Search in sources :

Example 21 with OAuthClient

use of org.keycloak.testsuite.util.OAuthClient in project keycloak by keycloak.

the class AccountFormServiceTest method sessions.

@Test
// we need to do domain name -> ip address to make this test work in remote testing
@AuthServerContainerExclude(AuthServer.REMOTE)
public void sessions() {
    loginPage.open();
    loginPage.clickRegister();
    registerPage.register("view", "sessions", "view-sessions@localhost", "view-sessions", "password", "password");
    EventRepresentation registerEvent = events.expectRegister("view-sessions", "view-sessions@localhost").assertEvent();
    String userId = registerEvent.getUserId();
    events.expectLogin().user(userId).detail(Details.USERNAME, "view-sessions").assertEvent();
    sessionsPage.open();
    Assert.assertTrue(sessionsPage.isCurrent());
    List<List<String>> sessions = sessionsPage.getSessions();
    assertThat(sessions, hasSize(1));
    assertThat(sessions.get(0).get(0), anyOf(equalTo("127.0.0.1"), equalTo("0:0:0:0:0:0:0:1")));
    // Create second session
    try {
        OAuthClient oauth2 = new OAuthClient();
        oauth2.init(driver2);
        oauth2.doLogin("view-sessions", "password");
        EventRepresentation login2Event = events.expectLogin().user(userId).detail(Details.USERNAME, "view-sessions").assertEvent();
        sessionsPage.open();
        sessions = sessionsPage.getSessions();
        Assert.assertEquals(2, sessions.size());
        sessionsPage.logoutAll();
        events.expectLogout(registerEvent.getSessionId());
        events.expectLogout(login2Event.getSessionId());
    } finally {
        driver2.close();
    }
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) EventRepresentation(org.keycloak.representations.idm.EventRepresentation) List(java.util.List) LinkedList(java.util.LinkedList) Matchers.containsString(org.hamcrest.Matchers.containsString) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test) AbstractTestRealmKeycloakTest(org.keycloak.testsuite.AbstractTestRealmKeycloakTest)

Example 22 with OAuthClient

use of org.keycloak.testsuite.util.OAuthClient in project keycloak by keycloak.

the class MutualTLSClientTest method getAccessTokenResponseWithQueryParams.

/*
    * This is a very simplified version of OAuthClient#doAccessTokenRequest.
    * It test a scenario, where we do not follow the spec and specify client_id in Query Params (for in a form).
    */
private OAuthClient.AccessTokenResponse getAccessTokenResponseWithQueryParams(String clientId, CloseableHttpClient client) throws Exception {
    // This is a very simplified version of
    OAuthClient.AccessTokenResponse token;
    HttpPost post = new HttpPost(oauth.getAccessTokenUrl() + "?client_id=" + clientId);
    List<NameValuePair> parameters = new LinkedList<>();
    parameters.add(new BasicNameValuePair(OAuth2Constants.GRANT_TYPE, OAuth2Constants.AUTHORIZATION_CODE));
    parameters.add(new BasicNameValuePair(OAuth2Constants.CODE, oauth.getCurrentQuery().get(OAuth2Constants.CODE)));
    parameters.add(new BasicNameValuePair(OAuth2Constants.REDIRECT_URI, oauth.getRedirectUri()));
    UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(parameters, Charsets.UTF_8);
    post.setEntity(formEntity);
    return new OAuthClient.AccessTokenResponse(client.execute(post));
}
Also used : HttpPost(org.apache.http.client.methods.HttpPost) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) NameValuePair(org.apache.http.NameValuePair) OAuthClient(org.keycloak.testsuite.util.OAuthClient) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity) LinkedList(java.util.LinkedList)

Example 23 with OAuthClient

use of org.keycloak.testsuite.util.OAuthClient in project keycloak by keycloak.

the class MigrationContext method requestOfflineToken.

private String requestOfflineToken() {
    logger.info("Requesting offline token on the old container");
    try {
        OAuthClient oauth = new OAuthClient();
        oauth.init(null);
        oauth.scope(OAuth2Constants.OFFLINE_ACCESS);
        oauth.realm("Migration");
        oauth.clientId("migration-test-client");
        OAuthClient.AccessTokenResponse tokenResponse = oauth.doGrantAccessTokenRequest("secret", "offline-test-user", "password2");
        return tokenResponse.getRefreshToken();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient)

Example 24 with OAuthClient

use of org.keycloak.testsuite.util.OAuthClient in project keycloak by keycloak.

the class BackchannelLogoutTest method postBackchannelLogoutWithSessionIdMultipleOpenSession.

@Test
public void postBackchannelLogoutWithSessionIdMultipleOpenSession() throws Exception {
    logInAsUserInIDPForFirstTime();
    String userIdConsumerRealm = getUserIdConsumerRealm();
    String brokerClientIdProviderRealm = getClientId(nbc.providerRealmName(), BROKER_CLIENT_ID);
    String sessionId1ProviderRealm = assertProviderLoginEventIdpClient(userIdProviderRealm);
    String sessionId1ConsumerRealm = assertConsumerLoginEventAccountManagement(userIdConsumerRealm);
    assertActiveSessionInClient(nbc.consumerRealmName(), accountClientIdConsumerRealm, userIdConsumerRealm, sessionId1ConsumerRealm);
    OAuthClient oauth2 = new OAuthClient();
    oauth2.init(driver2);
    oauth2.realm(nbc.consumerRealmName()).clientId(ACCOUNT_CLIENT_NAME).redirectUri(getAuthServerRoot() + "realms/" + nbc.consumerRealmName() + "/account").doLoginSocial(nbc.getIDPAlias(), nbc.getUserLogin(), nbc.getUserPassword());
    String sessionId2ProviderRealm = assertProviderLoginEventIdpClient(userIdProviderRealm);
    String sessionId2ConsumerRealm = assertConsumerLoginEventAccountManagement(userIdConsumerRealm);
    assertActiveSessionInClient(nbc.consumerRealmName(), accountClientIdConsumerRealm, userIdConsumerRealm, sessionId2ConsumerRealm);
    String logoutTokenEncoded = getLogoutTokenEncodedAndSigned(userIdProviderRealm, sessionId1ProviderRealm);
    oauth.realm(nbc.consumerRealmName());
    try (CloseableHttpResponse response = oauth.doBackchannelLogout(logoutTokenEncoded)) {
        assertThat(response, Matchers.statusCodeIsHC(Response.Status.OK));
    }
    assertConsumerLogoutEvent(sessionId1ConsumerRealm, userIdConsumerRealm);
    assertNoSessionsInClient(nbc.consumerRealmName(), accountClientIdConsumerRealm, userIdConsumerRealm, sessionId1ConsumerRealm);
    assertActiveSessionInClient(nbc.consumerRealmName(), accountClientIdConsumerRealm, userIdConsumerRealm, sessionId2ConsumerRealm);
    assertActiveSessionInClient(nbc.providerRealmName(), brokerClientIdProviderRealm, userIdProviderRealm, sessionId1ProviderRealm);
    assertActiveSessionInClient(nbc.providerRealmName(), brokerClientIdProviderRealm, userIdProviderRealm, sessionId2ProviderRealm);
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient) CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) AbstractNestedBrokerTest(org.keycloak.testsuite.broker.AbstractNestedBrokerTest) Test(org.junit.Test)

Example 25 with OAuthClient

use of org.keycloak.testsuite.util.OAuthClient in project keycloak by keycloak.

the class BackchannelLogoutTest method loginWithSecondBrowser.

private OAuthClient loginWithSecondBrowser(String identityProviderDisplayName) {
    OAuthClient oauth2 = new OAuthClient();
    oauth2.init(driver2);
    oauth2.realm(nbc.consumerRealmName()).clientId(ACCOUNT_CLIENT_NAME).redirectUri(getAuthServerRoot() + "realms/" + nbc.consumerRealmName() + "/account").doLoginSocial(identityProviderDisplayName, nbc.getUserLogin(), nbc.getUserPassword());
    return oauth2;
}
Also used : OAuthClient(org.keycloak.testsuite.util.OAuthClient)

Aggregations

OAuthClient (org.keycloak.testsuite.util.OAuthClient)38 Test (org.junit.Test)30 AuthorizationRequest (org.keycloak.representations.idm.authorization.AuthorizationRequest)19 AuthorizationResponse (org.keycloak.representations.idm.authorization.AuthorizationResponse)19 AuthzClient (org.keycloak.authorization.client.AuthzClient)18 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)17 ClientResource (org.keycloak.admin.client.resource.ClientResource)17 ResourceRepresentation (org.keycloak.representations.idm.authorization.ResourceRepresentation)16 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)15 Response (javax.ws.rs.core.Response)12 TokenIntrospectionResponse (org.keycloak.authorization.client.representation.TokenIntrospectionResponse)12 AccessTokenResponse (org.keycloak.representations.AccessTokenResponse)12 PermissionResponse (org.keycloak.representations.idm.authorization.PermissionResponse)12 Permission (org.keycloak.representations.idm.authorization.Permission)11 ScopePermissionRepresentation (org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)11 ResourcePermissionRepresentation (org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)10 HttpResponseException (org.keycloak.authorization.client.util.HttpResponseException)9 AccessToken (org.keycloak.representations.AccessToken)5 IOException (java.io.IOException)4 EventRepresentation (org.keycloak.representations.idm.EventRepresentation)4