS);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUpdate() throws InterruptedException {
|
||||
authorizationPage.navigateTo();
|
||||
|
|
Loading…
Reference in a new issue