libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-17304 ClientPoliciesTest - exclude mTLS tests for non-required SSL

Browse source
This commit is contained in:
Martin Bartoš 2021-03-03 11:18:04 +01:00 committed by Pavel Drozd
parent da6a017e86
commit d452041d7d
1 changed files with 17 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientPoliciesTest.java
View file

@ -27,7 +27,6 @@ import java.net.URISyntaxException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
@ -41,6 +40,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.hamcrest.Matchers;
import org.jboss.logging.Logger;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;
import org.keycloak.OAuth2Constants;
import org.keycloak.OAuthErrorException;
@ -102,12 +102,14 @@ import org.keycloak.testsuite.client.resources.TestApplicationResourceUrls;
import org.keycloak.testsuite.rest.resource.TestingOIDCEndpointsApplicationResource.AuthorizationEndpointRequestObject;
import org.keycloak.testsuite.services.clientpolicy.condition.TestRaiseExeptionConditionFactory;
import org.keycloak.testsuite.services.clientpolicy.executor.TestRaiseExeptionExecutorFactory;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.util.MutualTLSUtils;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.admin.client.resource.RolesResource;
import org.keycloak.testsuite.util.RoleBuilder;
import org.keycloak.testsuite.util.ServerURLs;
import org.keycloak.util.JsonSerialization;
@EnableFeature(value = Profile.Feature.CLIENT_POLICIES, skipRestart = true)
@ -1251,33 +1253,30 @@ public class ClientPoliciesTest extends AbstractClientPoliciesTest {
@Test
public void testHolderOfKeyEnforceExecutor() throws Exception {
String policyName = POLICY_NAME;
Assume.assumeTrue("This test must be executed with enabled TLS.", ServerURLs.AUTH_SERVER_SSL_REQUIRED);
final String policyName = POLICY_NAME;
createPolicy(policyName, DefaultClientPolicyProviderFactory.PROVIDER_ID, null, null, null);
logger.info("... Created Policy : " + policyName);
String conditionName = AnyClientCondition_NAME;
createCondition(conditionName, AnyClientConditionFactory.PROVIDER_ID, null, (ComponentRepresentation provider) -> {});
final String conditionName = AnyClientCondition_NAME;
createCondition(conditionName, AnyClientConditionFactory.PROVIDER_ID, null, (ComponentRepresentation provider) -> {
});
registerCondition(conditionName, policyName);
logger.info("... Registered Condition : " + conditionName);
String executorName = HolderOfKeyEnforceExecutor_NAME;
createExecutor(executorName, HolderOfKeyEnforceExecutorFactory.PROVIDER_ID, null, (ComponentRepresentation provider) -> {
setExecutorAugmentActivate(provider);
});
final String executorName = HolderOfKeyEnforceExecutor_NAME;
createExecutor(executorName, HolderOfKeyEnforceExecutorFactory.PROVIDER_ID, null, this::setExecutorAugmentActivate);
registerExecutor(executorName, policyName);
logger.info("... Registered Executor : " + executorName);
ClientResource clientResource = ApiUtil.findClientByClientId(adminClient.realm(REALM_NAME), TEST_CLIENT);
ClientRepresentation clientRep = clientResource.toRepresentation();
try (ClientAttributeUpdater cau = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, TEST_CLIENT)) {
ClientRepresentation clientRep = cau.getResource().toRepresentation();
Assert.assertNotNull(clientRep);
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setUseMtlsHoKToken(true);
clientResource.update(clientRep);
try {
cau.update();
checkMtlsFlow();
} finally {
clientResource = ApiUtil.findClientByClientId(adminClient.realm(REALM_NAME), TEST_CLIENT);
clientRep = clientResource.toRepresentation();
OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep).setUseMtlsHoKToken(false);
clientResource.update(clientRep);
}
}