Fix OpenshiftClientStorageTest.testCodeGrantFlowWithServiceAccountUsingOAuthRedirectReference (#15741)

Closes #15565
This commit is contained in:
Stian Thorgersen 2022-11-29 14:20:21 +01:00 committed by GitHub
parent 55b2162421
commit c3c858c88a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 9 deletions

View file

@ -173,12 +173,12 @@ public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakT
@Test
public void testCodeGrantFlowWithServiceAccountUsingOAuthRedirectReference() {
String clientId = "system:serviceaccount:default:sa-oauth-redirect-reference";
testCodeGrantFlow(clientId, "https://myapp.org/callback", () -> assertSuccessfulResponseWithoutConsent(clientId));
testCodeGrantFlow(clientId, "http://127.0.0.1:8180/callback", () -> assertSuccessfulResponseWithoutConsent(clientId));
}
@Test
public void failCodeGrantFlowWithServiceAccountUsingOAuthRedirectReference() throws Exception {
testCodeGrantFlow("system:serviceaccount:default:sa-oauth-redirect-reference", "http://myapp.org/callback", () -> assertEquals(OAuthErrorException.INVALID_REDIRECT_URI, events.poll().getError()));
testCodeGrantFlow("system:serviceaccount:default:sa-oauth-redirect-reference", "http://invalid/callback", () -> assertEquals(OAuthErrorException.INVALID_REDIRECT_URI, events.poll().getError()));
}
@Test
@ -214,7 +214,7 @@ public final class OpenshiftClientStorageTest extends AbstractTestRealmKeycloakT
@Test
public void failCodeGrantFlowWithServiceAccountUsingOAuthRedirectUri() throws Exception {
testCodeGrantFlow("system:serviceaccount:default:sa-oauth-redirect-uri", "http://myapp.org/callback", () -> assertEquals(OAuthErrorException.INVALID_REDIRECT_URI, events.poll().getError()));
testCodeGrantFlow("system:serviceaccount:default:sa-oauth-redirect-uri", "http://invalid/callback", () -> assertEquals(OAuthErrorException.INVALID_REDIRECT_URI, events.poll().getError()));
}
private void testCodeGrantFlow(String clientId, String expectedRedirectUri, Runnable assertThat) {

View file

@ -13,22 +13,18 @@
}
},
"spec": {
"host": "myapp.org",
"host": "127.0.0.1",
"to": {
"kind": "Service",
"name": "proxy",
"weight": 100
},
"tls": {
"termination": "reencrypt",
"destinationCACertificate": "-----BEGIN COMMENT-----\nThis is an empty PEM file created to provide backwards compatibility\nfor reencrypt routes that have no destinationCACertificate. This \ncontent will only appear for routes accessed via /oapi/v1/routes.\n-----END COMMENT-----\n"
},
"wildcardPolicy": "None"
},
"status": {
"ingress": [
{
"host": "myapp.org",
"host": "127.0.0.1",
"routerName": "router",
"conditions": [
{