From e6121f301f0812f07b458c0836f61d56511b0814 Mon Sep 17 00:00:00 2001 From: mposolda Date: Thu, 2 Oct 2014 22:52:44 +0200 Subject: [PATCH] KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession --- .../managers/AuthenticationManager.java | 2 +- .../testsuite/adapter/AdapterTest.java | 56 +++++++++++++++++++ .../testsuite/adapter/CustomerServlet.java | 1 + .../testsuite/adapter/SessionServlet.java | 38 +++++++++++++ .../org/keycloak/testsuite/rule/WebRule.java | 4 +- .../resources/adapter-test/demorealm.json | 10 ++++ .../adapter-test/session-keycloak.json | 10 ++++ 7 files changed, 118 insertions(+), 3 deletions(-) create mode 100644 testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java create mode 100644 testsuite/integration/src/test/resources/adapter-test/session-keycloak.json diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java index 20616876fc..78ba53df90 100755 --- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java +++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java @@ -86,7 +86,7 @@ public class AuthenticationManager { expireIdentityCookie(realm, uriInfo, connection); expireRememberMeCookie(realm, uriInfo, connection); - new ResourceAdminManager().logoutUser(uriInfo.getRequestUri(), realm, user.getId(), userSession); + new ResourceAdminManager().logoutSession(uriInfo.getRequestUri(), realm, userSession); session.sessions().removeUserSession(realm, userSession); } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java index ce0d51f76a..b410f39dbe 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java @@ -23,8 +23,10 @@ package org.keycloak.testsuite.adapter; import org.junit.Assert; import org.junit.ClassRule; +import org.junit.FixMethodOrder; import org.junit.Rule; import org.junit.Test; +import org.junit.runners.MethodSorters; import org.keycloak.Config; import org.keycloak.OAuth2Constants; import org.keycloak.Version; @@ -70,6 +72,7 @@ import java.util.Map; * * @author Bill Burke */ +@FixMethodOrder(MethodSorters.NAME_ASCENDING) public class AdapterTest { public static final String LOGIN_URL = OpenIDConnectService.loginPageUrl(UriBuilder.fromUri("http://localhost:8081/auth")).build("demo").toString(); @@ -92,6 +95,10 @@ public class AdapterTest { url = getClass().getResource("/adapter-test/product-keycloak.json"); deployApplication("product-portal", "/product-portal", ProductServlet.class, url.getPath(), "user"); + // Test that replacing system properties works for adapters + System.setProperty("my.host.name", "localhost"); + url = getClass().getResource("/adapter-test/session-keycloak.json"); + deployApplication("session-portal", "/session-portal", SessionServlet.class, url.getPath(), "user"); } }; @@ -416,6 +423,55 @@ public class AdapterTest { Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); } + @Test + public void testSingleSessionInvalidated() throws Throwable { + AdapterTest browser1 = this; + AdapterTest browser2 = new AdapterTest(); + loginAndCheckSession(browser1.driver, browser1.loginPage); + + // Open browser2 + browser2.webRule.before(); + try { + browser2.loginAndCheckSession(browser2.driver, browser2.loginPage); + + // Logout in browser1 + String logoutUri = OpenIDConnectService.logoutUrl(UriBuilder.fromUri("http://localhost:8081/auth")) + .queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:8081/session-portal").build("demo").toString(); + browser1.driver.navigate().to(logoutUri); + Assert.assertTrue(browser1.driver.getCurrentUrl().startsWith(LOGIN_URL)); + + // Assert that I am logged out in browser1 + browser1.driver.navigate().to("http://localhost:8081/session-portal"); + Assert.assertTrue(browser1.driver.getCurrentUrl().startsWith(LOGIN_URL)); + + // Assert that I am still logged in browser2 and same session is still preserved + browser2.driver.navigate().to("http://localhost:8081/session-portal"); + Assert.assertEquals(browser2.driver.getCurrentUrl(), "http://localhost:8081/session-portal"); + String pageSource = browser2.driver.getPageSource(); + Assert.assertTrue(pageSource.contains("Counter=3")); + + browser2.driver.navigate().to(logoutUri); + Assert.assertTrue(browser2.driver.getCurrentUrl().startsWith(LOGIN_URL)); + } finally { + browser2.webRule.after(); + } + } + + private static void loginAndCheckSession(WebDriver driver, LoginPage loginPage) { + driver.navigate().to("http://localhost:8081/session-portal"); + Assert.assertTrue(driver.getCurrentUrl().startsWith(LOGIN_URL)); + loginPage.login("bburke@redhat.com", "password"); + System.out.println("Current url: " + driver.getCurrentUrl()); + Assert.assertEquals(driver.getCurrentUrl(), "http://localhost:8081/session-portal"); + String pageSource = driver.getPageSource(); + Assert.assertTrue(pageSource.contains("Counter=1")); + + // Counter increased now + driver.navigate().to("http://localhost:8081/session-portal"); + pageSource = driver.getPageSource(); + Assert.assertTrue(pageSource.contains("Counter=2")); + + } } diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java index e77d0f871d..eafe55b5d3 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/CustomerServlet.java @@ -7,6 +7,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import javax.ws.rs.client.Client; import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.client.WebTarget; diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java new file mode 100644 index 0000000000..c7c4d85239 --- /dev/null +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/SessionServlet.java @@ -0,0 +1,38 @@ +package org.keycloak.testsuite.adapter; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +/** + * @author Marek Posolda + */ +public class SessionServlet extends HttpServlet { + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + String counter = increaseAndGetCounter(req); + + resp.setContentType("text/html"); + PrintWriter pw = resp.getWriter(); + pw.printf("%s", "Session Test"); + pw.printf("Counter=%s", counter); + pw.print(""); + pw.flush(); + + + } + + private String increaseAndGetCounter(HttpServletRequest req) { + HttpSession session = req.getSession(); + Integer counter = (Integer)session.getAttribute("counter"); + counter = (counter == null) ? 1 : counter + 1; + session.setAttribute("counter", counter); + return String.valueOf(counter); + } +} diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/WebRule.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/WebRule.java index 35454dcab6..dab37f7e52 100755 --- a/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/WebRule.java +++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/rule/WebRule.java @@ -46,7 +46,7 @@ public class WebRule extends ExternalResource { } @Override - protected void before() throws Throwable { + public void before() throws Throwable { driver = createWebDriver(); oauth = new OAuthClient(driver); initWebResources(test); @@ -121,7 +121,7 @@ public class WebRule extends ExternalResource { } @Override - protected void after() { + public void after() { driver.manage().deleteAllCookies(); driver.close(); } diff --git a/testsuite/integration/src/test/resources/adapter-test/demorealm.json b/testsuite/integration/src/test/resources/adapter-test/demorealm.json index ed538f253b..abc8e4086c 100755 --- a/testsuite/integration/src/test/resources/adapter-test/demorealm.json +++ b/testsuite/integration/src/test/resources/adapter-test/demorealm.json @@ -105,6 +105,16 @@ "http://localhost:8081/secure-portal/*" ], "secret": "password" + }, + { + "name": "session-portal", + "enabled": true, + "adminUrl": "http://localhost:8081/session-portal", + "baseUrl": "http://localhost:8081/session-portal", + "redirectUris": [ + "http://localhost:8081/session-portal/*" + ], + "secret": "password" } ], "oauthClients": [ diff --git a/testsuite/integration/src/test/resources/adapter-test/session-keycloak.json b/testsuite/integration/src/test/resources/adapter-test/session-keycloak.json new file mode 100644 index 0000000000..6a7f60b45c --- /dev/null +++ b/testsuite/integration/src/test/resources/adapter-test/session-keycloak.json @@ -0,0 +1,10 @@ +{ + "realm" : "demo", + "resource" : "session-portal", + "realm-public-key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", + "auth-server-url" : "http://${my.host.name}:8081/auth", + "ssl-required" : "external", + "credentials" : { + "secret": "password" + } +} \ No newline at end of file