[KEYCLOAK-11330] - Quarkus tests
This commit is contained in:
Pedro Igor
Marek Posolda
parent
d71e81ed5e
commit
d331091c5e
56 changed files with 446 additions and 44 deletions
|
|
@ -23,7 +23,7 @@ fi
|
|||
GREP="grep"
|
||||
DIRNAME=`dirname "$RESOLVED_NAME"`
|
||||
|
||||
SERVER_OPTS="-Dkeycloak.home.dir=$DIRNAME/../ -Dkeycloak.theme.dir=$DIRNAME/../themes -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
|
||||
SERVER_OPTS="-Dkeycloak.home.dir=$DIRNAME/../ -Djboss.server.config.dir=$DIRNAME/../conf -Dkeycloak.theme.dir=$DIRNAME/../themes -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
|
||||
|
||||
DEBUG_MODE="${DEBUG:-false}"
|
||||
DEBUG_PORT="${DEBUG_PORT:-8787}"
|
||||
|
|
|
|||
|
|
@ -1037,7 +1037,8 @@ public class StoreFactoryCacheSession implements CachedStoreFactoryProvider {
|
|||
return null;
|
||||
}
|
||||
|
||||
return policies.stream().map(resourceId -> (R) findById(resourceId, resourceServerId)).collect(Collectors.toList());
|
||||
return policies.stream().map(resourceId -> (R) findById(resourceId, resourceServerId))
|
||||
.filter(Objects::nonNull).collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ public class PolicyEntity {
|
|||
@MapKeyColumn(name = "NAME")
|
||||
@Column(name = "VALUE", columnDefinition = "TEXT")
|
||||
@CollectionTable(name = "POLICY_CONFIG", joinColumns = {@JoinColumn(name = "POLICY_ID")})
|
||||
private Map<String, String> config = new HashMap();
|
||||
private Map<String, String> config;
|
||||
|
||||
@ManyToOne(optional = false, fetch = FetchType.LAZY)
|
||||
@JoinColumn(name = "RESOURCE_SERVER_ID")
|
||||
|
|
@ -100,15 +100,15 @@ public class PolicyEntity {
|
|||
|
||||
@OneToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "ASSOCIATED_POLICY", joinColumns = @JoinColumn(name = "POLICY_ID"), inverseJoinColumns = @JoinColumn(name = "ASSOCIATED_POLICY_ID"))
|
||||
private Set<PolicyEntity> associatedPolicies = new HashSet<>();
|
||||
private Set<PolicyEntity> associatedPolicies;
|
||||
|
||||
@OneToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "RESOURCE_POLICY", joinColumns = @JoinColumn(name = "POLICY_ID"), inverseJoinColumns = @JoinColumn(name = "RESOURCE_ID"))
|
||||
private Set<ResourceEntity> resources = new HashSet<>();
|
||||
private Set<ResourceEntity> resources;
|
||||
|
||||
@OneToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "SCOPE_POLICY", joinColumns = @JoinColumn(name = "POLICY_ID"), inverseJoinColumns = @JoinColumn(name = "SCOPE_ID"))
|
||||
private Set<ScopeEntity> scopes = new HashSet<>();
|
||||
private Set<ScopeEntity> scopes;
|
||||
|
||||
@Column(name = "OWNER")
|
||||
private String owner;
|
||||
|
|
@ -146,6 +146,9 @@ public class PolicyEntity {
|
|||
}
|
||||
|
||||
public Map<String, String> getConfig() {
|
||||
if (config == null) {
|
||||
config = new HashMap<>();
|
||||
}
|
||||
return this.config;
|
||||
}
|
||||
|
||||
|
|
@ -178,6 +181,9 @@ public class PolicyEntity {
|
|||
}
|
||||
|
||||
public Set<ResourceEntity> getResources() {
|
||||
if (resources == null) {
|
||||
resources = new HashSet<>();
|
||||
}
|
||||
return this.resources;
|
||||
}
|
||||
|
||||
|
|
@ -186,6 +192,9 @@ public class PolicyEntity {
|
|||
}
|
||||
|
||||
public Set<ScopeEntity> getScopes() {
|
||||
if (scopes == null) {
|
||||
scopes = new HashSet<>();
|
||||
}
|
||||
return this.scopes;
|
||||
}
|
||||
|
||||
|
|
@ -194,6 +203,9 @@ public class PolicyEntity {
|
|||
}
|
||||
|
||||
public Set<PolicyEntity> getAssociatedPolicies() {
|
||||
if (associatedPolicies == null) {
|
||||
associatedPolicies = new HashSet<>();
|
||||
}
|
||||
return associatedPolicies;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ public class ResourceEntity {
|
|||
@ElementCollection(fetch = FetchType.LAZY)
|
||||
@Column(name = "VALUE")
|
||||
@CollectionTable(name = "RESOURCE_URIS", joinColumns = { @JoinColumn(name="RESOURCE_ID") })
|
||||
private Set<String> uris = new HashSet<>();
|
||||
private Set<String> uris;
|
||||
|
||||
@Column(name = "TYPE")
|
||||
private String type;
|
||||
|
|
@ -107,16 +107,16 @@ public class ResourceEntity {
|
|||
|
||||
@OneToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "RESOURCE_SCOPE", joinColumns = @JoinColumn(name = "RESOURCE_ID"), inverseJoinColumns = @JoinColumn(name = "SCOPE_ID"))
|
||||
private List<ScopeEntity> scopes = new LinkedList<>();
|
||||
private List<ScopeEntity> scopes;
|
||||
|
||||
@ManyToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "RESOURCE_POLICY", joinColumns = @JoinColumn(name = "RESOURCE_ID"), inverseJoinColumns = @JoinColumn(name = "POLICY_ID"))
|
||||
private List<PolicyEntity> policies = new LinkedList<>();
|
||||
private List<PolicyEntity> policies;
|
||||
|
||||
@OneToMany(cascade = CascadeType.REMOVE, orphanRemoval = true, mappedBy="resource", fetch = FetchType.LAZY)
|
||||
@Fetch(FetchMode.SELECT)
|
||||
@BatchSize(size = 20)
|
||||
private Collection<ResourceAttributeEntity> attributes = new ArrayList<>();
|
||||
private Collection<ResourceAttributeEntity> attributes;
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
|
|
@ -143,6 +143,9 @@ public class ResourceEntity {
|
|||
}
|
||||
|
||||
public Set<String> getUris() {
|
||||
if (uris == null) {
|
||||
uris = new HashSet<>();
|
||||
}
|
||||
return uris;
|
||||
}
|
||||
|
||||
|
|
@ -159,6 +162,9 @@ public class ResourceEntity {
|
|||
}
|
||||
|
||||
public List<ScopeEntity> getScopes() {
|
||||
if (scopes == null) {
|
||||
scopes = new LinkedList<>();
|
||||
}
|
||||
return this.scopes;
|
||||
}
|
||||
|
||||
|
|
@ -195,6 +201,9 @@ public class ResourceEntity {
|
|||
}
|
||||
|
||||
public List<PolicyEntity> getPolicies() {
|
||||
if (policies == null) {
|
||||
policies = new LinkedList<>();
|
||||
}
|
||||
return this.policies;
|
||||
}
|
||||
|
||||
|
|
@ -204,6 +213,9 @@ public class ResourceEntity {
|
|||
}
|
||||
|
||||
public Collection<ResourceAttributeEntity> getAttributes() {
|
||||
if (attributes == null) {
|
||||
attributes = new LinkedList<>();
|
||||
}
|
||||
return attributes;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ import javax.persistence.NamedQueries;
|
|||
import javax.persistence.NamedQuery;
|
||||
import javax.persistence.Table;
|
||||
import javax.persistence.UniqueConstraint;
|
||||
import java.util.ArrayList;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
|
|
@ -71,7 +71,7 @@ public class ScopeEntity {
|
|||
|
||||
@ManyToMany(fetch = FetchType.LAZY, cascade = {})
|
||||
@JoinTable(name = "SCOPE_POLICY", joinColumns = @JoinColumn(name = "SCOPE_ID"), inverseJoinColumns = @JoinColumn(name = "POLICY_ID"))
|
||||
private List<PolicyEntity> policies = new ArrayList<>();
|
||||
private List<PolicyEntity> policies;
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
|
|
@ -114,6 +114,9 @@ public class ScopeEntity {
|
|||
}
|
||||
|
||||
public List<PolicyEntity> getPolicies() {
|
||||
if (policies == null) {
|
||||
policies = new LinkedList<>();
|
||||
}
|
||||
return policies;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@
|
|||
<packaging>pom</packaging>
|
||||
|
||||
<properties>
|
||||
<quarkus.version>1.5.0.CR1</quarkus.version>
|
||||
<quarkus.version>1.5.1.Final</quarkus.version>
|
||||
<resteasy.version>4.5.3.Final</resteasy.version>
|
||||
<jackson.version>2.10.2</jackson.version>
|
||||
<jackson.databind.version>${jackson.version}</jackson.databind.version>
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ import org.keycloak.provider.KeycloakDeploymentInfo;
|
|||
import org.keycloak.provider.ProviderFactory;
|
||||
import org.keycloak.provider.ProviderLoader;
|
||||
import org.keycloak.provider.ProviderManager;
|
||||
import org.keycloak.provider.ProviderManagerRegistry;
|
||||
import org.keycloak.provider.Spi;
|
||||
import org.keycloak.services.DefaultKeycloakSessionFactory;
|
||||
import org.keycloak.services.ServicesLogger;
|
||||
|
|
@ -81,6 +82,8 @@ public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionF
|
|||
}
|
||||
|
||||
AdminPermissions.registerListener(this);
|
||||
// make the session factory ready for hot deployment
|
||||
ProviderManagerRegistry.SINGLETON.setDeployer(this);
|
||||
}
|
||||
|
||||
private Set<Spi> loadRuntimeSpis(ProviderLoader runtimeLoader) {
|
||||
|
|
@ -99,16 +102,6 @@ public final class QuarkusKeycloakSessionFactory extends DefaultKeycloakSessionF
|
|||
return spis;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deploy(ProviderManager pm) {
|
||||
throw new RuntimeException("Not supported");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void undeploy(ProviderManager pm) {
|
||||
throw new RuntimeException("Not supported");
|
||||
}
|
||||
|
||||
private ProviderLoader createUserProviderLoader() {
|
||||
return UserProviderLoader
|
||||
.create(KeycloakDeploymentInfo.create().services(), Thread.currentThread().getContextClassLoader());
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
/*
|
||||
* Copyright 2020 Analytical Graphics, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
import javax.enterprise.inject.Instance;
|
||||
import javax.enterprise.inject.spi.CDI;
|
||||
import javax.net.ssl.SSLPeerUnverifiedException;
|
||||
import javax.net.ssl.SSLSession;
|
||||
|
||||
import io.vertx.core.http.HttpServerRequest;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.HttpRequest;
|
||||
import org.keycloak.services.x509.X509ClientCertificateLookup;
|
||||
|
||||
import io.vertx.ext.web.RoutingContext;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
public class VertxClientCertificateLookup implements X509ClientCertificateLookup {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(VertxClientCertificateLookup.class);
|
||||
|
||||
public VertxClientCertificateLookup() {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public X509Certificate[] getCertificateChain(HttpRequest httpRequest) {
|
||||
Instance<RoutingContext> instances = CDI.current().select(RoutingContext.class);
|
||||
|
||||
if (instances.isResolvable()) {
|
||||
RoutingContext context = instances.get();
|
||||
|
||||
try {
|
||||
SSLSession sslSession = context.request().sslSession();
|
||||
|
||||
if (sslSession == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
X509Certificate[] certificates = (X509Certificate[]) sslSession.getPeerCertificates();
|
||||
|
||||
if (logger.isTraceEnabled() && certificates != null) {
|
||||
for (X509Certificate cert : certificates) {
|
||||
logger.tracef("Certificate's SubjectDN => \"%s\"", cert.getSubjectDN().getName());
|
||||
}
|
||||
}
|
||||
|
||||
return certificates;
|
||||
} catch (SSLPeerUnverifiedException ignore) {
|
||||
// client not authenticated
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,62 @@
|
|||
/*
|
||||
* Copyright 2020 Analytical Graphics, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
package org.keycloak.provider.quarkus;
|
||||
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.KeycloakSessionFactory;
|
||||
import org.keycloak.services.x509.X509ClientCertificateLookup;
|
||||
import org.keycloak.services.x509.X509ClientCertificateLookupFactory;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
|
||||
*/
|
||||
public class VertxClientCertificateLookupFactory implements X509ClientCertificateLookupFactory {
|
||||
|
||||
private static X509ClientCertificateLookup SINGLETON;
|
||||
|
||||
@Override
|
||||
public X509ClientCertificateLookup create(KeycloakSession session) {
|
||||
return SINGLETON;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void init(Config.Scope config) {
|
||||
SINGLETON = new VertxClientCertificateLookup();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void postInit(KeycloakSessionFactory factory) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getId() {
|
||||
return "quarkus";
|
||||
}
|
||||
|
||||
@Override
|
||||
public int order() {
|
||||
return 100;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
#
|
||||
# Copyright 2020 Analytical Graphics, Inc. and/or its affiliates
|
||||
# and other contributors as indicated by the @author tags.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
#
|
||||
org.keycloak.provider.quarkus.VertxClientCertificateLookupFactory
|
||||
|
|
@ -234,7 +234,9 @@ public class ConditionalOtpFormAuthenticator extends OTPFormAuthenticator {
|
|||
|
||||
//TODO cache RequestHeader Patterns
|
||||
//TODO how to deal with pattern syntax exceptions?
|
||||
Pattern pattern = Pattern.compile(headerPattern, Pattern.DOTALL);
|
||||
// need CASE_INSENSITIVE flag so that we also have matches when the underlying container use a different case than what
|
||||
// is usually expected (e.g.: vertx)
|
||||
Pattern pattern = Pattern.compile(headerPattern, Pattern.DOTALL | Pattern.CASE_INSENSITIVE);
|
||||
|
||||
for (Map.Entry<String, List<String>> entry : requestHeaders.entrySet()) {
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ public class DefaultClientCertificateLookup implements X509ClientCertificateLook
|
|||
public X509Certificate[] getCertificateChain(HttpRequest httpRequest) {
|
||||
|
||||
X509Certificate[] certs = (X509Certificate[]) httpRequest.getAttribute(JAVAX_SERVLET_REQUEST_X509_CERTIFICATE);
|
||||
if (certs != null) {
|
||||
if (logger.isTraceEnabled() && certs != null) {
|
||||
for (X509Certificate cert : certs) {
|
||||
logger.tracef("Certificate's SubjectDN => \"%s\"", cert.getSubjectDN().getName());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@
|
|||
|
||||
<properties>
|
||||
<auth.server.home>${project.build.directory}/unpacked/keycloak.x-${project.version}</auth.server.home>
|
||||
<common.resources>${basedir}/../jboss/common</common.resources>
|
||||
<session.cache.owners>2</session.cache.owners>
|
||||
<offline.session.cache.owners>2</offline.session.cache.owners>
|
||||
<login.failure.cache.owners>2</login.failure.cache.owners>
|
||||
|
|
@ -34,7 +35,55 @@
|
|||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-conf</id>
|
||||
<id>copy-content</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${auth.server.home}</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>src/main/content</directory>
|
||||
<includes>
|
||||
<include>**</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
<overwrite>true</overwrite>
|
||||
</configuration>
|
||||
</execution>
|
||||
<execution>
|
||||
<id>copy-pki-root</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${auth.server.home}</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>${common.resources}/keystore</directory>
|
||||
<includes>
|
||||
<include>ca.crt</include>
|
||||
<include>client.crt</include>
|
||||
<include>client.key</include>
|
||||
<include>*.crl</include>
|
||||
</includes>
|
||||
</resource>
|
||||
<resource>
|
||||
<directory>${common.resources}/pki/root/ca</directory>
|
||||
<includes>
|
||||
<include>certs/clients/test-user-san@localhost.cert.pem</include>
|
||||
<include>certs/clients/test-user@localhost.key.pem</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
<overwrite>true</overwrite>
|
||||
</configuration>
|
||||
</execution>
|
||||
<execution>
|
||||
<id>copy-pki-conf</id>
|
||||
<phase>process-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
|
|
@ -43,9 +92,18 @@
|
|||
<outputDirectory>${auth.server.home}/conf</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>src/main/content/conf</directory>
|
||||
<directory>${common.resources}/keystore</directory>
|
||||
<includes>
|
||||
<include>**</include>
|
||||
<include>keycloak.jks</include>
|
||||
<include>keycloak.truststore</include>
|
||||
<include>client.jks</include>
|
||||
<include>client-ca.jks</include>
|
||||
<include>ca.crt</include>
|
||||
<include>client.crt</include>
|
||||
<include>client.key</include>
|
||||
<include>*.crl</include>
|
||||
<!-- KEYCLOAK-6771 Certificate Bound Token -->
|
||||
<include>other_client.jks</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
|
|
@ -13,6 +13,9 @@ datasource.password = keycloak
|
|||
# SSL
|
||||
http.ssl.certificate.key-store-file=${keycloak.home.dir}/conf/keycloak.jks
|
||||
http.ssl.certificate.key-store-password=secret
|
||||
http.ssl.certificate.trust-store-file=${keycloak.home.dir}/conf/keycloak.truststore
|
||||
http.ssl.certificate.trust-store-password=secret
|
||||
http.ssl.client-auth=REQUEST
|
||||
|
||||
# Proxy
|
||||
http.proxy-address-forwarding=true
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -0,0 +1,44 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDxTCCAq2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZjELMAkGA1UEBhMCVVMx
|
||||
CzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0d29yZDEQMA4GA1UEChMHUmVkIEhh
|
||||
dDERMA8GA1UECxMIS2V5Y2xvYWsxEjAQBgNVBAMTCWxvY2FsaG9zdDAgFw0xNjEw
|
||||
MzEyMDA2NTJaGA8zMDE2MDMwMzIwMDY1MlowYzELMAkGA1UEBhMCVVMxCzAJBgNV
|
||||
BAgMAk1BMQ8wDQYDVQQHDAZCb3N0b24xEDAOBgNVBAoMB1JlZCBIYXQxETAPBgNV
|
||||
BAsMCEtleWNsb2FrMREwDwYDVQQDDAhLZXljbG9hazCCASIwDQYJKoZIhvcNAQEB
|
||||
BQADggEPADCCAQoCggEBAOyWSWjty1OtggI8zI+tbLy0mdyE5z3pnqUuspLZcrb3
|
||||
sWoSWh0m+OhZOH8wIldav3+nNtM3G5dLK8L+iMRFu/1clpIDtzoLSV/v0HxiovJi
|
||||
rOW9PhfyMu+vQE3D27zgOspW6leETQhO6tNKKT/NqBkgAIyYp0zAGT3tVs3k7mL+
|
||||
jVorVf8lbExOaomH3S2HoxFUHsMUBkS0WYV2tN1Fyqp9ieVGBu0fiItnZAOofi6G
|
||||
kS1L2ZBRbHW4eRbr77gUsETgPYXkPdN0mT7KC90KLEJfie7TyQf7O7EACQb+Y5nG
|
||||
ySBT93fDTaIbJ2JR4UYwLXiLGZF4k+mvlQj2PJAG1W0CAwEAAaN+MHwwHQYDVR0O
|
||||
BBYEFJ1G0xr/t9MQ/8lyXdmgbdoxAoOjMB8GA1UdIwQYMBaAFFCfEXmWKTtaiZG7
|
||||
tCvBrmQiujrLMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMBYG
|
||||
A1UdJQEB/wQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IBAQAbcogxp/yb
|
||||
i7gF1Z+mZUwhqd2hqmMlE2AmLrZuo5jsq66XhwQTk13kvUYExlQw6DStrKDuRySj
|
||||
DRIQhu5UU4hLhewa9yl8iRs/zvZQsShJZ0vJPBhisTzU5vnA+ioHqTF91DX66xHE
|
||||
l57O8Vcmt8fCAg+LpWTokNvy04/0+vmy0od1/LF9sawTgXYu5g+o4JYzurOMxH9v
|
||||
Kn6cOLvpiAO/BsCYXKZxTu6WQX2N4AVRDVBJSiTvHylXtQX/t7fMIm27qU/TYona
|
||||
jWmZjy8Up99LpL+q6L4W8zZc35jzKF64Th6lMz/shc4/BHa1QVPgQ9yRWnoNJvUz
|
||||
9IceMNNiEnA5
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDazCCAlOgAwIBAgIERfv3izANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJV
|
||||
UzELMAkGA1UECBMCTUExETAPBgNVBAcTCFdlc3R3b3JkMRAwDgYDVQQKEwdSZWQg
|
||||
SGF0MREwDwYDVQQLEwhLZXljbG9hazESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTE1
|
||||
MTIwNDA2NTExOFoXDTQ1MTEyNjA2NTExOFowZjELMAkGA1UEBhMCVVMxCzAJBgNV
|
||||
BAgTAk1BMREwDwYDVQQHEwhXZXN0d29yZDEQMA4GA1UEChMHUmVkIEhhdDERMA8G
|
||||
A1UECxMIS2V5Y2xvYWsxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
|
||||
AQEBBQADggEPADCCAQoCggEBAIb7QEw18tpTIVoLUS8kpZaU84btm4nkbVrVNOxC
|
||||
zsOVfhFGsc6kUamhHokvvOSWqHS+5FOTVWHPYrNTIwm1vodkqiy7xLCC8MWTrtU5
|
||||
RwcrCZ8Mwkm0EUCLCTY113j9egIg+Uj4nkQyTPGNliygf+ef3finzUfarc1lBAHD
|
||||
+Z7cjrx4odtvQu88oGdhEXv5GoIno4bwkLRJKWWw9MRZGBxdTJlRGJ2hr0FVtNTw
|
||||
sMvgR6ZeDosH8zNNLikLuwMAl7qxCgzppfmZCGKF2H/JLaXUo1oCIwdtCSSJufGJ
|
||||
sa9cjdehroVIaiVaASQDKVUStoFz4kYrqUzOves4waJsRvcCAwEAAaMhMB8wHQYD
|
||||
VR0OBBYEFFCfEXmWKTtaiZG7tCvBrmQiujrLMA0GCSqGSIb3DQEBCwUAA4IBAQAD
|
||||
j/o+snjk/pydFLd3T6gr7k+ZWBi0gQKOOZ+xO9opblYMtG4bRm7wqsTyheUyeTQT
|
||||
DZNXIFN4fgCcvHpEi+3M9XL8gySVsu7XzN49UT+KXavwISlbWyryZDH42L/MNCjG
|
||||
Z8CD4IsyPAawgrC2Pc8NH8De5YqsGn2DId6R6xjFEumYtAEXXe3Wcp9T4G6yWSXO
|
||||
s0rARNfE534Rvne7Gx18g/Lj0BBP7qh3bNeReRmHKpnRK/V90SJNOkpaFF4oAMQr
|
||||
0pcZTJa4zoNcAoLHnwNBZmq43cPrffEOOMaCadiSSQ6bsJ0adZ+MSeJ1j4C9SrUn
|
||||
M9ES3g9Wj9OcCsHzrTAm
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDxTCCAq2gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwZjELMAkGA1UEBhMCVVMx
|
||||
CzAJBgNVBAgTAk1BMREwDwYDVQQHEwhXZXN0d29yZDEQMA4GA1UEChMHUmVkIEhh
|
||||
dDERMA8GA1UECxMIS2V5Y2xvYWsxEjAQBgNVBAMTCWxvY2FsaG9zdDAgFw0xNjEw
|
||||
MzEyMDA2NTJaGA8zMDE2MDMwMzIwMDY1MlowYzELMAkGA1UEBhMCVVMxCzAJBgNV
|
||||
BAgMAk1BMQ8wDQYDVQQHDAZCb3N0b24xEDAOBgNVBAoMB1JlZCBIYXQxETAPBgNV
|
||||
BAsMCEtleWNsb2FrMREwDwYDVQQDDAhLZXljbG9hazCCASIwDQYJKoZIhvcNAQEB
|
||||
BQADggEPADCCAQoCggEBAOyWSWjty1OtggI8zI+tbLy0mdyE5z3pnqUuspLZcrb3
|
||||
sWoSWh0m+OhZOH8wIldav3+nNtM3G5dLK8L+iMRFu/1clpIDtzoLSV/v0HxiovJi
|
||||
rOW9PhfyMu+vQE3D27zgOspW6leETQhO6tNKKT/NqBkgAIyYp0zAGT3tVs3k7mL+
|
||||
jVorVf8lbExOaomH3S2HoxFUHsMUBkS0WYV2tN1Fyqp9ieVGBu0fiItnZAOofi6G
|
||||
kS1L2ZBRbHW4eRbr77gUsETgPYXkPdN0mT7KC90KLEJfie7TyQf7O7EACQb+Y5nG
|
||||
ySBT93fDTaIbJ2JR4UYwLXiLGZF4k+mvlQj2PJAG1W0CAwEAAaN+MHwwHQYDVR0O
|
||||
BBYEFJ1G0xr/t9MQ/8lyXdmgbdoxAoOjMB8GA1UdIwQYMBaAFFCfEXmWKTtaiZG7
|
||||
tCvBrmQiujrLMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMBYG
|
||||
A1UdJQEB/wQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IBAQAbcogxp/yb
|
||||
i7gF1Z+mZUwhqd2hqmMlE2AmLrZuo5jsq66XhwQTk13kvUYExlQw6DStrKDuRySj
|
||||
DRIQhu5UU4hLhewa9yl8iRs/zvZQsShJZ0vJPBhisTzU5vnA+ioHqTF91DX66xHE
|
||||
l57O8Vcmt8fCAg+LpWTokNvy04/0+vmy0od1/LF9sawTgXYu5g+o4JYzurOMxH9v
|
||||
Kn6cOLvpiAO/BsCYXKZxTu6WQX2N4AVRDVBJSiTvHylXtQX/t7fMIm27qU/TYona
|
||||
jWmZjy8Up99LpL+q6L4W8zZc35jzKF64Th6lMz/shc4/BHa1QVPgQ9yRWnoNJvUz
|
||||
9IceMNNiEnA5
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1 @@
|
|||
R 30160303203843Z 161031204252Z 1000 unknown /C=US/ST=MA/L=Westwood/O=Red Hat/OU=Keycloak/CN=test-user@localhost/emailAddress=test-user@localhost
|
||||
|
|
@ -0,0 +1 @@
|
|||
unique_subject = yes
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA7JZJaO3LU62CAjzMj61svLSZ3ITnPemepS6yktlytvexahJa
|
||||
HSb46Fk4fzAiV1q/f6c20zcbl0srwv6IxEW7/VyWkgO3OgtJX+/QfGKi8mKs5b0+
|
||||
F/Iy769ATcPbvOA6ylbqV4RNCE7q00opP82oGSAAjJinTMAZPe1WzeTuYv6NWitV
|
||||
/yVsTE5qiYfdLYejEVQewxQGRLRZhXa03UXKqn2J5UYG7R+Ii2dkA6h+LoaRLUvZ
|
||||
kFFsdbh5FuvvuBSwROA9heQ903SZPsoL3QosQl+J7tPJB/s7sQAJBv5jmcbJIFP3
|
||||
d8NNohsnYlHhRjAteIsZkXiT6a+VCPY8kAbVbQIDAQABAoIBAAPhdzTMacBmoTJO
|
||||
MwDMVHNH9xoh5/UhBuQovu8ft/z+VR+rS2UdBYoyJHYZoQaTy35ZjNGsHry9k+sv
|
||||
56hoiGvgf+vHOdMu6jYzpdTUfV3CdpmSIBmedG1wD3r3EnynpO86u79RwT24patv
|
||||
lPuh8PbwinHD80KUCBX29ayM68gd4rptebF+BW7iN1yvw4lgPLbCAgjRgRee2r7i
|
||||
kTDQKgqSV9oZObJB10Lf42E/COXzAj2gJo55bjQFoZtpaueaLZNn83hKNsEFOwYi
|
||||
Xe9I5PGs0xBltiWGuodmUMgat4BS25Bg398rVZhC8HC79NfLeD6XRMWS2muVM8eR
|
||||
/A61TGECgYEA+uDFw/cH/sYx32JGcTRHGdbwNDI9edIB5B/WP6D21pql7LZWPGa2
|
||||
uSNP1fDJwbqEGKxHLGOJYBHySao8Vnjl38ppwj2pPQAqnhQW7gy2Re/tl8y/2GF8
|
||||
EMFn3o7/Nb85NdydBlUU0Lf3MpI0C8GEQ0EA6KeRrb0H2q77/KAQNUUCgYEA8WrS
|
||||
XxPaDVaRLGWePjey0laOl7wNGpZuQ3MgUiN1FyGcdFs2VEr8GFhW1umSvDgFSHyj
|
||||
eN+gmBHkwWTSSqfxzukSfhUbFQLrqtOvhyeHC5MJOf+Z4hE2haLzVIT5y7sIe2Tz
|
||||
IbScrwUpRDDx4QIYvD3Y7cu/XpG3W90/oxOZfgkCgYEAsSJ9YGUOdxv3YLMh65Iu
|
||||
1ZbGWQRUFaxq+2hjPN/pCRN+Lgl8D/+x6jx9hSATRD7uQAF762KIP5XMTajuG1wX
|
||||
apCfZa9lzBVPAfhLTF8bX3wNdM3zctM55xa3wROULJ3MxjPzhuIR5WDPIBzMtLQ5
|
||||
L8c43gxatqIuZoCAmRlm+EUCgYEAnvgbbRYyaMQPNm/3wrqEmzL6FHp1GoPiObIO
|
||||
n2fPy5qLXqdNYDY8SH+rNzt5L02oVPIV5xtCscBepOaR/y0V8ozRa4rUWYKh0swv
|
||||
8kyaBYod8j4Yg5+YCmmh1470ui3/yNlRrGk1H57DbK7aJ7NsvE/xj6yx6EEFv40y
|
||||
QV0/npkCgYEAxqrBDuoWx71zghC33g+lE73G7x21M/565rc+UOMOgyCCBUvc74DE
|
||||
JXe6/hpPc4wF5yLosJ+pkzT1YlTTzwEiYwpwE73DxrZRmnPHPqUMQDyfHRg8HGs3
|
||||
hJQ/jdKyqtwxmEoCAcaq5p+sa9WuxrvLqfquvEkeL2xNAKrkq/Iw4Ug=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -526,7 +526,7 @@ public class AuthServerTestEnricher {
|
|||
TestContext testContext = new TestContext(suiteContext, event.getTestClass().getJavaClass());
|
||||
testContextProducer.set(testContext);
|
||||
|
||||
if (!isAuthServerRemote() && event.getTestClass().isAnnotationPresent(EnableVault.class)) {
|
||||
if (!isAuthServerRemote() && !isAuthServerQuarkus() && event.getTestClass().isAnnotationPresent(EnableVault.class)) {
|
||||
VaultUtils.enableVault(suiteContext, event.getTestClass().getAnnotation(EnableVault.class).providerId());
|
||||
restartAuthServer();
|
||||
testContext.reconnectAdminClient();
|
||||
|
|
|
|||
|
|
@ -66,6 +66,10 @@ public class ContainerInfo implements Comparable<ContainerInfo> {
|
|||
return getQualifier().toLowerCase().contains("undertow");
|
||||
}
|
||||
|
||||
public boolean isQuarkus() {
|
||||
return getQualifier().toLowerCase().contains("quarkus");
|
||||
}
|
||||
|
||||
public boolean isAS7() {
|
||||
return getQualifier().toLowerCase().contains("as7");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@ import java.lang.annotation.Target;
|
|||
@Inherited
|
||||
public @interface AuthServerContainerExclude {
|
||||
AuthServer[] value();
|
||||
String details() default "";
|
||||
|
||||
public enum AuthServer {
|
||||
REMOTE,
|
||||
|
|
|
|||
|
|
@ -88,6 +88,10 @@ public class KeycloakContainerFeaturesController {
|
|||
*
|
||||
*/
|
||||
private void assertValid() {
|
||||
// feature may be disabled after test method run, if trying to disable a disabled feature, ignore
|
||||
if (FeatureAction.DISABLE.equals(action) && !ProfileAssume.isFeatureEnabled(feature)) {
|
||||
return;
|
||||
}
|
||||
assertThat("An annotation requested to " + action.name()
|
||||
+ " feature " + feature.name() + " however it was already in that state" ,
|
||||
ProfileAssume.isFeatureEnabled(feature),
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ public class KeycloakQuarkusConfiguration implements ContainerConfiguration {
|
|||
private String keycloakConfigPropertyOverrides;
|
||||
private HashMap<String, Object> keycloakConfigPropertyOverridesMap;
|
||||
private String profile;
|
||||
private String javaOpts;
|
||||
|
||||
@Override
|
||||
public void validate() throws ConfigurationException {
|
||||
|
|
@ -127,4 +128,12 @@ public class KeycloakQuarkusConfiguration implements ContainerConfiguration {
|
|||
public Map<String, Object> getKeycloakConfigPropertyOverridesMap() {
|
||||
return keycloakConfigPropertyOverridesMap;
|
||||
}
|
||||
|
||||
public void setJavaOpts(String javaOpts) {
|
||||
this.javaOpts = javaOpts;
|
||||
}
|
||||
|
||||
public String getJavaOpts() {
|
||||
return javaOpts;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -107,6 +107,13 @@ public class KeycloakQuarkusServerDeployableContainer implements DeployableConta
|
|||
File wrkDir = configuration.getProvidersPath().resolve("bin").toFile();
|
||||
ProcessBuilder builder = pb.directory(wrkDir).inheritIO();
|
||||
|
||||
String javaOpts;
|
||||
|
||||
if ((javaOpts = configuration.getJavaOpts()) == null) {
|
||||
javaOpts = "-Xms256m -Xmx256m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=512m -Djava.net.preferIPv4Stack=true";
|
||||
}
|
||||
|
||||
builder.environment().put("JAVA_OPTS", javaOpts);
|
||||
builder.environment().put("KEYCLOAK_ADMIN", "admin");
|
||||
builder.environment().put("KEYCLOAK_ADMIN_PASSWORD", "admin");
|
||||
|
||||
|
|
|
|||
|
|
@ -56,4 +56,9 @@ public class ContainerAssume {
|
|||
public static void assumeAppServerSSL() {
|
||||
Assume.assumeTrue("Only works with the SSL configured", APP_SERVER_SSL_REQUIRED);
|
||||
}
|
||||
|
||||
public static void assumeNotAuthServerQuarkus() {
|
||||
Assume.assumeFalse("Doesn't work on auth-server-quarkus",
|
||||
AuthServerTestEnricher.AUTH_SERVER_CONTAINER.equals("auth-server-quarkus"));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ public class VaultUtils {
|
|||
}
|
||||
|
||||
public static void disableVault(SuiteContext suiteContext, EnableVault.PROVIDER_ID provider) throws IOException, CliException, TimeoutException, InterruptedException {
|
||||
if (suiteContext.getAuthServerInfo().isUndertow()) {
|
||||
if (suiteContext.getAuthServerInfo().isUndertow() || suiteContext.getAuthServerInfo().isQuarkus()) {
|
||||
System.setProperty("keycloak.vault." + provider.getName() + ".provider.enabled", "false");
|
||||
} else {
|
||||
OnlineManagementClient client = AuthServerTestEnricher.getManagementClient();
|
||||
|
|
|
|||
|
|
@ -491,6 +491,7 @@ public class BrokerLinkAndTokenExchangeTest extends AbstractServletsAdapterTest
|
|||
@UncaughtServerErrorExpected
|
||||
public void testExportImport() throws Exception {
|
||||
ContainerAssume.assumeNotAuthServerRemote();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
|
||||
testExternalExchange();
|
||||
testingClient.testing().exportImport().setProvider(SingleFileExportProviderFactory.PROVIDER_ID);
|
||||
|
|
|
|||
|
|
@ -142,6 +142,7 @@ import org.keycloak.services.resources.RealmsResource;
|
|||
import org.keycloak.testsuite.adapter.page.*;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
|
||||
import org.keycloak.testsuite.auth.page.login.Login;
|
||||
import org.keycloak.testsuite.auth.page.login.SAMLIDPInitiatedLogin;
|
||||
|
|
@ -1580,6 +1581,8 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
|
|||
client.close();
|
||||
}
|
||||
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus")
|
||||
@Test
|
||||
public void testSuccessfulEcpFlow() throws Exception {
|
||||
Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request()
|
||||
|
|
@ -1670,6 +1673,8 @@ public class SAMLServletAdapterTest extends AbstractSAMLServletAdapterTest {
|
|||
Assert.assertThat(resourceResponse.readEntity(String.class), containsString("pedroigor"));
|
||||
}
|
||||
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"Exclude Quarkus because when running on Java 9+ you get CNF exceptions due to the fact that javax.xml.soap was removed (as well as other JEE modules). Need to discuss how we are going to solve this for both main dist and Quarkus")
|
||||
@Test
|
||||
public void testInvalidCredentialsEcpFlow() throws Exception {
|
||||
Response authnRequestResponse = ClientBuilder.newClient().target(ecpSPPage.toString()).request()
|
||||
|
|
|
|||
|
|
@ -64,6 +64,9 @@ public class AddUserTest extends AbstractKeycloakTest {
|
|||
|
||||
// container auth-server-remote cannot be restarted
|
||||
ContainerAssume.assumeNotAuthServerRemote();
|
||||
|
||||
// don't run with auth-server-quarkus for now
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import org.keycloak.testsuite.arquillian.annotation.EnableVault;
|
|||
* @author Martin Kanis <mkanis@redhat.com>
|
||||
*/
|
||||
@EnableVault
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
|
||||
public class SMTPConnectionVaultTest extends SMTPConnectionTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
@EnableVault
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
|
||||
public class UserFederationLdapConnectionTest extends AbstractAdminTest {
|
||||
|
||||
@ClassRule
|
||||
|
|
|
|||
|
|
@ -1,11 +1,13 @@
|
|||
package org.keycloak.testsuite.broker;
|
||||
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableVault;
|
||||
|
||||
/**
|
||||
* @author Martin Kanis <mkanis@redhat.com>
|
||||
*/
|
||||
@EnableVault
|
||||
@AuthServerContainerExclude(AuthServerContainerExclude.AuthServer.QUARKUS)
|
||||
public class KcOidcBrokerVaultTest extends AbstractBrokerTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ import static org.keycloak.testsuite.cli.KcAdmExec.execute;
|
|||
/**
|
||||
* @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
|
||||
public class KcAdmSessionTest extends AbstractAdmCliTest {
|
||||
|
||||
static Class<? extends List<ObjectNode>> LIST_OF_JSON = new ArrayList<ObjectNode>() {}.getClass();
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
/**
|
||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude(value = {AuthServer.REMOTE, AuthServer.QUARKUS}, details = "For quarkus, custom entities not yet supported")
|
||||
// This is testing custom SPI which is, in case of remote server, deployed on container as part of testsuite providers.
|
||||
// It looks like the problem is, that in the time of loading spis during keycloak deployment, the deployment of Testsuite providers
|
||||
// is not processed yet, hence the spi is not present yet, which results in nullpointer exception because service provided by the spi
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ import org.keycloak.models.RealmModel;
|
|||
import org.keycloak.OAuth2Constants;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.storage.ldap.idm.model.LDAPObject;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableVault;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.AssertEvents;
|
||||
|
|
@ -214,6 +215,8 @@ public class LDAPUserLoginTest extends AbstractLDAPTest {
|
|||
// Test variant: Bind credential set to vault
|
||||
@Test
|
||||
@LDAPConnectionParameters(bindCredential=LDAPConnectionParameters.BindCredential.VAULT, bindType=LDAPConnectionParameters.BindType.SIMPLE, encryption=LDAPConnectionParameters.Encryption.NONE)
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx")
|
||||
public void loginLDAPUserCredentialVaultAuthenticationSimpleEncryptionNone() {
|
||||
verifyConnectionUrlProtocolPrefix("ldap://");
|
||||
runLDAPLoginTest();
|
||||
|
|
@ -232,6 +235,8 @@ public class LDAPUserLoginTest extends AbstractLDAPTest {
|
|||
// Test variant: Bind credential set to vault
|
||||
@Test
|
||||
@LDAPConnectionParameters(bindCredential=LDAPConnectionParameters.BindCredential.VAULT, bindType=LDAPConnectionParameters.BindType.SIMPLE, encryption=LDAPConnectionParameters.Encryption.SSL)
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx")
|
||||
public void loginLDAPUserCredentialVaultAuthenticationSimpleEncryptionSSL() {
|
||||
verifyConnectionUrlProtocolPrefix("ldaps://");
|
||||
runLDAPLoginTest();
|
||||
|
|
@ -250,6 +255,8 @@ public class LDAPUserLoginTest extends AbstractLDAPTest {
|
|||
// Test variant: Bind credential set to vault
|
||||
@Test
|
||||
@LDAPConnectionParameters(bindCredential=LDAPConnectionParameters.BindCredential.VAULT, bindType=LDAPConnectionParameters.BindType.SIMPLE, encryption=LDAPConnectionParameters.Encryption.STARTTLS)
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx")
|
||||
public void loginLDAPUserCredentialVaultAuthenticationSimpleEncryptionStartTLS() {
|
||||
verifyConnectionUrlProtocolPrefix("ldap://");
|
||||
runLDAPLoginTest();
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.testsuite.federation.ldap;
|
||||
|
||||
import org.junit.ClassRule;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableVault;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
import org.keycloak.testsuite.util.LDAPTestConfiguration;
|
||||
|
|
@ -13,6 +14,8 @@ import static org.keycloak.models.LDAPConstants.BIND_CREDENTIAL;
|
|||
* @author mhajas
|
||||
*/
|
||||
@EnableVault
|
||||
@AuthServerContainerExclude(value = AuthServerContainerExclude.AuthServer.QUARKUS, details =
|
||||
"java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx")
|
||||
public class LDAPVaultCredentialsTest extends LDAPSyncTest {
|
||||
|
||||
private static final String VAULT_EXPRESSION = "${vault.ldap_bindCredential}";
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@ public class MetricsRestServiceTest extends AbstractKeycloakTest {
|
|||
@BeforeClass
|
||||
public static void enabled() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude(value = {AuthServer.REMOTE, AuthServer.QUARKUS}, details = "It works locally for Quarkus, but failing on CI for unknown reason")
|
||||
public class JsonFileImport198MigrationTest extends AbstractJsonFileImportMigrationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude(value = {AuthServer.REMOTE, AuthServer.QUARKUS}, details = "It works locally for Quarkus, but failing on CI for unknown reason")
|
||||
public class JsonFileImport255MigrationTest extends AbstractJsonFileImportMigrationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
|
||||
* @version $Revision: 1 $
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude(value = {AuthServer.REMOTE, AuthServer.QUARKUS}, details = "It works locally for Quarkus, but failing on CI for unknown reason")
|
||||
public class JsonFileImport343MigrationTest extends AbstractJsonFileImportMigrationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.A
|
|||
/**
|
||||
* Tests that we can import json file from previous version. MigrationTest only tests DB.
|
||||
*/
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude(value = {AuthServer.REMOTE, AuthServer.QUARKUS}, details = "It works locally for Quarkus, but failing on CI for unknown reason")
|
||||
public class JsonFileImport483MigrationTest extends AbstractJsonFileImportMigrationTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
|
|||
import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
|
||||
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
|
||||
@EnableFeature(value = OPENSHIFT_INTEGRATION, skipRestart = true)
|
||||
public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {
|
||||
|
||||
|
|
|
|||
|
|
@ -141,6 +141,7 @@ public class PasswordPolicyTest extends AbstractKeycloakTest {
|
|||
* KEYCLOAK-5244
|
||||
*/
|
||||
@Test
|
||||
@AuthServerContainerExclude(value = AuthServer.QUARKUS, details = "test-password-blacklist.txt not in classpath")
|
||||
public void testBlacklistPasswordPolicyWithTestBlacklist() throws Exception {
|
||||
|
||||
ContainerAssume.assumeNotAuthServerRemote();
|
||||
|
|
|
|||
|
|
@ -160,7 +160,7 @@ public class BasicSamlTest extends AbstractSamlTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
|
||||
public void testNoPortInDestination() throws Exception {
|
||||
// note that this test relies on settings of the login-protocol.saml.knownProtocols configuration option
|
||||
testWithOverriddenPort(-1, Response.Status.OK, containsString("login"));
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@ public class DeployedScriptAuthenticatorTest extends AbstractFlowTest {
|
|||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
|
||||
@Rule
|
||||
|
|
|
|||
|
|
@ -74,6 +74,7 @@ public class DeployedScriptMapperTest extends AbstractTestRealmKeycloakTest {
|
|||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
|
||||
@ArquillianResource
|
||||
|
|
|
|||
|
|
@ -88,6 +88,7 @@ public class DeployedScriptPolicyTest extends AbstractAuthzTest {
|
|||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
@ArquillianResource
|
||||
private Deployer deployer;
|
||||
|
|
|
|||
|
|
@ -67,6 +67,7 @@ public class UndeployedScriptMapperNotAvailableTest extends AbstractTestRealmKey
|
|||
@BeforeClass
|
||||
public static void verifyEnvironment() {
|
||||
ContainerAssume.assumeNotAuthServerUndertow();
|
||||
ContainerAssume.assumeNotAuthServerQuarkus();
|
||||
}
|
||||
|
||||
@ArquillianResource
|
||||
|
|
|
|||
|
|
@ -12,12 +12,13 @@ import org.keycloak.theme.Theme;
|
|||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:vincent.letarouilly@gmail.com">Vincent Letarouilly</a>
|
||||
*/
|
||||
@AuthServerContainerExclude(REMOTE)
|
||||
@AuthServerContainerExclude({REMOTE, QUARKUS})
|
||||
public class DefaultThemeManagerTest extends AbstractKeycloakTest {
|
||||
|
||||
private static final String THEME_NAME = "environment-agnostic";
|
||||
|
|
|
|||
|
|
@ -41,10 +41,11 @@ import java.util.List;
|
|||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
|
||||
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
|
||||
|
||||
@AuthServerContainerExclude(REMOTE)
|
||||
@AuthServerContainerExclude({REMOTE, QUARKUS})
|
||||
public class DefaultHostnameTest extends AbstractHostnameTest {
|
||||
|
||||
@ArquillianResource
|
||||
|
|
|
|||
|
|
@ -61,9 +61,12 @@ import static org.junit.Assert.assertThat;
|
|||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
|
||||
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SCHEME;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
|
||||
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
|
||||
|
||||
@AuthServerContainerExclude(AuthServer.REMOTE)
|
||||
@AuthServerContainerExclude({REMOTE, QUARKUS})
|
||||
public class FixedHostnameTest extends AbstractHostnameTest {
|
||||
|
||||
public static final String SAML_CLIENT_ID = "http://whatever.hostname:8280/app/";
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ import org.keycloak.vault.VaultTranscriber;
|
|||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
|
||||
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
|
||||
|
||||
/**
|
||||
|
|
@ -41,7 +42,7 @@ import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerEx
|
|||
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
|
||||
*/
|
||||
@EnableVault
|
||||
@AuthServerContainerExclude(REMOTE)
|
||||
@AuthServerContainerExclude({REMOTE, QUARKUS})
|
||||
public class KeycloakVaultTest extends AbstractKeycloakTest {
|
||||
|
||||
@Override
|
||||
|
|
|
|||
Loading…
Reference in a new issue