Example 1 with TestingCacheResource
use of org.keycloak.testsuite.client.resources.TestingCacheResource in project keycloak by keycloak.
the class KcOIDCBrokerWithSignatureTest method testPublicKeyCacheInvalidatedWhenProviderUpdated.
// Test that when I update identityProvier, then the record in publicKey cache is cleared and it's not possible to authenticate with it anymore
@Test
public void testPublicKeyCacheInvalidatedWhenProviderUpdated() throws Exception {
// Configure OIDC identity provider with JWKS URL
updateIdentityProviderWithJwksUrl();
// Check that user is able to login
logInAsUserInIDPForFirstTime();
assertLoggedInAccountManagement();
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
// Check that key is cached
IdentityProviderRepresentation idpRep = getIdentityProvider();
String expectedCacheKey = PublicKeyStorageUtils.getIdpModelCacheKey(consumerRealm().toRepresentation().getId(), idpRep.getInternalId());
TestingCacheResource cache = testingClient.testing(bc.consumerRealmName()).cache(InfinispanConnectionProvider.KEYS_CACHE_NAME);
Assert.assertTrue(cache.contains(expectedCacheKey));
// Update identityProvider to some bad JWKS_URL
OIDCIdentityProviderConfigRep cfg = new OIDCIdentityProviderConfigRep(idpRep);
cfg.setJwksUrl("https://localhost:43214/non-existent");
updateIdentityProvider(idpRep);
// Check that key is not cached anymore
Assert.assertFalse(cache.contains(expectedCacheKey));
// Check that user is not able to login with IDP
setTimeOffset(20);
logInAsUserInIDP();
assertErrorPage("Unexpected error when authenticating with identity provider");
}
Also used :
TestingCacheResource(org.keycloak.testsuite.client.resources.TestingCacheResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
Test(org.junit.Test)
Example 2 with TestingCacheResource
use of org.keycloak.testsuite.client.resources.TestingCacheResource in project keycloak by keycloak.
the class KcOIDCBrokerWithSignatureTest method testClearKeysCache.
@Test
public void testClearKeysCache() throws Exception {
// Configure OIDC identity provider with JWKS URL
updateIdentityProviderWithJwksUrl();
// Check that user is able to login
logInAsUserInIDPForFirstTime();
assertLoggedInAccountManagement();
logoutFromRealm(getConsumerRoot(), bc.consumerRealmName());
// Check that key is cached
IdentityProviderRepresentation idpRep = getIdentityProvider();
String expectedCacheKey = PublicKeyStorageUtils.getIdpModelCacheKey(consumerRealm().toRepresentation().getId(), idpRep.getInternalId());
TestingCacheResource cache = testingClient.testing(bc.consumerRealmName()).cache(InfinispanConnectionProvider.KEYS_CACHE_NAME);
Assert.assertTrue(cache.contains(expectedCacheKey));
// Clear cache and check nothing cached
consumerRealm().clearKeysCache();
Assert.assertFalse(cache.contains(expectedCacheKey));
Assert.assertEquals(cache.size(), 0);
}
Also used :
TestingCacheResource(org.keycloak.testsuite.client.resources.TestingCacheResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
Test(org.junit.Test)
Aggregations
Test (org.junit.Test)2
IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)2
TestingCacheResource (org.keycloak.testsuite.client.resources.TestingCacheResource)2
