Commit graph

145 commits

Author SHA1 Message Date
Martin Bartoš
7d04f8c071 Resolve some issues with dependencies 2021-12-06 09:42:10 +01:00
Bruno Oliveira da Silva
16db810b03 [KEYCLOAK-19754] - Update documentation files to remove problematic language in the main repository 2021-11-04 10:08:56 +01:00
Dominik
20b91c7d4f KEYCLOAK-13770 Fix Quarkus ScriptDeploymentTests, Hostnametests and tests relying on user attribute config 2021-09-27 15:19:45 -03:00
Tomas Kyjovsky
6db1c8204a KEYCLOAK-18393 SAMLAdapterCrossDCTest failures 2021-06-16 18:46:38 +02:00
Tomas Kyjovsky
2802740101 KEYCLOAK-13757 update JDG version to 8.1 - testsuite updates 2021-06-03 13:52:25 +02:00
Stian Thorgersen
c868e1b173 Update HOW-TO-RUN.md 2021-06-01 10:27:12 +02:00
Yoshiyuki Tabata
4c49d595cb Fix HOW-TO-RUN.md 2021-05-24 09:28:38 +02:00
Jan Lieskovsky
16ba4c0104 [KEYCLOAK-16723] Upgrade to Wildfly 22
Base fixes:
* [KEYCLOAK-16724] Upgrade Keycloak to Wildfly 22.0.0.Beta1 / Wildfly Core 14.0.0.Beta4
* [KEYCLOAK-16822] Upgrade Keycloak to Wildfly 22.0.0.Final / Wildfly Core 14.0.0.Final
* [KEYCLOAK-17158] Upgrade Keycloak to Wildfly 22.0.1.Final / Wildfly Core 14.0.1.Final

Other (related) fixes:
* [KEYCLOAK-16174] Upgrade (RH-SSO adapters) to EAP CD 21
* [KEYCLOAK-16202] Don't upgrade versions of httpclient and httpcore in the Fuse adapter
                   as part of the Wildfly upgrade script run
* [KEYCLOAK-16737] Keycloak core depends on org.bouncycastle:bcprov-jdk15on:1.65, which
                   suffers from CVE-2020-28052
* [KEYCLOAK-16907] ConfigMigrationTest fails after upgrade to Wildfly 22.0.0.Final
* [KEYCLOAK-17156] org.keycloak.test.config.migration.ConfigMigrationTest fails with
                   'illegal reflective access to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()'

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-04-29 12:36:03 +02:00
Martin Bartoš
24f1a9c5c4 KEYCLOAK-16583 Ignore tests which directly use WebAuthn Chrome testing feature 2020-12-14 16:39:32 +01:00
Stan Silvert
0afd55f32c KEYCLOAK-14547: Make New Account Console the default. 2020-11-23 20:56:05 +01:00
mposolda
95d4feedfd KEYCLOAK-14945 Improve the instructions for running the tests 2020-08-20 14:05:58 +02:00
Pedro Igor
d5348066cb [KEYCLOAK-14639] - Update ISPN schemas and how to run guide 2020-07-23 14:53:05 -03:00
Jan Lieskovsky
969b09f530 [KEYCLOAK-13692] Upgrade to Wildfly "20.0.1.Final" and Infinispan "10.1.8.Final"
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-07-20 22:15:08 +02:00
mhajas
93149d6b47 KEYCLOAK-14234 Adjust Adapter testsuite to work with app/auth.server.host including TLS configured 2020-07-20 11:22:16 +02:00
vmuzikar
001fe9eb11 KEYCLOAK-13206 Session Status iframe cannot access cookies when 3rd party cookies are blocked
Co-authored-by: mhajas <mhajas@redhat.com>
2020-06-30 17:11:20 -03:00
vmuzikar
d71e81ed5e KEYCLOAK-14235 Support for running broker tests with different hostnames for auth server and IdP 2020-06-17 14:13:00 +02:00
Pedro Igor
a8bad5b9bb [KEYCLOAK-11330] - Quarkus clustering tests 2020-06-16 10:07:24 -03:00
Pedro Igor
6ccde288a3 [KEYCLOAK-11330] - SSL Support 2020-06-09 08:43:52 +02:00
Douglas Palmer
33863ba161 KEYCLOAK-10162 Usage of ObjectInputStream without checking the object types
Co-authored-by: mposolda <mposolda@gmail.com>
2020-06-08 13:12:08 +02:00
mposolda
bc1146ac2f KEYCLOAK-10029 Offline token migration fix. Always test offline-token migration when run MigrationTest 2020-03-10 20:38:16 +01:00
vramik
83461d033b KEYCLOAK-11808 update testsuite to use current jdbc driver version for migration testing 2020-03-09 15:05:12 +01:00
mhajas
3f29c27e16 KEYCLOAK-12906 Describe how to run testsuite against openshift 2020-02-07 12:09:55 +01:00
vmuzikar
0801cfb01f KEYCLOAK-12105 Add UI tests for Single page to manage credentials 2020-02-04 15:18:52 -03:00
Marek Posolda
fa453e9c0c
KEYCLOAK-12278 Default first broker login flow is broken after migration (#6556) 2020-01-02 17:53:56 +01:00
AlistairDoswald
4553234f64 KEYCLOAK-11745 Multi-factor authentication (#6459)
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
stianst
b8881b8ea0 KEYCLOAK-11728 New default hostname provider
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
vramik
701ba1a408 KEYCLOAK-11891 Update How-TO-RUN file with instruction regarding remote server testing 2019-11-07 14:08:07 +01:00
Martin Bartoš
ad9641722f KEYCLOAK-11613 Chrome Testing API (#6385) 2019-10-18 10:50:28 +02:00
vmuzikar
1cdc5e1969 KEYCLOAK-11514 Add option to download specific WebDriver binaries versions 2019-09-26 09:54:30 -03:00
mposolda
a46bf708c0 KEYCLOAK-9947 KEYCLOAK-10451 Better support for DB manual migration test with DB provided by docker or dballocator plugin 2019-06-27 13:52:17 +02:00
mposolda
a980629e66 KEYCLOAK-10295 Tweaks for MariaDB testing in docker container 2019-05-24 12:52:55 +02:00
mposolda
c77c061b47 KEYCLOAK-10291 Tweaks for MySQL docker testing. 2019-05-21 20:13:20 +02:00
mhajas
4fc2870e51 KEYCLOAK-9740 Wrongly set settings for nested maven run 2019-04-29 13:48:05 +02:00
mhajas
4272495d24 KEYCLOAK-9748 Refactoring of springBoot tests including addition of how to run docs 2019-04-23 20:43:16 +02:00
Sebastian Laskawiec
0042726dd8 KEYCLOAK-9601 KEYCLOAK-9602 Jetty 8.1 and 9.1 removal
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-04-16 11:21:29 +02:00
vramik
e2d69632e9 KEYCLOAK-10004 refactor fuse adapter tests 2019-04-16 10:11:27 +02:00
Peter Skopek
92567d5a77 KEYCLOAK-8347 Welcome page test migration clean up 2019-04-11 21:52:52 +02:00
Sebastian Laskawiec
2e7f717e50 KEYCLOAK-9536 DB Allocator Plugin 2019-04-08 09:06:19 +02:00
Sebastian Laskawiec
996389d61b KEYCLOAK-9512 Run x509 tests by default 2019-03-14 15:38:14 +01:00
Grzegorz Grzybek
e01562d7cf [KEYCLOAK-9646] Increase import range for javax.servlet API to cover EAP 7.2, servlet-api 4.0
[KEYCLOAK-9646] Update HOW-TO-RUN.md for Fuse 7.1+ instructions
2019-03-12 15:14:34 +01:00
mhajas
8a750c7fca KEYCLOAK-6750 Adapt Tomcat adapter tests to new structure 2019-03-06 08:57:46 +01:00
Sebastian Laskawiec
406097a508 KEYCLOAK-6749 Jetty App Server 2019-03-05 15:21:48 +01:00
vramik
845275ef0f KEYCLOAK-9624 support for legacy driver for migration tests 2019-03-05 09:30:31 +01:00
Hynek Mlnarik
37ef47d6ab KEYCLOAK-9509 Upgrade to Wildfly 15
KEYCLOAK-9584 Update Wildfly Arquillian version

KEYCLOAK-9581: Fix CookiePathTests

KEYCLOAK-9607 CLI sripts and configuration files update

KEYCLOAK-9580 Fix component registration error

KEYCLOAK-9590 Update JDG to newest version

* Infinispan is using whatever version is set in root pom.xml.

KEYCLOAK-9509 Fix Undertow tests

Co-Authored-By: vramik <vramik@redhat.com>
Co-Authored-By: sebastienblanc <scm.blanc@gmail.com>
2019-02-25 08:56:46 +01:00
mposolda
e4d4159743 KEYCLOAK-9586 Fix cluster tests. Fix cross-dc tests on embedded undertow 2019-02-20 19:11:38 +01:00
Hynek Mlnarik
59430e7cd6 KEYCLOAK-9456 Docker support for testing with MSSQL, Oracle 11g 2019-02-08 19:31:45 +01:00
vmuzikar
191cbca7ad UI and Node.js adapter tests fixes 2019-02-08 08:57:48 -02:00
Sebastian Laskawiec
ee41a0450f KEYCLOAK-8349 KEYCLOAK-8659 Use TLS for all tests in the suite 2019-02-08 08:57:48 -02:00
vmuzikar
3e48fa1dbc KEYCLOAK-9023 Add support for Java 11 to the testsuite 2018-12-06 11:47:00 +01:00
vramik
8b122de425 KEYCLOAK-8951 Update HOW-TO-RUN.md regarding fuse7 testing 2018-11-28 07:01:43 +01:00
Bruno Oliveira da Silva
607bb1b995 [KEYCLOAK-8943] Fix instructions to run Fuse 7 integration tests 2018-11-23 17:15:42 +01:00
vramik
76e4253a21 KEYCLOAK-8670 remove support for migration.mode=import as there are separate tests 2018-10-31 18:07:20 +01:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
mposolda
60a8267576 KEYCLOAK-8530 KEYCLOAK-8531 Fix MigrationTest and migration from 2.5.5.Final and 3.4.3.Final 2018-10-15 16:38:24 +02:00
mposolda
4483677cdd KEYCLOAK-8529 Fix most of adapter tests on EAP6 2018-10-12 12:01:33 +02:00
vmuzikar
4268dd1777 KEYCLOAK-7742,KEYCLOAK-6332 Switch Admin Console UI tests to GeckoDriver 2018-09-20 10:32:59 +02:00
mposolda
f0ba8f6591 KEYCLOAK-8139 Added wildfly-deprecated module for adapters testing. Remove wildfly9 and wildfly10 2018-09-03 08:56:09 +02:00
mposolda
6fc99cd749 KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
sebastienblanc
02b2a8aab0 KEYCLOAK-7635 : Authenticate clients with x509 certificate 2018-08-13 09:36:02 +02:00
vmuzikar
65f51b7b83 KEYCLOAK-6736 Base UI tests for mobile and desktop browsers 2018-08-07 13:53:31 +02:00
vramik
559a8b2a2c KEYCLOAK-7588, KEYCLOAK-7589 - update HOW-TO-RUN 2018-06-28 16:27:38 +02:00
Hynek Mlnarik
530a710dce KEYCLOAK-7412 Tests for Fuse 7.0 2018-06-22 08:59:44 +02:00
vramik
6a07a7ed2c KEYCLOAK-6541 base changes 2018-06-11 13:46:59 +02:00
Takashi Norimatsu
c586c63533 KEYCLOAK-6771 Holder of Key mechanism
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
2018-06-05 08:18:29 +02:00
Vlastimil Eliáš
c1311e4619 KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn OAuth2 endpoint (#5125)
* KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn
OAuth2 endpoint

* KEYCLOAK-6849 - LinkedIn social login provider test updated

* KEYCLOAK-6849 - LinkedIn social login provider test updated to
conditionally handle consent page when shown only

* Simplify the LinkedIn app authorization

This reverts commit c12359e7a13d9ff231fe2e25cddba66ad679a9cd.
2018-04-13 08:09:27 +02:00
vmuzikar
340afb2a50 KEYCLOAK-6450 Stabilize WelcomePageTest 2018-02-02 13:08:52 +01:00
mposolda
f9e40326c1 KEYCLOAK-5961 Remove CrossDataCenter README file from codebase 2017-12-05 12:15:36 +01:00
mposolda
a98f085be6 KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis. 2017-11-09 17:39:04 +01:00
mposolda
bca4c35708 KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest 2017-10-04 13:25:45 +02:00
vramik
b0a1550df5 KEYCLOAK-5586 crossdc tests on Wildfly using real database 2017-10-04 12:00:18 +02:00
vramik
f806d4a5d6 KEYCLOAK-5586 Add support for testing cross dc tests on jboss-based containers 2017-10-03 14:01:45 +02:00
Petter Lysne
7f8b5e032a feat: added PayPal IDP (#4449) 2017-09-12 11:57:59 +02:00
Vaclav Muzikar
da9a88c45c KEYCLOAK-5229 Update testsuite dependencies 2017-08-23 15:36:29 +02:00
mposolda
868e76fcf3 KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers. 2017-08-11 17:44:00 +02:00
mposolda
0f7440d344 KEYCLOAK-4187 Fixes and tests related to sessions expiration and bulk removal in cross-dc environment 2017-08-10 08:29:59 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Josh Cain
89fcddd605 KEYCLOAK-3592 Docker auth implementation 2017-06-29 06:37:34 +02:00
Pavel Drozd
947254e14f Merge pull request #4222 from vmuzikar/KEYCLOAK-5055
KEYCLOAK-4787, KEYCLOAK-5055 Stabilize UI tests
2017-06-27 11:42:21 +02:00
Pavel Drozd
a7fbcaaef4 Merge pull request #4211 from vramik/KEYCLOAK-5027
KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers
2017-06-22 09:34:58 +02:00
vramik
5d72def1bc KEYCLOAK-4189 add possibility to use jdg as cache server 2017-06-15 12:57:25 +02:00
Hynek Mlnarik
bdadef1282 KEYCLOAK-4189 Fix in instructions for running Cross-DC tests 2017-06-14 14:36:10 +02:00
Vaclav Muzikar
35857bf649 KEYCLOAK-5055 Stabilize UI tests 2017-06-13 11:24:45 +02:00
Hynek Mlnarik
a0f3a6469f KEYCLOAK-4189 - Cross DC testing 2017-06-12 11:14:28 +02:00
vramik
7381ec456a KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers 2017-06-07 14:35:33 +02:00
mposolda
7d8796e614 KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes. 2017-05-11 22:24:07 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
mposolda
b81891f89b KEYCLOAK-4271 Migration test for offline tokens - manual mode 2017-04-25 09:18:33 +02:00
Peter Nalyvayko
b2f10359c8 KEYCLOAK-4335: x509 client certificate authentication
Started on implementing cert thumbprint validation as a part of x509 auth flow. Added a prompt screen to give users a choice to either log in based on the identity extracted from X509 cert or to continue with normal browser login flow authentication; clean up some of the comments

x509 authentication for browser and direct grant flows. Implemented certificate to user mapping based on user attribute

Implemented CRL and OCSP certificate revocation checking and added corresponding configuration settings to set up responderURI (OCSP), a location of a file containing X509CRL entries and switiches to enable/disable revocation checking; reworked the certificate validation; removed superflous logging; changed the certificate authentication prompt page to automatically log in the user after 10 seconds if no response from user is received

Support for loading CRL from LDAP directory; finished the CRL checking using the distribution points in the certificate; updated the instructions how to add X509 authentication to keycloak authentication flows; minor styling changes

Stashing x509 unit test related changes; added the steps to configure mutual SSL in WildFly to the summary document

A minor fix to throw a security exception when unable to check cert revocation status using OCSP; continue working on README

Changes to the formating of the readme

Added a list of features to readme

Fixed a potential bug in X509 cert user authenticator that may cause NPE if the client certificate does not define keyusage or extended key usage extensions

Fixed compile time errors in X509 validators caused by the changes to the user credentials model in upstream master

Removed a superfluous file created when merging x509 and main branches

X509 authentication: removed the PKIX path validation as superflous

Reverted changes to the AbstractAttributeMapper introduced during merging of x509 branch into main

Merge the unit tests from x509 branch

added mockito dependency to services project; changes to the x509 authenticators to expose methods in order to support unit tests; added a default ctor to CertificateValidator class to support unit testing; updated the direct grant and browser x509 authenticators to report consistent status messages; unit tests to validate X509 direct grant and browser authenticators; fixed OCSP validation to throw an exception if the certificate chain contains a single certificate; fixed the CRL revocation validation to only use CRL distribution point validation only if configured

CRL and OSCP mock tests using mock netty server. Changed the certificate validator to better support unit testing.

changes to the mockserver dependency to explicitly exclude xercesImpl that was causing SAMLParsingTest to fail

Added a utility class to build v3 certificates with optional extensions to facilitate X509 unit testing; removed supoerfluous certificate date validity check (undertow should be checking the certificate dates during PKIX path validation anyway)

X509: changes to make configuring the user identity extraction simplier for users - new identity sources to map certificate CN and email (E) attributes from X500 subject and issuer names directly rather than using regular expressions to parse them

X509 fixed a compile error caused by the changes to the user model in master

Integration tests to validate X509 client certificate authentication

Minor tweaks to X509 client auth related integration tests

CRLs to support x509 client cert auth integration tests

X509: reverted the changes to testrealm.json and updated the test to configure the realm at runtime

X509 - changes to the testsuite project configuration to specify a path to a trust store used to test x509 direct grant flow; integration tests to validate x509 authentication in browser and direct grant flows; updated the client certificate to extend its validatity dates; x509 integration tests and authenticators have been refactored to use a common configuration class

X509 separated the browser and direct grant x509 authenction integration tests

x509 updated the authenticator provider test to remove no longer supported cert thumbprint authenticator

x509 removed the dependency on mockito

x509 re-implemented OCSP certificate revocation client used to check revocation status when logging in with x509 certificate to work around the dependency on Sun OCSP implementation; integration tests to verify OCSP revocation requests

index.txt.attr is needed by openssl to run a simple OCSP server

x509: minor grammar fixes

Add OCSP stub responder to integration tests

This commit adds OCSP stub responder needed for the integration tests,
and eliminates the need to run external OCSP responder in order to run
the OCSP in X509OCSPResponderTest.

Replace printStackTrece with logging

This commit replaces call to printStackTrace that will end up going to
the stderr with logging statement of WARN severity.

Remove unused imports

Removed unused imports in
org.keycloak.authentication.authenticators.x509 package.

Parameterized Hashtable variable

Removed unused CertificateFactory variable

Declared serialVersionUID for Serializable class

Removed unused CertificateBuilder class

The CertificateBuilder was not used anywhere in the code, removing it to
prevent technical debt.

Removing unused variable declaration

`response` variable is not used in the test, removed it.

Made sure InputStreams are closed

Even though the InputStreams are memory based, added try-with-resources
to make sure that they are closed.

Removed deprecated usage of URLEncoder

Replaced invocation of deprecated method from URLEncoder with Encode
from Keycloak util package.

Made it more clear how to control OCSP stub responder in the tests

X509 Certificate user authentication: moved the integration unit tests into their own directory to fix a failing travis test job

KEYCLOAK-4335: reduced the logging level; added the instructions how to run X.509 related tests to HOW-TO-RUN.md doc; removed README.md from x509 folder; removed no longer used ocsp profile and fixed the exclusion filter; refactored the x509 base test class that was broken by the recent changes to the integration tests

KEYCLOAK-4335: fixed a few issues after rebasing
2017-03-17 05:24:57 -04:00
Vaclav Muzikar
f3e842fdd9 KEYCLOAK-4169 Instructions on how to run UI and Welcome Page tests 2017-03-10 11:26:21 +01:00
mposolda
69e61398a6 KEYCLOAK-4520 Enable testsuite logging when running test from IDE 2017-03-02 10:50:50 +01:00
mposolda
091b376624 KEYCLOAK-1590 Realm import per test class 2017-03-01 09:38:44 +01:00
mposolda
f6bc0806d5 KEYCLOAK-4368 Switch default WebDriver impl to htmlUnit 2017-02-20 21:52:15 +01:00
Stian Thorgersen
5b5dc3e442 KEYCLOAK-4265 Social login tests 2017-02-06 13:50:10 +01:00
mposolda
f92dd6bd16 KEYCLOAK-4339 MigrationTest fails to run 2017-01-31 16:00:16 +01:00
mposolda
5c5b7a33d3 KEYCLOAK-4169 Add initial testsuite how-to 2017-01-30 22:23:08 +01:00