update ClientSettingsTest due to KEYCLOAK-1129

This commit is contained in:
vramik 2015-12-03 12:49:29 +01:00
parent 9b51b6e43b
commit c16b6e6a43
11 changed files with 135 additions and 99 deletions

View file

@ -1,11 +1,9 @@
package org.keycloak.testsuite.console.page.clients;
import java.util.List;
import org.jboss.arquillian.graphene.fragment.Root;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.testsuite.console.page.fragment.Breadcrumb;
import static org.keycloak.testsuite.console.page.fragment.Breadcrumb.BREADCRUMB_XPATH;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;

View file

@ -6,6 +6,7 @@ import java.util.Map;
import org.jboss.arquillian.graphene.page.Page;
import org.keycloak.representations.idm.ClientRepresentation;
import static org.keycloak.testsuite.auth.page.login.OIDCLogin.OIDC;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.*;
import org.keycloak.testsuite.console.page.fragment.OnOffSwitch;
import org.keycloak.testsuite.page.Form;
import static org.keycloak.testsuite.page.Form.getInputValue;
@ -73,42 +74,22 @@ public class CreateClientForm extends Form {
setName(client.getName());
setEnabled(client.isEnabled());
setConsentRequired(client.isConsentRequired());
setStandardFlowEnabled(client.isStandardFlowEnabled());
setImplicitFlowEnabled(client.isImplicitFlowEnabled());
setDirectAccessGrantsEnabled(client.isDirectAccessGrantsEnabled());
setProtocol(client.getProtocol());
if (OIDC.equals(client.getProtocol())) {
setAccessType(client);
if (!client.isBearerOnly()) {
if (!client.isPublicClient()) {
setStandardFlowEnabled(client.isStandardFlowEnabled());
setDirectAccessGrantsEnabled(client.isDirectAccessGrantsEnabled());
if (client.isPublicClient()) {
setImplicitFlowEnabled(client.isImplicitFlowEnabled());
} else {//confidential
setServiceAccountsEnabled(client.isServiceAccountsEnabled());
}
setRedirectUris(client.getRedirectUris());
}
}
}
public ClientRepresentation getValues() {
ClientRepresentation values = new ClientRepresentation();
values.setClientId(getClientId());
values.setName(getName());
values.setEnabled(isEnabled());
values.setConsentRequired(isConsentRequired());
values.setStandardFlowEnabled(isStandardFlowEnabled());
values.setImplicitFlowEnabled(isImplicitFlowEnabled());
values.setDirectAccessGrantsEnabled(isDirectAccessGrantsEnabled());
values.setProtocol(getProtocol());
if (OIDC.equals(values.getProtocol())) {
values.setBearerOnly(isBearerOnly());
if (!values.isBearerOnly()) {
values.setPublicClient(isPublicClient());
if (!values.isPublicClient()) {
values.setServiceAccountsEnabled(isServiceAccountsEnabled());
if (client.isStandardFlowEnabled() || client.isImplicitFlowEnabled()) {
setRedirectUris(client.getRedirectUris());
}
values.setRedirectUris(getRedirectUris());
}
}
return values;
}
public String getClientId() {
@ -135,27 +116,29 @@ public class CreateClientForm extends Form {
enabledSwitch.setOn(enabled);
}
public static final String BEARER_ONLY = "bearer-only";
public static final String PUBLIC = "public";
public static final String CONFIDENTIAL = "confidential";
public enum OidcAccessType {
BEARER_ONLY("bearer-only"),
PUBLIC("public"),
CONFIDENTIAL("confidential");
public boolean isBearerOnly() {
return BEARER_ONLY.equals(
accessTypeSelect.getFirstSelectedOption().getAttribute(VALUE));
}
private final String name;
public boolean isPublicClient() {
return PUBLIC.equals(
accessTypeSelect.getFirstSelectedOption().getAttribute(VALUE));
}
private OidcAccessType(String name) {
this.name = name;
}
public String getName() {
return name;
}
}
public void setAccessType(ClientRepresentation client) {
if (client.isBearerOnly()) {
accessTypeSelect.selectByVisibleText(BEARER_ONLY);
accessTypeSelect.selectByVisibleText(BEARER_ONLY.getName());
} else if (client.isPublicClient()) {
accessTypeSelect.selectByVisibleText(PUBLIC);
accessTypeSelect.selectByVisibleText(PUBLIC.getName());
} else {
accessTypeSelect.selectByVisibleText(CONFIDENTIAL);
accessTypeSelect.selectByVisibleText(CONFIDENTIAL.getName());
}
}

View file

@ -86,17 +86,6 @@ public class ClientSettingsForm extends CreateClientForm {
}
}
@Override
public ClientRepresentation getValues() {
ClientRepresentation values = super.getValues();
values.setBaseUrl(getBaseUrl());
if (OIDC.equals(values.getProtocol())) {
values.setAdminUrl(getAdminUrl());
values.setWebOrigins(getWebOrigins());
}
return values;
}
@Override
public void setConsentRequired(boolean value) {
consentRequired.setOn(value);

View file

@ -17,6 +17,7 @@
*/
package org.keycloak.testsuite.console.page.fragment;
import java.util.List;
import org.jboss.arquillian.graphene.fragment.Root;
import org.jboss.arquillian.test.api.ArquillianResource;
import static org.keycloak.testsuite.util.WaitUtils.waitAjaxForElement;
@ -51,7 +52,7 @@ public class OnOffSwitch {
private void click() {
waitAjaxForElement(root);
actions.moveToElement(root.findElements(By.tagName("span")).get(0))
actions.moveToElement(root.findElement(By.tagName("label")))
.click().build().perform();
}

View file

@ -2,17 +2,36 @@ package org.keycloak.testsuite.console.clients;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.jboss.arquillian.graphene.page.Page;
import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import static org.keycloak.testsuite.auth.page.login.OIDCLogin.OIDC;
import static org.keycloak.testsuite.auth.page.login.OIDCLogin.SAML;
import org.keycloak.testsuite.console.AbstractConsoleTest;
import org.keycloak.testsuite.console.page.clients.Client;
import org.keycloak.testsuite.console.page.clients.Clients;
import org.keycloak.testsuite.console.page.clients.CreateClient;
import org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.*;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_ASSERTION_CONSUMER_URL_POST;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_ASSERTION_CONSUMER_URL_REDIRECT;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_ASSERTION_SIGNATURE;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_AUTHNSTATEMENT;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_CLIENT_SIGNATURE;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_ENCRYPT;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_FORCE_NAME_ID_FORMAT;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_FORCE_POST_BINDING;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_MULTIVALUED_ROLES;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_NAME_ID_FORMAT;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_SERVER_SIGNATURE;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_SIGNATURE_ALGORITHM;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_SIGNATURE_CANONICALIZATION_METHOD;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_SINGLE_LOGOUT_SERVICE_URL_POST;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.SAML_SINGLE_LOGOUT_SERVICE_URL_REDIRECT;
import static org.keycloak.testsuite.util.AttributesAssert.assertEqualsBooleanAttributes;
import static org.keycloak.testsuite.util.AttributesAssert.assertEqualsListAttributes;
import static org.keycloak.testsuite.util.AttributesAssert.assertEqualsStringAttributes;
@ -50,34 +69,68 @@ public abstract class AbstractClientTest extends AbstractConsoleTest {
createClientPage.form().save();
}
public static ClientRepresentation createClientRepresentation(String clientId, String... redirectUris) {
private static ClientRepresentation createClientRep(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setEnabled(true);
client.setConsentRequired(false);
client.setStandardFlowEnabled(true);
client.setImplicitFlowEnabled(false);
client.setDirectAccessGrantsEnabled(true);
return client;
}
public static ClientRepresentation createOidcClientRep(OidcAccessType accessType, String clientId, String... redirectUris) {
ClientRepresentation client = createClientRep(clientId);
client.setProtocol(OIDC);
client.setBearerOnly(false);
client.setPublicClient(false);
client.setServiceAccountsEnabled(false);
switch (accessType) {
case BEARER_ONLY:
client.setBearerOnly(true);
break;
case PUBLIC:
client.setBearerOnly(false);
client.setPublicClient(true);
client.setStandardFlowEnabled(true);
client.setImplicitFlowEnabled(false);
client.setDirectAccessGrantsEnabled(true);
setRedirectUris(client, redirectUris);
break;
case CONFIDENTIAL:
client.setBearerOnly(false);
client.setPublicClient(false);
client.setStandardFlowEnabled(true);
client.setDirectAccessGrantsEnabled(true);
client.setServiceAccountsEnabled(true);
setRedirectUris(client, redirectUris);
break;
}
return client;
}
public static ClientRepresentation createSamlClientRep(String clinetId, Map<String, String> samlAttributes) {
ClientRepresentation client = createClientRep(clinetId);
client.setProtocol(SAML);
client.setFrontchannelLogout(true);
client.setAttributes(samlAttributes);
return client;
}
private static void setRedirectUris(ClientRepresentation client, String... redirectUris) {
List<String> redirectUrisList = new ArrayList();
redirectUrisList.addAll(Arrays.asList(redirectUris));
client.setRedirectUris(redirectUrisList);
//set expected web origins to newClient
}
protected static void setExpectedWebOrigins(ClientRepresentation client) {
List<String> webOrigins = new ArrayList<>();
for (String redirectUri : redirectUris) {
for (String redirectUri : client.getRedirectUris()) {
//parse webOrigin from redirectUri: take substring from index 0 to
//first occurence of "/", excluded "http://" by starting search on index 7
webOrigins.add(redirectUri.substring(0, redirectUri.indexOf("/", 7)));
}
client.setWebOrigins(webOrigins);
return client;
}
public ClientRepresentation findClientByClientId(String clientId) {
@ -96,7 +149,7 @@ public abstract class AbstractClientTest extends AbstractConsoleTest {
assertEqualsStringAttributes(c1.getName(), c2.getName());
assertEqualsBooleanAttributes(c1.isEnabled(), c2.isEnabled());
assertEqualsBooleanAttributes(c1.isConsentRequired(), c2.isConsentRequired());
assertEqualsBooleanAttributes(c1.isDirectGrantsOnly(), c2.isDirectGrantsOnly());
assertEqualsBooleanAttributes(c1.isDirectAccessGrantsEnabled(), c2.isDirectAccessGrantsEnabled());
assertEqualsStringAttributes(c1.getProtocol(), c2.getProtocol());
assertEqualsBooleanAttributes(c1.isBearerOnly(), c2.isBearerOnly());
@ -111,5 +164,11 @@ public abstract class AbstractClientTest extends AbstractConsoleTest {
assertEqualsStringAttributes(c1.getAdminUrl(), c2.getAdminUrl());
assertEqualsListAttributes(c1.getWebOrigins(), c2.getWebOrigins());
}
public void assertClientSamlAttributes(Map<String, String> expected, Map<String, String> actual) {
for (String key : expected.keySet()) {
assertEquals("Expected attribute " + key, expected.get(key), actual.get(key));
}
}
}

View file

@ -26,7 +26,8 @@ import static org.junit.Assert.*;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.representations.idm.ClientRepresentation;
import static org.keycloak.testsuite.console.clients.AbstractClientTest.createClientRepresentation;
import static org.keycloak.testsuite.console.clients.AbstractClientTest.createOidcClientRep;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.CONFIDENTIAL;
import org.keycloak.testsuite.console.page.clients.credentials.ClientCredentials;
import org.keycloak.testsuite.console.page.clients.credentials.ClientCredentialsGeneratePrivateKeys;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
@ -46,7 +47,7 @@ public class ClientCredentialsTest extends AbstractClientTest {
@Before
public void beforeClientsTest() {
newClient = createClientRepresentation(TEST_CLIENT_ID, TEST_REDIRECT_URIS);
newClient = createOidcClientRep(CONFIDENTIAL, TEST_CLIENT_ID, TEST_REDIRECT_URIS);
testRealmResource().clients().create(newClient).close();
ClientRepresentation found = findClientByClientId(TEST_CLIENT_ID);

View file

@ -31,6 +31,7 @@ import static org.junit.Assert.*;
import org.junit.Before;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.CONFIDENTIAL;
import org.keycloak.testsuite.console.page.clients.mappers.ClientMapper;
import org.keycloak.testsuite.console.page.clients.mappers.ClientMappers;
import org.keycloak.testsuite.console.page.clients.mappers.CreateClientMappers;
@ -56,7 +57,7 @@ public class ClientMappersTest extends AbstractClientTest {
@Before
public void beforeClientMappersTest() {
ClientRepresentation newClient = createClientRepresentation(TEST_CLIENT_ID, TEST_REDIRECT_URIS);
ClientRepresentation newClient = createOidcClientRep(CONFIDENTIAL, TEST_CLIENT_ID, TEST_REDIRECT_URIS);
testRealmResource().clients().create(newClient).close();
id = findClientByClientId(TEST_CLIENT_ID).getId();

View file

@ -9,6 +9,7 @@ import static org.junit.Assert.*;
import org.junit.Before;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.CONFIDENTIAL;
import org.keycloak.testsuite.console.page.clients.roles.ClientRole;
import org.keycloak.testsuite.console.page.clients.roles.ClientRoles;
import org.keycloak.testsuite.console.page.clients.roles.CreateClientRole;
@ -38,7 +39,7 @@ public class ClientRolesTest extends AbstractClientTest {
@Before
public void beforeClientRolesTest() {
ClientRepresentation newClient = createClientRepresentation(TEST_CLIENT_ID, TEST_REDIRECT_URIS);
ClientRepresentation newClient = createOidcClientRep(CONFIDENTIAL, TEST_CLIENT_ID, TEST_REDIRECT_URIS);
testRealmResource().clients().create(newClient).close();
id = findClientByClientId(TEST_CLIENT_ID).getId();

View file

@ -29,6 +29,7 @@ import org.junit.Test;
import org.keycloak.representations.idm.ClientRepresentation;
import static org.keycloak.testsuite.admin.ApiUtil.getCreatedId;
import static org.keycloak.testsuite.auth.page.login.Login.SAML;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.*;
import org.keycloak.testsuite.console.page.clients.settings.ClientSettings;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.SAMLClientSettingsForm.*;
import static org.keycloak.testsuite.util.WaitUtils.pause;
@ -48,10 +49,12 @@ public class ClientSettingsTest extends AbstractClientTest {
@Test
public void crudOIDCConfidential() {
newClient = createClientRepresentation("oidc-confidential", TEST_REDIRECT_URIS);
newClient = createOidcClientRep(CONFIDENTIAL, "oidc-confidential", TEST_REDIRECT_URIS);
createClient(newClient);
assertFlashMessageSuccess();
setExpectedWebOrigins(newClient);
// read & verify
ClientRepresentation found = findClientByClientId(newClient.getClientId());
assertNotNull("Client " + newClient.getClientId() + " was not found.", found);
@ -93,8 +96,21 @@ public class ClientSettingsTest extends AbstractClientTest {
@Test
public void createOIDCPublic() {
newClient = createClientRepresentation("oidc-public", TEST_REDIRECT_URIS);
newClient.setPublicClient(true);
newClient = createOidcClientRep(PUBLIC, "oidc-public", TEST_REDIRECT_URIS);
createClient(newClient);
assertFlashMessageSuccess();
setExpectedWebOrigins(newClient);
ClientRepresentation found = findClientByClientId(newClient.getClientId());
assertNotNull("Client " + newClient.getClientId() + " was not found.", found);
assertClientSettingsEqual(newClient, found);
}
@Test
public void createOIDCPublicWithoutRedirectURIs() {
newClient = createOidcClientRep(PUBLIC, "oidc-public");
newClient.setStandardFlowEnabled(false);
createClient(newClient);
assertFlashMessageSuccess();
@ -105,10 +121,7 @@ public class ClientSettingsTest extends AbstractClientTest {
@Test
public void createOIDCBearerOnly() {
newClient = createClientRepresentation("oidc-bearer-only", TEST_REDIRECT_URIS);
newClient.setBearerOnly(true);
newClient.setRedirectUris(null);
newClient.setWebOrigins(null);
newClient = createOidcClientRep(BEARER_ONLY, "oidc-bearer-only");
createClient(newClient);
assertFlashMessageSuccess();
@ -119,22 +132,17 @@ public class ClientSettingsTest extends AbstractClientTest {
@Test
public void createSAML() {
newClient = createClientRepresentation("saml", "http://example.test/app/*");
newClient.setProtocol(SAML);
newClient.setFrontchannelLogout(true);
newClient.setRedirectUris(null);
newClient.setWebOrigins(null);
newClient.setAttributes(getSAMLAttributes());
newClient = createSamlClientRep("saml", getSAMLAttributes());
createClient(newClient);
assertFlashMessageSuccess();
ClientRepresentation found = findClientByClientId(newClient.getClientId());
System.out.println("...." + found.isFrontchannelLogout());
assertNotNull("Client " + newClient.getClientId() + " was not found.", found);
assertClientSettingsEqual(newClient, found);
assertClientSamlAttributes(getSAMLAttributes(), found.getAttributes());
}
@Test
public void invalidSettings() {
clientsPage.table().createClient();
@ -148,7 +156,7 @@ public class ClientSettingsTest extends AbstractClientTest {
// @Test
public void createInconsistentClient() {
ClientRepresentation c = createClientRepresentation("inconsistent_client");
ClientRepresentation c = createOidcClientRep(CONFIDENTIAL, "inconsistent_client");
c.setPublicClient(true);
c.setBearerOnly(true);
@ -164,7 +172,7 @@ public class ClientSettingsTest extends AbstractClientTest {
public void createClients(String clientIdPrefix, int count) {
for (int i = 0; i < count; i++) {
String clientId = String.format("%s%02d", clientIdPrefix, i);
ClientRepresentation cr = createClientRepresentation(clientId, "http://example.test/*");
ClientRepresentation cr = createOidcClientRep(CONFIDENTIAL, clientId, "http://example.test/*");
Timer.time();
Response r = testRealmResource().clients().create(cr);
r.close();
@ -198,11 +206,4 @@ public class ClientSettingsTest extends AbstractClientTest {
attributes.put(SAML_SINGLE_LOGOUT_SERVICE_URL_REDIRECT, "http://example3.test");
return attributes;
}
private void assertClientSamlAttributes(Map<String, String> expected, Map<String, String> actual) {
for (String key : expected.keySet()) {
assertEquals("Expected attribute " + key, expected.get(key), actual.get(key));
}
}
}

View file

@ -26,6 +26,7 @@ import static org.junit.Assert.*;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.representations.idm.ClientRepresentation;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.CONFIDENTIAL;
import org.keycloak.testsuite.console.page.clients.settings.ClientSettings;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
@ -42,7 +43,7 @@ public class ClientsTest extends AbstractClientTest {
@Before
public void beforeClientsTest() {
newClient = createClientRepresentation(TEST_CLIENT_ID, TEST_REDIRECT_URIS);
newClient = createOidcClientRep(CONFIDENTIAL, TEST_CLIENT_ID, TEST_REDIRECT_URIS);
testRealmResource().clients().create(newClient).close();
ClientRepresentation found = findClientByClientId(TEST_CLIENT_ID);

View file

@ -18,6 +18,7 @@ import javax.ws.rs.core.Response;
import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.keycloak.testsuite.console.page.clients.CreateClientForm.OidcAccessType.CONFIDENTIAL;
/**
@ -48,7 +49,7 @@ public class AdminEventsTest extends AbstractConsoleTest {
@Test
public void clientsAdminEventsTest() {
newClient = AbstractClientTest.createClientRepresentation("test_client", "http://example.test/test_client/*");
newClient = AbstractClientTest.createOidcClientRep(CONFIDENTIAL, "test_client", "http://example.test/test_client/*");
Response response = clientsPage.clientsResource().create(newClient);
String id = ApiUtil.getCreatedId(response);
response.close();