Commit graph

279 commits

Author SHA1 Message Date
Stian Thorgersen
43f64e51c6 KEYCLOAK-4857
[RHSSO] async-http-servlet-3.0 missing in newest resteasy
2017-05-05 12:08:22 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
mposolda
457f183d46 KEYCLOAK-4705 Running test from IDE should log INFO to the console 2017-04-04 10:15:22 +02:00
Peter Nalyvayko
b2f10359c8 KEYCLOAK-4335: x509 client certificate authentication
Started on implementing cert thumbprint validation as a part of x509 auth flow. Added a prompt screen to give users a choice to either log in based on the identity extracted from X509 cert or to continue with normal browser login flow authentication; clean up some of the comments

x509 authentication for browser and direct grant flows. Implemented certificate to user mapping based on user attribute

Implemented CRL and OCSP certificate revocation checking and added corresponding configuration settings to set up responderURI (OCSP), a location of a file containing X509CRL entries and switiches to enable/disable revocation checking; reworked the certificate validation; removed superflous logging; changed the certificate authentication prompt page to automatically log in the user after 10 seconds if no response from user is received

Support for loading CRL from LDAP directory; finished the CRL checking using the distribution points in the certificate; updated the instructions how to add X509 authentication to keycloak authentication flows; minor styling changes

Stashing x509 unit test related changes; added the steps to configure mutual SSL in WildFly to the summary document

A minor fix to throw a security exception when unable to check cert revocation status using OCSP; continue working on README

Changes to the formating of the readme

Added a list of features to readme

Fixed a potential bug in X509 cert user authenticator that may cause NPE if the client certificate does not define keyusage or extended key usage extensions

Fixed compile time errors in X509 validators caused by the changes to the user credentials model in upstream master

Removed a superfluous file created when merging x509 and main branches

X509 authentication: removed the PKIX path validation as superflous

Reverted changes to the AbstractAttributeMapper introduced during merging of x509 branch into main

Merge the unit tests from x509 branch

added mockito dependency to services project; changes to the x509 authenticators to expose methods in order to support unit tests; added a default ctor to CertificateValidator class to support unit testing; updated the direct grant and browser x509 authenticators to report consistent status messages; unit tests to validate X509 direct grant and browser authenticators; fixed OCSP validation to throw an exception if the certificate chain contains a single certificate; fixed the CRL revocation validation to only use CRL distribution point validation only if configured

CRL and OSCP mock tests using mock netty server. Changed the certificate validator to better support unit testing.

changes to the mockserver dependency to explicitly exclude xercesImpl that was causing SAMLParsingTest to fail

Added a utility class to build v3 certificates with optional extensions to facilitate X509 unit testing; removed supoerfluous certificate date validity check (undertow should be checking the certificate dates during PKIX path validation anyway)

X509: changes to make configuring the user identity extraction simplier for users - new identity sources to map certificate CN and email (E) attributes from X500 subject and issuer names directly rather than using regular expressions to parse them

X509 fixed a compile error caused by the changes to the user model in master

Integration tests to validate X509 client certificate authentication

Minor tweaks to X509 client auth related integration tests

CRLs to support x509 client cert auth integration tests

X509: reverted the changes to testrealm.json and updated the test to configure the realm at runtime

X509 - changes to the testsuite project configuration to specify a path to a trust store used to test x509 direct grant flow; integration tests to validate x509 authentication in browser and direct grant flows; updated the client certificate to extend its validatity dates; x509 integration tests and authenticators have been refactored to use a common configuration class

X509 separated the browser and direct grant x509 authenction integration tests

x509 updated the authenticator provider test to remove no longer supported cert thumbprint authenticator

x509 removed the dependency on mockito

x509 re-implemented OCSP certificate revocation client used to check revocation status when logging in with x509 certificate to work around the dependency on Sun OCSP implementation; integration tests to verify OCSP revocation requests

index.txt.attr is needed by openssl to run a simple OCSP server

x509: minor grammar fixes

Add OCSP stub responder to integration tests

This commit adds OCSP stub responder needed for the integration tests,
and eliminates the need to run external OCSP responder in order to run
the OCSP in X509OCSPResponderTest.

Replace printStackTrece with logging

This commit replaces call to printStackTrace that will end up going to
the stderr with logging statement of WARN severity.

Remove unused imports

Removed unused imports in
org.keycloak.authentication.authenticators.x509 package.

Parameterized Hashtable variable

Removed unused CertificateFactory variable

Declared serialVersionUID for Serializable class

Removed unused CertificateBuilder class

The CertificateBuilder was not used anywhere in the code, removing it to
prevent technical debt.

Removing unused variable declaration

`response` variable is not used in the test, removed it.

Made sure InputStreams are closed

Even though the InputStreams are memory based, added try-with-resources
to make sure that they are closed.

Removed deprecated usage of URLEncoder

Replaced invocation of deprecated method from URLEncoder with Encode
from Keycloak util package.

Made it more clear how to control OCSP stub responder in the tests

X509 Certificate user authentication: moved the integration unit tests into their own directory to fix a failing travis test job

KEYCLOAK-4335: reduced the logging level; added the instructions how to run X.509 related tests to HOW-TO-RUN.md doc; removed README.md from x509 folder; removed no longer used ocsp profile and fixed the exclusion filter; refactored the x509 base test class that was broken by the recent changes to the integration tests

KEYCLOAK-4335: fixed a few issues after rebasing
2017-03-17 05:24:57 -04:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
Vaclav Muzikar
2175f66a30 KEYCLOAK-4553 Truststore not found in Arquillian tests in "other" module 2017-03-09 11:17:42 +01:00
Pavel Drozd
7ab67d205b Merge pull request #3903 from tkyjovsk/KEYCLOAK-4515
KEYCLOAK-4515 Make it possible to clean-up other DB types than mysql or postgres
2017-03-07 21:50:48 +01:00
mposolda
69e61398a6 KEYCLOAK-4520 Enable testsuite logging when running test from IDE 2017-03-02 10:50:50 +01:00
Tomas Kyjovsky
c94b7922aa Added profile jdbc-driver-depencency to arq. testsuite; changed jdbc module path from layers/base/com/${db} to layers/base/test/jdbc/${db} 2017-03-01 01:37:53 +01:00
mposolda
f6bc0806d5 KEYCLOAK-4368 Switch default WebDriver impl to htmlUnit 2017-02-20 21:52:15 +01:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
Pedro Igor
c19360c6f2 [KEYCLOAK-4203] - Removing references to Drools 2017-01-18 12:44:30 -02:00
Vaclav Muzikar
547f5ecfa6 KEYCLOAK-4230 Fix failing Arquillian tests in the "other" module 2017-01-16 10:59:02 +01:00
Pavel Drozd
3d9f11168e KEYCLOAK-4210: Added Fuse admin tests 2017-01-13 01:05:37 +01:00
Vlasta Ramik
b0644ce18c test for KEYCLOAK-4109 + fix AuthorizationDisabledInPreviewTest 2017-01-05 11:14:41 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
Tomas Kyjovsky
5ac4a852e1 Updated performance tests. Added app-profile-jee test application (from qs) to the testsuite. 2016-11-23 15:52:38 +01:00
Stian Thorgersen
6ec82865d3 Bump version to 2.4.1.Final-SNAPSHOT 2016-11-22 14:56:21 +01:00
Vlasta Ramik
50339f6f0e Test backwards compatibility of realm import 2016-11-16 13:17:04 +01:00
Vlasta Ramik
2b6811a366 migration tests - minor fix 2016-11-08 09:48:15 +01:00
Tomas Kyjovsky
d7c5f991c8 KEYCLOAK-3579: added ability to select keycloak.profile in testsuite 2016-11-02 15:58:01 +01:00
Vlasta Ramik
4bd567e610 add profile to tests module for testing migration for productized version 2016-10-31 09:29:16 +01:00
Vlasta Ramik
3ca836ffdc add profile for testing migration for productized version 2016-10-24 15:20:17 +02:00
Stian Thorgersen
c615674cbb Bump version 2016-10-21 07:03:15 +02:00
Marko Strukelj
c912f941e7 KEYCLOAK-2084 Client Registration CLI 2016-10-18 12:33:02 +02:00
Vlasta Ramik
b0448d1b6f KEYCLOAK-3589 Add support for manual upgrade of database schema to testsuite 2016-10-17 11:32:43 +02:00
Vlasta Ramik
bc2eb2b9ea KEYCLOAK-3489 KEYCLOAK-3609 2016-10-12 12:28:56 +02:00
mhajas
69f66edb5f KEYCLOAK-3604 Compile servlets and filters under JDK7 2016-09-29 09:51:12 +02:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Stian Thorgersen
22e85b11eb Merge pull request #3190 from vramik/KEYCLOAK-3489
KEYCLOAK-3489 Database migration testing
2016-09-05 15:19:24 +02:00
Vlasta Ramik
39fe439573 Database migration testing 2016-09-05 13:39:21 +02:00
Stian Thorgersen
7a77055e58 Merge pull request #3180 from mbaluch/master
A class to generate a single jUnit XML file. This file will be co…
2016-09-05 09:37:33 +02:00
Marek Baluch
c874f96228 A class which generates a single junit xml file. This file will be consumed by Polarion 2016-09-01 10:18:06 +02:00
Pedro Igor
ce78cc1d1c [KEYCLOAK-3472] - Multiple paths with the same name and tests 2016-08-31 21:04:36 -03:00
Stian Thorgersen
9ffd6548ce Merge pull request #3146 from mhajas/KEYCLOAK-3161
KEYCLOAK-3161 Migrate SAML adapter tests
2016-08-26 13:40:58 +02:00
Vaclav Muzikar
365a1b66c8 KEYCLOAK-3448 Stabilize Internationalization UI Test 2016-08-19 11:40:01 +02:00
mhajas
285a99d903 Migrate SAML adapter tests 2016-08-13 11:09:48 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
mhajas
824890323d Migrate SAML Filter tests to integration arquillian tests 2016-07-29 11:06:09 +02:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
fkiss
b50513a946 KEYCLOAK-2283 added email truststore test 2016-06-14 13:49:16 +02:00
Vlasta Ramik
a37d43714d support for smoke test - clean start domain mode 2016-05-23 13:29:05 +02:00
Vlasta Ramik
ef716b8b94 Add support for smoke test - clean start - standalone mode 2016-05-17 13:55:24 +02:00
mposolda
6a75aec6d8 Easier MariaDB support in tests 2016-05-04 23:08:30 +02:00
Stian Thorgersen
656161ff61 Merge pull request #2651 from mhajas/truststore
KEYCLOAK-2841 Trustore support in adapter tests
2016-04-20 06:57:01 +02:00
mhajas
77c37ccaf6 Trustore support in adapter tests + fix tests 2016-04-18 16:14:10 +02:00
Tomas Kyjovsky
92d9808cc0 Added module 'adapters/jboss/remote' with performance tests. 2016-04-18 14:10:36 +02:00
Bill Burke
b080e1e782 merge adapter-spi adapter-spi-public 2016-04-13 22:25:30 -04:00
Bill Burke
137edf9b1a Merge pull request #2587 from vramik/KEYCLOAK-2794
KEYCLOAK-2794 Change undertow-embedded version
2016-04-12 17:52:45 -04:00
Bill Burke
515ed226be Merge remote-tracking branch 'upstream/master' 2016-04-12 15:19:58 -04:00
Bill Burke
cca91dd175 public/private 2016-04-12 15:19:46 -04:00
Vlasta Ramik
36266b8574 Change undertow-embedded version from snapshot to released version 1.0.0.Alpha2 2016-04-12 09:40:57 +02:00
Pavel Drozd
ba788eb678 KEYCLOAK-2794 - changed version of undertow-embedded. 2016-04-11 08:04:19 +02:00
Vaclav Muzikar
4ce8b2431b KEYCLOAK-2732 2016-03-31 18:16:03 +02:00
Bill Burke
020d090aee Merge pull request #2430 from mstruk/assert-events
KEYCLOAK-2589 KEYCLOAK-2607 KEYCLOAK-2597 Port AssertEvents to integration-arquillian
2016-03-30 15:16:25 -04:00
Marko Strukelj
95d222348d KEYCLOAK-2589 Copy AssertEvents to Arquillian testsuite and modify to pull events from admin endpoints 2016-03-24 17:13:00 +01:00
Tomas Kyjovsky
f6dea6752c Arq. TestSuite Surefire config: failIfNoTests=false 2016-03-24 15:08:55 +01:00
Tomas Kyjovsky
a9c7bbd44c KEYCLOAK-2641 moved app-server configurations from adapter tests to servers/app-server module 2016-03-24 11:24:21 +01:00
Vaclav Muzikar
18b07190bf Add system property for test constants location
(cherry picked from commit f9afa13)
2016-03-22 12:17:13 +01:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
96967c0373 Merge pull request #2354 from vramik/KEYCLOAK-2586
KEYCLOAK-2586 - fix URL providers on classpath for graphene 2.1.0.Aplha3
2016-03-10 07:30:26 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
Vlasta Ramik
32b29bb130 KEYCLOAK-2586 - fix URL providers on classpath for graphene 2.1.0.Aplha3 2016-03-09 13:58:07 +01:00
mposolda
5772ea2b09 Added exclusion of old commons-io dependency as it's causing issues in some environments 2016-03-08 17:01:48 +01:00
mposolda
8371c256b2 KEYCLOAK-2611 Keycloak fails to start with Oracle DB 2016-03-08 13:49:19 +01:00
Stian Thorgersen
95d5ce9dd4 KEYCLOAK-2605 Revert upgrade of Arquillian Graphene 2016-03-07 08:38:39 +01:00
Vlasta Ramik
10e1b6206f KEYCLOAK-2586 - Update arquillian component versions to make screenshooter working 2016-03-03 13:39:10 +01:00
Stian Thorgersen
45b940ad2d Merge pull request #2308 from tkyjovsk/auth-server-eap7-cluster
KEYCLOAK-1679 Auth server eap7 cluster
2016-03-02 07:54:24 +01:00
Tomas Kyjovsky
73b6751219 KEYCLOAK-1679 added cluster profile for eap7 2016-03-01 16:13:12 +01:00
Tomas Kyjovsky
c65ed96bd7 Added property "auth.server.java.home" to the Arquillian testsuite. 2016-03-01 08:46:17 +01:00
Tomas Kyjovsky
aea35454bf Added simple test for JPA performance (with many users). 2016-02-26 02:24:20 +01:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
mhajas
2c1b13d6c2 Add tests for mod_auth_mellon 2016-02-19 11:53:19 +01:00
Tomas Kyjovsky
9fd9a1a5ad KEYCLOAK-1678 customizable server outputs to console 2016-02-15 23:56:44 +01:00
Stian Thorgersen
bb77c717c9 KEYCLOAK-2303
Update dependency versions to align with WildFly 10
2016-02-10 09:07:06 +01:00
Tomas Kyjovsky
4a8b19cfce KEYCLOAK-1678 Added initial cluster test for 2-node cluster. 2016-02-09 05:21:11 +01:00
Tomas Kyjovsky
a275a24797 Added auth-server-wildfly-cluster profile. 2016-02-08 16:12:47 +01:00
Tomas Kyjovsky
1c792ad769 Merge container-handling into cluster-testing 2016-02-07 21:37:13 +01:00
Tomas Kyjovsky
1752ac8e63 Refactoring of auth-server-* and auth server migration Maven profiles 2016-02-07 21:30:54 +01:00
Tomas Kyjovsky
89250a69fb KEYCLOAK-1678: H2TestEnricher for running H2 server instance during integration tests. 2016-02-07 19:39:30 +01:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
mhajas
6c5fb2a4aa Tests for mod_auth_mellon 2016-01-28 09:54:28 +01:00
Tomas Kyjovsky
6d7092ef4c Merge upstream-master into KEYCLOAK-1642
Conflicts:
	testsuite/integration-arquillian/tests/adapters/eap6/pom.xml
	testsuite/integration-arquillian/tests/adapters/pom.xml
2016-01-20 16:12:20 +01:00
Stian Thorgersen
d7ee63f3c1 Merge pull request #2065 from vramik/KEYCLOAK-2347
KEYCLOAK-2347: Test - Adapter - EAP 7.0
2016-01-20 14:18:58 +01:00
Stian Thorgersen
ddfeae39d0 Merge pull request #2055 from vramik/prod
KEYCLOAK-2340: Update arquillian testsuite for dr3 build
2016-01-20 09:09:35 +01:00
Tomas Kyjovsky
cc82c509c5 Reorganized arquillian testsuite modules. 2016-01-20 07:16:53 +01:00
Tomas Kyjovsky
1dd8a04703 Merge upstream-master into KEYCLOAK-1642 2016-01-19 17:33:20 +01:00
Vlasta Ramik
6d872f0c03 KEYCLOAK-2347: Test - Adapter - EAP 7.0 2016-01-19 13:59:07 +01:00
Vlasta Ramik
0211798161 KEYCLOAK-2340: Update arquillian testsuite for dr3 build 2016-01-19 11:09:08 +01:00
Tomas Kyjovsky
52af74f051 KEYCLOAK-2127 Added missing definition of "jboss.server.config.dir" property. 2016-01-18 19:33:32 +01:00
Tomas Kyjovsky
3e35f83eb3 Merge upstream-master into refactoring 2016-01-18 18:13:19 +01:00
Tomas Kyjovsky
2650cc152d Moved admin UI tests to separate module. 2016-01-18 16:02:24 +01:00
Stian Thorgersen
435980d776 KEYCLOAK-1809
Upgrade jackson to version 2.x
2016-01-14 16:34:30 +01:00
Vlasta Ramik
36461aabc1 renamed version.eap6.server.dist proprty to version.server.dist, removed auth-server-eap6 profile 2016-01-13 15:37:30 +01:00
Vlasta Ramik
6dd7634a77 Merge remote-tracking branch 'upstream/master' into prod
Conflicts:
	testsuite/integration-arquillian/tests/adapters/eap6/pom.xml
	testsuite/integration-arquillian/tests/adapters/eap6/src/main/xslt/standalone.xsl
2016-01-13 12:09:34 +01:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
Vlasta Ramik
6c3c08e711 add installing adapter tests via cli scripts, checking server log 2016-01-12 14:31:28 +01:00
Vlasta Ramik
bd8e662f88 fixed copy-admin-user-json-file 2016-01-08 16:13:15 +01:00
Vlasta Ramik
c5fc4c0805 Merge remote-tracking branch 'upstream/master' into prod 2016-01-08 11:36:46 +01:00
vramik
48be6070d0 add support for prod bits 2016-01-08 11:13:59 +01:00
mhajas
54712e29aa Use user script for admin user creating 2016-01-07 11:24:51 +01:00
vramik
53ca4b9294 integration-arquillian prod: add support for non default firefox 2015-12-17 10:27:42 +01:00
vramik
e1de2c0661 integration-arquillian: add support for prod testing 2015-12-15 13:14:30 +01:00
Pavel Drozd
b466cec4e5 Merge pull request #1940 from vramik/master
arquillian-testsuite: updated screenshooter version
2015-12-11 15:32:51 +01:00
vramik
9956f425eb arquillian-testsuite: updated screenshooter version 2015-12-11 12:15:27 +01:00
Pavel Drozd
3f51f620b7 Support for testing ssl-required. 2015-12-10 07:21:23 +01:00
Tomas Kyjovsky
6507f58b49 Merge upstream-master 2015-12-02 16:11:45 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
Tomas Kyjovsky
4e79dde17f Removed travis profile from arq. testsuite. 2015-12-01 17:29:28 +01:00
Tomas Kyjovsky
ed30c4454a Increased arquillian timeouts for travis. 2015-11-30 17:09:57 +01:00
Tomas Kyjovsky
a8317e0cc2 1) Pageload timeout set to 60s. Other timeouts set by arq props in arquillian.xml 2) Refactoring: FlashMessage --> AdminConsoleAlert and AccountManagementAlert 2015-11-30 16:43:18 +01:00
Stian Thorgersen
41c9289f14 KEYCLOAK-1749 Moved clien registration api 2015-11-18 15:09:32 +01:00
Tomas Kyjovsky
e1ba26bcae KEYCLOAK-1661 Added support for testing adapters/examples on fuse 6.2. Moved CustomKarafContainer from the base module to the adapters/karaf module. 2015-11-10 13:39:59 +01:00
Tomas Kyjovsky
027311c0c0 Adapter tests for Karaf: Fuse Example installation now done via JMX instead of maven-karaf plugin. Needed for testing on Fuse. 2015-11-06 13:03:42 +01:00
vramik
d26cfcda42 arquillian testsuite, migration test: update execution of dependency plugin for migration scenario 2015-11-02 11:56:26 +01:00
vramik
84da341912 arquillian testsuite, migration test: add support for 1.5.1.Final 2015-10-29 14:48:05 +01:00
vramik
03acad9b9d arquillian testsuite: increased startup timeout for containers 2015-10-29 13:41:38 +01:00
vramik
e6620ca005 arquillian-testsuite added initial version of migration test 2015-10-27 14:31:15 +01:00
vramik
f823b17b90 add path for migration test realm 2015-10-22 14:04:50 +02:00
vramik
edfc7ea103 add support for migration tests - KC1.6.0.Final 2015-10-20 17:00:57 +02:00
Stian Thorgersen
3f8312427a Version bump 2015-10-19 16:15:29 +02:00
vramik
4c33704c56 add support for migration kc1.5.1 2015-10-18 16:01:26 +02:00
Stian Thorgersen
366a1629e5 KEYCLOAK-1749 Client registration service and client java api 2015-10-08 11:55:42 +02:00
Tomas Kyjovsky
0c80255f3a FIxed compilation error of arquillian tests by adding keycloak-adapter-spi dependency. 2015-09-24 21:57:02 +02:00
Stian Thorgersen
7d239f8990 Make it possible to set hibernate spec artifact id with a property in parent pom 2015-09-23 15:36:40 +02:00
Tomas Kyjovsky
e16cc493d2 Updates and refactoring of arquillian testsuite. 2015-09-18 14:27:28 +02:00