Added tests for new OIDC token retrieve methods and UMA from OIDC token method
This commit is contained in:
parent
4c769f329f
commit
49586563e2
|
@ -19,12 +19,13 @@ public class TestKeycloakClient {
|
||||||
|
|
||||||
protected static final Logger logger = LoggerFactory.getLogger(TestKeycloakClient.class);
|
protected static final Logger logger = LoggerFactory.getLogger(TestKeycloakClient.class);
|
||||||
|
|
||||||
private static final String DEV_ENDPOINT = "http://accounts.dev.d4science.org/auth/realms/d4science/protocol/openid-connect/token";
|
private static final String DEV_ENDPOINT = "https://accounts.dev.d4science.org/auth/realms/d4science/protocol/openid-connect/token";
|
||||||
private static final String CLIENT_ID = "keycloak-client";
|
private static final String CLIENT_ID = "keycloak-client";
|
||||||
private static final String CLIENT_SECRET = "38f76152-2b7c-418f-9b67-66f4cc2f401e";
|
private static final String CLIENT_SECRET = "38f76152-2b7c-418f-9b67-66f4cc2f401e";
|
||||||
private static final String TEST_AUDIENCE = "conductor-server";
|
private static final String TEST_AUDIENCE = "conductor-server";
|
||||||
|
|
||||||
private static TokenResponse tr = null;
|
private static TokenResponse oidcTR = null;
|
||||||
|
private static TokenResponse umaTR = null;
|
||||||
|
|
||||||
@Before
|
@Before
|
||||||
public void setUp() throws Exception {
|
public void setUp() throws Exception {
|
||||||
|
@ -36,53 +37,91 @@ public class TestKeycloakClient {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test1EndpointDiscovery() throws Exception {
|
public void test01EndpointDiscovery() throws Exception {
|
||||||
logger.info("Start testing Keycloak endpoint discovery...");
|
logger.info("*** [0.1] Start testing Keycloak endpoint discovery...");
|
||||||
URL url = KeycloakClientFactory.newInstance().findTokenEndpointURL();
|
URL url = KeycloakClientFactory.newInstance().findTokenEndpointURL();
|
||||||
Assert.assertNotNull(url);
|
Assert.assertNotNull(url);
|
||||||
Assert.assertTrue(url.getProtocol().equals("https"));
|
Assert.assertTrue(url.getProtocol().equals("https"));
|
||||||
|
Assert.assertEquals(new URL(DEV_ENDPOINT), url);
|
||||||
logger.info("Discovered URL is: {}", url);
|
logger.info("Discovered URL is: {}", url);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test2QueryUMATokenWithDiscoveryInCurrentScope() throws Exception {
|
public void test11QueryOIDCTokenWithDiscoveryInCurrentScope() throws Exception {
|
||||||
logger.info("Start testing query UMA token from Keycloak with endpoint discovery and current scope...");
|
logger.info("*** [1.1] Start testing query OIDC token from Keycloak with endpoint discovery and current scope...");
|
||||||
tr = KeycloakClientFactory.newInstance().queryUMAToken(CLIENT_ID, CLIENT_SECRET, null);
|
oidcTR = KeycloakClientFactory.newInstance().queryOIDCToken(CLIENT_ID, CLIENT_SECRET);
|
||||||
TestModels.checkTokenResponse(tr);
|
TestModels.checkTokenResponse(oidcTR);
|
||||||
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(tr), "service-account-" + CLIENT_ID);
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(oidcTR), "service-account-" + CLIENT_ID);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test3QueryUMATokenWithDiscovery() throws Exception {
|
public void test12QueryOIDCToken() throws Exception {
|
||||||
logger.info("Start testing query UMA token from Keycloak with endpoint discovery...");
|
logger.info("*** [1.2] Start testing query OIDC token from Keycloak with URL...");
|
||||||
tr = KeycloakClientFactory.newInstance().queryUMAToken(CLIENT_ID, CLIENT_SECRET, TEST_AUDIENCE, null);
|
oidcTR = KeycloakClientFactory.newInstance().queryOIDCToken(new URL(DEV_ENDPOINT), CLIENT_ID, CLIENT_SECRET);
|
||||||
TestModels.checkTokenResponse(tr);
|
TestModels.checkTokenResponse(oidcTR);
|
||||||
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(tr), "service-account-" + CLIENT_ID);
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(oidcTR), "service-account-" + CLIENT_ID);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test4QueryUMAToken() throws Exception {
|
public void test13RefreshOIDCTokenWithDiscovery() throws Exception {
|
||||||
logger.info("Start testing query UMA token from Keycloak with URL...");
|
logger.info("*** [1.3] Start testing refresh OIDC token from Keycloak with endpoint discovery...");
|
||||||
tr = KeycloakClientFactory.newInstance().queryUMAToken(new URL(DEV_ENDPOINT), CLIENT_ID, CLIENT_SECRET,
|
TokenResponse refreshedTR = KeycloakClientFactory.newInstance().refreshToken(CLIENT_ID, CLIENT_SECRET, oidcTR);
|
||||||
|
TestModels.checkTokenResponse(refreshedTR);
|
||||||
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(refreshedTR), "service-account-" + CLIENT_ID);
|
||||||
|
TestModels.checkRefreshToken(ModelUtils.getRefreshTokenFrom(refreshedTR));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test21QueryUMATokenWithDiscoveryInCurrentScope() throws Exception {
|
||||||
|
logger.info(
|
||||||
|
"*** [2.1] Start testing query UMA token from Keycloak with endpoint discovery and current scope as audience...");
|
||||||
|
|
||||||
|
umaTR = KeycloakClientFactory.newInstance().queryUMAToken(CLIENT_ID, CLIENT_SECRET, null);
|
||||||
|
TestModels.checkTokenResponse(umaTR);
|
||||||
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(umaTR), "service-account-" + CLIENT_ID);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test22QueryUMATokenWithDiscovery() throws Exception {
|
||||||
|
logger.info("*** [2.2] Start testing query UMA token from Keycloak with endpoint discovery...");
|
||||||
|
umaTR = KeycloakClientFactory.newInstance().queryUMAToken(CLIENT_ID, CLIENT_SECRET, TEST_AUDIENCE, null);
|
||||||
|
TestModels.checkTokenResponse(umaTR);
|
||||||
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(umaTR), "service-account-" + CLIENT_ID);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test23QueryUMATokenWithDiscoveryWithOIDCAuthorization() throws Exception {
|
||||||
|
logger.info(
|
||||||
|
"*** [2.3] Start testing query UMA token from Keycloak with endpoint discovery and OIDC access token for authorization...");
|
||||||
|
|
||||||
|
umaTR = KeycloakClientFactory.newInstance().queryUMAToken(oidcTR, TEST_AUDIENCE, null);
|
||||||
|
TestModels.checkTokenResponse(umaTR);
|
||||||
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(umaTR), "service-account-" + CLIENT_ID);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test24QueryUMAToken() throws Exception {
|
||||||
|
logger.info("*** [2.4] Start testing query UMA token from Keycloak with URL...");
|
||||||
|
umaTR = KeycloakClientFactory.newInstance().queryUMAToken(new URL(DEV_ENDPOINT), CLIENT_ID, CLIENT_SECRET,
|
||||||
TEST_AUDIENCE, null);
|
TEST_AUDIENCE, null);
|
||||||
|
|
||||||
TestModels.checkTokenResponse(tr);
|
TestModels.checkTokenResponse(umaTR);
|
||||||
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(tr), "service-account-" + CLIENT_ID);
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(umaTR), "service-account-" + CLIENT_ID);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test5RefreshTokenWithDiscovery() throws Exception {
|
public void test25RefreshUMATokenWithDiscovery() throws Exception {
|
||||||
logger.info("Start testing refresh UMA token from Keycloak with endpoint discovery...");
|
logger.info("*** [2.5] Start testing refresh UMA token from Keycloak with endpoint discovery...");
|
||||||
TokenResponse refreshedTR = KeycloakClientFactory.newInstance().refreshToken(CLIENT_ID, CLIENT_SECRET, tr);
|
TokenResponse refreshedTR = KeycloakClientFactory.newInstance().refreshToken(CLIENT_ID, CLIENT_SECRET, umaTR);
|
||||||
TestModels.checkTokenResponse(refreshedTR);
|
TestModels.checkTokenResponse(refreshedTR);
|
||||||
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(refreshedTR), "service-account-" + CLIENT_ID);
|
TestModels.checkAccessToken(ModelUtils.getAccessTokenFrom(refreshedTR), "service-account-" + CLIENT_ID);
|
||||||
TestModels.checkRefreshToken(ModelUtils.getRefreshTokenFrom(refreshedTR));
|
TestModels.checkRefreshToken(ModelUtils.getRefreshTokenFrom(refreshedTR));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = KeycloakClientException.class)
|
@Test(expected = KeycloakClientException.class)
|
||||||
public void test6RefreshTokenWithDiscoveryAndClientIdFromRefreshToken() throws Exception {
|
public void test26RefreshTokenWithDiscoveryAndClientIdFromRefreshToken() throws Exception {
|
||||||
logger.info("Start testing refresh UMA token with error since is not a public client...");
|
logger.info("*** [2.6] Start testing refresh UMA token *with error* since is not a public client...");
|
||||||
KeycloakClientFactory.newInstance().refreshToken(tr.getRefreshToken());
|
KeycloakClientFactory.newInstance().refreshToken(umaTR.getRefreshToken());
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
</layout>
|
</layout>
|
||||||
</appender>
|
</appender>
|
||||||
|
|
||||||
<logger name="org.gcube" additivity="false">
|
<logger name="org.gcube.common.keycloak" additivity="false">
|
||||||
<level value="TRACE" />
|
<level value="TRACE" />
|
||||||
<appender-ref ref="console" />
|
<appender-ref ref="console" />
|
||||||
</logger>
|
</logger>
|
||||||
|
|
Loading…
Reference in New Issue