libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed

Browse source
This commit is contained in:
mhajas 2019-10-23 17:35:35 +02:00 committed by Hynek Mlnařík
parent 0e172d1632
commit b74f69c5ac
39 changed files with 426 additions and 343 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/TestingResourceProvider.java
View file

@ -92,6 +92,10 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.Response;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.text.ParseException;
@ -101,6 +105,7 @@ import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@ -831,6 +836,25 @@ public class TestingResourceProvider implements RealmResourceProvider {
return new TestJavascriptResource();
}
private void setFeatureInProfileFile(File file, Profile.Feature featureProfile, String newState) {
Properties properties = new Properties();
if (file.isFile() && file.exists()) {
try (FileInputStream fis = new FileInputStream(file)) {
properties.load(fis);
} catch (IOException e) {
throw new RuntimeException("Unable to read profile.properties file");
}
}
properties.setProperty("feature." + featureProfile.toString().toLowerCase(), newState);
try (FileOutputStream fos = new FileOutputStream(file)) {
properties.store(fos, null);
} catch (IOException e) {
throw new RuntimeException("Unable to write to profile.properties file");
}
}
@POST
@Path("/enable-feature/{feature}")
@Consumes(MediaType.APPLICATION_JSON)
@ -848,6 +872,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
return Response.ok().build();
System.setProperty("keycloak.profile.feature." + featureProfile.toString().toLowerCase(), "enabled");
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
if (jbossServerConfigDir != null) {
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "enabled");
}
Profile.init();
if (Profile.isFeatureEnabled(featureProfile))
@ -873,6 +904,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
return Response.ok().build();
System.getProperties().remove("keycloak.profile.feature." + featureProfile.toString().toLowerCase());
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
if (jbossServerConfigDir != null) {
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "disabled");
}
Profile.init();
if (!Profile.isFeatureEnabled(featureProfile))

2
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/ProfileAssume.java
View file

@ -76,7 +76,7 @@ public class ProfileAssume {
Assume.assumeTrue("Ignoring test as community profile is not enabled", profile.equals("community"));
}
private static boolean isFeatureEnabled(Profile.Feature feature) {
public static boolean isFeatureEnabled(Profile.Feature feature) {
updateProfile();
return !disabledFeatures.contains(feature.name());
}

4
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/TestContext.java
View file

@ -149,6 +149,10 @@ public final class TestContext {
}
public KeycloakTestingClient getTestingClient() {
if (testingClient == null) {
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
}
return testingClient;
}

23
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/annotation/DisableFeature.java Normal file
View file

@ -0,0 +1,23 @@
package org.keycloak.testsuite.arquillian.annotation;
import org.keycloak.common.Profile;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Repeatable;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
/**
* @author mhajas
*/
@Retention(RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
@Repeatable(DisableFeatures.class)
@Inherited
public @interface DisableFeature {
Profile.Feature value();
boolean skipRestart() default false;
}

18
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/annotation/DisableFeatures.java Normal file
View file

@ -0,0 +1,18 @@
package org.keycloak.testsuite.arquillian.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
/**
* @author mhajas
*/
@Retention(RUNTIME)
@Inherited
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface DisableFeatures {
DisableFeature[] value() default {};
}

23
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/annotation/EnableFeature.java Normal file
View file

@ -0,0 +1,23 @@
package org.keycloak.testsuite.arquillian.annotation;
import org.keycloak.common.Profile;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Repeatable;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
/**
* @author mhajas
*/
@Retention(RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
@Repeatable(EnableFeatures.class)
@Inherited
public @interface EnableFeature {
Profile.Feature value();
boolean skipRestart() default false;
}

19
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/annotation/EnableFeatures.java Normal file
View file

@ -0,0 +1,19 @@
package org.keycloak.testsuite.arquillian.annotation;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
/**
* @author mhajas
*/
@Retention(RUNTIME)
@Inherited
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface EnableFeatures {
EnableFeature[] value() default {};
}

5
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/annotation/RestartContainer.java
View file

@ -52,9 +52,4 @@ public @interface RestartContainer {
* @return Wait time in milliseconds after database initialization.
*/
long intializeDatabaseWait() default 0;
/**
* @return Array of features, which should be enabled.
*/
Profile.Feature[] enableFeatures() default {};
}

89
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/KeycloakContainerEventsController.java
View file

@ -140,14 +140,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
if (restartContainer.withoutKeycloakAddUserFile()) {
copyKeycloakAddUserFile();
}
if (restartContainer.enableFeatures().length != 0) {
changeStateOfFeatures(restartContainer, false);
// Auth-server has to be restarted again. If not, the features will not to be disabled.
container.fire(new StopManualContainers());
container.fire(new StopSuiteContainers());
container.fire(new StartSuiteContainers());
}
}
/**
@ -158,10 +150,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
if (restartContainer.withoutKeycloakAddUserFile()) {
removeKeycloakAddUserFile();
}
if (restartContainer.enableFeatures().length != 0) {
changeStateOfFeatures(restartContainer, true);
}
}
/**
@ -263,81 +251,4 @@ public class KeycloakContainerEventsController extends ContainerEventController
}
}
}
/**
* Change state of features, which are contained in {@code enableFeatures} param.
* This method either enable or disable features.
* If auth-server is JBossBased, then the features are either enabled or disabled via {@code profile.properties}.
*
* @param restartContainer to pass more information from test annotation.
* @param enableFeatures if the features will be enabled or disabled.
*/
private void changeStateOfFeatures(RestartContainer restartContainer, boolean enableFeatures) {
Optional<Container> authServerOptional = containerRegistry.get().getContainers().stream()
.filter(f -> f.getName().startsWith("auth-server-")).findFirst();
if (authServerOptional.isPresent()) {
Container authServer = authServerOptional.get();
boolean isJbossBased = new ContainerInfo(authServer).isJBossBased();
if (isJbossBased) {
ContainerDef conf = authServer.getContainerConfiguration();
String jbossHome = conf.getContainerProperty("jbossHome");
Path fileProps = null;
if (jbossHome != null) {
try {
Path dir = Paths.get(jbossHome + "/standalone/configuration");
fileProps = dir.resolve("profile.properties");
if (enableFeatures) {
Path file = Files.createFile(fileProps);
Properties props = new Properties();
Arrays.stream(restartContainer.enableFeatures()).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), "enabled"));
PrintWriter pw = new PrintWriter(file.toFile());
props.list(pw);
pw.close();
} else {
Files.deleteIfExists(fileProps);
}
} catch (FileAlreadyExistsException ex) {
changeFeaturesInExistingProps(restartContainer, fileProps, true);
} catch (IOException e) {
e.printStackTrace();
}
}
} else {
if (enableFeatures) {
Arrays.stream(restartContainer.enableFeatures())
.forEach(f -> System.setProperty("keycloak.profile.feature." + f.toString().toLowerCase(), "enabled"));
} else {
Arrays.stream(restartContainer.enableFeatures())
.forEach(f -> System.getProperties().remove("keycloak.profile.feature." + f.toString().toLowerCase()));
}
}
Profile.init();
}
}
/**
* If exists {@code profile.properties} file, then another properties are only appended to the file.
*
* @param restartContainer to pass more information from test annotation
* @param file path to profile.properties
* @param enableFeatures if features will be enabled or disabled
*/
private void changeFeaturesInExistingProps(RestartContainer restartContainer, Path file, boolean enableFeatures) {
Profile.Feature[] features = restartContainer.enableFeatures();
String state = enableFeatures ? "enabled" : "disabled";
if (features.length != 0) {
Properties props = new Properties();
try {
props.load(Files.newBufferedReader(file));
Arrays.stream(features).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), state));
props.store(Files.newBufferedWriter(file), "");
} catch (IOException e) {
e.printStackTrace();
}
}
}
}

175
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/KeycloakContainerFeaturesController.java Normal file
View file

@ -0,0 +1,175 @@
package org.keycloak.testsuite.arquillian.containers;
import org.jboss.arquillian.container.spi.event.ContainerMultiControlEvent;
import org.jboss.arquillian.container.spi.event.StartClassContainers;
import org.jboss.arquillian.container.spi.event.StartContainer;
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
import org.jboss.arquillian.container.spi.event.StopContainer;
import org.jboss.arquillian.container.spi.event.StopManualContainers;
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
import org.jboss.arquillian.core.api.Event;
import org.jboss.arquillian.core.api.Instance;
import org.jboss.arquillian.core.api.annotation.Inject;
import org.jboss.arquillian.core.api.annotation.Observes;
import org.jboss.arquillian.test.spi.event.suite.After;
import org.jboss.arquillian.test.spi.event.suite.AfterClass;
import org.jboss.arquillian.test.spi.event.suite.Before;
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
import org.keycloak.common.Profile;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.SuiteContext;
import org.keycloak.testsuite.arquillian.TestContext;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.DisableFeatures;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeatures;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
import java.lang.reflect.AnnotatedElement;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.function.BiConsumer;
import java.util.stream.Collectors;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertThat;
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getManagementClient;
/**
* @author mhajas
*/
public class KeycloakContainerFeaturesController {
@Inject
private Instance<TestContext> testContextInstance;
@Inject
private Instance<SuiteContext> suiteContextInstance;
@Inject
private Event<StartContainer> startContainerEvent;
@Inject
private Event<StopContainer> stopContainerEvent;
public enum FeatureAction {
ENABLE(KeycloakTestingClient::enableFeature),
DISABLE(KeycloakTestingClient::disableFeature);
private BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer;
FeatureAction(BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer) {
this.featureConsumer = featureConsumer;
}
public void accept(KeycloakTestingClient testingClient, Profile.Feature feature) {
featureConsumer.accept(testingClient, feature);
}
}
public enum State {
BEFORE,
AFTER
}
private class UpdateFeature {
private Profile.Feature feature;
private boolean skipRestart;
private FeatureAction action;
public UpdateFeature(Profile.Feature feature, boolean skipRestart, FeatureAction action) {
this.feature = feature;
this.skipRestart = skipRestart;
this.action = action;
}
/**
* All features we want to enable/disable must be disabled/enabled
* otherwise at the end of a test the environment will be in an inconsistent state because we would disable/enable
* some feature which was enabled/disabled before test
*
*/
private void assertValid() {
assertThat("An annotation requested to " + action.name()
+ " feature " + feature.name() + " however it was already in that state" ,
ProfileAssume.isFeatureEnabled(feature),
is(!(action == FeatureAction.ENABLE)));
}
private void assertPerformed() {
assertThat("An annotation requested to " + action.name() +
" feature " + feature.name() + ", however after performing this operation " +
"the feature is not in desired state" ,
ProfileAssume.isFeatureEnabled(feature),
is(action == FeatureAction.ENABLE));
}
public void performAction() {
assertValid();
action.accept(testContextInstance.get().getTestingClient(), feature);
}
}
public void restartAuthServer() throws Exception {
if (AuthServerTestEnricher.AUTH_SERVER_CONTAINER.equals("auth-server-remote")) {
OnlineManagementClient client = getManagementClient();
Administration administration = new Administration(client);
administration.reload();
client.close();
} else {
stopContainerEvent.fire(new StopContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
startContainerEvent.fire(new StartContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
}
}
private void updateFeatures(List<UpdateFeature> updateFeatures) throws Exception {
updateFeatures.forEach(UpdateFeature::performAction);
if (updateFeatures.stream().anyMatch(updateFeature -> !updateFeature.skipRestart)) {
restartAuthServer();
testContextInstance.get().reconnectAdminClient();
}
updateFeatures.forEach(UpdateFeature::assertPerformed);
}
private void checkAnnotatedElementForFeatureAnnotations(AnnotatedElement annotatedElement, State state) throws Exception {
List<UpdateFeature> updateFeatureList = new ArrayList<>(0);
if (annotatedElement.isAnnotationPresent(EnableFeatures.class) || annotatedElement.isAnnotationPresent(EnableFeature.class)) {
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(EnableFeature.class))
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
state == State.BEFORE ? FeatureAction.ENABLE : FeatureAction.DISABLE))
.collect(Collectors.toList()));
}
if (annotatedElement.isAnnotationPresent(DisableFeatures.class) || annotatedElement.isAnnotationPresent(DisableFeature.class)) {
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(DisableFeature.class))
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
state == State.BEFORE ? FeatureAction.DISABLE : FeatureAction.ENABLE))
.collect(Collectors.toList()));
}
if (!updateFeatureList.isEmpty()) {
updateFeatures(updateFeatureList);
}
}
public void handleEnableFeaturesAnnotationBeforeClass(@Observes(precedence = 1) BeforeClass event) throws Exception {
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.BEFORE);
}
public void handleEnableFeaturesAnnotationBeforeTest(@Observes(precedence = 1) Before event) throws Exception {
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.BEFORE);
}
public void handleEnableFeaturesAnnotationAfterTest(@Observes(precedence = 2) After event) throws Exception {
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.AFTER);
}
public void handleEnableFeaturesAnnotationAfterClass(@Observes(precedence = 2) AfterClass event) throws Exception {
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.AFTER);
}
}

3
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/containers/KeycloakContainerTestExtension.java
View file

@ -112,6 +112,7 @@ public class KeycloakContainerTestExtension implements LoadableExtension {
.observer(RemoteTestExecuter.class)
.observer(DeploymentCommandObserver.class)
.observer(ContainerCommandObserver.class)
.observer(RemoteResourceCommandObserver.class);
.observer(RemoteResourceCommandObserver.class)
.observer(KeycloakContainerFeaturesController.class);
}
}

16
testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/client/KeycloakTestingClient.java
View file

@ -19,10 +19,12 @@ package org.keycloak.testsuite.client;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
import org.keycloak.common.Profile;
import org.keycloak.testsuite.client.resources.TestApplicationResource;
import org.keycloak.testsuite.client.resources.TestExampleCompanyResource;
import org.keycloak.testsuite.client.resources.TestSamlApplicationResource;
@ -31,6 +33,8 @@ import org.keycloak.testsuite.runonserver.*;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.util.JsonSerialization;
import static org.junit.Assert.assertEquals;
/**
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
*/
@ -71,6 +75,18 @@ public class KeycloakTestingClient implements AutoCloseable {
return target.path("/realms/" + realm).proxy(TestingResource.class);
}
public void enableFeature(Profile.Feature feature) {
try (Response response = testing().enableFeature(feature.toString())) {
assertEquals(200, response.getStatus());
}
}
public void disableFeature(Profile.Feature feature) {
try (Response response = testing().disableFeature(feature.toString())) {
assertEquals(200, response.getStatus());
}
}
public TestApplicationResource testApp() { return target.proxy(TestApplicationResource.class); }
public TestSamlApplicationResource testSamlApp() { return target.proxy(TestSamlApplicationResource.class); }

23
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
View file

@ -152,7 +152,6 @@ public abstract class AbstractKeycloakTest {
private PropertiesConfiguration constantsProperties;
private boolean resetTimeOffset;
private List<Profile.Feature> enabledFeatures = new ArrayList<>();
@Before
public void beforeAbstractKeycloakTest() throws Exception {
@ -230,10 +229,6 @@ public abstract class AbstractKeycloakTest {
testContext.getCleanups().clear();
}
for (Profile.Feature feature : enabledFeatures) {
disableFeature(feature);
}
postAfterAbstractKeycloak();
// Remove all browsers from queue
@ -329,11 +324,6 @@ public abstract class AbstractKeycloakTest {
public KeycloakTestingClient getTestingClient() {
if (testingClient == null) {
testingClient = testContext.getTestingClient();
if (testingClient == null) {
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
testContext.setTestingClient(testingClient);
}
}
return testingClient;
}
@ -639,17 +629,4 @@ public abstract class AbstractKeycloakTest {
}
return in;
}
protected void enableFeature(Profile.Feature feature) {
enabledFeatures.add(feature);
try (Response response = getTestingClient().testing().enableFeature(feature.toString())) {
assertEquals(200, response.getStatus());
}
}
protected void disableFeature(Profile.Feature feature) {
try (Response response = getTestingClient().testing().disableFeature(feature.toString())) {
assertEquals(200, response.getStatus());
}
}
}

28
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AbstractRestServiceTest.java
View file

@ -19,7 +19,6 @@ package org.keycloak.testsuite.account;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
import javax.ws.rs.core.Response;
import java.io.IOException;
@ -31,17 +30,21 @@ import org.apache.http.impl.client.HttpClientBuilder;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.representations.account.SessionRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.UserBuilder;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@EnableFeature(value = ACCOUNT_API, skipRestart = true)
public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakTest {
@Rule
@ -55,34 +58,17 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
@Before
public void before() {
httpClient = HttpClientBuilder.create().build();
try {
checkIfFeatureWorks(false);
Response response = testingClient.testing().enableFeature(ACCOUNT_API.toString());
assertEquals(200, response.getStatus());
assumeFeatureEnabled(ACCOUNT_API);
checkIfFeatureWorks(true);
} catch (Exception e) {
disableFeature();
throw e;
}
}
@After
public void after() {
try {
disableFeature();
httpClient.close();
} catch (IOException e) {
throw new RuntimeException(e);
}
}
private void disableFeature() {
Response response = testingClient.testing().disableFeature(ACCOUNT_API.toString());
assertEquals(200, response.getStatus());
checkIfFeatureWorks(false);
}
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
testRealm.getUsers().add(UserBuilder.create().username("no-account-access").password("password").build());
@ -96,6 +82,12 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
return suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/test/account" + (resource != null ? "/" + resource : "");
}
@Test
@DisableFeature(value = ACCOUNT_API, skipRestart = true)
public void testFeatureDoesntWorkWhenDisabled() {
checkIfFeatureWorks(false);
}
// Check if the feature really works
private void checkIfFeatureWorks(boolean shouldWorks) {
try {

50
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java
View file

@ -30,6 +30,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.account.AccountCredentialResource;
import org.keycloak.services.resources.account.AccountCredentialResource.PasswordUpdate;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.TokenUtil;
import java.io.IOException;
@ -41,7 +42,6 @@ import java.util.Map;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.junit.Assert.*;
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@ -191,8 +191,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void testProfilePreviewPermissions() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
@ -219,15 +217,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void testGetPasswordDetails() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
getPasswordDetails();
}
@Test
public void testPostPasswordUpdate() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
//Get the time of lastUpdate
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
@ -251,8 +245,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void testPasswordConfirmation() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
@ -294,8 +286,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void listApplications() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-applications-access", "password");
List<ClientRepresentation> applications = SimpleHttp
.doGet(getAccountUrl("applications"), httpClient)
@ -308,8 +298,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void listApplicationsWithoutPermission() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-account-access", "password");
SimpleHttp.Response response = SimpleHttp
.doGet(getAccountUrl("applications"), httpClient)
@ -321,8 +309,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getWebConsoleApplication() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-applications-access", "password");
String appId = "security-admin-console";
ClientRepresentation webConsole = SimpleHttp
@ -335,8 +321,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getWebConsoleApplicationWithoutPermission() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-account-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
@ -349,8 +333,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getNotExistingApplication() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-applications-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
@ -363,8 +345,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -389,8 +369,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void updateConsentForClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -435,8 +413,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForNotExistingClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "not-existing";
@ -459,8 +435,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForClientWithoutPermission() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
@ -483,8 +457,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForClientWithPut() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -509,8 +481,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void updateConsentForClientWithPut() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -555,8 +525,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForNotExistingClientWithPut() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "not-existing";
@ -579,8 +547,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void createConsentForClientWithoutPermissionWithPut() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
@ -603,8 +569,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getConsentForClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -638,8 +602,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getConsentForNotExistingClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-consent-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
@ -652,8 +614,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getNotExistingConsentForClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
@ -666,8 +626,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void getConsentWithoutPermission() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-applications-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp
@ -680,8 +638,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void deleteConsentForClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "security-admin-console";
@ -720,8 +676,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void deleteConsentForNotExistingClient() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("manage-consent-access", "password");
String appId = "not-existing";
SimpleHttp.Response response = SimpleHttp
@ -735,8 +689,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
@Test
public void deleteConsentWithoutPermission() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil token = new TokenUtil("view-consent-access", "password");
String appId = "security-admin-console";
SimpleHttp.Response response = SimpleHttp

14
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/SessionRestServiceTest.java
View file

@ -21,7 +21,6 @@ import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
import java.io.IOException;
import java.util.List;
@ -96,8 +95,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
@Test
public void testProfilePreviewPermissions() throws IOException {
assumeFeatureEnabled(ACCOUNT_API);
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
@ -124,13 +121,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
.auth(viewToken.getToken()).asStatus());
}
@Before
@Override
public void before() {
super.before();
assumeFeatureEnabled(ACCOUNT_API);
}
@Test
public void testGetSessions() throws Exception {
oauth.setDriver(secondBrowser);
@ -364,8 +354,8 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
assertEquals("Other", device.getDevice());
List<SessionRepresentation> sessions = device.getSessions();
assertEquals(2, sessions.size());
SessionRepresentation session = sessions.stream().filter(rep -> rep.getCurrent() != null && rep.getCurrent()).findFirst().get();
assertEquals(1, sessions.size());
SessionRepresentation session = sessions.get(0);
assertEquals("127.0.0.1", session.getIpAddress());
assertEquals(device.getLastAccess(), session.getLastAccess());

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBasePhotozExampleAdapterTest.java
View file

@ -74,6 +74,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
import org.keycloak.testsuite.adapter.page.PhotozClientAuthzTestApp;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
import org.keycloak.testsuite.util.DroneUtils;
@ -93,6 +94,7 @@ import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhotozJavascriptExecutorTest {
protected static final String RESOURCE_SERVER_ID = "photoz-restful-api";
@ -165,7 +167,6 @@ public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhoto
@Override
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
enableFeature(UPLOAD_SCRIPTS);
RealmRepresentation realm = loadRealm(new File(TEST_APPS_HOME_DIR + "/photoz/photoz-realm.json"));
realm.setAccessTokenLifespan(30 + TOKEN_LIFESPAN_LEEWAY); // seconds

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java
View file

@ -28,6 +28,7 @@ import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.UIUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
@ -50,6 +51,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampleAdapterTest {
protected static final String REALM_NAME = "servlet-authz";
@ -58,11 +60,6 @@ public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampl
@ArquillianResource
private Deployer deployer;
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
}
@Override
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
testRealms.add(

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java
View file

@ -46,6 +46,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.util.UIUtils;
import org.openqa.selenium.By;
@ -62,6 +63,7 @@ import org.openqa.selenium.By;
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
protected static final String REALM_NAME = "servlet-policy-enforcer-authz";
@ -72,7 +74,6 @@ public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
@Override
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
enableFeature(UPLOAD_SCRIPTS);
testRealms.add(
loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-policy-enforcer/servlet-policy-enforcer-authz-realm.json")));
}

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/cors/CorsExampleAdapterTest.java
View file

@ -34,6 +34,7 @@ import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
import org.keycloak.testsuite.adapter.page.AngularCorsProductTestApp;
import org.keycloak.testsuite.adapter.page.CorsDatabaseServiceTestApp;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.auth.page.account.Account;
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
@ -51,6 +52,8 @@ import java.util.regex.Pattern;
import static junit.framework.TestCase.assertNotNull;
import org.junit.Assume;
import org.keycloak.testsuite.util.DroneUtils;
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
@ -71,6 +74,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
public static final String CORS = "cors";
@ -109,7 +113,6 @@ public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
@Override
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
testRealms.add(
loadRealm(new File(TEST_APPS_HOME_DIR + "/cors/cors-realm.json")));
}

40
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/BrokerLinkAndTokenExchangeTest.java
View file

@ -59,6 +59,8 @@ import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.broker.BrokerTestTools;
@ -100,6 +102,7 @@ import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SE
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest {
public static final String CHILD_IDP = "child";
public static final String PARENT_IDP = "parent-idp";
@ -206,30 +209,23 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
}
@Before
public void enableFeature() throws Exception {
try {
addIdpUser();
addChildUser();
createBroker();
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
Response response = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
checkFeature(Response.Status.OK.getStatusCode());
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
} catch (Exception e) {
disableFeature();
throw e;
}
@Test
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
@UncaughtServerErrorExpected
public void testFeatureDisabled() throws Exception {
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
}
@After
public void disableFeature() throws Exception {
Response response = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
@Test
public void testFeatureEnabled() throws Exception {
checkFeature(Response.Status.OK.getStatusCode());
}
@Before
public void beforeTest() throws Exception {
addIdpUser();
addChildUser();
createBroker();
}
public void addIdpUser() {

41
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java
View file

@ -49,6 +49,7 @@ import org.keycloak.services.resources.admin.permissions.GroupPermissionManageme
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
@ -86,19 +87,6 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
testRealms.add(testRealmRep);
}
@After
public void checkTokenExchangeFeature() throws Exception {
if (Profile.isFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE)) {
disableTokenExchange();
}
}
private void disableTokenExchange() throws Exception {
Response featureResponse = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
Assert.assertEquals(200, featureResponse.getStatus());
checkTokenExchange(false);
}
public static void setupDemo(KeycloakSession session) {
RealmModel realm = session.realms().getRealmByName(TEST);
realm.addRole("realm-role");
@ -867,6 +855,12 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
}
}
@Test
@UncaughtServerErrorExpected
public void testTokenExchangeDisabled() throws Exception {
checkTokenExchange(false);
}
/**
* KEYCLOAK-7406
*
@ -874,22 +868,13 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
*/
@Test
@UncaughtServerErrorExpected
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
public void testWithTokenExchange() throws Exception {
try {
checkTokenExchange(false);
Response featureResponse = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
Assert.assertEquals(200, featureResponse.getStatus());
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
String exchanged = checkTokenExchange(true);
Assert.assertNotNull(exchanged);
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
}
} finally {
disableTokenExchange();
String exchanged = checkTokenExchange(true);
Assert.assertNotNull(exchanged);
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
}
}

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java
View file

@ -30,6 +30,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.admin.client.AbstractClientTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
@ -44,15 +45,11 @@ import java.util.List;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public abstract class AbstractAuthorizationTest extends AbstractClientTest {
protected static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
}
@Override
public void setDefaultPageUriParameters() {
super.setDefaultPageUriParameters();

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/JSPolicyManagementTest.java
View file

@ -18,6 +18,7 @@ package org.keycloak.testsuite.admin.client.authorization;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
import java.util.Collections;
@ -33,16 +34,13 @@ import org.keycloak.common.Profile;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class JSPolicyManagementTest extends AbstractPolicyManagementTest {
@Before
public void onBefore() {
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
}
@Test
public void testCreate() {

8
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java
View file

@ -20,6 +20,7 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
@ -66,6 +67,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
@ -76,6 +78,7 @@ import org.keycloak.testsuite.util.UserBuilder;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
protected static final String REALM_NAME = "authz-test";
@ -109,11 +112,6 @@ public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
.directAccessGrants())
.build());
}
@Before
public void onBefore() {
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
}
@Test
public void testEnforceUMAAccessWithClaimsUsingBearerToken() {

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java
View file

@ -78,6 +78,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
@ -89,6 +90,7 @@ import org.keycloak.util.JsonSerialization;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class PolicyEnforcerTest extends AbstractKeycloakTest {
private static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
@ -127,7 +129,6 @@ public class PolicyEnforcerTest extends AbstractKeycloakTest {
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
initAuthorizationSettings(getClientResource(RESOURCE_SERVER_CLIENT_ID));
}

4
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/RulesPolicyManagementTest.java
View file

@ -26,6 +26,7 @@ import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.util.ContainerAssume;
@ -39,13 +40,12 @@ import static org.junit.Assert.fail;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@RestartContainer(enableFeatures = Profile.Feature.AUTHZ_DROOLS_POLICY)
@EnableFeature(Profile.Feature.AUTHZ_DROOLS_POLICY)
public class RulesPolicyManagementTest extends AbstractPolicyManagementTest {
@BeforeClass
public static void verifyEnvironment() {
ContainerAssume.assumeNotAuthServerUndertow();
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
ContainerAssume.assumeNotAuthServerRemote();
}

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java
View file

@ -1,23 +1,18 @@
package org.keycloak.testsuite.authz;
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
import org.junit.Before;
import org.keycloak.common.Profile;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.JWSInputException;
import org.keycloak.representations.AccessToken;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
/**
* @author mhajas
*/
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
public abstract class AbstractAuthzTest extends AbstractKeycloakTest {
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
}
protected AccessToken toAccessToken(String rpt) {
AccessToken accessToken;

11
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UserManagedPermissionServiceTest.java
View file

@ -46,7 +46,8 @@ import org.keycloak.representations.idm.authorization.PermissionTicketRepresenta
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.UmaPermissionRepresentation;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.GroupBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
@ -142,13 +143,12 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
@Test
public void testCreateDeprecatedFeaturesEnabled() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
testCreate();
}
@Test
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
public void testCreateDeprecatedFeaturesDisabled() {
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
testCreate();
}
@ -337,19 +337,18 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
@Test
public void testUpdateDeprecatedFeaturesEnabled() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
testUpdate();
}
@Test
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
public void testUpdateDeprecatedFeaturesDisabled() {
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
testUpdate();
}
@Test
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
public void testUploadScriptDisabled() {
disableFeature(Profile.Feature.UPLOAD_SCRIPTS);
ResourceRepresentation resource = new ResourceRepresentation();
resource.setName("Resource A");

10
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java
View file

@ -38,6 +38,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.ExecutionBuilder;
import org.keycloak.testsuite.util.FlowBuilder;
@ -53,6 +54,7 @@ import java.util.Map;
*
* @author <a href="mailto:thomas.darimont@gmail.com">Thomas Darimont</a>
*/
@EnableFeature(Profile.Feature.UPLOAD_SCRIPTS)
public class ScriptAuthenticatorTest extends AbstractFlowTest {
@Page
@ -65,13 +67,6 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
public static final String EXECUTION_ID = "scriptAuth";
@BeforeClass
public static void verifyEnvironment() {
// TODO: we should probably enable SCRIPTS automatically when UPLOAD_SCRIPTS is enabled
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
}
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
@ -236,3 +231,4 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
return configRep;
}
}

33
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java
View file

@ -42,6 +42,8 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
import org.keycloak.testsuite.util.OAuthClient;
@ -66,10 +68,9 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
*/
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
public class ClientTokenExchangeTest extends AbstractKeycloakTest {
private final Profile.Feature FEATURE = Profile.Feature.TOKEN_EXCHANGE;
@Rule
public AssertEvents events = new AssertEvents(this);
@ -78,30 +79,24 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
return RunOnServerDeployment.create(ClientTokenExchangeTest.class);
}
@Before
public void enableFeature() {
@Test
@UncaughtServerErrorExpected
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
public void checkFeatureDisabled() {
// Required feature should return Status code 501 - Feature doesn't work
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
Assert.assertEquals(501, checkTokenExchange().getStatus());
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
}
// Test if required feature is enabled in Profiles.
Response response = testingClient.testing().enableFeature(FEATURE.toString());
Assert.assertEquals(200, response.getStatus());
@Test
public void checkFeatureEnabled() {
// Test if the required feature really works.
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
Assert.assertEquals(200, checkTokenExchange().getStatus());
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
}
@After
public void disableFeature() {
// Test if required feature is disabled.
Response response = testingClient.testing().disableFeature(FEATURE.toString());
Assert.assertEquals(200, response.getStatus());
}
@Override
public void addTestRealms(List<RealmRepresentation> testRealms) {
RealmRepresentation testRealmRep = new RealmRepresentation();
@ -221,8 +216,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
@Test
@UncaughtServerErrorExpected
public void testExchange() throws Exception {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
oauth.realm(TEST);
@ -265,8 +258,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
@Test
@UncaughtServerErrorExpected
public void testImpersonation() throws Exception {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
oauth.realm(TEST);
@ -349,8 +340,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
@Test
@UncaughtServerErrorExpected
public void testBadImpersonator() throws Exception {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
oauth.realm(TEST);
@ -393,8 +382,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
@Test
@UncaughtServerErrorExpected
public void testDirectImpersonation() throws Exception {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
Client httpClient = ClientBuilder.newClient();

3
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OIDCProtocolMappersTest.java
View file

@ -48,6 +48,7 @@ import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.ProtocolMapperUtil;
@ -129,8 +130,8 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
}
@Test
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS) // This requires also SCRIPTS feature, therefore we need to restart container
public void testTokenScriptMapping() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
{
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
View file

@ -33,6 +33,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.util.ContainerAssume;
@ -52,9 +53,8 @@ import java.util.Map;
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
import static org.junit.Assert.*;
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
@EnableFeature(OPENSHIFT_INTEGRATION)
public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {
private static boolean flowConfigured;
@ -93,8 +93,6 @@ public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakT
@Before
public void enablePassthroughAuthenticator() {
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
if (!flowConfigured) {
HashMap<String, String> data = new HashMap<>();
data.put("newName", "testsuite-client-dummy");

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenshiftClientStorageTest.java
View file

@ -20,7 +20,6 @@ package org.keycloak.testsuite.openshift;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
import javax.ws.rs.core.Response;
@ -56,6 +55,7 @@ import org.keycloak.storage.openshift.OpenshiftClientStorageProviderFactory;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.ConsentPage;
@ -70,7 +70,7 @@ import org.keycloak.testsuite.util.OAuthClient;
*
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
@EnableFeature(OPENSHIFT_INTEGRATION)
public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakTest {
private static Undertow OPENSHIFT_API_SERVER;
@ -154,7 +154,6 @@ public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakT
public void onBefore() {
ContainerAssume.assumeNotAuthServerRemote();
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
ComponentRepresentation provider = new ComponentRepresentation();
provider.setName("openshift-client-storage");

7
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/script/DeployedScriptAuthenticatorTest.java
View file

@ -52,6 +52,8 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.provider.ScriptProviderDescriptor;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.forms.AbstractFlowTest;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.ContainerAssume;
@ -64,6 +66,7 @@ import org.keycloak.util.JsonSerialization;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(SCRIPTS)
public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
public static final String EXECUTION_ID = "scriptAuth";
@ -183,7 +186,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
*/
@Test
public void loginShouldWorkWithScriptAuthenticator() {
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
configureFlows();
loginPage.open();
@ -198,7 +200,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
*/
@Test
public void loginShouldFailWithScriptAuthenticator() {
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
configureFlows();
loginPage.open();
@ -209,8 +210,8 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
}
@Test
@DisableFeature(SCRIPTS)
public void testScriptAuthenticatorNotAvailable() {
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
assertFalse(testRealm().flows().getAuthenticatorProviders().stream().anyMatch(
provider -> ScriptBasedAuthenticatorFactory.PROVIDER_ID.equals(provider.get("id"))));
}

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/script/DeployedScriptMapperTest.java
View file

@ -18,6 +18,7 @@ package org.keycloak.testsuite.script;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.keycloak.common.Profile.Feature.SCRIPTS;
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SERVER_CURRENT;
@ -46,6 +47,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.provider.ScriptProviderDescriptor;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.util.JsonSerialization;
@ -95,15 +97,14 @@ public class DeployedScriptMapperTest extends AbstractTestRealmKeycloakTest {
@Test
public void testScriptMapperNotAvailable() {
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
assertFalse(adminClient.serverInfo().getInfo().getProtocolMapperTypes().get(OIDCLoginProtocol.LOGIN_PROTOCOL).stream()
.anyMatch(
mapper -> ScriptBasedOIDCProtocolMapper.PROVIDER_ID.equals(mapper.getId())));
}
@Test
@EnableFeature(SCRIPTS)
public void testTokenScriptMapping() {
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
{
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/script/DeployedScriptPolicyTest.java
View file

@ -52,6 +52,7 @@ import org.keycloak.representations.idm.authorization.ResourcePermissionRepresen
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.provider.ScriptProviderDescriptor;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.authz.AbstractAuthzTest;
import org.keycloak.testsuite.util.ClientBuilder;
@ -119,15 +120,15 @@ public class DeployedScriptPolicyTest extends AbstractAuthzTest {
}
@Test
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public void testJSPolicyProviderNotAvailable() {
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
assertFalse(getAuthorizationResource().policies().policyProviders().stream().anyMatch(rep -> "js".equals(rep.getType())));
}
@Test
@UncaughtServerErrorExpected
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public void failCreateJSPolicy() {
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
JSPolicyRepresentation grantPolicy = new JSPolicyRepresentation();
grantPolicy.setName("JS Policy");

7
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
View file

@ -43,6 +43,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.GroupBuilder;
@ -51,13 +52,9 @@ import org.keycloak.testsuite.util.UserBuilder;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class AggregatePolicyManagementTest extends AbstractAuthorizationSettingsTest {
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
}
@Before
public void configureTest() {
super.configureTest();

7
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java
View file

@ -26,18 +26,15 @@ import org.junit.Before;
import org.junit.Test;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.Logic;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
@Before
public void onBefore() {
enableFeature(UPLOAD_SCRIPTS);
}
@Test
public void testUpdate() throws InterruptedException {
authorizationPage.navigateTo();