Example 21 with KcRegExec
use of org.keycloak.testsuite.cli.KcRegExec in project keycloak by keycloak.
the class KcRegTest method testCustomConfigLoginCreateDelete.
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testCustomConfigLoginCreateDelete() throws IOException {
/*
* Test user login, create, delete session using a custom config file
*/
// prepare for loading a config file
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
KcRegExec exe = execute("config credentials --server " + serverUrl + " --realm master --user admin --password admin --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 1);
// remember the state of config file
ConfigData config1 = handler.loadConfig();
exe = execute("create --config '" + configFile.getName() + "' -s clientId=test-client -o");
assertExitCodeAndStdErrSize(exe, 0, 0);
// check changes to config file
ConfigData config2 = handler.loadConfig();
assertFieldsEqualWithExclusions(config1, config2, "endpoints." + serverUrl + ".master.clients.test-client");
// check that registration access token is now set
Assert.assertNotNull(config2.sessionRealmConfigData().getClients().get("test-client"));
ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertEquals("clientId", "test-client", client.getClientId());
Assert.assertNotNull("registrationAccessToken", client.getRegistrationAccessToken());
Assert.assertEquals("registrationAccessToken in returned json same as in config", config2.sessionRealmConfigData().getClients().get("test-client"), client.getRegistrationAccessToken());
exe = execute("delete test-client --config '" + configFile.getName() + "'");
assertExitCodeAndStreamSizes(exe, 0, 0, 0);
// check changes to config file
ConfigData config3 = handler.loadConfig();
assertFieldsEqualWithExclusions(config2, config3, "endpoints." + serverUrl + ".master.clients.test-client");
// check that registration access token is no longer there
Assert.assertTrue("clients empty", config3.sessionRealmConfigData().getClients().isEmpty());
}
}
Also used :
FileConfigHandler(org.keycloak.client.registration.cli.config.FileConfigHandler)
RealmConfigData(org.keycloak.client.registration.cli.config.RealmConfigData)
ConfigData(org.keycloak.client.registration.cli.config.ConfigData)
KcRegExec(org.keycloak.testsuite.cli.KcRegExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
Test(org.junit.Test)
Example 22 with KcRegExec
use of org.keycloak.testsuite.cli.KcRegExec in project keycloak by keycloak.
the class KcRegTest method testCreateDeleteWithInitialAndRegistrationTokensWithUnsecureOption.
private void testCreateDeleteWithInitialAndRegistrationTokensWithUnsecureOption(boolean useConfig) throws IOException {
Assume.assumeTrue(AUTH_SERVER_SSL_REQUIRED);
// prepare for loading a config file
// only used when useConfig is true
FileConfigHandler handler = initCustomConfigFile();
try (TempFileResource configFile = new TempFileResource(handler.getConfigFile())) {
String token = issueInitialAccessToken("master");
final String realm = "master";
KcRegExec exe = execute("create " + (useConfig ? ("--config '" + configFile.getAbsolutePath()) + "'" : "--no-config") + " --insecure --server " + oauth.AUTH_SERVER_ROOT + " --realm " + realm + " -s clientId=test-client2 -o -t " + token);
Assert.assertEquals("exitCode == 0", 0, exe.exitCode());
ClientRepresentation client = JsonSerialization.readValue(exe.stdout(), ClientRepresentation.class);
Assert.assertEquals("clientId", "test-client2", client.getClientId());
Assert.assertNotNull("registrationAccessToken", client.getRegistrationAccessToken());
if (useConfig) {
ConfigData config = handler.loadConfig();
Assert.assertEquals("Registration Access Token in config file", client.getRegistrationAccessToken(), config.ensureRealmConfigData(oauth.AUTH_SERVER_ROOT, realm).getClients().get("test-client2"));
} else {
Assert.assertFalse("There should be no config file", configFile.isFile());
}
exe = execute("delete test-client2 " + (useConfig ? ("--config '" + configFile.getAbsolutePath()) + "'" : "--no-config") + " --insecure --server " + oauth.AUTH_SERVER_ROOT + " --realm " + realm + " -t " + client.getRegistrationAccessToken());
assertExitCodeAndStreamSizes(exe, 0, 0, 2);
}
}
Also used :
FileConfigHandler(org.keycloak.client.registration.cli.config.FileConfigHandler)
RealmConfigData(org.keycloak.client.registration.cli.config.RealmConfigData)
ConfigData(org.keycloak.client.registration.cli.config.ConfigData)
KcRegExec(org.keycloak.testsuite.cli.KcRegExec)
TempFileResource(org.keycloak.testsuite.util.TempFileResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Example 23 with KcRegExec
use of org.keycloak.testsuite.cli.KcRegExec in project keycloak by keycloak.
the class KcRegTest method testBadOptionInPlaceOfCommand.
@Test
public void testBadOptionInPlaceOfCommand() {
/*
* Test most basic execution with non-existent option
*/
KcRegExec exe = execute("--nonexistent");
assertExitCodeAndStreamSizes(exe, 1, 0, 1);
Assert.assertEquals("stderr first line", "Unknown command: --nonexistent", exe.stderrLines().get(0));
}Example 24 with KcRegExec
use of org.keycloak.testsuite.cli.KcRegExec in project keycloak by keycloak.
the class KcRegTest method testHelpGlobalOption.
@Test
public void testHelpGlobalOption() {
/*
* Test --help for all commands
*/
KcRegExec exe = execute("--help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Keycloak Client Registration CLI", exe.stdoutLines().get(0));
exe = execute("create --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " create [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("get --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " get CLIENT [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("update --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " update CLIENT [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("delete --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " delete CLIENT [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("attrs --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " attrs [ATTRIBUTE] [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("update-token --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " update-token CLIENT [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("config --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " config SUB_COMMAND [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("config credentials --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " config credentials --server SERVER_URL --realm REALM [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("config initial-token --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " config initial-token --server SERVER --realm REALM [--delete | TOKEN] [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("config registration-token --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " config registration-token --server SERVER --realm REALM --client CLIENT [--delete | TOKEN] [ARGUMENTS]", exe.stdoutLines().get(0));
exe = execute("config truststore --help");
assertExitCodeAndStdErrSize(exe, 0, 0);
Assert.assertEquals("stdout first line", "Usage: " + CMD + " config truststore [TRUSTSTORE | --delete] [--trustpass PASSWORD] [ARGUMENTS]", exe.stdoutLines().get(0));
}Example 25 with KcRegExec
use of org.keycloak.testsuite.cli.KcRegExec in project keycloak by keycloak.
the class KcRegTest method testCRUDWithOnTheFlyUserAuthWithSignedJwtClient.
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testCRUDWithOnTheFlyUserAuthWithSignedJwtClient() throws IOException {
/*
* Test create, get, update, and delete using on-the-fly authentication - without using any config file.
* Login is performed by each operation again, and again using username, password, and client JWT signature.
*/
File keystore = new File(System.getProperty("user.dir") + "/src/test/resources/cli/kcreg/reg-cli-keystore.jks");
Assert.assertTrue("reg-cli-keystore.jks exists", keystore.isFile());
// try client without direct grants enabled
KcRegExec exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password userpass --client reg-cli-jwt --keystore '" + keystore.getAbsolutePath() + "'" + " --storepass storepass --keypass keypass --alias reg-cli");
assertExitCodeAndStreamSizes(exe, 1, 0, 2);
Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
Assert.assertEquals("error message", "Client not allowed for direct access grants [unauthorized_client]", exe.stderrLines().get(1));
// try wrong user password
exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password wrong --client reg-cli-jwt-direct --keystore '" + keystore.getAbsolutePath() + "'" + " --storepass storepass --keypass keypass --alias reg-cli");
assertExitCodeAndStreamSizes(exe, 1, 0, 2);
Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
Assert.assertEquals("error message", "Invalid user credentials [invalid_grant]", exe.stderrLines().get(1));
// try wrong storepass
exe = execute("get test-client --no-config --server " + serverUrl + " --realm test" + " --user user1 --password userpass --client reg-cli-jwt-direct --keystore '" + keystore.getAbsolutePath() + "'" + " --storepass wrong --keypass keypass --alias reg-cli");
assertExitCodeAndStreamSizes(exe, 1, 0, 2);
Assert.assertEquals("login message", "Logging into " + serverUrl + " as user user1 of realm test", exe.stderrLines().get(0));
Assert.assertEquals("error message", "Failed to load private key: Keystore was tampered with, or password was incorrect", exe.stderrLines().get(1));
// try whole CRUD
testCRUDWithOnTheFlyAuth(serverUrl, "--user user1 --password userpass --client reg-cli-jwt-direct --keystore '" + keystore.getAbsolutePath() + "'" + " --storepass storepass --keypass keypass --alias reg-cli", "", "Logging into " + serverUrl + " as user user1 of realm test");
}
Also used :
KcRegExec(org.keycloak.testsuite.cli.KcRegExec)
File(java.io.File)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
Test(org.junit.Test)
Aggregations
KcRegExec (org.keycloak.testsuite.cli.KcRegExec)28
Test (org.junit.Test)24
FileConfigHandler (org.keycloak.client.registration.cli.config.FileConfigHandler)11
TempFileResource (org.keycloak.testsuite.util.TempFileResource)10
File (java.io.File)8
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)8
ConfigData (org.keycloak.client.registration.cli.config.ConfigData)7
AuthServerContainerExclude (org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)5
RealmConfigData (org.keycloak.client.registration.cli.config.RealmConfigData)4
FileOutputStream (java.io.FileOutputStream)2
OIDCClientRepresentation (org.keycloak.representations.oidc.OIDCClientRepresentation)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
Arrays (java.util.Arrays)1
List (java.util.List)1
Matchers (org.hamcrest.Matchers)1
Assert (org.junit.Assert)1
Assume (org.junit.Assume)1
Before (org.junit.Before)1
OAuth2Constants (org.keycloak.OAuth2Constants)1
