Search in sources :

Example 31 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class KcRegTest method testUserLoginWithDefaultConfig.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testUserLoginWithDefaultConfig() {
    /*
         *  Test most basic user login, using the default admin-cli as a client
         */
    KcRegExec exe = execute("config credentials --server " + serverUrl + " --realm master --user admin --password admin");
    assertExitCodeAndStreamSizes(exe, 0, 0, 1);
    Assert.assertEquals("stderr first line", "Logging into " + serverUrl + " as user admin of realm master", exe.stderrLines().get(0));
}
Also used : KcRegExec(org.keycloak.testsuite.cli.KcRegExec) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test)

Example 32 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class KcRegTest method testCRUDWithOnTheFlyUserAuthWithClientSecret.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testCRUDWithOnTheFlyUserAuthWithClientSecret() throws IOException {
    /*
         *  Test create, get, update, and delete using on-the-fly authentication - without using any config file.
         *  Login is performed by each operation again, and again using username, password, and client secret.
         */
    // try client without direct grants enabled
    KcRegExec exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password userpass --client reg-cli-secret --secret password");
    assertExitCodeAndStreamSizes(exe, 1, 0, 2);
    Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
    Assert.assertEquals("error message", "Client not allowed for direct access grants [unauthorized_client]", exe.stderrLines().get(1));
    // try wrong user password
    exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password wrong --client reg-cli-secret-direct --secret password");
    assertExitCodeAndStreamSizes(exe, 1, 0, 2);
    Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
    Assert.assertEquals("error message", "Invalid user credentials [invalid_grant]", exe.stderrLines().get(1));
    // try wrong client secret
    exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password userpass --client reg-cli-secret-direct --secret wrong");
    assertExitCodeAndStreamSizes(exe, 1, 0, 2);
    Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
    Assert.assertEquals("error message", "Invalid client secret [unauthorized_client]", exe.stderrLines().get(1));
    // try whole CRUD
    testCRUDWithOnTheFlyAuth(serverUrl, "--user user1 --password userpass --client reg-cli-secret-direct --secret password", "", "Logging into " + serverUrl + " as user user1 of realm test");
}
Also used : KcRegExec(org.keycloak.testsuite.cli.KcRegExec) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test)

Example 33 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class KcRegTest method testCRUDWithOnTheFlyServiceAccountWithSignedJwtClient.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testCRUDWithOnTheFlyServiceAccountWithSignedJwtClient() throws IOException {
    /*
         *  Test create, get, update, and delete using on-the-fly authentication - without using any config file.
         *  Login is performed by each operation again, and again using only client JWT signature - service account is used.
         */
    File keystore = new File(System.getProperty("user.dir") + "/src/test/resources/cli/kcreg/reg-cli-keystore.jks");
    Assert.assertTrue("reg-cli-keystore.jks exists", keystore.isFile());
    testCRUDWithOnTheFlyAuth(serverUrl, "--client reg-cli-jwt --keystore '" + keystore.getAbsolutePath() + "' --storepass storepass --keypass keypass --alias reg-cli", "", "Logging into " + serverUrl + " as service-account-reg-cli-jwt of realm test");
}
Also used : File(java.io.File) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test)

Example 34 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class JavaKeystoreKeyProviderTest method invalidKeyPassword.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void invalidKeyPassword() throws Exception {
    ComponentRepresentation rep = createRep("valid", System.currentTimeMillis());
    rep.getConfig().putSingle("keyPassword", "invalid");
    Response response = adminClient.realm("test").components().add(rep);
    assertErrror(response, "Failed to load keys. Keystore on server can not be recovered.");
}
Also used : ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) Response(javax.ws.rs.core.Response) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 35 with AuthServerContainerExclude

use of org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude in project keycloak by keycloak.

the class JavaKeystoreKeyProviderTest method create.

@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void create() throws Exception {
    long priority = System.currentTimeMillis();
    ComponentRepresentation rep = createRep("valid", priority);
    Response response = adminClient.realm("test").components().add(rep);
    String id = ApiUtil.getCreatedId(response);
    ComponentRepresentation createdRep = adminClient.realm("test").components().component(id).toRepresentation();
    assertEquals(5, createdRep.getConfig().size());
    assertEquals(Long.toString(priority), createdRep.getConfig().getFirst("priority"));
    assertEquals(ComponentRepresentation.SECRET_VALUE, createdRep.getConfig().getFirst("keystorePassword"));
    assertEquals(ComponentRepresentation.SECRET_VALUE, createdRep.getConfig().getFirst("keyPassword"));
    KeysMetadataRepresentation keys = adminClient.realm("test").keys().getKeyMetadata();
    KeysMetadataRepresentation.KeyMetadataRepresentation key = keys.getKeys().get(0);
    assertEquals(id, key.getProviderId());
    assertEquals(AlgorithmType.RSA.name(), key.getType());
    assertEquals(priority, key.getProviderPriority());
    assertEquals(PUBLIC_KEY, key.getPublicKey());
    assertEquals(CERTIFICATE, key.getCertificate());
}
Also used : ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) Response(javax.ws.rs.core.Response) KeysMetadataRepresentation(org.keycloak.representations.idm.KeysMetadataRepresentation) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Aggregations

Test (org.junit.Test)108 AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)108 AbstractTestRealmKeycloakTest (org.keycloak.testsuite.AbstractTestRealmKeycloakTest)31 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)30 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)29 Matchers.containsString (org.hamcrest.Matchers.containsString)28 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)27 Response (javax.ws.rs.core.Response)24 UserResource (org.keycloak.admin.client.resource.UserResource)21 AbstractAuthenticationTest (org.keycloak.testsuite.admin.authentication.AbstractAuthenticationTest)21 SocialLoginTest (org.keycloak.testsuite.broker.SocialLoginTest)21 MimeMessage (javax.mail.internet.MimeMessage)14 OAuthClient (org.keycloak.testsuite.util.OAuthClient)14 OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)13 ComponentRepresentation (org.keycloak.representations.idm.ComponentRepresentation)12 LinkedList (java.util.LinkedList)11 List (java.util.List)9 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)9 HashMap (java.util.HashMap)8 IOException (java.io.IOException)7