-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
bfedd50
commit 05ca120
Showing
3 changed files
with
150 additions
and
119 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,135 +4,27 @@ | |
| import static org.junit.jupiter.api.Assertions.assertNull; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.ArrayList; | ||
| import java.util.Arrays; | ||
| import java.util.List; | ||
|
|
||
| import org.hamcrest.Matchers; | ||
| import org.junit.jupiter.api.AfterAll; | ||
| import org.junit.jupiter.api.BeforeAll; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.keycloak.representations.AccessTokenResponse; | ||
| import org.keycloak.representations.idm.ClientRepresentation; | ||
| import org.keycloak.representations.idm.CredentialRepresentation; | ||
| import org.keycloak.representations.idm.RealmRepresentation; | ||
| import org.keycloak.representations.idm.RoleRepresentation; | ||
| import org.keycloak.representations.idm.RolesRepresentation; | ||
| import org.keycloak.representations.idm.UserRepresentation; | ||
| import org.keycloak.util.JsonSerialization; | ||
|
|
||
| import com.gargoylesoftware.htmlunit.SilentCssErrorHandler; | ||
| import com.gargoylesoftware.htmlunit.WebClient; | ||
| import com.gargoylesoftware.htmlunit.html.HtmlForm; | ||
| import com.gargoylesoftware.htmlunit.html.HtmlPage; | ||
| import com.gargoylesoftware.htmlunit.util.Cookie; | ||
|
|
||
| import io.quarkus.test.common.QuarkusTestResource; | ||
| import io.quarkus.test.junit.QuarkusTest; | ||
| import io.restassured.RestAssured; | ||
|
|
||
| /** | ||
| * @author <a href="mailto:[email protected]">Pedro Igor</a> | ||
| */ | ||
| @QuarkusTest | ||
| @QuarkusTestResource(KeycloakRealmResourceManager.class) | ||
| public class CodeFlowTest { | ||
|
|
||
| private static final String KEYCLOAK_SERVER_URL = System.getProperty("keycloak.url", "http://localhost:8180/auth"); | ||
| private static final String KEYCLOAK_REALM = "quarkus"; | ||
|
|
||
| @BeforeAll | ||
| public static void configureKeycloakRealm() throws IOException { | ||
| RealmRepresentation realm = createRealm(KEYCLOAK_REALM); | ||
|
|
||
| realm.getClients().add(createClient("quarkus-app")); | ||
| realm.getUsers().add(createUser("alice", "user")); | ||
| realm.getUsers().add(createUser("admin", "user", "admin")); | ||
| realm.getUsers().add(createUser("jdoe", "user", "confidential")); | ||
|
|
||
| RestAssured | ||
| .given() | ||
| .auth().oauth2(getAdminAccessToken()) | ||
| .contentType("application/json") | ||
| .body(JsonSerialization.writeValueAsBytes(realm)) | ||
| .when() | ||
| .post(KEYCLOAK_SERVER_URL + "/admin/realms").then() | ||
| .statusCode(201); | ||
| } | ||
|
|
||
| @AfterAll | ||
| public static void removeKeycloakRealm() { | ||
| RestAssured | ||
| .given() | ||
| .auth().oauth2(getAdminAccessToken()) | ||
| .when() | ||
| .delete(KEYCLOAK_SERVER_URL + "/admin/realms/" + KEYCLOAK_REALM).thenReturn().prettyPrint(); | ||
| } | ||
|
|
||
| private static String getAdminAccessToken() { | ||
| return RestAssured | ||
| .given() | ||
| .param("grant_type", "password") | ||
| .param("username", "admin") | ||
| .param("password", "admin") | ||
| .param("client_id", "admin-cli") | ||
| .when() | ||
| .post(KEYCLOAK_SERVER_URL + "/realms/master/protocol/openid-connect/token") | ||
| .as(AccessTokenResponse.class).getToken(); | ||
| } | ||
|
|
||
| private static RealmRepresentation createRealm(String name) { | ||
| RealmRepresentation realm = new RealmRepresentation(); | ||
|
|
||
| realm.setRealm(name); | ||
| realm.setEnabled(true); | ||
| realm.setUsers(new ArrayList<>()); | ||
| realm.setClients(new ArrayList<>()); | ||
| realm.setSsoSessionMaxLifespan(2); // sec | ||
| realm.setAccessTokenLifespan(3); // 3 seconds | ||
|
|
||
| RolesRepresentation roles = new RolesRepresentation(); | ||
| List<RoleRepresentation> realmRoles = new ArrayList<>(); | ||
|
|
||
| roles.setRealm(realmRoles); | ||
| realm.setRoles(roles); | ||
|
|
||
| realm.getRoles().getRealm().add(new RoleRepresentation("user", null, false)); | ||
| realm.getRoles().getRealm().add(new RoleRepresentation("admin", null, false)); | ||
| realm.getRoles().getRealm().add(new RoleRepresentation("confidential", null, false)); | ||
|
|
||
| return realm; | ||
| } | ||
|
|
||
| private static ClientRepresentation createClient(String clientId) { | ||
| ClientRepresentation client = new ClientRepresentation(); | ||
|
|
||
| client.setClientId(clientId); | ||
| client.setPublicClient(true); | ||
| client.setDirectAccessGrantsEnabled(true); | ||
| client.setEnabled(true); | ||
| client.setRedirectUris(Arrays.asList("*")); | ||
|
|
||
| return client; | ||
| } | ||
|
|
||
| private static UserRepresentation createUser(String username, String... realmRoles) { | ||
| UserRepresentation user = new UserRepresentation(); | ||
|
|
||
| user.setUsername(username); | ||
| user.setEnabled(true); | ||
| user.setCredentials(new ArrayList<>()); | ||
| user.setRealmRoles(Arrays.asList(realmRoles)); | ||
|
|
||
| CredentialRepresentation credential = new CredentialRepresentation(); | ||
|
|
||
| credential.setType(CredentialRepresentation.PASSWORD); | ||
| credential.setValue(username); | ||
| credential.setTemporary(false); | ||
|
|
||
| user.getCredentials().add(credential); | ||
|
|
||
| return user; | ||
| } | ||
|
|
||
| @Test | ||
| public void testCodeFlowNoConsent() throws IOException { | ||
| try (final WebClient webClient = createWebClient()) { | ||
|
|
||
128 changes: 128 additions & 0 deletions
128
...sts/oidc-code-flow/src/test/java/io/quarkus/it/keycloak/KeycloakRealmResourceManager.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,128 @@ | ||
| package io.quarkus.it.keycloak; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.ArrayList; | ||
| import java.util.Arrays; | ||
| import java.util.Collections; | ||
| import java.util.List; | ||
| import java.util.Map; | ||
|
|
||
| import org.keycloak.representations.AccessTokenResponse; | ||
| import org.keycloak.representations.idm.ClientRepresentation; | ||
| import org.keycloak.representations.idm.CredentialRepresentation; | ||
| import org.keycloak.representations.idm.RealmRepresentation; | ||
| import org.keycloak.representations.idm.RoleRepresentation; | ||
| import org.keycloak.representations.idm.RolesRepresentation; | ||
| import org.keycloak.representations.idm.UserRepresentation; | ||
| import org.keycloak.util.JsonSerialization; | ||
|
|
||
| import io.quarkus.test.common.QuarkusTestResourceLifecycleManager; | ||
| import io.restassured.RestAssured; | ||
|
|
||
| public class KeycloakRealmResourceManager implements QuarkusTestResourceLifecycleManager { | ||
|
|
||
| private static final String KEYCLOAK_SERVER_URL = System.getProperty("keycloak.url", "http://localhost:8180/auth"); | ||
| private static final String KEYCLOAK_REALM = "quarkus"; | ||
|
|
||
| @Override | ||
| public Map<String, String> start() { | ||
|
|
||
| try { | ||
|
|
||
| RealmRepresentation realm = createRealm(KEYCLOAK_REALM); | ||
|
|
||
| realm.getClients().add(createClient("quarkus-app")); | ||
| realm.getUsers().add(createUser("alice", "user")); | ||
| realm.getUsers().add(createUser("admin", "user", "admin")); | ||
| realm.getUsers().add(createUser("jdoe", "user", "confidential")); | ||
|
|
||
| RestAssured | ||
| .given() | ||
| .auth().oauth2(getAdminAccessToken()) | ||
| .contentType("application/json") | ||
| .body(JsonSerialization.writeValueAsBytes(realm)) | ||
| .when() | ||
| .post(KEYCLOAK_SERVER_URL + "/admin/realms").then() | ||
| .statusCode(201); | ||
| } catch (IOException e) { | ||
| throw new RuntimeException(e); | ||
| } | ||
| return Collections.emptyMap(); | ||
| } | ||
|
|
||
| private static String getAdminAccessToken() { | ||
| return RestAssured | ||
| .given() | ||
| .param("grant_type", "password") | ||
| .param("username", "admin") | ||
| .param("password", "admin") | ||
| .param("client_id", "admin-cli") | ||
| .when() | ||
| .post(KEYCLOAK_SERVER_URL + "/realms/master/protocol/openid-connect/token") | ||
| .as(AccessTokenResponse.class).getToken(); | ||
| } | ||
|
|
||
| private static RealmRepresentation createRealm(String name) { | ||
| RealmRepresentation realm = new RealmRepresentation(); | ||
|
|
||
| realm.setRealm(name); | ||
| realm.setEnabled(true); | ||
| realm.setUsers(new ArrayList<>()); | ||
| realm.setClients(new ArrayList<>()); | ||
| realm.setSsoSessionMaxLifespan(2); // sec | ||
| realm.setAccessTokenLifespan(3); // 3 seconds | ||
|
|
||
| RolesRepresentation roles = new RolesRepresentation(); | ||
| List<RoleRepresentation> realmRoles = new ArrayList<>(); | ||
|
|
||
| roles.setRealm(realmRoles); | ||
| realm.setRoles(roles); | ||
|
|
||
| realm.getRoles().getRealm().add(new RoleRepresentation("user", null, false)); | ||
| realm.getRoles().getRealm().add(new RoleRepresentation("admin", null, false)); | ||
| realm.getRoles().getRealm().add(new RoleRepresentation("confidential", null, false)); | ||
|
|
||
| return realm; | ||
| } | ||
|
|
||
| private static ClientRepresentation createClient(String clientId) { | ||
| ClientRepresentation client = new ClientRepresentation(); | ||
|
|
||
| client.setClientId(clientId); | ||
| client.setPublicClient(true); | ||
| client.setDirectAccessGrantsEnabled(true); | ||
| client.setEnabled(true); | ||
| client.setRedirectUris(Arrays.asList("*")); | ||
|
|
||
| return client; | ||
| } | ||
|
|
||
| private static UserRepresentation createUser(String username, String... realmRoles) { | ||
| UserRepresentation user = new UserRepresentation(); | ||
|
|
||
| user.setUsername(username); | ||
| user.setEnabled(true); | ||
| user.setCredentials(new ArrayList<>()); | ||
| user.setRealmRoles(Arrays.asList(realmRoles)); | ||
|
|
||
| CredentialRepresentation credential = new CredentialRepresentation(); | ||
|
|
||
| credential.setType(CredentialRepresentation.PASSWORD); | ||
| credential.setValue(username); | ||
| credential.setTemporary(false); | ||
|
|
||
| user.getCredentials().add(credential); | ||
|
|
||
| return user; | ||
| } | ||
|
|
||
| @Override | ||
| public void stop() { | ||
|
|
||
| RestAssured | ||
| .given() | ||
| .auth().oauth2(getAdminAccessToken()) | ||
| .when() | ||
| .delete(KEYCLOAK_SERVER_URL + "/admin/realms/" + KEYCLOAK_REALM).thenReturn().prettyPrint(); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters