Added keycloak-server test framework

Signed-off-by: Cem Nura <[email protected]>
quarkusio · Mar 28, 2021 · 6df24e3 · 6df24e3
1 parent f270fab
commit 6df24e3
Show file tree

Hide file tree

Showing 7 changed files with 155 additions and 123 deletions.
diff --git a/bom/application/pom.xml b/bom/application/pom.xml
@@ -688,6 +688,11 @@
                 <artifactId>quarkus-test-oidc-server</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>io.quarkus</groupId>
+                <artifactId>quarkus-test-keycloak-server</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>io.quarkus</groupId>
                 <artifactId>quarkus-oidc-deployment</artifactId>

diff --git a/integration-tests/oidc/pom.xml b/integration-tests/oidc/pom.xml
@@ -37,6 +37,11 @@
         </dependency>
 
         <!-- test dependencies -->
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-test-keycloak-server</artifactId>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>io.quarkus</groupId>
             <artifactId>quarkus-junit5</artifactId>
@@ -175,91 +180,6 @@
             </properties>
         </profile>
 
-        <profile>
-            <id>docker-keycloak</id>
-            <activation>
-                <property>
-                    <name>start-containers</name>
-                </property>
-            </activation>
-            <properties>
-                <keycloak.url>http://localhost:8180/auth</keycloak.url>
-                <keycloak.ssl.url>https://localhost:8543/auth</keycloak.ssl.url>
-            </properties>
-            <build>
-                <plugins>
-                    <plugin>
-                        <groupId>io.fabric8</groupId>
-                        <artifactId>docker-maven-plugin</artifactId>
-                        <configuration>
-                            <images>
-                                <image>
-                                    <name>${keycloak.docker.image}</name>
-                                    <alias>quarkus-test-keycloak</alias>
-                                    <run>
-                                        <ports>
-                                            <port>8180:8080</port>
-                                            <port>8543:8443</port>
-                                        </ports>
-                                        <env>
-                                            <KEYCLOAK_USER>admin</KEYCLOAK_USER>
-                                            <KEYCLOAK_PASSWORD>admin</KEYCLOAK_PASSWORD>
-                                        </env>
-                                        <log>
-                                            <prefix>Keycloak:</prefix>
-                                            <date>default</date>
-                                            <color>cyan</color>
-                                        </log>
-                                        <wait>
-                                            <!-- good docs found at: http://dmp.fabric8.io/#build-healthcheck -->
-                                            <http>
-                                                <url>http://localhost:8180</url>
-                                            </http>
-                                            <time>100000</time>
-                                        </wait>
-                                    </run>
-                                </image>
-                            </images>
-                            <allContainers>true</allContainers>
-                        </configuration>
-                        <executions>
-                            <execution>
-                                <id>docker-start</id>
-                                <phase>compile</phase>
-                                <goals>
-                                    <goal>stop</goal>
-                                    <goal>start</goal>
-                                </goals>
-                            </execution>
-                            <execution>
-                                <id>docker-stop</id>
-                                <phase>post-integration-test</phase>
-                                <goals>
-                                    <goal>stop</goal>
-                                </goals>
-                            </execution>
-                        </executions>
-                    </plugin>
-                    <plugin>
-                        <groupId>org.codehaus.mojo</groupId>
-                        <artifactId>exec-maven-plugin</artifactId>
-                        <executions>
-                            <execution>
-                                <id>docker-prune</id>
-                                <phase>generate-resources</phase>
-                                <goals>
-                                    <goal>exec</goal>
-                                </goals>
-                                <configuration>
-                                    <executable>${docker-prune.location}</executable>
-                                </configuration>
-                            </execution>
-                        </executions>
-                    </plugin>
-                </plugins>
-            </build>
-        </profile>
-
     </profiles>
 
 </project>
diff --git a/integration-tests/oidc/src/main/resources/application.properties b/integration-tests/oidc/src/main/resources/application.properties
@@ -1,6 +1,6 @@
 # Configuration file
 quarkus.oidc.auth-server-url=${keycloak.ssl.url}/realms/quarkus/
-quarkus.oidc.client-id=quarkus-app
+quarkus.oidc.client-id=quarkus-service-app
 quarkus.oidc.credentials.secret=secret
 quarkus.oidc.token.principal-claim=email
 quarkus.oidc.tls.verification=none

diff --git a/...gration-tests/oidc/src/test/java/io/quarkus/it/keycloak/BearerTokenAuthorizationTest.java b/...gration-tests/oidc/src/test/java/io/quarkus/it/keycloak/BearerTokenAuthorizationTest.java
@@ -1,7 +1,7 @@
 package io.quarkus.it.keycloak;
 
-import static io.quarkus.it.keycloak.KeycloakRealmResourceManager.getAccessToken;
-import static io.quarkus.it.keycloak.KeycloakRealmResourceManager.getRefreshToken;
+import static io.quarkus.test.keycloak.server.KeycloakTestResourceLifecycleManager.getAccessToken;
+import static io.quarkus.test.keycloak.server.KeycloakTestResourceLifecycleManager.getRefreshToken;
 import static org.awaitility.Awaitility.await;
 import static org.hamcrest.Matchers.equalTo;
 
@@ -16,13 +16,14 @@
 
 import io.quarkus.test.common.QuarkusTestResource;
 import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.keycloak.server.KeycloakTestResourceLifecycleManager;
 import io.restassured.RestAssured;
 
 /**
  * @author <a href="mailto:[email protected]">Pedro Igor</a>
  */
 @QuarkusTest
-@QuarkusTestResource(KeycloakRealmResourceManager.class)
+@QuarkusTestResource(KeycloakTestResourceLifecycleManager.class)
 public class BearerTokenAuthorizationTest {
 
     @Test

diff --git a/test-framework/keycloak-server/pom.xml b/test-framework/keycloak-server/pom.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>io.quarkus</groupId>
+        <artifactId>quarkus-test-framework</artifactId>
+        <version>999-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>quarkus-test-keycloak-server</artifactId>
+    <name>Quarkus - Test Framework - Keycloak Server support</name>
+    <dependencies>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-adapter-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.testcontainers</groupId>
+            <artifactId>testcontainers</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.rest-assured</groupId>
+            <artifactId>rest-assured</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>io.rest-assured</groupId>
+                    <artifactId>xml-path</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>io.quarkus</groupId>
+            <artifactId>quarkus-test-common</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.testcontainers</groupId>
+            <artifactId>testcontainers</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/...eycloak/KeycloakRealmResourceManager.java → ...KeycloakTestResourceLifecycleManager.java b/...eycloak/KeycloakRealmResourceManager.java → ...KeycloakTestResourceLifecycleManager.java
@@ -1,9 +1,9 @@
-package io.quarkus.it.keycloak;
+package io.quarkus.test.keycloak.server;
 
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -15,29 +15,51 @@
 import org.keycloak.representations.idm.RolesRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.util.JsonSerialization;
+import org.testcontainers.containers.GenericContainer;
+import org.testcontainers.containers.wait.strategy.Wait;
 
 import io.quarkus.test.common.QuarkusTestResourceLifecycleManager;
 import io.restassured.RestAssured;
 
-public class KeycloakRealmResourceManager implements QuarkusTestResourceLifecycleManager {
+public class KeycloakTestResourceLifecycleManager implements QuarkusTestResourceLifecycleManager {
 
-    private static final String KEYCLOAK_SERVER_URL = System.getProperty("keycloak.ssl.url", "https://localhost:8543/auth");
-    private static final String KEYCLOAK_REALM = "quarkus";
+    private GenericContainer keycloak;
+
+    private static String KEYCLOAK_SERVER_URL;
+    private static final String KEYCLOAK_REALM = "quarkus-service-realm";
+    private static final String KEYCLOAK_DOCKER_IMAGE = System.getProperty("keycloak.docker.image",
+            "quay.io/keycloak/keycloak:12.0.4");
 
     static {
         RestAssured.useRelaxedHTTPSValidation();
     }
 
     @Override
     public Map<String, String> start() {
+        keycloak = new GenericContainer(KEYCLOAK_DOCKER_IMAGE)
+                .withExposedPorts(8080, 8443)
+                .withEnv("DB_VENDOR", "H2")
+                .withEnv("KEYCLOAK_USER", "admin")
+                .withEnv("KEYCLOAK_PASSWORD", "admin")
+                .waitingFor(Wait.forHttp("/auth").forPort(8080));
+
+        keycloak.start();
+
+        KEYCLOAK_SERVER_URL = "https://localhost:" + keycloak.getMappedPort(8443) + "/auth";
 
         RealmRepresentation realm = createRealm(KEYCLOAK_REALM);
+        postRealm(realm);
 
-        realm.getClients().add(createClient("quarkus-app"));
-        realm.getUsers().add(createUser("alice", "user"));
-        realm.getUsers().add(createUser("admin", "user", "admin"));
-        realm.getUsers().add(createUser("jdoe", "user", "confidential"));
+        RealmRepresentation webAppRealm = createWebAppRealm("quarkus-webapp-realm");
+        postRealm(webAppRealm);
+
+        Map<String, String> conf = new HashMap<>();
+        conf.put("quarkus.oidc.auth-server-url", KEYCLOAK_SERVER_URL + "/realms/" + KEYCLOAK_REALM);
 
+        return conf;
+    }
+
+    private void postRealm(RealmRepresentation realm) {
         try {
             RestAssured
                     .given()
@@ -50,19 +72,6 @@ public Map<String, String> start() {
         } catch (IOException e) {
             throw new RuntimeException(e);
         }
-        return Collections.emptyMap();
-    }
-
-    private static String getAdminAccessToken() {
-        return RestAssured
-                .given()
-                .param("grant_type", "password")
-                .param("username", "admin")
-                .param("password", "admin")
-                .param("client_id", "admin-cli")
-                .when()
-                .post(KEYCLOAK_SERVER_URL + "/realms/master/protocol/openid-connect/token")
-                .as(AccessTokenResponse.class).getToken();
     }
 
     private static RealmRepresentation createRealm(String name) {
@@ -84,9 +93,54 @@ private static RealmRepresentation createRealm(String name) {
         realm.getRoles().getRealm().add(new RoleRepresentation("admin", null, false));
         realm.getRoles().getRealm().add(new RoleRepresentation("confidential", null, false));
 
+        realm.getClients().add(createClient("quarkus-service-app"));
+        realm.getUsers().add(createUser("alice", "user"));
+        realm.getUsers().add(createUser("admin", "user", "admin"));
+        realm.getUsers().add(createUser("jdoe", "user", "confidential"));
+
         return realm;
     }
 
+    private static RealmRepresentation createWebAppRealm(String name) {
+        RealmRepresentation realm = new RealmRepresentation();
+
+        realm.setRealm(name);
+        realm.setEnabled(true);
+        realm.setUsers(new ArrayList<>());
+        realm.setClients(new ArrayList<>());
+        realm.setSsoSessionMaxLifespan(3); // sec
+        realm.setAccessTokenLifespan(4); // 3 seconds
+
+        RolesRepresentation roles = new RolesRepresentation();
+        List<RoleRepresentation> realmRoles = new ArrayList<>();
+
+        roles.setRealm(realmRoles);
+        realm.setRoles(roles);
+
+        realm.getRoles().getRealm().add(new RoleRepresentation("user", null, false));
+        realm.getRoles().getRealm().add(new RoleRepresentation("admin", null, false));
+        realm.getRoles().getRealm().add(new RoleRepresentation("confidential", null, false));
+
+        realm.getClients().add(createClient("quarkus-app"));
+        realm.getUsers().add(createUser("alice", "user"));
+        realm.getUsers().add(createUser("admin", "user", "admin"));
+        realm.getUsers().add(createUser("jdoe", "user", "confidential"));
+
+        return realm;
+    }
+
+    private static String getAdminAccessToken() {
+        return RestAssured
+                .given()
+                .param("grant_type", "password")
+                .param("username", "admin")
+                .param("password", "admin")
+                .param("client_id", "admin-cli")
+                .when()
+                .post(KEYCLOAK_SERVER_URL + "/realms/master/protocol/openid-connect/token")
+                .as(AccessTokenResponse.class).getToken();
+    }
+
     private static ClientRepresentation createClient(String clientId) {
         ClientRepresentation client = new ClientRepresentation();
 
@@ -119,23 +173,13 @@ private static UserRepresentation createUser(String username, String... realmRol
         return user;
     }
 
-    @Override
-    public void stop() {
-
-        RestAssured
-                .given()
-                .auth().oauth2(getAdminAccessToken())
-                .when()
-                .delete(KEYCLOAK_SERVER_URL + "/admin/realms/" + KEYCLOAK_REALM).then().statusCode(204);
-    }
-
     public static String getAccessToken(String userName) {
         return RestAssured
                 .given()
                 .param("grant_type", "password")
                 .param("username", userName)
                 .param("password", userName)
-                .param("client_id", "quarkus-app")
+                .param("client_id", "quarkus-service-app")
                 .param("client_secret", "secret")
                 .when()
                 .post(KEYCLOAK_SERVER_URL + "/realms/" + KEYCLOAK_REALM + "/protocol/openid-connect/token")
@@ -148,10 +192,23 @@ public static String getRefreshToken(String userName) {
                 .param("grant_type", "password")
                 .param("username", userName)
                 .param("password", userName)
-                .param("client_id", "quarkus-app")
+                .param("client_id", "quarkus-service-app")
                 .param("client_secret", "secret")
                 .when()
                 .post(KEYCLOAK_SERVER_URL + "/realms/" + KEYCLOAK_REALM + "/protocol/openid-connect/token")
                 .as(AccessTokenResponse.class).getRefreshToken();
     }
+
+    @Override
+    public void stop() {
+
+        RestAssured
+                .given()
+                .auth().oauth2(getAdminAccessToken())
+                .when()
+                .delete(KEYCLOAK_SERVER_URL + "/admin/realms/" + KEYCLOAK_REALM).then().statusCode(204);
+
+        keycloak.stop();
+    }
+
 }