KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. (#5738)

2018-11-19 17:32:21 +01:00 · 2018-11-19 17:32:21 +01:00 · f3bf1456ab
commit f3bf1456ab
parent 548950ed8e
4 changed files with 19 additions and 7 deletions
--- a/common/src/main/java/org/keycloak/common/Profile.java
+++ b/common/src/main/java/org/keycloak/common/Profile.java
@ -47,10 +47,10 @@ public class Profile {
        ADMIN_FINE_GRAINED_AUTHZ(Type.PREVIEW),
        DOCKER(Type.DISABLED_BY_DEFAULT),
        IMPERSONATION(Type.DEFAULT),
-        OPENSHIFT_INTEGRATION(Type.DEFAULT),
+        OPENSHIFT_INTEGRATION(Type.PREVIEW),
        SCRIPTS(Type.PREVIEW),
        TOKEN_EXCHANGE(Type.PREVIEW),
-        AUTHZ_DROOLS_POLICY(Type.PREVIEW);;
+        AUTHZ_DROOLS_POLICY(Type.PREVIEW);

        private Type type;

@ -106,7 +106,7 @@ public class Profile {
                    break;
                case PREVIEW:
                    previewFeatures.add(f);
-                    if (enabled == null || !enabled) {
+                    if ((enabled == null || !enabled) && !profile.equals(ProfileValue.PREVIEW)) {
                        disabledFeatures.add(f);
                    } else {
                        logger.info("Preview feature enabled: " + f.name().toLowerCase());
--- a/common/src/test/java/org/keycloak/common/ProfileTest.java
+++ b/common/src/test/java/org/keycloak/common/ProfileTest.java
@ -22,8 +22,8 @@ public class ProfileTest {
    @Test
    public void checkDefaults() {
        Assert.assertEquals("community", Profile.getName());
-        assertEquals(Profile.getDisabledFeatures(), Profile.Feature.ACCOUNT2, Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.DOCKER, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY);
-        assertEquals(Profile.getPreviewFeatures(), Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY);
+        assertEquals(Profile.getDisabledFeatures(), Profile.Feature.ACCOUNT2, Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.DOCKER, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY, Profile.Feature.OPENSHIFT_INTEGRATION);
+        assertEquals(Profile.getPreviewFeatures(), Profile.Feature.ACCOUNT_API, Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ, Profile.Feature.SCRIPTS, Profile.Feature.TOKEN_EXCHANGE, Profile.Feature.AUTHZ_DROOLS_POLICY, Profile.Feature.OPENSHIFT_INTEGRATION);
        assertEquals(Profile.getExperimentalFeatures(), Profile.Feature.ACCOUNT2);
    }

@ -31,6 +31,7 @@ public class ProfileTest {
    public void configWithSystemProperties() {
        Assert.assertEquals("community", Profile.getName());
        Assert.assertFalse(Profile.isFeatureEnabled(Profile.Feature.DOCKER));
+        Assert.assertFalse(Profile.isFeatureEnabled(Profile.Feature.OPENSHIFT_INTEGRATION));
        Assert.assertTrue(Profile.isFeatureEnabled(Profile.Feature.IMPERSONATION));

        System.setProperty("keycloak.profile", "preview");
@ -41,6 +42,7 @@ public class ProfileTest {

        Assert.assertEquals("preview", Profile.getName());
        Assert.assertTrue(Profile.isFeatureEnabled(Profile.Feature.DOCKER));
+        Assert.assertTrue(Profile.isFeatureEnabled(Profile.Feature.OPENSHIFT_INTEGRATION));
        Assert.assertFalse(Profile.isFeatureEnabled(Profile.Feature.IMPERSONATION));

        System.getProperties().remove("keycloak.profile");
@ -73,6 +75,7 @@ public class ProfileTest {

        Assert.assertEquals("preview", Profile.getName());
        Assert.assertTrue(Profile.isFeatureEnabled(Profile.Feature.DOCKER));
+        Assert.assertTrue(Profile.isFeatureEnabled(Profile.Feature.OPENSHIFT_INTEGRATION));
        Assert.assertFalse(Profile.isFeatureEnabled(Profile.Feature.IMPERSONATION));

        System.getProperties().remove("jboss.server.config.dir");
--- a/services/src/main/java/org/keycloak/protocol/openshift/OpenShiftTokenReviewEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/openshift/OpenShiftTokenReviewEndpoint.java
@ -17,6 +17,7 @@
 package org.keycloak.protocol.openshift;

 import org.keycloak.TokenVerifier;
+import org.keycloak.common.Profile;
 import org.keycloak.common.VerificationException;
 import org.keycloak.crypto.SignatureProvider;
 import org.keycloak.crypto.SignatureVerifierContext;
@ -30,6 +31,7 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.oidc.TokenManager;
 import org.keycloak.protocol.oidc.ext.OIDCExtProvider;
 import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil;
+import org.keycloak.provider.EnvironmentDependentProviderFactory;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.Urls;
@ -47,7 +49,7 @@ import java.util.List;
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
-public class OpenShiftTokenReviewEndpoint implements OIDCExtProvider {
+public class OpenShiftTokenReviewEndpoint implements OIDCExtProvider, EnvironmentDependentProviderFactory {

    private KeycloakSession session;
    private TokenManager tokenManager;
@ -169,4 +171,8 @@ public class OpenShiftTokenReviewEndpoint implements OIDCExtProvider {
        throw new ErrorResponseException(response);
    }

+    @Override
+    public boolean isSupported() {
+        return Profile.isFeatureEnabled(Profile.Feature.OPENSHIFT_INTEGRATION);
+    }
 }
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
@ -34,7 +34,6 @@ import org.keycloak.testsuite.util.UserBuilder;

 import javax.ws.rs.core.Response;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
@ -42,6 +41,8 @@ import java.util.Map;

 import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
 import static org.junit.Assert.*;
+import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
+import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;

 public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakTest {

@ -76,6 +77,8 @@ public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakT

    @Before
    public void enablePassthroughAuthenticator() {
+        assumeFeatureEnabled(OPENSHIFT_INTEGRATION);
+
        if (!flowConfigured) {
            HashMap<String, String> data = new HashMap<>();
            data.put("newName", "testsuite-client-dummy");