Merge pull request #3293 from zschwarz/oidc-filter

KEYLOAK-3663 OIDC servlet filter
This commit is contained in:
Pavel Drozd 2016-10-18 07:35:17 +02:00 committed by GitHub
commit d295ec709b
4 changed files with 86 additions and 15 deletions

View file

@ -49,9 +49,9 @@ import static org.keycloak.testsuite.util.IOUtil.loadJson;
import static org.keycloak.testsuite.util.IOUtil.loadXML; import static org.keycloak.testsuite.util.IOUtil.loadXML;
import static org.keycloak.testsuite.util.IOUtil.modifyDocElementAttribute; import static org.keycloak.testsuite.util.IOUtil.modifyDocElementAttribute;
import static org.keycloak.testsuite.util.IOUtil.modifyDocElementValue; import static org.keycloak.testsuite.util.IOUtil.modifyDocElementValue;
import static org.keycloak.testsuite.util.IOUtil.removeElementFromDoc; import static org.keycloak.testsuite.util.IOUtil.removeElementsFromDoc;
;
/** /**
* @author tkyjovsk * @author tkyjovsk
@ -97,7 +97,7 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
if (archive.contains(adapterConfigPath)) { if (archive.contains(adapterConfigPath)) {
log.info("Modifying adapter config " + adapterConfigPath + " in " + archive.getName()); log.info("Modifying adapter config " + adapterConfigPath + " in " + archive.getName());
if (adapterConfigPath.equals(SAML_ADAPTER_CONFIG_PATH)) { // SAML adapter config if (adapterConfigPath.equals(SAML_ADAPTER_CONFIG_PATH)) { // SAML adapter config
log.info("Modyfying saml adapter config in " + archive.getName()); log.info("Modifying saml adapter config in " + archive.getName());
Document doc = loadXML(archive.get("WEB-INF/keycloak-saml.xml").getAsset().openStream()); Document doc = loadXML(archive.get("WEB-INF/keycloak-saml.xml").getAsset().openStream());
if (authServerSslRequired) { if (authServerSslRequired) {
@ -148,7 +148,17 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
} catch (IOException ex) { } catch (IOException ex) {
log.log(Level.FATAL, "Cannot serialize adapter config to JSON.", ex); log.log(Level.FATAL, "Cannot serialize adapter config to JSON.", ex);
} }
log.info("Adding OIDCFilter dependencies to " + archive.getName());
((WebArchive) archive).addAsLibraries(KeycloakDependenciesResolver.resolveDependencies("org.keycloak:keycloak-servlet-filter-adapter:" + System.getProperty("project.version")));
} }
} else if (archive.getName().equals("customer-portal-subsystem.war")) {
log.info("Adding OIDCFilter dependencies to " + archive.getName());
((WebArchive) archive).addAsLibraries(KeycloakDependenciesResolver.resolveDependencies("org.keycloak:keycloak-servlet-filter-adapter:" + System.getProperty("project.version")));
} }
} }
@ -210,9 +220,11 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
appendChildInDocument(webXmlDoc, "web-app", filterMapping); appendChildInDocument(webXmlDoc, "web-app", filterMapping);
//finally we need to remove all keycloak related configuration from web.xml //finally we need to remove all keycloak related configuration from web.xml
removeElementFromDoc(webXmlDoc, "web-app", "security-constraint"); removeElementsFromDoc(webXmlDoc, "web-app", "security-constraint");
removeElementFromDoc(webXmlDoc, "web-app", "login-config"); removeElementsFromDoc(webXmlDoc, "web-app", "login-config");
removeElementFromDoc(webXmlDoc, "web-app", "security-role"); removeElementsFromDoc(webXmlDoc, "web-app", "security-role");
} }

View file

@ -129,7 +129,7 @@ public class IOUtil {
node.setTextContent(node.getTextContent().replace(regex, replacement)); node.setTextContent(node.getTextContent().replace(regex, replacement));
} }
public static void removeElementFromDoc(Document doc, String parentTag, String removeNode) { public static void removeElementsFromDoc(Document doc, String parentTag, String removeNode) {
NodeList nodes = doc.getElementsByTagName(parentTag); NodeList nodes = doc.getElementsByTagName(parentTag);
if (nodes.getLength() != 1) { if (nodes.getLength() != 1) {
log.warn("Not able or ambiguous to find element: " + parentTag); log.warn("Not able or ambiguous to find element: " + parentTag);
@ -143,18 +143,23 @@ public class IOUtil {
} }
NodeList removeNodes = parentElement.getElementsByTagName(removeNode); NodeList removeNodes = parentElement.getElementsByTagName(removeNode);
if (removeNodes.getLength() != 1) { if (removeNodes == null) {
log.warn("Not able or ambiguous to find element: " + removeNode + " within node " + parentTag);
return;
}
Element removeElement = (Element) removeNodes.item(0);
if (removeElement == null) {
log.warn("Not able to find element: " + removeNode + " within node " + parentTag); log.warn("Not able to find element: " + removeNode + " within node " + parentTag);
return; return;
} }
parentElement.removeChild(removeElement); for (int i = 0; i < removeNodes.getLength();){
Element removeElement = (Element) removeNodes.item(i);
if (removeElement == null) {
log.warn("Not able to find element: " + removeNode + " within node " + parentTag);
return;
}
log.info("Removing node " + removeNode);
parentElement.removeChild(removeElement);
}
} }
public static String getElementTextContent(Document doc, String path) { public static String getElementTextContent(Document doc, String path) {

View file

@ -0,0 +1,42 @@
package org.keycloak.testsuite.adapter.servlet;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.testsuite.arquillian.annotation.UseServletFilter;
/**
* Created by zschwarz on 9/14/16.
*/
@UseServletFilter(filterName = "oidc-filter", filterClass = "org.keycloak.adapters.servlet.KeycloakOIDCFilter")
public abstract class AbstractDemoFilterServletAdapterTest extends AbstractDemoServletsAdapterTest {
@Test
@Override
@Ignore
public void testCustomerPortalWithSubsystemSettings() {
}
@Test
@Override
@Ignore
public void testAuthenticated() {
}
@Test
@Override
@Ignore
public void testOIDCParamsForwarding() {
}
@Test
@Override
@Ignore
public void testClientWithJwksUri() {
}
}

View file

@ -0,0 +1,12 @@
package org.keycloak.testsuite.adapter;
import org.keycloak.testsuite.adapter.servlet.AbstractDemoFilterServletAdapterTest;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
/**
* Created by zschwarz on 9/14/16.
*/
@AppServerContainer("app-server-wildfly")
public class WildflyOIDCFilterAdapterTest extends AbstractDemoFilterServletAdapterTest{
}