libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Fix links

Browse source
This commit is contained in:
stianst 2020-03-26 08:17:45 +01:00 committed by Stian Thorgersen
parent 4387a71efb
commit ee167f8f81
6 changed files with 94 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
securing_apps/topics/oidc/java/installed-adapter.adoc
View file

@ -10,9 +10,6 @@ variant. The desktop variant uses the system browser
to gather the user credentials. The manual variant to gather the user credentials. The manual variant
reads the user credentials from `STDIN`. reads the user credentials from `STDIN`.
Tip: Google provides some more information about this approach on at
https://developers.google.com/identity/protocols/OAuth2InstalledApp[OAuth2InstalledApp].
===== How it works ===== How it works
To authenticate a user with the `desktop` variant the `KeycloakInstalled` To authenticate a user with the `desktop` variant the `KeycloakInstalled`

4
server_admin/topics/identity-broker/social/openshift.adoc
View file

@ -36,7 +36,7 @@ grantMethod: prompt <4>
Use client ID and secret defined by `oc create` command to enter them back on the {project_name} `Add identity provider` page. Use client ID and secret defined by `oc create` command to enter them back on the {project_name} `Add identity provider` page.
Go back to {project_name} and specify those items. Go back to {project_name} and specify those items.
Please refer to https://docs.okd.io/latest/architecture/additional_concepts/authentication.html#oauth[official OpenShift documentation] for more detailed guides. Please refer to https://docs.okd.io/latest/authentication/configuring-internal-oauth.html#oauth-register-additional-client_configuring-internal-oauth[official OpenShift documentation] for more detailed guides.
==== OpenShift 4 ==== OpenShift 4
@ -81,4 +81,4 @@ Go back to {project_name} and specify those items.
TIP: The OpenShift API server returns `The client is not authorized to request a token using this method` whenever `OAuthClient` TIP: The OpenShift API server returns `The client is not authorized to request a token using this method` whenever `OAuthClient`
`name`, `secret` or `redirectURIs` is incorrect. Make sure you copy-pasted them into {project_name} OpenShift 4 Identity Provider page correctly. `name`, `secret` or `redirectURIs` is incorrect. Make sure you copy-pasted them into {project_name} OpenShift 4 Identity Provider page correctly.
Please refer to https://docs.okd.io/latest/architecture/additional_concepts/authentication.html#oauth[official OpenShift documentation] for more detailed guides. Please refer to https://docs.okd.io/latest/authentication/configuring-internal-oauth.html#oauth-register-additional-client_configuring-internal-oauth[official OpenShift documentation] for more detailed guides.

6
tests/pom.xml
View file

@ -118,6 +118,12 @@
<version>2.1.0</version> <version>2.1.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.12</version>
<scope>test</scope>
</dependency>
</dependencies> </dependencies>
<profiles> <profiles>

98
tests/src/test/java/org/keycloak/documentation/test/utils/HttpUtils.java
View file

@ -1,68 +1,104 @@
package org.keycloak.documentation.test.utils; package org.keycloak.documentation.test.utils;
import org.apache.commons.io.IOUtils; import org.apache.commons.io.IOUtils;
import org.apache.http.HttpEntity;
import org.apache.http.client.config.CookieSpecs;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.cookie.CookieSpec;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import java.io.IOException;
import java.io.StringWriter; import java.io.StringWriter;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.URL; import java.net.URL;
import java.net.URLDecoder; import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
public class HttpUtils { public class HttpUtils {
private static final Logger logger = LogManager.getLogger(HttpUtils.class); public Response load(String url) {
CloseableHttpClient client = createClient();
public boolean isValid(String url) {
Response response = load(url, false, false);
return response.isSuccess();
}
public Response load(String url, boolean readContent, boolean followRedirects) {
int retryCount = Constants.HTTP_RETRY;
while (true) {
HttpURLConnection.setFollowRedirects(followRedirects);
HttpURLConnection connection = null;
Response response = new Response(); Response response = new Response();
try { try {
connection = (HttpURLConnection) new URL(url).openConnection(); HttpGet h = new HttpGet(url);
connection.setConnectTimeout(Constants.HTTP_CONNECTION_TIMEOUT); CloseableHttpResponse r = client.execute(h);
connection.setReadTimeout(Constants.HTTP_READ_TIMEOUT); int status = r.getStatusLine().getStatusCode();
int status = connection.getResponseCode();
if (status == 200) { if (status == 200) {
if (readContent) {
StringWriter w = new StringWriter();
IOUtils.copy(connection.getInputStream(), w, "utf-8");
response.setContent(w.toString());
}
response.setSuccess(true); response.setSuccess(true);
HttpEntity entity = r.getEntity();
String c = IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8);
response.setContent(c);
} else if (status == 301 || status == 302) { } else if (status == 301 || status == 302) {
String location = URLDecoder.decode(connection.getHeaderField("Location"), "utf-8"); String location = r.getFirstHeader("Location").getValue();
response.setRedirectLocation(location); response.setRedirectLocation(location);
response.setSuccess(false); response.setSuccess(false);
} else { } else {
response.setError("invalid status code " + status); response.setError("invalid status code " + status);
response.setSuccess(false); response.setSuccess(false);
} }
return response;
} catch (Exception e) { } catch (Exception e) {
response.setError("exception " + e.getMessage()); response.setError("exception " + e.getMessage());
response.setSuccess(false); response.setSuccess(false);
} finally {
try {
client.close();
} catch (IOException e) {
}
}
retryCount--;
if (retryCount == 0) {
return response; return response;
} }
logger.info("Retrying " + url); private CloseableHttpClient createClient() {
return HttpClientBuilder.create()
.setRetryHandler(new DefaultHttpRequestRetryHandler(Constants.HTTP_RETRY, true))
.setDefaultRequestConfig(
RequestConfig.custom().setCookieSpec(CookieSpecs.IGNORE_COOKIES).build()
)
.build();
}
public Response isValid(String url) {
CloseableHttpClient client = createClient();
Response response = new Response();
try {
HttpHead h = new HttpHead(url);
CloseableHttpResponse r = client.execute(h);
int status = r.getStatusLine().getStatusCode();
if (status == 200) {
response.setSuccess(true);
} else if (status == 301 || status == 302) {
String location = r.getFirstHeader("Location").getValue();
response.setRedirectLocation(location);
response.setSuccess(false);
} else {
response.setError("invalid status code " + status);
response.setSuccess(false);
}
} catch (Exception e) {
response.setError("exception " + e.getMessage());
response.setSuccess(false);
} finally { } finally {
if (connection != null) { try {
connection.disconnect(); client.close();
} } catch (IOException e) {
} }
} }
return response;
} }
public static class Response { public static class Response {

4
tests/src/test/java/org/keycloak/documentation/test/utils/LinkUtils.java
View file

@ -63,7 +63,7 @@ public class LinkUtils {
String anchor = link.contains("#") ? link.split("#")[1] : null; String anchor = link.contains("#") ? link.split("#")[1] : null;
String error = null; String error = null;
HttpUtils.Response response = http.load(link, anchor != null, false); HttpUtils.Response response = anchor != null ? http.load(link) : http.isValid(link);
if (response.getRedirectLocation() != null) { if (response.getRedirectLocation() != null) {
if (!validRedirect(response.getRedirectLocation(), ignoredLinkRedirects)) { if (!validRedirect(response.getRedirectLocation(), ignoredLinkRedirects)) {
@ -127,7 +127,7 @@ public class LinkUtils {
} }
if (!verifiedLinks.containsKey(image)) { if (!verifiedLinks.containsKey(image)) {
boolean valid = http.isValid(image); boolean valid = http.isValid(image).isSuccess();
if (valid) { if (valid) {
verifiedLinks.put(image, System.currentTimeMillis()); verifiedLinks.put(image, System.currentTimeMillis());

3
tests/src/test/resources/ignored-links
View file

@ -31,3 +31,6 @@ https://api.linkedin.com/v2/me
https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso-cd-dev/templates/${resource} https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso-cd-dev/templates/${resource}
https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso73-dev/templates/${resource} https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso73-dev/templates/${resource}
https://issues.redhat.com/secure/CreateIssueDetails* https://issues.redhat.com/secure/CreateIssueDetails*
https://developer.paypal.com/developer/applications
https://account.live.com/developers/applications/create
https://developer.twitter.com/apps/