KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed
This commit is contained in:
parent
0e172d1632
commit
b74f69c5ac
39 changed files with 426 additions and 343 deletions
|
@ -92,6 +92,10 @@ import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.Cookie;
|
import javax.ws.rs.core.Cookie;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.io.FileOutputStream;
|
||||||
|
import java.io.IOException;
|
||||||
import java.lang.reflect.InvocationTargetException;
|
import java.lang.reflect.InvocationTargetException;
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
import java.text.ParseException;
|
import java.text.ParseException;
|
||||||
|
@ -101,6 +105,7 @@ import java.util.Date;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import java.util.Properties;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
@ -831,6 +836,25 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
||||||
return new TestJavascriptResource();
|
return new TestJavascriptResource();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void setFeatureInProfileFile(File file, Profile.Feature featureProfile, String newState) {
|
||||||
|
Properties properties = new Properties();
|
||||||
|
if (file.isFile() && file.exists()) {
|
||||||
|
try (FileInputStream fis = new FileInputStream(file)) {
|
||||||
|
properties.load(fis);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new RuntimeException("Unable to read profile.properties file");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
properties.setProperty("feature." + featureProfile.toString().toLowerCase(), newState);
|
||||||
|
|
||||||
|
try (FileOutputStream fos = new FileOutputStream(file)) {
|
||||||
|
properties.store(fos, null);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new RuntimeException("Unable to write to profile.properties file");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@POST
|
@POST
|
||||||
@Path("/enable-feature/{feature}")
|
@Path("/enable-feature/{feature}")
|
||||||
@Consumes(MediaType.APPLICATION_JSON)
|
@Consumes(MediaType.APPLICATION_JSON)
|
||||||
|
@ -848,6 +872,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
||||||
return Response.ok().build();
|
return Response.ok().build();
|
||||||
|
|
||||||
System.setProperty("keycloak.profile.feature." + featureProfile.toString().toLowerCase(), "enabled");
|
System.setProperty("keycloak.profile.feature." + featureProfile.toString().toLowerCase(), "enabled");
|
||||||
|
|
||||||
|
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
|
||||||
|
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
|
||||||
|
if (jbossServerConfigDir != null) {
|
||||||
|
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "enabled");
|
||||||
|
}
|
||||||
|
|
||||||
Profile.init();
|
Profile.init();
|
||||||
|
|
||||||
if (Profile.isFeatureEnabled(featureProfile))
|
if (Profile.isFeatureEnabled(featureProfile))
|
||||||
|
@ -873,6 +904,13 @@ public class TestingResourceProvider implements RealmResourceProvider {
|
||||||
return Response.ok().build();
|
return Response.ok().build();
|
||||||
|
|
||||||
System.getProperties().remove("keycloak.profile.feature." + featureProfile.toString().toLowerCase());
|
System.getProperties().remove("keycloak.profile.feature." + featureProfile.toString().toLowerCase());
|
||||||
|
|
||||||
|
String jbossServerConfigDir = System.getProperty("jboss.server.config.dir");
|
||||||
|
// If we are in jboss-based container, we need to write profile.properties file, otherwise the change in system property will disappear after restart
|
||||||
|
if (jbossServerConfigDir != null) {
|
||||||
|
setFeatureInProfileFile(new File(jbossServerConfigDir, "profile.properties"), featureProfile, "disabled");
|
||||||
|
}
|
||||||
|
|
||||||
Profile.init();
|
Profile.init();
|
||||||
|
|
||||||
if (!Profile.isFeatureEnabled(featureProfile))
|
if (!Profile.isFeatureEnabled(featureProfile))
|
||||||
|
|
|
@ -76,7 +76,7 @@ public class ProfileAssume {
|
||||||
Assume.assumeTrue("Ignoring test as community profile is not enabled", profile.equals("community"));
|
Assume.assumeTrue("Ignoring test as community profile is not enabled", profile.equals("community"));
|
||||||
}
|
}
|
||||||
|
|
||||||
private static boolean isFeatureEnabled(Profile.Feature feature) {
|
public static boolean isFeatureEnabled(Profile.Feature feature) {
|
||||||
updateProfile();
|
updateProfile();
|
||||||
return !disabledFeatures.contains(feature.name());
|
return !disabledFeatures.contains(feature.name());
|
||||||
}
|
}
|
||||||
|
|
|
@ -149,6 +149,10 @@ public final class TestContext {
|
||||||
}
|
}
|
||||||
|
|
||||||
public KeycloakTestingClient getTestingClient() {
|
public KeycloakTestingClient getTestingClient() {
|
||||||
|
if (testingClient == null) {
|
||||||
|
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
|
||||||
|
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
|
||||||
|
}
|
||||||
return testingClient;
|
return testingClient;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.annotation;
|
||||||
|
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
|
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Inherited;
|
||||||
|
import java.lang.annotation.Repeatable;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author mhajas
|
||||||
|
*/
|
||||||
|
@Retention(RUNTIME)
|
||||||
|
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||||
|
@Repeatable(DisableFeatures.class)
|
||||||
|
@Inherited
|
||||||
|
public @interface DisableFeature {
|
||||||
|
Profile.Feature value();
|
||||||
|
boolean skipRestart() default false;
|
||||||
|
}
|
|
@ -0,0 +1,18 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.annotation;
|
||||||
|
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Inherited;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author mhajas
|
||||||
|
*/
|
||||||
|
@Retention(RUNTIME)
|
||||||
|
@Inherited
|
||||||
|
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||||
|
public @interface DisableFeatures {
|
||||||
|
DisableFeature[] value() default {};
|
||||||
|
}
|
|
@ -0,0 +1,23 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.annotation;
|
||||||
|
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
|
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Inherited;
|
||||||
|
import java.lang.annotation.Repeatable;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author mhajas
|
||||||
|
*/
|
||||||
|
@Retention(RUNTIME)
|
||||||
|
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||||
|
@Repeatable(EnableFeatures.class)
|
||||||
|
@Inherited
|
||||||
|
public @interface EnableFeature {
|
||||||
|
Profile.Feature value();
|
||||||
|
boolean skipRestart() default false;
|
||||||
|
}
|
|
@ -0,0 +1,19 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.annotation;
|
||||||
|
|
||||||
|
import java.lang.annotation.Documented;
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Inherited;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
import static java.lang.annotation.RetentionPolicy.RUNTIME;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author mhajas
|
||||||
|
*/
|
||||||
|
@Retention(RUNTIME)
|
||||||
|
@Inherited
|
||||||
|
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||||
|
public @interface EnableFeatures {
|
||||||
|
EnableFeature[] value() default {};
|
||||||
|
}
|
|
@ -52,9 +52,4 @@ public @interface RestartContainer {
|
||||||
* @return Wait time in milliseconds after database initialization.
|
* @return Wait time in milliseconds after database initialization.
|
||||||
*/
|
*/
|
||||||
long intializeDatabaseWait() default 0;
|
long intializeDatabaseWait() default 0;
|
||||||
|
|
||||||
/**
|
|
||||||
* @return Array of features, which should be enabled.
|
|
||||||
*/
|
|
||||||
Profile.Feature[] enableFeatures() default {};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -140,14 +140,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
||||||
if (restartContainer.withoutKeycloakAddUserFile()) {
|
if (restartContainer.withoutKeycloakAddUserFile()) {
|
||||||
copyKeycloakAddUserFile();
|
copyKeycloakAddUserFile();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (restartContainer.enableFeatures().length != 0) {
|
|
||||||
changeStateOfFeatures(restartContainer, false);
|
|
||||||
// Auth-server has to be restarted again. If not, the features will not to be disabled.
|
|
||||||
container.fire(new StopManualContainers());
|
|
||||||
container.fire(new StopSuiteContainers());
|
|
||||||
container.fire(new StartSuiteContainers());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -158,10 +150,6 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
||||||
if (restartContainer.withoutKeycloakAddUserFile()) {
|
if (restartContainer.withoutKeycloakAddUserFile()) {
|
||||||
removeKeycloakAddUserFile();
|
removeKeycloakAddUserFile();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (restartContainer.enableFeatures().length != 0) {
|
|
||||||
changeStateOfFeatures(restartContainer, true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -263,81 +251,4 @@ public class KeycloakContainerEventsController extends ContainerEventController
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Change state of features, which are contained in {@code enableFeatures} param.
|
|
||||||
* This method either enable or disable features.
|
|
||||||
* If auth-server is JBossBased, then the features are either enabled or disabled via {@code profile.properties}.
|
|
||||||
*
|
|
||||||
* @param restartContainer to pass more information from test annotation.
|
|
||||||
* @param enableFeatures if the features will be enabled or disabled.
|
|
||||||
*/
|
|
||||||
private void changeStateOfFeatures(RestartContainer restartContainer, boolean enableFeatures) {
|
|
||||||
Optional<Container> authServerOptional = containerRegistry.get().getContainers().stream()
|
|
||||||
.filter(f -> f.getName().startsWith("auth-server-")).findFirst();
|
|
||||||
|
|
||||||
if (authServerOptional.isPresent()) {
|
|
||||||
Container authServer = authServerOptional.get();
|
|
||||||
boolean isJbossBased = new ContainerInfo(authServer).isJBossBased();
|
|
||||||
|
|
||||||
if (isJbossBased) {
|
|
||||||
ContainerDef conf = authServer.getContainerConfiguration();
|
|
||||||
String jbossHome = conf.getContainerProperty("jbossHome");
|
|
||||||
Path fileProps = null;
|
|
||||||
if (jbossHome != null) {
|
|
||||||
try {
|
|
||||||
Path dir = Paths.get(jbossHome + "/standalone/configuration");
|
|
||||||
fileProps = dir.resolve("profile.properties");
|
|
||||||
|
|
||||||
if (enableFeatures) {
|
|
||||||
Path file = Files.createFile(fileProps);
|
|
||||||
Properties props = new Properties();
|
|
||||||
Arrays.stream(restartContainer.enableFeatures()).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), "enabled"));
|
|
||||||
PrintWriter pw = new PrintWriter(file.toFile());
|
|
||||||
props.list(pw);
|
|
||||||
pw.close();
|
|
||||||
} else {
|
|
||||||
Files.deleteIfExists(fileProps);
|
|
||||||
}
|
|
||||||
} catch (FileAlreadyExistsException ex) {
|
|
||||||
changeFeaturesInExistingProps(restartContainer, fileProps, true);
|
|
||||||
} catch (IOException e) {
|
|
||||||
e.printStackTrace();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if (enableFeatures) {
|
|
||||||
Arrays.stream(restartContainer.enableFeatures())
|
|
||||||
.forEach(f -> System.setProperty("keycloak.profile.feature." + f.toString().toLowerCase(), "enabled"));
|
|
||||||
} else {
|
|
||||||
Arrays.stream(restartContainer.enableFeatures())
|
|
||||||
.forEach(f -> System.getProperties().remove("keycloak.profile.feature." + f.toString().toLowerCase()));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Profile.init();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* If exists {@code profile.properties} file, then another properties are only appended to the file.
|
|
||||||
*
|
|
||||||
* @param restartContainer to pass more information from test annotation
|
|
||||||
* @param file path to profile.properties
|
|
||||||
* @param enableFeatures if features will be enabled or disabled
|
|
||||||
*/
|
|
||||||
private void changeFeaturesInExistingProps(RestartContainer restartContainer, Path file, boolean enableFeatures) {
|
|
||||||
Profile.Feature[] features = restartContainer.enableFeatures();
|
|
||||||
String state = enableFeatures ? "enabled" : "disabled";
|
|
||||||
|
|
||||||
if (features.length != 0) {
|
|
||||||
Properties props = new Properties();
|
|
||||||
try {
|
|
||||||
props.load(Files.newBufferedReader(file));
|
|
||||||
Arrays.stream(features).forEach(f -> props.setProperty("feature." + f.toString().toLowerCase(), state));
|
|
||||||
props.store(Files.newBufferedWriter(file), "");
|
|
||||||
} catch (IOException e) {
|
|
||||||
e.printStackTrace();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,175 @@
|
||||||
|
package org.keycloak.testsuite.arquillian.containers;
|
||||||
|
|
||||||
|
import org.jboss.arquillian.container.spi.event.ContainerMultiControlEvent;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StartClassContainers;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StartContainer;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StopContainer;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StopManualContainers;
|
||||||
|
import org.jboss.arquillian.container.spi.event.StopSuiteContainers;
|
||||||
|
import org.jboss.arquillian.core.api.Event;
|
||||||
|
import org.jboss.arquillian.core.api.Instance;
|
||||||
|
import org.jboss.arquillian.core.api.annotation.Inject;
|
||||||
|
import org.jboss.arquillian.core.api.annotation.Observes;
|
||||||
|
import org.jboss.arquillian.test.spi.event.suite.After;
|
||||||
|
import org.jboss.arquillian.test.spi.event.suite.AfterClass;
|
||||||
|
import org.jboss.arquillian.test.spi.event.suite.Before;
|
||||||
|
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
|
import org.keycloak.testsuite.arquillian.SuiteContext;
|
||||||
|
import org.keycloak.testsuite.arquillian.TestContext;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeatures;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeatures;
|
||||||
|
import org.keycloak.testsuite.client.KeycloakTestingClient;
|
||||||
|
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
|
||||||
|
import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
|
||||||
|
|
||||||
|
import java.lang.reflect.AnnotatedElement;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.function.BiConsumer;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
|
import static org.hamcrest.CoreMatchers.is;
|
||||||
|
import static org.junit.Assert.assertThat;
|
||||||
|
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getManagementClient;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author mhajas
|
||||||
|
*/
|
||||||
|
public class KeycloakContainerFeaturesController {
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
private Instance<TestContext> testContextInstance;
|
||||||
|
@Inject
|
||||||
|
private Instance<SuiteContext> suiteContextInstance;
|
||||||
|
@Inject
|
||||||
|
private Event<StartContainer> startContainerEvent;
|
||||||
|
@Inject
|
||||||
|
private Event<StopContainer> stopContainerEvent;
|
||||||
|
|
||||||
|
public enum FeatureAction {
|
||||||
|
ENABLE(KeycloakTestingClient::enableFeature),
|
||||||
|
DISABLE(KeycloakTestingClient::disableFeature);
|
||||||
|
|
||||||
|
private BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer;
|
||||||
|
|
||||||
|
FeatureAction(BiConsumer<KeycloakTestingClient, Profile.Feature> featureConsumer) {
|
||||||
|
this.featureConsumer = featureConsumer;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void accept(KeycloakTestingClient testingClient, Profile.Feature feature) {
|
||||||
|
featureConsumer.accept(testingClient, feature);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public enum State {
|
||||||
|
BEFORE,
|
||||||
|
AFTER
|
||||||
|
}
|
||||||
|
|
||||||
|
private class UpdateFeature {
|
||||||
|
private Profile.Feature feature;
|
||||||
|
private boolean skipRestart;
|
||||||
|
private FeatureAction action;
|
||||||
|
|
||||||
|
public UpdateFeature(Profile.Feature feature, boolean skipRestart, FeatureAction action) {
|
||||||
|
this.feature = feature;
|
||||||
|
this.skipRestart = skipRestart;
|
||||||
|
this.action = action;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* All features we want to enable/disable must be disabled/enabled
|
||||||
|
* otherwise at the end of a test the environment will be in an inconsistent state because we would disable/enable
|
||||||
|
* some feature which was enabled/disabled before test
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
private void assertValid() {
|
||||||
|
assertThat("An annotation requested to " + action.name()
|
||||||
|
+ " feature " + feature.name() + " however it was already in that state" ,
|
||||||
|
ProfileAssume.isFeatureEnabled(feature),
|
||||||
|
is(!(action == FeatureAction.ENABLE)));
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertPerformed() {
|
||||||
|
assertThat("An annotation requested to " + action.name() +
|
||||||
|
" feature " + feature.name() + ", however after performing this operation " +
|
||||||
|
"the feature is not in desired state" ,
|
||||||
|
ProfileAssume.isFeatureEnabled(feature),
|
||||||
|
is(action == FeatureAction.ENABLE));
|
||||||
|
}
|
||||||
|
|
||||||
|
public void performAction() {
|
||||||
|
assertValid();
|
||||||
|
action.accept(testContextInstance.get().getTestingClient(), feature);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void restartAuthServer() throws Exception {
|
||||||
|
if (AuthServerTestEnricher.AUTH_SERVER_CONTAINER.equals("auth-server-remote")) {
|
||||||
|
OnlineManagementClient client = getManagementClient();
|
||||||
|
Administration administration = new Administration(client);
|
||||||
|
administration.reload();
|
||||||
|
client.close();
|
||||||
|
} else {
|
||||||
|
stopContainerEvent.fire(new StopContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
|
||||||
|
startContainerEvent.fire(new StartContainer(suiteContextInstance.get().getAuthServerInfo().getArquillianContainer()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void updateFeatures(List<UpdateFeature> updateFeatures) throws Exception {
|
||||||
|
updateFeatures.forEach(UpdateFeature::performAction);
|
||||||
|
|
||||||
|
if (updateFeatures.stream().anyMatch(updateFeature -> !updateFeature.skipRestart)) {
|
||||||
|
restartAuthServer();
|
||||||
|
testContextInstance.get().reconnectAdminClient();
|
||||||
|
}
|
||||||
|
|
||||||
|
updateFeatures.forEach(UpdateFeature::assertPerformed);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void checkAnnotatedElementForFeatureAnnotations(AnnotatedElement annotatedElement, State state) throws Exception {
|
||||||
|
List<UpdateFeature> updateFeatureList = new ArrayList<>(0);
|
||||||
|
|
||||||
|
if (annotatedElement.isAnnotationPresent(EnableFeatures.class) || annotatedElement.isAnnotationPresent(EnableFeature.class)) {
|
||||||
|
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(EnableFeature.class))
|
||||||
|
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
|
||||||
|
state == State.BEFORE ? FeatureAction.ENABLE : FeatureAction.DISABLE))
|
||||||
|
.collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (annotatedElement.isAnnotationPresent(DisableFeatures.class) || annotatedElement.isAnnotationPresent(DisableFeature.class)) {
|
||||||
|
updateFeatureList.addAll(Arrays.stream(annotatedElement.getAnnotationsByType(DisableFeature.class))
|
||||||
|
.map(annotation -> new UpdateFeature(annotation.value(), annotation.skipRestart(),
|
||||||
|
state == State.BEFORE ? FeatureAction.DISABLE : FeatureAction.ENABLE))
|
||||||
|
.collect(Collectors.toList()));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!updateFeatureList.isEmpty()) {
|
||||||
|
updateFeatures(updateFeatureList);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void handleEnableFeaturesAnnotationBeforeClass(@Observes(precedence = 1) BeforeClass event) throws Exception {
|
||||||
|
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.BEFORE);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void handleEnableFeaturesAnnotationBeforeTest(@Observes(precedence = 1) Before event) throws Exception {
|
||||||
|
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.BEFORE);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void handleEnableFeaturesAnnotationAfterTest(@Observes(precedence = 2) After event) throws Exception {
|
||||||
|
checkAnnotatedElementForFeatureAnnotations(event.getTestMethod(), State.AFTER);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void handleEnableFeaturesAnnotationAfterClass(@Observes(precedence = 2) AfterClass event) throws Exception {
|
||||||
|
checkAnnotatedElementForFeatureAnnotations(event.getTestClass().getJavaClass(), State.AFTER);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -112,6 +112,7 @@ public class KeycloakContainerTestExtension implements LoadableExtension {
|
||||||
.observer(RemoteTestExecuter.class)
|
.observer(RemoteTestExecuter.class)
|
||||||
.observer(DeploymentCommandObserver.class)
|
.observer(DeploymentCommandObserver.class)
|
||||||
.observer(ContainerCommandObserver.class)
|
.observer(ContainerCommandObserver.class)
|
||||||
.observer(RemoteResourceCommandObserver.class);
|
.observer(RemoteResourceCommandObserver.class)
|
||||||
|
.observer(KeycloakContainerFeaturesController.class);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,10 +19,12 @@ package org.keycloak.testsuite.client;
|
||||||
|
|
||||||
import javax.net.ssl.HostnameVerifier;
|
import javax.net.ssl.HostnameVerifier;
|
||||||
import javax.net.ssl.SSLSession;
|
import javax.net.ssl.SSLSession;
|
||||||
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
|
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
|
||||||
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
|
||||||
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
|
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
|
||||||
|
import org.keycloak.common.Profile;
|
||||||
import org.keycloak.testsuite.client.resources.TestApplicationResource;
|
import org.keycloak.testsuite.client.resources.TestApplicationResource;
|
||||||
import org.keycloak.testsuite.client.resources.TestExampleCompanyResource;
|
import org.keycloak.testsuite.client.resources.TestExampleCompanyResource;
|
||||||
import org.keycloak.testsuite.client.resources.TestSamlApplicationResource;
|
import org.keycloak.testsuite.client.resources.TestSamlApplicationResource;
|
||||||
|
@ -31,6 +33,8 @@ import org.keycloak.testsuite.runonserver.*;
|
||||||
import org.keycloak.testsuite.util.AdminClientUtil;
|
import org.keycloak.testsuite.util.AdminClientUtil;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
|
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
|
||||||
*/
|
*/
|
||||||
|
@ -71,6 +75,18 @@ public class KeycloakTestingClient implements AutoCloseable {
|
||||||
return target.path("/realms/" + realm).proxy(TestingResource.class);
|
return target.path("/realms/" + realm).proxy(TestingResource.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void enableFeature(Profile.Feature feature) {
|
||||||
|
try (Response response = testing().enableFeature(feature.toString())) {
|
||||||
|
assertEquals(200, response.getStatus());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void disableFeature(Profile.Feature feature) {
|
||||||
|
try (Response response = testing().disableFeature(feature.toString())) {
|
||||||
|
assertEquals(200, response.getStatus());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public TestApplicationResource testApp() { return target.proxy(TestApplicationResource.class); }
|
public TestApplicationResource testApp() { return target.proxy(TestApplicationResource.class); }
|
||||||
|
|
||||||
public TestSamlApplicationResource testSamlApp() { return target.proxy(TestSamlApplicationResource.class); }
|
public TestSamlApplicationResource testSamlApp() { return target.proxy(TestSamlApplicationResource.class); }
|
||||||
|
|
|
@ -152,7 +152,6 @@ public abstract class AbstractKeycloakTest {
|
||||||
private PropertiesConfiguration constantsProperties;
|
private PropertiesConfiguration constantsProperties;
|
||||||
|
|
||||||
private boolean resetTimeOffset;
|
private boolean resetTimeOffset;
|
||||||
private List<Profile.Feature> enabledFeatures = new ArrayList<>();
|
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void beforeAbstractKeycloakTest() throws Exception {
|
public void beforeAbstractKeycloakTest() throws Exception {
|
||||||
|
@ -230,10 +229,6 @@ public abstract class AbstractKeycloakTest {
|
||||||
testContext.getCleanups().clear();
|
testContext.getCleanups().clear();
|
||||||
}
|
}
|
||||||
|
|
||||||
for (Profile.Feature feature : enabledFeatures) {
|
|
||||||
disableFeature(feature);
|
|
||||||
}
|
|
||||||
|
|
||||||
postAfterAbstractKeycloak();
|
postAfterAbstractKeycloak();
|
||||||
|
|
||||||
// Remove all browsers from queue
|
// Remove all browsers from queue
|
||||||
|
@ -329,11 +324,6 @@ public abstract class AbstractKeycloakTest {
|
||||||
public KeycloakTestingClient getTestingClient() {
|
public KeycloakTestingClient getTestingClient() {
|
||||||
if (testingClient == null) {
|
if (testingClient == null) {
|
||||||
testingClient = testContext.getTestingClient();
|
testingClient = testContext.getTestingClient();
|
||||||
if (testingClient == null) {
|
|
||||||
String authServerContextRoot = suiteContext.getAuthServerInfo().getContextRoot().toString();
|
|
||||||
testingClient = KeycloakTestingClient.getInstance(authServerContextRoot + "/auth");
|
|
||||||
testContext.setTestingClient(testingClient);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
return testingClient;
|
return testingClient;
|
||||||
}
|
}
|
||||||
|
@ -639,17 +629,4 @@ public abstract class AbstractKeycloakTest {
|
||||||
}
|
}
|
||||||
return in;
|
return in;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void enableFeature(Profile.Feature feature) {
|
|
||||||
enabledFeatures.add(feature);
|
|
||||||
try (Response response = getTestingClient().testing().enableFeature(feature.toString())) {
|
|
||||||
assertEquals(200, response.getStatus());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
protected void disableFeature(Profile.Feature feature) {
|
|
||||||
try (Response response = getTestingClient().testing().disableFeature(feature.toString())) {
|
|
||||||
assertEquals(200, response.getStatus());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,6 @@ package org.keycloak.testsuite.account;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
|
||||||
|
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
@ -31,17 +30,21 @@ import org.apache.http.impl.client.HttpClientBuilder;
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Rule;
|
import org.junit.Rule;
|
||||||
|
import org.junit.Test;
|
||||||
import org.keycloak.broker.provider.util.SimpleHttp;
|
import org.keycloak.broker.provider.util.SimpleHttp;
|
||||||
import org.keycloak.representations.account.SessionRepresentation;
|
import org.keycloak.representations.account.SessionRepresentation;
|
||||||
import org.keycloak.representations.idm.RealmRepresentation;
|
import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.TokenUtil;
|
import org.keycloak.testsuite.util.TokenUtil;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = ACCOUNT_API, skipRestart = true)
|
||||||
public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakTest {
|
public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Rule
|
@Rule
|
||||||
|
@ -55,34 +58,17 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
||||||
@Before
|
@Before
|
||||||
public void before() {
|
public void before() {
|
||||||
httpClient = HttpClientBuilder.create().build();
|
httpClient = HttpClientBuilder.create().build();
|
||||||
try {
|
|
||||||
checkIfFeatureWorks(false);
|
|
||||||
Response response = testingClient.testing().enableFeature(ACCOUNT_API.toString());
|
|
||||||
assertEquals(200, response.getStatus());
|
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
checkIfFeatureWorks(true);
|
|
||||||
} catch (Exception e) {
|
|
||||||
disableFeature();
|
|
||||||
throw e;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@After
|
@After
|
||||||
public void after() {
|
public void after() {
|
||||||
try {
|
try {
|
||||||
disableFeature();
|
|
||||||
httpClient.close();
|
httpClient.close();
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
throw new RuntimeException(e);
|
throw new RuntimeException(e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void disableFeature() {
|
|
||||||
Response response = testingClient.testing().disableFeature(ACCOUNT_API.toString());
|
|
||||||
assertEquals(200, response.getStatus());
|
|
||||||
checkIfFeatureWorks(false);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||||
testRealm.getUsers().add(UserBuilder.create().username("no-account-access").password("password").build());
|
testRealm.getUsers().add(UserBuilder.create().username("no-account-access").password("password").build());
|
||||||
|
@ -96,6 +82,12 @@ public abstract class AbstractRestServiceTest extends AbstractTestRealmKeycloakT
|
||||||
return suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/test/account" + (resource != null ? "/" + resource : "");
|
return suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/test/account" + (resource != null ? "/" + resource : "");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@DisableFeature(value = ACCOUNT_API, skipRestart = true)
|
||||||
|
public void testFeatureDoesntWorkWhenDisabled() {
|
||||||
|
checkIfFeatureWorks(false);
|
||||||
|
}
|
||||||
|
|
||||||
// Check if the feature really works
|
// Check if the feature really works
|
||||||
private void checkIfFeatureWorks(boolean shouldWorks) {
|
private void checkIfFeatureWorks(boolean shouldWorks) {
|
||||||
try {
|
try {
|
||||||
|
|
|
@ -30,6 +30,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.services.messages.Messages;
|
import org.keycloak.services.messages.Messages;
|
||||||
import org.keycloak.services.resources.account.AccountCredentialResource;
|
import org.keycloak.services.resources.account.AccountCredentialResource;
|
||||||
import org.keycloak.services.resources.account.AccountCredentialResource.PasswordUpdate;
|
import org.keycloak.services.resources.account.AccountCredentialResource.PasswordUpdate;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.TokenUtil;
|
import org.keycloak.testsuite.util.TokenUtil;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
@ -41,7 +42,6 @@ import java.util.Map;
|
||||||
import static org.hamcrest.Matchers.containsInAnyOrder;
|
import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.*;
|
||||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
|
@ -191,8 +191,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testProfilePreviewPermissions() throws IOException {
|
public void testProfilePreviewPermissions() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
||||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||||
|
|
||||||
|
@ -219,15 +217,11 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testGetPasswordDetails() throws IOException {
|
public void testGetPasswordDetails() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
getPasswordDetails();
|
getPasswordDetails();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testPostPasswordUpdate() throws IOException {
|
public void testPostPasswordUpdate() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
//Get the time of lastUpdate
|
//Get the time of lastUpdate
|
||||||
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
|
AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();
|
||||||
|
|
||||||
|
@ -251,8 +245,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testPasswordConfirmation() throws IOException {
|
public void testPasswordConfirmation() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
|
updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
|
||||||
|
|
||||||
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
|
updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
|
||||||
|
@ -294,8 +286,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void listApplications() throws IOException {
|
public void listApplications() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||||
List<ClientRepresentation> applications = SimpleHttp
|
List<ClientRepresentation> applications = SimpleHttp
|
||||||
.doGet(getAccountUrl("applications"), httpClient)
|
.doGet(getAccountUrl("applications"), httpClient)
|
||||||
|
@ -308,8 +298,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void listApplicationsWithoutPermission() throws IOException {
|
public void listApplicationsWithoutPermission() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-account-access", "password");
|
TokenUtil token = new TokenUtil("view-account-access", "password");
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
.doGet(getAccountUrl("applications"), httpClient)
|
.doGet(getAccountUrl("applications"), httpClient)
|
||||||
|
@ -321,8 +309,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getWebConsoleApplication() throws IOException {
|
public void getWebConsoleApplication() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
ClientRepresentation webConsole = SimpleHttp
|
ClientRepresentation webConsole = SimpleHttp
|
||||||
|
@ -335,8 +321,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getWebConsoleApplicationWithoutPermission() throws IOException {
|
public void getWebConsoleApplicationWithoutPermission() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-account-access", "password");
|
TokenUtil token = new TokenUtil("view-account-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -349,8 +333,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getNotExistingApplication() throws IOException {
|
public void getNotExistingApplication() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||||
String appId = "not-existing";
|
String appId = "not-existing";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -363,8 +345,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForClient() throws IOException {
|
public void createConsentForClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -389,8 +369,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void updateConsentForClient() throws IOException {
|
public void updateConsentForClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -435,8 +413,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForNotExistingClient() throws IOException {
|
public void createConsentForNotExistingClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "not-existing";
|
String appId = "not-existing";
|
||||||
|
|
||||||
|
@ -459,8 +435,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForClientWithoutPermission() throws IOException {
|
public void createConsentForClientWithoutPermission() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -483,8 +457,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForClientWithPut() throws IOException {
|
public void createConsentForClientWithPut() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -509,8 +481,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void updateConsentForClientWithPut() throws IOException {
|
public void updateConsentForClientWithPut() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -555,8 +525,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForNotExistingClientWithPut() throws IOException {
|
public void createConsentForNotExistingClientWithPut() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "not-existing";
|
String appId = "not-existing";
|
||||||
|
|
||||||
|
@ -579,8 +547,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void createConsentForClientWithoutPermissionWithPut() throws IOException {
|
public void createConsentForClientWithoutPermissionWithPut() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -603,8 +569,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getConsentForClient() throws IOException {
|
public void getConsentForClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -638,8 +602,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getConsentForNotExistingClient() throws IOException {
|
public void getConsentForNotExistingClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||||
String appId = "not-existing";
|
String appId = "not-existing";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -652,8 +614,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getNotExistingConsentForClient() throws IOException {
|
public void getNotExistingConsentForClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -666,8 +626,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getConsentWithoutPermission() throws IOException {
|
public void getConsentWithoutPermission() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
TokenUtil token = new TokenUtil("view-applications-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -680,8 +638,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void deleteConsentForClient() throws IOException {
|
public void deleteConsentForClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
|
|
||||||
|
@ -720,8 +676,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void deleteConsentForNotExistingClient() throws IOException {
|
public void deleteConsentForNotExistingClient() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
TokenUtil token = new TokenUtil("manage-consent-access", "password");
|
||||||
String appId = "not-existing";
|
String appId = "not-existing";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
@ -735,8 +689,6 @@ public class AccountRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void deleteConsentWithoutPermission() throws IOException {
|
public void deleteConsentWithoutPermission() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
TokenUtil token = new TokenUtil("view-consent-access", "password");
|
||||||
String appId = "security-admin-console";
|
String appId = "security-admin-console";
|
||||||
SimpleHttp.Response response = SimpleHttp
|
SimpleHttp.Response response = SimpleHttp
|
||||||
|
|
|
@ -21,7 +21,6 @@ import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.assertThat;
|
import static org.junit.Assert.assertThat;
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
import static org.keycloak.common.Profile.Feature.ACCOUNT_API;
|
||||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -96,8 +95,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testProfilePreviewPermissions() throws IOException {
|
public void testProfilePreviewPermissions() throws IOException {
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
|
|
||||||
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
TokenUtil noaccessToken = new TokenUtil("no-account-access", "password");
|
||||||
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
TokenUtil viewToken = new TokenUtil("view-account-access", "password");
|
||||||
|
|
||||||
|
@ -124,13 +121,6 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
||||||
.auth(viewToken.getToken()).asStatus());
|
.auth(viewToken.getToken()).asStatus());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Before
|
|
||||||
@Override
|
|
||||||
public void before() {
|
|
||||||
super.before();
|
|
||||||
assumeFeatureEnabled(ACCOUNT_API);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testGetSessions() throws Exception {
|
public void testGetSessions() throws Exception {
|
||||||
oauth.setDriver(secondBrowser);
|
oauth.setDriver(secondBrowser);
|
||||||
|
@ -364,8 +354,8 @@ public class SessionRestServiceTest extends AbstractRestServiceTest {
|
||||||
assertEquals("Other", device.getDevice());
|
assertEquals("Other", device.getDevice());
|
||||||
|
|
||||||
List<SessionRepresentation> sessions = device.getSessions();
|
List<SessionRepresentation> sessions = device.getSessions();
|
||||||
assertEquals(2, sessions.size());
|
assertEquals(1, sessions.size());
|
||||||
SessionRepresentation session = sessions.stream().filter(rep -> rep.getCurrent() != null && rep.getCurrent()).findFirst().get();
|
SessionRepresentation session = sessions.get(0);
|
||||||
assertEquals("127.0.0.1", session.getIpAddress());
|
assertEquals("127.0.0.1", session.getIpAddress());
|
||||||
assertEquals(device.getLastAccess(), session.getLastAccess());
|
assertEquals(device.getLastAccess(), session.getLastAccess());
|
||||||
|
|
||||||
|
|
|
@ -74,6 +74,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
|
||||||
import org.keycloak.testsuite.adapter.page.PhotozClientAuthzTestApp;
|
import org.keycloak.testsuite.adapter.page.PhotozClientAuthzTestApp;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||||
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
|
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
|
||||||
import org.keycloak.testsuite.util.DroneUtils;
|
import org.keycloak.testsuite.util.DroneUtils;
|
||||||
|
@ -93,6 +94,7 @@ import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhotozJavascriptExecutorTest {
|
public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhotozJavascriptExecutorTest {
|
||||||
|
|
||||||
protected static final String RESOURCE_SERVER_ID = "photoz-restful-api";
|
protected static final String RESOURCE_SERVER_ID = "photoz-restful-api";
|
||||||
|
@ -165,7 +167,6 @@ public abstract class AbstractBasePhotozExampleAdapterTest extends AbstractPhoto
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
RealmRepresentation realm = loadRealm(new File(TEST_APPS_HOME_DIR + "/photoz/photoz-realm.json"));
|
RealmRepresentation realm = loadRealm(new File(TEST_APPS_HOME_DIR + "/photoz/photoz-realm.json"));
|
||||||
|
|
||||||
realm.setAccessTokenLifespan(30 + TOKEN_LIFESPAN_LEEWAY); // seconds
|
realm.setAccessTokenLifespan(30 + TOKEN_LIFESPAN_LEEWAY); // seconds
|
||||||
|
|
|
@ -28,6 +28,7 @@ import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||||
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.UIUtils;
|
import org.keycloak.testsuite.util.UIUtils;
|
||||||
import org.openqa.selenium.By;
|
import org.openqa.selenium.By;
|
||||||
import org.openqa.selenium.WebElement;
|
import org.openqa.selenium.WebElement;
|
||||||
|
@ -50,6 +51,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampleAdapterTest {
|
public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampleAdapterTest {
|
||||||
|
|
||||||
protected static final String REALM_NAME = "servlet-authz";
|
protected static final String REALM_NAME = "servlet-authz";
|
||||||
|
@ -58,11 +60,6 @@ public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampl
|
||||||
@ArquillianResource
|
@ArquillianResource
|
||||||
private Deployer deployer;
|
private Deployer deployer;
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
testRealms.add(
|
testRealms.add(
|
||||||
|
|
|
@ -46,6 +46,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||||
import org.keycloak.testsuite.util.UIUtils;
|
import org.keycloak.testsuite.util.UIUtils;
|
||||||
import org.openqa.selenium.By;
|
import org.openqa.selenium.By;
|
||||||
|
@ -62,6 +63,7 @@ import org.openqa.selenium.By;
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT7)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT8)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
||||||
|
|
||||||
protected static final String REALM_NAME = "servlet-policy-enforcer-authz";
|
protected static final String REALM_NAME = "servlet-policy-enforcer-authz";
|
||||||
|
@ -72,7 +74,6 @@ public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
testRealms.add(
|
testRealms.add(
|
||||||
loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-policy-enforcer/servlet-policy-enforcer-authz-realm.json")));
|
loadRealm(new File(TEST_APPS_HOME_DIR + "/servlet-policy-enforcer/servlet-policy-enforcer-authz-realm.json")));
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,6 +34,7 @@ import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
|
||||||
import org.keycloak.testsuite.adapter.page.AngularCorsProductTestApp;
|
import org.keycloak.testsuite.adapter.page.AngularCorsProductTestApp;
|
||||||
import org.keycloak.testsuite.adapter.page.CorsDatabaseServiceTestApp;
|
import org.keycloak.testsuite.adapter.page.CorsDatabaseServiceTestApp;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||||
import org.keycloak.testsuite.auth.page.account.Account;
|
import org.keycloak.testsuite.auth.page.account.Account;
|
||||||
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
|
import org.keycloak.testsuite.auth.page.login.OIDCLogin;
|
||||||
|
@ -51,6 +52,8 @@ import java.util.regex.Pattern;
|
||||||
import static junit.framework.TestCase.assertNotNull;
|
import static junit.framework.TestCase.assertNotNull;
|
||||||
import org.junit.Assume;
|
import org.junit.Assume;
|
||||||
import org.keycloak.testsuite.util.DroneUtils;
|
import org.keycloak.testsuite.util.DroneUtils;
|
||||||
|
|
||||||
|
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||||
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
||||||
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
|
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
|
||||||
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
|
||||||
|
@ -71,6 +74,7 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
|
public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
|
||||||
|
|
||||||
public static final String CORS = "cors";
|
public static final String CORS = "cors";
|
||||||
|
@ -109,7 +113,6 @@ public class CorsExampleAdapterTest extends AbstractExampleAdapterTest {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
public void addAdapterTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
testRealms.add(
|
testRealms.add(
|
||||||
loadRealm(new File(TEST_APPS_HOME_DIR + "/cors/cors-realm.json")));
|
loadRealm(new File(TEST_APPS_HOME_DIR + "/cors/cors-realm.json")));
|
||||||
}
|
}
|
||||||
|
|
|
@ -59,6 +59,8 @@ import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
|
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
|
||||||
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
|
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||||
import org.keycloak.testsuite.broker.BrokerTestTools;
|
import org.keycloak.testsuite.broker.BrokerTestTools;
|
||||||
|
@ -100,6 +102,7 @@ import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SE
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP6)
|
||||||
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
@AppServerContainer(ContainerConstants.APP_SERVER_EAP71)
|
||||||
|
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||||
public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest {
|
public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest {
|
||||||
public static final String CHILD_IDP = "child";
|
public static final String CHILD_IDP = "child";
|
||||||
public static final String PARENT_IDP = "parent-idp";
|
public static final String PARENT_IDP = "parent-idp";
|
||||||
|
@ -206,30 +209,23 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||||
|
@UncaughtServerErrorExpected
|
||||||
|
public void testFeatureDisabled() throws Exception {
|
||||||
|
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testFeatureEnabled() throws Exception {
|
||||||
|
checkFeature(Response.Status.OK.getStatusCode());
|
||||||
|
}
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void enableFeature() throws Exception {
|
public void beforeTest() throws Exception {
|
||||||
try {
|
|
||||||
addIdpUser();
|
addIdpUser();
|
||||||
addChildUser();
|
addChildUser();
|
||||||
createBroker();
|
createBroker();
|
||||||
|
|
||||||
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
|
||||||
Response response = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
|
||||||
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
|
|
||||||
checkFeature(Response.Status.OK.getStatusCode());
|
|
||||||
|
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
} catch (Exception e) {
|
|
||||||
disableFeature();
|
|
||||||
throw e;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@After
|
|
||||||
public void disableFeature() throws Exception {
|
|
||||||
Response response = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
|
||||||
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
|
|
||||||
checkFeature(Response.Status.NOT_IMPLEMENTED.getStatusCode());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void addIdpUser() {
|
public void addIdpUser() {
|
||||||
|
|
|
@ -49,6 +49,7 @@ import org.keycloak.services.resources.admin.permissions.GroupPermissionManageme
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||||
|
@ -86,19 +87,6 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
||||||
testRealms.add(testRealmRep);
|
testRealms.add(testRealmRep);
|
||||||
}
|
}
|
||||||
|
|
||||||
@After
|
|
||||||
public void checkTokenExchangeFeature() throws Exception {
|
|
||||||
if (Profile.isFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE)) {
|
|
||||||
disableTokenExchange();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private void disableTokenExchange() throws Exception {
|
|
||||||
Response featureResponse = testingClient.testing().disableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
|
||||||
Assert.assertEquals(200, featureResponse.getStatus());
|
|
||||||
checkTokenExchange(false);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static void setupDemo(KeycloakSession session) {
|
public static void setupDemo(KeycloakSession session) {
|
||||||
RealmModel realm = session.realms().getRealmByName(TEST);
|
RealmModel realm = session.realms().getRealmByName(TEST);
|
||||||
realm.addRole("realm-role");
|
realm.addRole("realm-role");
|
||||||
|
@ -867,6 +855,12 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@UncaughtServerErrorExpected
|
||||||
|
public void testTokenExchangeDisabled() throws Exception {
|
||||||
|
checkTokenExchange(false);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KEYCLOAK-7406
|
* KEYCLOAK-7406
|
||||||
*
|
*
|
||||||
|
@ -874,23 +868,14 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
|
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||||
public void testWithTokenExchange() throws Exception {
|
public void testWithTokenExchange() throws Exception {
|
||||||
try {
|
|
||||||
checkTokenExchange(false);
|
|
||||||
|
|
||||||
Response featureResponse = testingClient.testing().enableFeature(Profile.Feature.TOKEN_EXCHANGE.toString());
|
|
||||||
Assert.assertEquals(200, featureResponse.getStatus());
|
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
|
|
||||||
String exchanged = checkTokenExchange(true);
|
String exchanged = checkTokenExchange(true);
|
||||||
Assert.assertNotNull(exchanged);
|
Assert.assertNotNull(exchanged);
|
||||||
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
|
try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
|
||||||
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
|
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
|
||||||
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
|
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
|
||||||
}
|
}
|
||||||
} finally {
|
|
||||||
disableTokenExchange();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
@ -30,6 +30,7 @@ import org.keycloak.representations.idm.authorization.ResourceServerRepresentati
|
||||||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.admin.client.AbstractClientTest;
|
import org.keycloak.testsuite.admin.client.AbstractClientTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
import org.keycloak.testsuite.util.UserBuilder;
|
import org.keycloak.testsuite.util.UserBuilder;
|
||||||
|
@ -44,15 +45,11 @@ import java.util.List;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public abstract class AbstractAuthorizationTest extends AbstractClientTest {
|
public abstract class AbstractAuthorizationTest extends AbstractClientTest {
|
||||||
|
|
||||||
protected static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
protected static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setDefaultPageUriParameters() {
|
public void setDefaultPageUriParameters() {
|
||||||
super.setDefaultPageUriParameters();
|
super.setDefaultPageUriParameters();
|
||||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.testsuite.admin.client.authorization;
|
||||||
|
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
|
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
|
||||||
|
@ -33,17 +34,14 @@ import org.keycloak.common.Profile;
|
||||||
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.Logic;
|
import org.keycloak.representations.idm.authorization.Logic;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class JSPolicyManagementTest extends AbstractPolicyManagementTest {
|
public class JSPolicyManagementTest extends AbstractPolicyManagementTest {
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testCreate() {
|
public void testCreate() {
|
||||||
AuthorizationResource authorization = getClient().authorization();
|
AuthorizationResource authorization = getClient().authorization();
|
||||||
|
|
|
@ -20,6 +20,7 @@ import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertFalse;
|
import static org.junit.Assert.assertFalse;
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
|
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||||
|
|
||||||
import java.io.BufferedInputStream;
|
import java.io.BufferedInputStream;
|
||||||
import java.io.ByteArrayInputStream;
|
import java.io.ByteArrayInputStream;
|
||||||
|
@ -66,6 +67,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.OAuthClient;
|
import org.keycloak.testsuite.util.OAuthClient;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
|
@ -76,6 +78,7 @@ import org.keycloak.testsuite.util.UserBuilder;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
|
public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
protected static final String REALM_NAME = "authz-test";
|
protected static final String REALM_NAME = "authz-test";
|
||||||
|
@ -110,11 +113,6 @@ public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest {
|
||||||
.build());
|
.build());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testEnforceUMAAccessWithClaimsUsingBearerToken() {
|
public void testEnforceUMAAccessWithClaimsUsingBearerToken() {
|
||||||
initAuthorizationSettings(getClientResource("resource-server-uma-test"));
|
initAuthorizationSettings(getClientResource("resource-server-uma-test"));
|
||||||
|
|
|
@ -78,6 +78,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
import org.keycloak.representations.idm.authorization.ScopePermissionRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.OAuthClient;
|
import org.keycloak.testsuite.util.OAuthClient;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
|
@ -89,6 +90,7 @@ import org.keycloak.util.JsonSerialization;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class PolicyEnforcerTest extends AbstractKeycloakTest {
|
public class PolicyEnforcerTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
private static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
private static final String RESOURCE_SERVER_CLIENT_ID = "resource-server-test";
|
||||||
|
@ -127,7 +129,6 @@ public class PolicyEnforcerTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void onBefore() {
|
public void onBefore() {
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
initAuthorizationSettings(getClientResource(RESOURCE_SERVER_CLIENT_ID));
|
initAuthorizationSettings(getClientResource(RESOURCE_SERVER_CLIENT_ID));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -26,6 +26,7 @@ import org.keycloak.representations.idm.authorization.DecisionStrategy;
|
||||||
import org.keycloak.representations.idm.authorization.Logic;
|
import org.keycloak.representations.idm.authorization.Logic;
|
||||||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||||
import org.keycloak.testsuite.util.ContainerAssume;
|
import org.keycloak.testsuite.util.ContainerAssume;
|
||||||
|
|
||||||
|
@ -39,13 +40,12 @@ import static org.junit.Assert.fail;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
@RestartContainer(enableFeatures = Profile.Feature.AUTHZ_DROOLS_POLICY)
|
@EnableFeature(Profile.Feature.AUTHZ_DROOLS_POLICY)
|
||||||
public class RulesPolicyManagementTest extends AbstractPolicyManagementTest {
|
public class RulesPolicyManagementTest extends AbstractPolicyManagementTest {
|
||||||
|
|
||||||
@BeforeClass
|
@BeforeClass
|
||||||
public static void verifyEnvironment() {
|
public static void verifyEnvironment() {
|
||||||
ContainerAssume.assumeNotAuthServerUndertow();
|
ContainerAssume.assumeNotAuthServerUndertow();
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHZ_DROOLS_POLICY);
|
|
||||||
ContainerAssume.assumeNotAuthServerRemote();
|
ContainerAssume.assumeNotAuthServerRemote();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,23 +1,18 @@
|
||||||
package org.keycloak.testsuite.authz;
|
package org.keycloak.testsuite.authz;
|
||||||
|
|
||||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
import org.keycloak.common.Profile;
|
||||||
|
|
||||||
import org.junit.Before;
|
|
||||||
import org.keycloak.jose.jws.JWSInput;
|
import org.keycloak.jose.jws.JWSInput;
|
||||||
import org.keycloak.jose.jws.JWSInputException;
|
import org.keycloak.jose.jws.JWSInputException;
|
||||||
import org.keycloak.representations.AccessToken;
|
import org.keycloak.representations.AccessToken;
|
||||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author mhajas
|
* @author mhajas
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public abstract class AbstractAuthzTest extends AbstractKeycloakTest {
|
public abstract class AbstractAuthzTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
protected AccessToken toAccessToken(String rpt) {
|
protected AccessToken toAccessToken(String rpt) {
|
||||||
AccessToken accessToken;
|
AccessToken accessToken;
|
||||||
|
|
||||||
|
|
|
@ -46,7 +46,8 @@ import org.keycloak.representations.idm.authorization.PermissionTicketRepresenta
|
||||||
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.UmaPermissionRepresentation;
|
import org.keycloak.representations.idm.authorization.UmaPermissionRepresentation;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.GroupBuilder;
|
import org.keycloak.testsuite.util.GroupBuilder;
|
||||||
import org.keycloak.testsuite.util.RealmBuilder;
|
import org.keycloak.testsuite.util.RealmBuilder;
|
||||||
|
@ -142,13 +143,12 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testCreateDeprecatedFeaturesEnabled() {
|
public void testCreateDeprecatedFeaturesEnabled() {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
testCreate();
|
testCreate();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public void testCreateDeprecatedFeaturesDisabled() {
|
public void testCreateDeprecatedFeaturesDisabled() {
|
||||||
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
testCreate();
|
testCreate();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -337,19 +337,18 @@ public class UserManagedPermissionServiceTest extends AbstractResourceServerTest
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testUpdateDeprecatedFeaturesEnabled() {
|
public void testUpdateDeprecatedFeaturesEnabled() {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
testUpdate();
|
testUpdate();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public void testUpdateDeprecatedFeaturesDisabled() {
|
public void testUpdateDeprecatedFeaturesDisabled() {
|
||||||
ProfileAssume.assumeFeatureDisabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
testUpdate();
|
testUpdate();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@DisableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public void testUploadScriptDisabled() {
|
public void testUploadScriptDisabled() {
|
||||||
disableFeature(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
ResourceRepresentation resource = new ResourceRepresentation();
|
ResourceRepresentation resource = new ResourceRepresentation();
|
||||||
|
|
||||||
resource.setName("Resource A");
|
resource.setName("Resource A");
|
||||||
|
|
|
@ -38,6 +38,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.idm.UserRepresentation;
|
import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
import org.keycloak.testsuite.util.ExecutionBuilder;
|
import org.keycloak.testsuite.util.ExecutionBuilder;
|
||||||
import org.keycloak.testsuite.util.FlowBuilder;
|
import org.keycloak.testsuite.util.FlowBuilder;
|
||||||
|
@ -53,6 +54,7 @@ import java.util.Map;
|
||||||
*
|
*
|
||||||
* @author <a href="mailto:thomas.darimont@gmail.com">Thomas Darimont</a>
|
* @author <a href="mailto:thomas.darimont@gmail.com">Thomas Darimont</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(Profile.Feature.UPLOAD_SCRIPTS)
|
||||||
public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
|
|
||||||
@Page
|
@Page
|
||||||
|
@ -65,13 +67,6 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
|
|
||||||
public static final String EXECUTION_ID = "scriptAuth";
|
public static final String EXECUTION_ID = "scriptAuth";
|
||||||
|
|
||||||
@BeforeClass
|
|
||||||
public static void verifyEnvironment() {
|
|
||||||
// TODO: we should probably enable SCRIPTS automatically when UPLOAD_SCRIPTS is enabled
|
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
|
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configureTestRealm(RealmRepresentation testRealm) {
|
public void configureTestRealm(RealmRepresentation testRealm) {
|
||||||
|
|
||||||
|
@ -236,3 +231,4 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
return configRep;
|
return configRep;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -42,6 +42,8 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||||
import org.keycloak.testsuite.Assert;
|
import org.keycloak.testsuite.Assert;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||||
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
import org.keycloak.testsuite.runonserver.RunOnServerDeployment;
|
||||||
import org.keycloak.testsuite.util.OAuthClient;
|
import org.keycloak.testsuite.util.OAuthClient;
|
||||||
|
@ -66,10 +68,9 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||||
public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
|
|
||||||
private final Profile.Feature FEATURE = Profile.Feature.TOKEN_EXCHANGE;
|
|
||||||
|
|
||||||
@Rule
|
@Rule
|
||||||
public AssertEvents events = new AssertEvents(this);
|
public AssertEvents events = new AssertEvents(this);
|
||||||
|
|
||||||
|
@ -78,30 +79,24 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
return RunOnServerDeployment.create(ClientTokenExchangeTest.class);
|
return RunOnServerDeployment.create(ClientTokenExchangeTest.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Before
|
@Test
|
||||||
public void enableFeature() {
|
@UncaughtServerErrorExpected
|
||||||
|
@DisableFeature(value = Profile.Feature.TOKEN_EXCHANGE, skipRestart = true)
|
||||||
|
public void checkFeatureDisabled() {
|
||||||
// Required feature should return Status code 501 - Feature doesn't work
|
// Required feature should return Status code 501 - Feature doesn't work
|
||||||
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
||||||
Assert.assertEquals(501, checkTokenExchange().getStatus());
|
Assert.assertEquals(501, checkTokenExchange().getStatus());
|
||||||
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
||||||
|
}
|
||||||
|
|
||||||
// Test if required feature is enabled in Profiles.
|
@Test
|
||||||
Response response = testingClient.testing().enableFeature(FEATURE.toString());
|
public void checkFeatureEnabled() {
|
||||||
Assert.assertEquals(200, response.getStatus());
|
|
||||||
|
|
||||||
// Test if the required feature really works.
|
// Test if the required feature really works.
|
||||||
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
testingClient.server().run(ClientTokenExchangeTest::addDirectExchanger);
|
||||||
Assert.assertEquals(200, checkTokenExchange().getStatus());
|
Assert.assertEquals(200, checkTokenExchange().getStatus());
|
||||||
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
testingClient.server().run(ClientTokenExchangeTest::removeDirectExchanger);
|
||||||
}
|
}
|
||||||
|
|
||||||
@After
|
|
||||||
public void disableFeature() {
|
|
||||||
// Test if required feature is disabled.
|
|
||||||
Response response = testingClient.testing().disableFeature(FEATURE.toString());
|
|
||||||
Assert.assertEquals(200, response.getStatus());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
||||||
RealmRepresentation testRealmRep = new RealmRepresentation();
|
RealmRepresentation testRealmRep = new RealmRepresentation();
|
||||||
|
@ -221,8 +216,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
public void testExchange() throws Exception {
|
public void testExchange() throws Exception {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
|
|
||||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||||
|
|
||||||
oauth.realm(TEST);
|
oauth.realm(TEST);
|
||||||
|
@ -265,8 +258,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
public void testImpersonation() throws Exception {
|
public void testImpersonation() throws Exception {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
|
|
||||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||||
|
|
||||||
oauth.realm(TEST);
|
oauth.realm(TEST);
|
||||||
|
@ -349,8 +340,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
public void testBadImpersonator() throws Exception {
|
public void testBadImpersonator() throws Exception {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
|
|
||||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||||
|
|
||||||
oauth.realm(TEST);
|
oauth.realm(TEST);
|
||||||
|
@ -393,8 +382,6 @@ public class ClientTokenExchangeTest extends AbstractKeycloakTest {
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
public void testDirectImpersonation() throws Exception {
|
public void testDirectImpersonation() throws Exception {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.TOKEN_EXCHANGE);
|
|
||||||
|
|
||||||
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
testingClient.server().run(ClientTokenExchangeTest::setupRealm);
|
||||||
Client httpClient = ClientBuilder.newClient();
|
Client httpClient = ClientBuilder.newClient();
|
||||||
|
|
||||||
|
|
|
@ -48,6 +48,7 @@ import org.keycloak.testsuite.Assert;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.ClientManager;
|
import org.keycloak.testsuite.util.ClientManager;
|
||||||
import org.keycloak.testsuite.util.OAuthClient;
|
import org.keycloak.testsuite.util.OAuthClient;
|
||||||
import org.keycloak.testsuite.util.ProtocolMapperUtil;
|
import org.keycloak.testsuite.util.ProtocolMapperUtil;
|
||||||
|
@ -129,8 +130,8 @@ public class OIDCProtocolMappersTest extends AbstractKeycloakTest {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS) // This requires also SCRIPTS feature, therefore we need to restart container
|
||||||
public void testTokenScriptMapping() {
|
public void testTokenScriptMapping() {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
|
|
||||||
{
|
{
|
||||||
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
||||||
|
|
||||||
|
|
|
@ -33,6 +33,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||||
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
|
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
|
||||||
import org.keycloak.testsuite.util.ContainerAssume;
|
import org.keycloak.testsuite.util.ContainerAssume;
|
||||||
|
@ -52,9 +53,8 @@ import java.util.Map;
|
||||||
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
|
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.*;
|
||||||
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
||||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
|
||||||
|
|
||||||
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
|
@EnableFeature(OPENSHIFT_INTEGRATION)
|
||||||
public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {
|
public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
private static boolean flowConfigured;
|
private static boolean flowConfigured;
|
||||||
|
@ -93,8 +93,6 @@ public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakT
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void enablePassthroughAuthenticator() {
|
public void enablePassthroughAuthenticator() {
|
||||||
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
|
|
||||||
|
|
||||||
if (!flowConfigured) {
|
if (!flowConfigured) {
|
||||||
HashMap<String, String> data = new HashMap<>();
|
HashMap<String, String> data = new HashMap<>();
|
||||||
data.put("newName", "testsuite-client-dummy");
|
data.put("newName", "testsuite-client-dummy");
|
||||||
|
|
|
@ -20,7 +20,6 @@ package org.keycloak.testsuite.openshift;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
||||||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
|
||||||
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
|
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
|
||||||
|
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
@ -56,6 +55,7 @@ import org.keycloak.storage.openshift.OpenshiftClientStorageProviderFactory;
|
||||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.admin.ApiUtil;
|
import org.keycloak.testsuite.admin.ApiUtil;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
|
||||||
import org.keycloak.testsuite.pages.AppPage;
|
import org.keycloak.testsuite.pages.AppPage;
|
||||||
import org.keycloak.testsuite.pages.ConsentPage;
|
import org.keycloak.testsuite.pages.ConsentPage;
|
||||||
|
@ -70,7 +70,7 @@ import org.keycloak.testsuite.util.OAuthClient;
|
||||||
*
|
*
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
@RestartContainer(enableFeatures = OPENSHIFT_INTEGRATION)
|
@EnableFeature(OPENSHIFT_INTEGRATION)
|
||||||
public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakTest {
|
public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
private static Undertow OPENSHIFT_API_SERVER;
|
private static Undertow OPENSHIFT_API_SERVER;
|
||||||
|
@ -154,7 +154,6 @@ public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakT
|
||||||
public void onBefore() {
|
public void onBefore() {
|
||||||
ContainerAssume.assumeNotAuthServerRemote();
|
ContainerAssume.assumeNotAuthServerRemote();
|
||||||
|
|
||||||
assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
|
|
||||||
ComponentRepresentation provider = new ComponentRepresentation();
|
ComponentRepresentation provider = new ComponentRepresentation();
|
||||||
|
|
||||||
provider.setName("openshift-client-storage");
|
provider.setName("openshift-client-storage");
|
||||||
|
|
|
@ -52,6 +52,8 @@ import org.keycloak.representations.idm.UserRepresentation;
|
||||||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||||
import org.keycloak.testsuite.AssertEvents;
|
import org.keycloak.testsuite.AssertEvents;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.forms.AbstractFlowTest;
|
import org.keycloak.testsuite.forms.AbstractFlowTest;
|
||||||
import org.keycloak.testsuite.pages.LoginPage;
|
import org.keycloak.testsuite.pages.LoginPage;
|
||||||
import org.keycloak.testsuite.util.ContainerAssume;
|
import org.keycloak.testsuite.util.ContainerAssume;
|
||||||
|
@ -64,6 +66,7 @@ import org.keycloak.util.JsonSerialization;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(SCRIPTS)
|
||||||
public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
|
|
||||||
public static final String EXECUTION_ID = "scriptAuth";
|
public static final String EXECUTION_ID = "scriptAuth";
|
||||||
|
@ -183,7 +186,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void loginShouldWorkWithScriptAuthenticator() {
|
public void loginShouldWorkWithScriptAuthenticator() {
|
||||||
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
|
|
||||||
configureFlows();
|
configureFlows();
|
||||||
|
|
||||||
loginPage.open();
|
loginPage.open();
|
||||||
|
@ -198,7 +200,6 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void loginShouldFailWithScriptAuthenticator() {
|
public void loginShouldFailWithScriptAuthenticator() {
|
||||||
ProfileAssume.assumeFeatureEnabled(SCRIPTS);
|
|
||||||
configureFlows();
|
configureFlows();
|
||||||
|
|
||||||
loginPage.open();
|
loginPage.open();
|
||||||
|
@ -209,8 +210,8 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@DisableFeature(SCRIPTS)
|
||||||
public void testScriptAuthenticatorNotAvailable() {
|
public void testScriptAuthenticatorNotAvailable() {
|
||||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
|
||||||
assertFalse(testRealm().flows().getAuthenticatorProviders().stream().anyMatch(
|
assertFalse(testRealm().flows().getAuthenticatorProviders().stream().anyMatch(
|
||||||
provider -> ScriptBasedAuthenticatorFactory.PROVIDER_ID.equals(provider.get("id"))));
|
provider -> ScriptBasedAuthenticatorFactory.PROVIDER_ID.equals(provider.get("id"))));
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.testsuite.script;
|
||||||
|
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertFalse;
|
import static org.junit.Assert.assertFalse;
|
||||||
|
import static org.keycloak.common.Profile.Feature.SCRIPTS;
|
||||||
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
import static org.keycloak.common.Profile.Feature.UPLOAD_SCRIPTS;
|
||||||
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
|
import static org.keycloak.testsuite.admin.ApiUtil.findClientResourceByClientId;
|
||||||
import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SERVER_CURRENT;
|
import static org.keycloak.testsuite.arquillian.DeploymentTargetModifier.AUTH_SERVER_CURRENT;
|
||||||
|
@ -46,6 +47,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
|
||||||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||||
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.util.ContainerAssume;
|
import org.keycloak.testsuite.util.ContainerAssume;
|
||||||
import org.keycloak.testsuite.util.OAuthClient;
|
import org.keycloak.testsuite.util.OAuthClient;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
@ -95,15 +97,14 @@ public class DeployedScriptMapperTest extends AbstractTestRealmKeycloakTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testScriptMapperNotAvailable() {
|
public void testScriptMapperNotAvailable() {
|
||||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
|
||||||
assertFalse(adminClient.serverInfo().getInfo().getProtocolMapperTypes().get(OIDCLoginProtocol.LOGIN_PROTOCOL).stream()
|
assertFalse(adminClient.serverInfo().getInfo().getProtocolMapperTypes().get(OIDCLoginProtocol.LOGIN_PROTOCOL).stream()
|
||||||
.anyMatch(
|
.anyMatch(
|
||||||
mapper -> ScriptBasedOIDCProtocolMapper.PROVIDER_ID.equals(mapper.getId())));
|
mapper -> ScriptBasedOIDCProtocolMapper.PROVIDER_ID.equals(mapper.getId())));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@EnableFeature(SCRIPTS)
|
||||||
public void testTokenScriptMapping() {
|
public void testTokenScriptMapping() {
|
||||||
ProfileAssume.assumeFeatureEnabled(Profile.Feature.SCRIPTS);
|
|
||||||
{
|
{
|
||||||
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
ClientResource app = findClientResourceByClientId(adminClient.realm("test"), "test-app");
|
||||||
|
|
||||||
|
|
|
@ -52,6 +52,7 @@ import org.keycloak.representations.idm.authorization.ResourcePermissionRepresen
|
||||||
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
|
||||||
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
import org.keycloak.representations.provider.ScriptProviderDescriptor;
|
||||||
import org.keycloak.testsuite.ProfileAssume;
|
import org.keycloak.testsuite.ProfileAssume;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
|
||||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||||
import org.keycloak.testsuite.authz.AbstractAuthzTest;
|
import org.keycloak.testsuite.authz.AbstractAuthzTest;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
|
@ -119,15 +120,15 @@ public class DeployedScriptPolicyTest extends AbstractAuthzTest {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public void testJSPolicyProviderNotAvailable() {
|
public void testJSPolicyProviderNotAvailable() {
|
||||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
|
||||||
assertFalse(getAuthorizationResource().policies().policyProviders().stream().anyMatch(rep -> "js".equals(rep.getType())));
|
assertFalse(getAuthorizationResource().policies().policyProviders().stream().anyMatch(rep -> "js".equals(rep.getType())));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@UncaughtServerErrorExpected
|
@UncaughtServerErrorExpected
|
||||||
|
@DisableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public void failCreateJSPolicy() {
|
public void failCreateJSPolicy() {
|
||||||
ProfileAssume.assumeFeatureDisabled(UPLOAD_SCRIPTS);
|
|
||||||
JSPolicyRepresentation grantPolicy = new JSPolicyRepresentation();
|
JSPolicyRepresentation grantPolicy = new JSPolicyRepresentation();
|
||||||
|
|
||||||
grantPolicy.setName("JS Policy");
|
grantPolicy.setName("JS Policy");
|
||||||
|
|
|
@ -43,6 +43,7 @@ import org.keycloak.representations.idm.authorization.RolePolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.RulePolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.TimePolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
|
import org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy;
|
||||||
import org.keycloak.testsuite.util.ClientBuilder;
|
import org.keycloak.testsuite.util.ClientBuilder;
|
||||||
import org.keycloak.testsuite.util.GroupBuilder;
|
import org.keycloak.testsuite.util.GroupBuilder;
|
||||||
|
@ -51,13 +52,9 @@ import org.keycloak.testsuite.util.UserBuilder;
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class AggregatePolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
public class AggregatePolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void configureTest() {
|
public void configureTest() {
|
||||||
super.configureTest();
|
super.configureTest();
|
||||||
|
|
|
@ -26,18 +26,15 @@ import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
|
||||||
import org.keycloak.representations.idm.authorization.Logic;
|
import org.keycloak.representations.idm.authorization.Logic;
|
||||||
|
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||||
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
|
import org.keycloak.testsuite.console.page.clients.authorization.policy.JSPolicy;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||||
*/
|
*/
|
||||||
|
@EnableFeature(value = UPLOAD_SCRIPTS, skipRestart = true)
|
||||||
public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
|
||||||
|
|
||||||
@Before
|
|
||||||
public void onBefore() {
|
|
||||||
enableFeature(UPLOAD_SCRIPTS);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testUpdate() throws InterruptedException {
|
public void testUpdate() throws InterruptedException {
|
||||||
authorizationPage.navigateTo();
|
authorizationPage.navigateTo();
|
||||||
|
|
Loading…
Reference in a new issue