diff --git a/adapters/oidc/js/src/main/resources/3p-cookies-step1.html b/adapters/oidc/js/src/main/resources/3p-cookies-step1.html
new file mode 100644
index 00000000000..606d7b88d8c
--- /dev/null
+++ b/adapters/oidc/js/src/main/resources/3p-cookies-step1.html
@@ -0,0 +1,27 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/adapters/oidc/js/src/main/resources/3p-cookies-step2.html b/adapters/oidc/js/src/main/resources/3p-cookies-step2.html
new file mode 100644
index 00000000000..8cd4b2ab677
--- /dev/null
+++ b/adapters/oidc/js/src/main/resources/3p-cookies-step2.html
@@ -0,0 +1,32 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/adapters/oidc/js/src/main/resources/keycloak.d.ts b/adapters/oidc/js/src/main/resources/keycloak.d.ts
index e4dcb648f89..0e092d28298 100644
--- a/adapters/oidc/js/src/main/resources/keycloak.d.ts
+++ b/adapters/oidc/js/src/main/resources/keycloak.d.ts
@@ -148,6 +148,13 @@ declare namespace Keycloak {
*/
silentCheckSsoRedirectUri?: string;
+ /**
+ * Specifies whether the silent check-sso should fallback to "non-silent"
+ * check-sso when 3rd party cookies are blocked by the browser. Defaults
+ * to true.
+ */
+ silentCheckSsoFallback?: boolean;
+
/**
* Set the OpenID Connect flow.
* @default standard
diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js
index 6eac976a897..5ba4b6378d3 100755
--- a/adapters/oidc/js/src/main/resources/keycloak.js
+++ b/adapters/oidc/js/src/main/resources/keycloak.js
@@ -205,6 +205,12 @@
kc.silentCheckSsoRedirectUri = initOptions.silentCheckSsoRedirectUri;
}
+ if (typeof initOptions.silentCheckSsoFallback === 'boolean') {
+ kc.silentCheckSsoFallback = initOptions.silentCheckSsoFallback;
+ } else {
+ kc.silentCheckSsoFallback = true;
+ }
+
if (initOptions.pkceMethod) {
if (initOptions.pkceMethod !== "S256") {
throw 'Invalid value for pkceMethod';
@@ -356,7 +362,12 @@
}
}
- configPromise.then(processInit);
+ configPromise.then(function () {
+ check3pCookiesSupported().then(processInit)
+ .catch(function() {
+ promise.setError();
+ });
+ });
configPromise.catch(function() {
promise.setError();
});
@@ -846,6 +857,13 @@
}
return src;
},
+ thirdPartyCookiesIframe: function() {
+ var src = getRealmUrl() + '/protocol/openid-connect/3p-cookies/step1.html';
+ if (kc.iframeVersion) {
+ src = src + '?version=' + kc.iframeVersion;
+ }
+ return src;
+ },
register: function() {
return getRealmUrl() + '/protocol/openid-connect/registrations';
},
@@ -1276,6 +1294,45 @@
return promise.promise;
}
+ function check3pCookiesSupported() {
+ var promise = createPromise();
+
+ if (loginIframe.enable || kc.silentCheckSsoRedirectUri) {
+ var iframe = document.createElement('iframe');
+ iframe.setAttribute('src', kc.endpoints.thirdPartyCookiesIframe());
+ iframe.setAttribute('title', 'keycloak-3p-check-iframe' );
+ iframe.style.display = 'none';
+ document.body.appendChild(iframe);
+
+ var messageCallback = function(event) {
+ if (iframe.contentWindow !== event.source) {
+ return;
+ }
+
+ if (event.data !== "supported" && event.data !== "unsupported") {
+ promise.setError();
+ } else if (event.data === "unsupported") {
+ loginIframe.enable = false;
+ if (kc.silentCheckSsoFallback) {
+ kc.silentCheckSsoRedirectUri = false;
+ }
+ logWarn("[KEYCLOAK] 3rd party cookies aren't supported by this browser. checkLoginIframe and " +
+ "silent check-sso are not available.")
+ }
+
+ document.body.removeChild(iframe);
+ window.removeEventListener("message", messageCallback);
+ promise.setSuccess();
+ };
+
+ window.addEventListener('message', messageCallback, false);
+ } else {
+ promise.setSuccess();
+ }
+
+ return promise.promise;
+ }
+
function loadAdapter(type) {
if (!type || type == 'default') {
return {
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
index b9c7cf8d377..58751436ffa 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
@@ -35,6 +35,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint;
import org.keycloak.protocol.oidc.endpoints.LoginStatusIframeEndpoint;
import org.keycloak.protocol.oidc.endpoints.LogoutEndpoint;
+import org.keycloak.protocol.oidc.endpoints.ThirdPartyCookiesIframeEndpoint;
import org.keycloak.protocol.oidc.endpoints.TokenEndpoint;
import org.keycloak.protocol.oidc.endpoints.TokenRevocationEndpoint;
import org.keycloak.protocol.oidc.endpoints.UserInfoEndpoint;
@@ -191,6 +192,13 @@ public class OIDCLoginProtocolService {
return endpoint;
}
+ @Path("3p-cookies")
+ public Object thirdPartyCookiesCheck() {
+ ThirdPartyCookiesIframeEndpoint endpoint = new ThirdPartyCookiesIframeEndpoint();
+ ResteasyProviderFactory.getInstance().injectProperties(endpoint);
+ return endpoint;
+ }
+
@OPTIONS
@Path("certs")
@Produces(MediaType.APPLICATION_JSON)
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
index 5c64fd63de7..ebd61f2d60f 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LoginStatusIframeEndpoint.java
@@ -17,28 +17,24 @@
package org.keycloak.protocol.oidc.endpoints;
-import org.keycloak.common.Version;
import org.keycloak.common.util.UriUtils;
-import org.keycloak.headers.SecurityHeadersProvider;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.utils.WebOriginsUtils;
-import org.keycloak.services.util.CacheControlUtil;
-import org.keycloak.services.util.P3PHelper;
import org.keycloak.utils.MediaType;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
-import java.io.InputStream;
import java.util.Set;
+import static org.keycloak.services.util.IframeUtil.returnIframeFromResources;
+
/**
* @author Stian Thorgersen
*/
@@ -50,24 +46,7 @@ public class LoginStatusIframeEndpoint {
@GET
@Produces(MediaType.TEXT_HTML_UTF_8)
public Response getLoginStatusIframe(@QueryParam("version") String version) {
- CacheControl cacheControl;
- if (version != null) {
- if (!version.equals(Version.RESOURCES_VERSION)) {
- return Response.status(Response.Status.NOT_FOUND).build();
- }
- cacheControl = CacheControlUtil.getDefaultCacheControl();
- } else {
- cacheControl = CacheControlUtil.noCache();
- }
-
- InputStream resource = getClass().getClassLoader().getResourceAsStream("login-status-iframe.html");
- if (resource != null) {
- P3PHelper.addP3PHeader();
- session.getProvider(SecurityHeadersProvider.class).options().allowAnyFrameAncestor();
- return Response.ok(resource).cacheControl(cacheControl).build();
- } else {
- return Response.status(Response.Status.NOT_FOUND).build();
- }
+ return returnIframeFromResources("login-status-iframe.html", version, session);
}
@GET
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ThirdPartyCookiesIframeEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ThirdPartyCookiesIframeEndpoint.java
new file mode 100644
index 00000000000..e952963fd20
--- /dev/null
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/ThirdPartyCookiesIframeEndpoint.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2020 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.protocol.oidc.endpoints;
+
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.utils.MediaType;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
+
+import static org.keycloak.services.util.IframeUtil.returnIframeFromResources;
+
+/**
+ * @author Vaclav Muzikar
+ */
+public class ThirdPartyCookiesIframeEndpoint {
+ @Context
+ private KeycloakSession session;
+
+ @GET
+ @Path("step1.html")
+ @Produces(MediaType.TEXT_HTML_UTF_8)
+ public Response step1(@QueryParam("version") String version) {
+ return returnIframeFromResources("3p-cookies-step1.html", version, session);
+ }
+
+ @GET
+ @Path("step2.html")
+ @Produces(MediaType.TEXT_HTML_UTF_8)
+ public Response step2(@QueryParam("version") String version) {
+ return returnIframeFromResources("3p-cookies-step2.html", version, session);
+ }
+}
diff --git a/services/src/main/java/org/keycloak/services/util/IframeUtil.java b/services/src/main/java/org/keycloak/services/util/IframeUtil.java
new file mode 100644
index 00000000000..ac71648858f
--- /dev/null
+++ b/services/src/main/java/org/keycloak/services/util/IframeUtil.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2020 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.services.util;
+
+import org.keycloak.common.Version;
+import org.keycloak.headers.SecurityHeadersProvider;
+import org.keycloak.models.KeycloakSession;
+
+import javax.ws.rs.core.CacheControl;
+import javax.ws.rs.core.Response;
+import java.io.InputStream;
+
+public class IframeUtil {
+ public static Response returnIframeFromResources(String fileName, String version, KeycloakSession session) {
+ CacheControl cacheControl;
+ if (version != null) {
+ if (!version.equals(Version.RESOURCES_VERSION)) {
+ return Response.status(Response.Status.NOT_FOUND).build();
+ }
+ cacheControl = CacheControlUtil.getDefaultCacheControl();
+ } else {
+ cacheControl = CacheControlUtil.noCache();
+ }
+
+ InputStream resource = IframeUtil.class.getClassLoader().getResourceAsStream(fileName);
+ if (resource != null) {
+ P3PHelper.addP3PHeader();
+ session.getProvider(SecurityHeadersProvider.class).options().allowAnyFrameAncestor();
+ return Response.ok(resource).cacheControl(cacheControl).build();
+ } else {
+ return Response.status(Response.Status.NOT_FOUND).build();
+ }
+ }
+}
diff --git a/testsuite/integration-arquillian/HOW-TO-RUN.md b/testsuite/integration-arquillian/HOW-TO-RUN.md
index c9d13c2ad6d..c2dd67bb533 100644
--- a/testsuite/integration-arquillian/HOW-TO-RUN.md
+++ b/testsuite/integration-arquillian/HOW-TO-RUN.md
@@ -992,4 +992,11 @@ because this is not UI testing). For debugging purposes you can override the hea
mvn clean install -f testsuite/integration-arquillian/tests/base \
-Pfirefox-strict-cookies \
-Dtest=**.broker.** \
+ -Dauth.server.host=[some_host] -Dauth.server.host2=[some_other_host]
+
+**JS adapter tests:**
+
+ mvn clean install -f testsuite/integration-arquillian/tests/base \
+ -Pfirefox-strict-cookies \
+ -Dtest=**.javascript.** \
-Dauth.server.host=[some_host] -Dauth.server.host2=[some_other_host]
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
index 47cdf0da12a..8a805f3da46 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml
@@ -33,7 +33,6 @@
${project.version}
${project.basedir}/target/classes/javascript
- https://localhost:8543/auth
@@ -61,21 +60,6 @@
-
-
- no-ssl
-
-
- auth.server.ssl.required
- false
-
-
-
- http://localhost:8180/auth
-
-
-
-
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java
index 1b6792b4039..b8da8ec7326 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/rest/resource/TestJavascriptResource.java
@@ -13,6 +13,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+
/**
* @author mhajas
*/
@@ -63,6 +65,6 @@ public class TestJavascriptResource {
line = buf.readLine();
}
- return sb.toString();
+ return sb.toString().replace("${js-adapter.auth-server-url}", getAuthServerContextRoot() + "/auth");
}
}
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/ServerURLs.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/ServerURLs.java
new file mode 100644
index 00000000000..bf4e7059769
--- /dev/null
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/util/ServerURLs.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2020 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.util;
+
+import static java.lang.Integer.parseInt;
+
+public class ServerURLs {
+ public static final boolean AUTH_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required", "true"));
+ public static final String AUTH_SERVER_PORT = AUTH_SERVER_SSL_REQUIRED ? System.getProperty("auth.server.https.port", "8543") : System.getProperty("auth.server.http.port", "8180");
+ public static final String AUTH_SERVER_SCHEME = AUTH_SERVER_SSL_REQUIRED ? "https" : "http";
+ public static final String AUTH_SERVER_HOST = System.getProperty("auth.server.host", "localhost");
+ public static final String AUTH_SERVER_HOST2 = System.getProperty("auth.server.host2", AUTH_SERVER_HOST);
+
+ public static String getAuthServerContextRoot() {
+ return getAuthServerContextRoot(0);
+ }
+
+ public static String getAuthServerContextRoot(int clusterPortOffset) {
+ return removeDefaultPorts(String.format("%s://%s:%s", AUTH_SERVER_SCHEME, AUTH_SERVER_HOST, parseInt(AUTH_SERVER_PORT) + clusterPortOffset));
+ }
+
+ public static String getAppServerContextRoot() {
+ return getAppServerContextRoot(0);
+ }
+
+ public static String getAppServerContextRoot(int clusterPortOffset) {
+ String host = System.getProperty("app.server.host", "localhost");
+
+ boolean sslRequired = Boolean.parseBoolean(System.getProperty("app.server.ssl.required"));
+
+ int port = sslRequired ? parsePort("app.server.https.port") : parsePort("app.server.http.port");
+ String scheme = sslRequired ? "https" : "http";
+
+ return String.format("%s://%s:%s", scheme, host, port + clusterPortOffset);
+ }
+
+ /**
+ * Removes default ports: 80 and 443 from url
+ */
+ public static String removeDefaultPorts(String url) {
+ return url != null ? url.replaceFirst("(.*)(:80)(\\/.*)?$", "$1$3").replaceFirst("(.*)(:443)(\\/.*)?$", "$1$3") : null;
+ }
+
+ private static int parsePort(String property) {
+ try {
+ return parseInt(System.getProperty(property));
+ } catch (NumberFormatException ex) {
+ throw new RuntimeException("Failed to get " + property, ex);
+ }
+ }
+}
diff --git a/testsuite/integration-arquillian/tests/base/pom.xml b/testsuite/integration-arquillian/tests/base/pom.xml
index c6af8741369..caaa0681c5b 100644
--- a/testsuite/integration-arquillian/tests/base/pom.xml
+++ b/testsuite/integration-arquillian/tests/base/pom.xml
@@ -854,6 +854,7 @@
0
8080
9990
+ ${app.server.home}/conf
@@ -887,6 +888,7 @@
0
8080
9990
+ ${app.server.home}/conf
@@ -920,6 +922,7 @@
0
8080
9990
+ ${app.server.home}/conf
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
index 81df9e2d772..7eb7f66a6ec 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
@@ -49,7 +49,8 @@ import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.getAppServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
*
@@ -95,29 +96,6 @@ public class AppServerTestEnricher {
return appServerQualifiers;
}
- public static String getAppServerContextRoot() {
- return getAppServerContextRoot(0);
- }
-
- public static String getAppServerContextRoot(int clusterPortOffset) {
- String host = System.getProperty("app.server.host", "localhost");
-
- boolean sslRequired = Boolean.parseBoolean(System.getProperty("app.server.ssl.required"));
-
- int port = sslRequired ? parsePort("app.server.https.port") : parsePort("app.server.http.port");
- String scheme = sslRequired ? "https" : "http";
-
- return String.format("%s://%s:%s", scheme, host, port + clusterPortOffset);
- }
-
- private static int parsePort(String property) {
- try {
- return Integer.parseInt(System.getProperty(property));
- } catch (NumberFormatException ex) {
- throw new RuntimeException("Failed to get " + property, ex);
- }
- }
-
public static String getAppServerBrowserContextRoot() throws MalformedURLException {
return getAppServerBrowserContextRoot(new URL(getAuthServerContextRoot()));
}
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
index 1ec312f5e7c..c44dd60127a 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
@@ -52,6 +52,7 @@ import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.SqlUtils;
import org.keycloak.testsuite.util.SystemInfoHelper;
import org.keycloak.testsuite.util.VaultUtils;
+import org.keycloak.testsuite.util.ServerURLs;
import org.wildfly.extras.creaper.commands.undertow.AddUndertowListener;
import org.wildfly.extras.creaper.commands.undertow.RemoveUndertowListener;
import org.wildfly.extras.creaper.commands.undertow.SslVerifyClient;
@@ -84,7 +85,8 @@ import org.jboss.shrinkwrap.api.importer.ZipImporter;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;
import org.junit.Assert;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
*
@@ -108,11 +110,6 @@ public class AuthServerTestEnricher {
private JavaArchive testsuiteProvidersArchive;
private String currentContainerName;
- public static final boolean AUTH_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required", "true"));
- public static final String AUTH_SERVER_SCHEME = AUTH_SERVER_SSL_REQUIRED ? "https" : "http";
- public static final String AUTH_SERVER_HOST = System.getProperty("auth.server.host", "localhost");
- public static final String AUTH_SERVER_PORT = AUTH_SERVER_SSL_REQUIRED ? System.getProperty("auth.server.https.port", "8543") : System.getProperty("auth.server.http.port", "8180");
-
public static final String AUTH_SERVER_CONTAINER_DEFAULT = "auth-server-undertow";
public static final String AUTH_SERVER_CONTAINER_PROPERTY = "auth.server.container";
public static final String AUTH_SERVER_CONTAINER = System.getProperty(AUTH_SERVER_CONTAINER_PROPERTY, AUTH_SERVER_CONTAINER_DEFAULT);
@@ -165,21 +162,6 @@ public class AuthServerTestEnricher {
return AUTH_SERVER_CONTAINER.equals("auth-server-quarkus");
}
- public static String getAuthServerContextRoot() {
- return getAuthServerContextRoot(0);
- }
-
- public static String getAuthServerContextRoot(int clusterPortOffset) {
- String host = System.getProperty("auth.server.host", "localhost");
- int httpPort = Integer.parseInt(System.getProperty("auth.server.http.port")); // property must be set
- int httpsPort = Integer.parseInt(System.getProperty("auth.server.https.port")); // property must be set
-
- String scheme = AUTH_SERVER_SSL_REQUIRED ? "https" : "http";
- int port = AUTH_SERVER_SSL_REQUIRED ? httpsPort : httpPort;
-
- return removeDefaultPorts(String.format("%s://%s:%s", scheme, host, port + clusterPortOffset));
- }
-
public static String getHttpAuthServerContextRoot() {
String host = System.getProperty("auth.server.host", "localhost");
int httpPort = Integer.parseInt(System.getProperty("auth.server.http.port")); // property must be set
@@ -542,7 +524,7 @@ public class AuthServerTestEnricher {
}
public static void initializeTLS(ContainerInfo containerInfo) {
- if (AUTH_SERVER_SSL_REQUIRED && containerInfo.isJBossBased()) {
+ if (ServerURLs.AUTH_SERVER_SSL_REQUIRED && containerInfo.isJBossBased()) {
log.infof("\n\n### Setting up TLS for %s ##\n\n", containerInfo);
try {
OnlineManagementClient client = getManagementClient(containerInfo);
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
index eb108ff4168..5c55e3d54c4 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
@@ -52,7 +52,6 @@ import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isRelative
import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isTomcatAppServer;
import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isWLSAppServer;
import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.isWASAppServer;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
import static org.keycloak.testsuite.utils.io.IOUtil.appendChildInDocument;
import static org.keycloak.testsuite.utils.io.IOUtil.documentToString;
import static org.keycloak.testsuite.utils.io.IOUtil.getElementTextContent;
@@ -62,6 +61,7 @@ import static org.keycloak.testsuite.utils.io.IOUtil.modifyDocElementAttribute;
import static org.keycloak.testsuite.utils.io.IOUtil.modifyDocElementValue;
import static org.keycloak.testsuite.utils.io.IOUtil.removeElementsFromDoc;
import static org.keycloak.testsuite.utils.io.IOUtil.removeNodeByAttributeValue;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/SuiteContext.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/SuiteContext.java
index 9129edc2a0a..c3ba403eca8 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/SuiteContext.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/SuiteContext.java
@@ -26,6 +26,8 @@ import org.keycloak.testsuite.arquillian.migration.MigrationContext;
import org.keycloak.testsuite.util.TextFileChecker;
import java.util.LinkedList;
+
+import static java.lang.Boolean.parseBoolean;
import static org.keycloak.testsuite.util.MailServerConfiguration.FROM;
import static org.keycloak.testsuite.util.MailServerConfiguration.HOST;
import static org.keycloak.testsuite.util.MailServerConfiguration.PORT;
@@ -58,7 +60,9 @@ public final class SuiteContext {
* True if the testsuite is running in the adapter backward compatibility testing mode,
* i.e. if the tests are running against newer auth server
*/
- private static final boolean adapterCompatTesting = Boolean.parseBoolean(System.getProperty("testsuite.adapter.compat.testing"));
+ private static final boolean adapterCompatTesting = parseBoolean(System.getProperty("testsuite.adapter.compat.testing"));
+
+ private static final boolean browserStrictCookies = parseBoolean(System.getProperty("browser.strict.cookies"));
public SuiteContext(Set arquillianContainers) {
this.container = arquillianContainers;
@@ -190,6 +194,10 @@ public final class SuiteContext {
return adapterCompatTesting;
}
+ public boolean hasBrowserStrictCookies() {
+ return browserStrictCookies;
+ }
+
@Override
public String toString() {
StringBuilder sb = new StringBuilder("SUITE CONTEXT:\nAuth server: ");
@@ -214,7 +222,7 @@ public final class SuiteContext {
.append("\n");
getAuthServerBackendsInfo().forEach(bInfo -> sb.append(" Backend: ").append(bInfo).append(" - ").append(bInfo.getContextRoot().toExternalForm()).append("\n"));
- if (Boolean.parseBoolean(System.getProperty("auth.server.jboss.legacy"))) {
+ if (parseBoolean(System.getProperty("auth.server.jboss.legacy"))) {
sb.append(" Legacy: ").append(getLegacyAuthServerInfo()).append(" - ").append(getLegacyAuthServerInfo().getContextRoot().toExternalForm()).append("\n");
}
} else {
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AppPage.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AppPage.java
index 41f7fd5b904..4292b501f26 100755
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AppPage.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AppPage.java
@@ -25,7 +25,7 @@ import org.openqa.selenium.support.FindBy;
import javax.ws.rs.core.UriBuilder;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
* @author Stian Thorgersen
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java
index cdb90442665..c48a6dfb705 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/AdminClientUtil.java
@@ -41,11 +41,11 @@ import org.jboss.resteasy.plugins.providers.jackson.ResteasyJackson2Provider;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.models.Constants;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN;
import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
import static org.keycloak.testsuite.utils.io.IOUtil.PROJECT_BUILD_DIRECTORY;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
public class AdminClientUtil {
@@ -55,7 +55,7 @@ public class AdminClientUtil {
}
public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String realmName, String username, String password, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
- return createAdminClient(ignoreUnknownProperties, AuthServerTestEnricher.getAuthServerContextRoot(), realmName, username, password, clientId, clientSecret);
+ return createAdminClient(ignoreUnknownProperties, getAuthServerContextRoot(), realmName, username, password, clientId, clientSecret);
}
public static Keycloak createAdminClient(boolean ignoreUnknownProperties, String authServerContextRoot, String realmName, String username, String password, String clientId, String clientSecret) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
@@ -96,11 +96,11 @@ public class AdminClientUtil {
}
public static Keycloak createAdminClient() throws Exception {
- return createAdminClient(false, AuthServerTestEnricher.getAuthServerContextRoot());
+ return createAdminClient(false, getAuthServerContextRoot());
}
public static Keycloak createAdminClient(boolean ignoreUnknownProperties) throws Exception {
- return createAdminClient(ignoreUnknownProperties, AuthServerTestEnricher.getAuthServerContextRoot());
+ return createAdminClient(ignoreUnknownProperties, getAuthServerContextRoot());
}
private static SSLContext getSSLContextWithTrustore(File file, String password) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException {
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/ContainerAssume.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/ContainerAssume.java
index ef835e29df8..e7c31094fd5 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/ContainerAssume.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/ContainerAssume.java
@@ -22,7 +22,7 @@ import org.junit.Assume;
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.APP_SERVER_SSL_REQUIRED;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
public class ContainerAssume {
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java
index f25065edd34..02378837152 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/OAuthClient.java
@@ -58,12 +58,10 @@ import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation;
import org.keycloak.protocol.oidc.utils.OIDCResponseType;
import org.keycloak.representations.AccessToken;
-import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken;
import org.keycloak.representations.JsonWebToken;
import org.keycloak.representations.RefreshToken;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.runonserver.RunOnServerException;
import org.keycloak.util.BasicAuthHelper;
import org.keycloak.util.JsonSerialization;
@@ -92,7 +90,8 @@ import java.util.function.Supplier;
import static org.keycloak.testsuite.admin.Users.getPasswordOf;
import static org.keycloak.testsuite.util.UIUtils.clickLink;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
* @author Stian Thorgersen
@@ -106,7 +105,7 @@ public class OAuthClient {
private static final boolean sslRequired = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required"));
static {
- updateURLs(AuthServerTestEnricher.getAuthServerContextRoot());
+ updateURLs(getAuthServerContextRoot());
}
// Workaround, but many tests directly use system properties like OAuthClient.AUTH_SERVER_ROOT instead of taking the URL from suite context
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/URLUtils.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/URLUtils.java
index 43eb8db49d8..3f4f486b449 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/URLUtils.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/URLUtils.java
@@ -16,6 +16,7 @@ import java.util.regex.Pattern;
import static org.keycloak.testsuite.util.DroneUtils.getCurrentDriver;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
import static org.openqa.selenium.support.ui.ExpectedConditions.not;
import static org.openqa.selenium.support.ui.ExpectedConditions.urlMatches;
import static org.openqa.selenium.support.ui.ExpectedConditions.urlToBe;
@@ -133,13 +134,6 @@ public final class URLUtils {
return true;
}
- /**
- * Removes default ports: 80 and 443 from url
- */
- public static String removeDefaultPorts(String url) {
- return url != null ? url.replaceFirst("(.*)(:80)(\\/.*)?$", "$1$3").replaceFirst("(.*)(:443)(\\/.*)?$", "$1$3") : null;
- }
-
/**
* This will send POST request to specified URL with specified form parameters. It's not easily possible to "trick" web driver to send POST
* request with custom parameters, which are not directly available in the form.
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JSObjectBuilder.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JSObjectBuilder.java
index 532de6ea320..45877b39263 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JSObjectBuilder.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JSObjectBuilder.java
@@ -22,6 +22,7 @@ public class JSObjectBuilder {
public JSObjectBuilder defaultSettings() {
standardFlow();
fragmentResponse();
+ enableLogging();
return this;
}
@@ -50,16 +51,31 @@ public class JSObjectBuilder {
return this;
}
+ public JSObjectBuilder disableSilentCheckSSOFallback() {
+ arguments.put("silentCheckSsoFallback", false);
+ return this;
+ }
+
public JSObjectBuilder disableCheckLoginIframe() {
arguments.put("checkLoginIframe", false);
return this;
}
+ public JSObjectBuilder setCheckLoginIframeIntervalTo1() {
+ arguments.put("checkLoginIframeInterval", 1);
+ return this;
+ }
+
public JSObjectBuilder loginRequiredOnLoad() {
arguments.put("onLoad", "login-required");
return this;
}
+ public JSObjectBuilder enableLogging() {
+ arguments.put("enableLogging", true);
+ return this;
+ }
+
public boolean contains(String key, Object value) {
return arguments.containsKey(key) && arguments.get(key).equals(value);
}
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JavascriptTestExecutor.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JavascriptTestExecutor.java
index e64739d4725..54b33be1c53 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JavascriptTestExecutor.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/javascript/JavascriptTestExecutor.java
@@ -6,10 +6,13 @@ import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.JavascriptExecutor;
import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.WebDriverException;
import org.openqa.selenium.WebElement;
import java.util.concurrent.TimeUnit;
+import static org.junit.Assert.fail;
+import static org.keycloak.testsuite.util.WaitUtils.pause;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
@@ -101,6 +104,11 @@ public class JavascriptTestExecutor {
}
public JavascriptTestExecutor configure(JSObjectBuilder argumentsBuilder) {
+ // a nasty hack: redirect console.warn to events
+ // mainly for FF as it doesn't yet support reading console.warn directly through webdriver
+ // see https://github.com/mozilla/geckodriver/issues/284
+ jsExecutor.executeScript("console.warn = event;");
+
if (argumentsBuilder == null) {
jsExecutor.executeScript("window.keycloak = Keycloak();");
} else {
@@ -126,6 +134,10 @@ public class JavascriptTestExecutor {
}
public JavascriptTestExecutor init(JSObjectBuilder argumentsBuilder, JavascriptStateValidator validator) {
+ return init(argumentsBuilder, validator, false);
+ }
+
+ public JavascriptTestExecutor init(JSObjectBuilder argumentsBuilder, JavascriptStateValidator validator, boolean expectPromptNoneRedirect) {
if(!configured) {
configure();
}
@@ -139,7 +151,23 @@ public class JavascriptTestExecutor {
" callback(\"Init Error\");" +
" });";
- Object output = jsExecutor.executeAsyncScript(script);
+ Object output;
+
+ if (expectPromptNoneRedirect) {
+ try {
+ output = jsExecutor.executeAsyncScript(script);
+ fail("Redirect to Keycloak was expected");
+ }
+ catch (WebDriverException e) {
+ waitForPageToLoad();
+ configured = false;
+ // the redirect should use prompt=none, that means KC should immediately redirect back to the app (regardless login state)
+ return init(argumentsBuilder, validator, false);
+ }
+ }
+ else {
+ output = jsExecutor.executeAsyncScript(script);
+ }
if (validator != null) {
validator.validate(jsDriver, output, events);
@@ -285,4 +313,13 @@ public class JavascriptTestExecutor {
return this;
}
+ public JavascriptTestExecutor wait(long millis, JavascriptStateValidator validator) {
+ pause(millis);
+
+ if (validator != null) {
+ validator.validate(jsDriver, null, events);
+ }
+
+ return this;
+ }
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
index 67084509551..aabc69b4827 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
@@ -81,13 +81,13 @@ import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is;
import static org.junit.Assert.assertThat;
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_HOST;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SCHEME;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SCHEME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
import static org.keycloak.testsuite.util.URLUtils.navigateToUri;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
*
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AssertEvents.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AssertEvents.java
index e244abeadcf..da969d94d8c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AssertEvents.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AssertEvents.java
@@ -40,7 +40,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static org.hamcrest.Matchers.is;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Stian Thorgersen
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountFormServiceTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountFormServiceTest.java
index 9c7985acc93..2b08f03daec 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountFormServiceTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountFormServiceTest.java
@@ -87,8 +87,9 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/custom/CustomAuthFlowOTPTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/custom/CustomAuthFlowOTPTest.java
index cb867aeb879..97ec9b122ba 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/custom/CustomAuthFlowOTPTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/custom/CustomAuthFlowOTPTest.java
@@ -46,7 +46,7 @@ import static org.junit.Assert.assertTrue;
import static org.keycloak.authentication.authenticators.browser.ConditionalOtpFormAuthenticator.*;
import static org.keycloak.models.UserModel.RequiredAction.CONFIGURE_TOTP;
import static org.keycloak.representations.idm.CredentialRepresentation.PASSWORD;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionTest.java
index 4dffe0936f1..41d7d6aa28f 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/actions/AbstractAppInitiatedActionTest.java
@@ -33,7 +33,8 @@ import javax.ws.rs.core.UriBuilder;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.List;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
+
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Stan Silvert
@@ -61,7 +62,7 @@ public abstract class AbstractAppInitiatedActionTest extends AbstractTestRealmKe
.queryParam("response_type", "code")
.queryParam("client_id", "test-app")
.queryParam("scope", "openid")
- .queryParam("redirect_uri", AuthServerTestEnricher.getAuthServerContextRoot() + "/auth/realms/master/app/auth")
+ .queryParam("redirect_uri", getAuthServerContextRoot() + "/auth/realms/master/app/auth")
.build(TEST_REALM_NAME).toString();
driver.navigate().to(uri);
WaitUtils.waitForPageToLoad();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
index 886b474cfd3..76e782e187d 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
@@ -50,7 +50,7 @@ import java.util.Map;
import java.util.concurrent.TimeoutException;
import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.APP_SERVER_SSL_REQUIRED;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozJavascriptExecutorTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozJavascriptExecutorTest.java
index be701ebdc9e..a22fe5be487 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozJavascriptExecutorTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozJavascriptExecutorTest.java
@@ -20,7 +20,7 @@ import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import static org.hamcrest.CoreMatchers.containsString;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
index 861a9166d1c..a3327f0278e 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/hal/ConsoleProtectionTest.java
@@ -18,6 +18,7 @@ package org.keycloak.testsuite.adapter.example.hal;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import java.io.IOException;
import java.util.List;
@@ -31,7 +32,6 @@ import org.junit.Test;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.adapter.AbstractAdapterTest;
import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
@@ -83,7 +83,7 @@ public class ConsoleProtectionTest extends AbstractAdapterTest {
Assume.assumeTrue(operations.exists(Address.subsystem("elytron").and("security-domain", "KeycloakDomain")));
// Create a realm for both wildfly console and mgmt interface
- clientWorkerNodeClient.execute("/subsystem=keycloak/realm=jboss-infra:add(auth-server-url=" + AuthServerTestEnricher.getAuthServerContextRoot() + "/auth,realm-public-key=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB)");
+ clientWorkerNodeClient.execute("/subsystem=keycloak/realm=jboss-infra:add(auth-server-url=" + getAuthServerContextRoot() + "/auth,realm-public-key=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB)");
// Create a secure-deployment in order to protect mgmt interface
clientWorkerNodeClient.execute("/subsystem=keycloak/secure-deployment=wildfly-management:add(realm=jboss-infra,resource=wildfly-management,principal-attribute=preferred_username,bearer-only=true,ssl-required=EXTERNAL)");
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java
index f613f15dd67..e9dce8c1fd3 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/ClientInitiatedAccountLinkTest.java
@@ -41,7 +41,6 @@ import org.keycloak.services.resources.LoginActionsService;
import org.keycloak.testsuite.ActionURIUtils;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.keycloak.testsuite.broker.BrokerTestTools;
@@ -67,6 +66,7 @@ import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT;
import static org.keycloak.models.AccountRoles.MANAGE_ACCOUNT_LINKS;
import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
import static org.keycloak.testsuite.admin.ApiUtil.createUserAndResetPasswordWithAdminClient;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Bill Burke
@@ -215,7 +215,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
.path("link")
.queryParam("response", "true");
- UriBuilder directLinking = UriBuilder.fromUri(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth")
+ UriBuilder directLinking = UriBuilder.fromUri(getAuthServerContextRoot() + "/auth")
.path("realms/child/broker/{provider}/link")
.queryParam("client_id", "client-linking")
.queryParam("redirect_uri", redirectUri.build())
@@ -509,7 +509,7 @@ public class ClientInitiatedAccountLinkTest extends AbstractServletsAdapterTest
String uri = "/auth/realms/child/broker/parent-idp/login";
- uri = UriBuilder.fromUri(AuthServerTestEnricher.getAuthServerContextRoot())
+ uri = UriBuilder.fromUri(getAuthServerContextRoot())
.path(uri)
.queryParam(LoginActionsService.SESSION_CODE, queryParams.get(LoginActionsService.SESSION_CODE))
.queryParam(Constants.CLIENT_ID, queryParams.get(Constants.CLIENT_ID))
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLSameSiteTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLSameSiteTest.java
index b29ab840ff8..f34b7122056 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLSameSiteTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SAMLSameSiteTest.java
@@ -6,7 +6,6 @@ import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.adapters.rotation.PublicKeyLocator;
-import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.adapter.filter.AdapterActionsFilter;
import org.keycloak.testsuite.adapter.page.Employee2Servlet;
import org.keycloak.testsuite.adapter.page.EmployeeSigServlet;
@@ -19,18 +18,15 @@ import org.keycloak.testsuite.utils.arquillian.ContainerConstants;
import org.openqa.selenium.By;
import javax.ws.rs.core.UriBuilder;
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.net.URL;
import java.util.Collections;
-import static org.keycloak.testsuite.arquillian.AppServerTestEnricher.getAppServerContextRoot;
import static org.keycloak.testsuite.auth.page.AuthRealm.SAMLSERVLETDEMO;
import static org.keycloak.testsuite.saml.AbstractSamlTest.SAML_CLIENT_ID_EMPLOYEE_2;
import static org.keycloak.testsuite.saml.AbstractSamlTest.SAML_CLIENT_ID_EMPLOYEE_SIG;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
+import static org.keycloak.testsuite.util.ServerURLs.getAppServerContextRoot;
/**
* @author mhajas
@@ -42,9 +38,9 @@ import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
@AppServerContainer(ContainerConstants.APP_SERVER_TOMCAT9)
@AuthServerContainerExclude(AuthServerContainerExclude.AuthServer.REMOTE)
public class SAMLSameSiteTest extends AbstractSAMLServletAdapterTest {
- private static final String NIP_IO_URL = "app-saml-127-0-0-1.nip.io";
- private static final String NIP_IO_EMPLOYEE2_URL = getAppServerContextRoot().replace("localhost", NIP_IO_URL) + "/employee2/";
- private static final String NIP_IO_EMPLOYEE_SIG_URL = getAppServerContextRoot().replace("localhost", NIP_IO_URL) + "/employee-sig/";
+ // private static final String NIP_IO_URL = "app-saml-127-0-0-1.nip.io";
+ private static final String NIP_IO_EMPLOYEE2_URL = getAppServerContextRoot() + "/employee2/";
+ private static final String NIP_IO_EMPLOYEE_SIG_URL = getAppServerContextRoot() + "/employee-sig/";
@Deployment(name = Employee2Servlet.DEPLOYMENT_NAME)
protected static WebArchive employee2() {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SecuredDeploymentsAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SecuredDeploymentsAdapterTest.java
index 87e17606b46..39ad9d0a38c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SecuredDeploymentsAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/servlet/SecuredDeploymentsAdapterTest.java
@@ -21,7 +21,7 @@ package org.keycloak.testsuite.adapter.servlet;
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assert.assertThat;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlEquals;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/CrossRealmPermissionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/CrossRealmPermissionsTest.java
index 440a5644c58..e32a8ad6779 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/CrossRealmPermissionsTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/CrossRealmPermissionsTest.java
@@ -27,7 +27,6 @@ import org.keycloak.models.Constants;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
@@ -40,6 +39,7 @@ import java.util.concurrent.atomic.AtomicReference;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Stian Thorgersen
@@ -66,7 +66,7 @@ public class CrossRealmPermissionsTest extends AbstractKeycloakTest {
.addPassword("password"));
testRealms.add(builder.build());
- adminClient1 = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM_NAME, AdminRoles.REALM_ADMIN, "password", "test-client", "secret", TLSUtils.initializeTLS());
+ adminClient1 = Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM_NAME, AdminRoles.REALM_ADMIN, "password", "test-client", "secret", TLSUtils.initializeTLS());
realm1 = adminClient1.realm(REALM_NAME);
builder = RealmBuilder.create().name(REALM2_NAME).testMail();
@@ -79,7 +79,7 @@ public class CrossRealmPermissionsTest extends AbstractKeycloakTest {
testRealms.add(builder.build());
- adminClient2 = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM2_NAME, AdminRoles.REALM_ADMIN, "password", "test-client", "secret", TLSUtils.initializeTLS());
+ adminClient2 = Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM2_NAME, AdminRoles.REALM_ADMIN, "password", "test-client", "secret", TLSUtils.initializeTLS());
realm2 = adminClient2.realm(REALM2_NAME);
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java
index 2b8243ab69d..b8d18939dea 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/FineGrainAdminUnitTest.java
@@ -52,7 +52,6 @@ import org.keycloak.services.resources.admin.permissions.AdminPermissions;
import org.keycloak.services.resources.admin.permissions.ClientPermissionManagement;
import org.keycloak.services.resources.admin.permissions.GroupPermissionManagement;
import org.keycloak.testsuite.AbstractKeycloakTest;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.AuthRealm;
@@ -71,6 +70,7 @@ import static org.keycloak.testsuite.admin.ImpersonationDisabledTest.IMPERSONATI
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Bill Burke
@@ -880,7 +880,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
public void testWithTokenExchange() throws Exception {
String exchanged = checkTokenExchange(true);
Assert.assertNotNull(exchanged);
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, exchanged, TLSUtils.initializeTLS())) {
Assert.assertNotNull(client.realm("master").roles().get("offline_access"));
}
@@ -936,7 +936,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
}
});
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "customer-a-manager", "password", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
List result = client.realm("test").users().search(null, "test", null, null, -1, 20);
@@ -949,7 +949,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
Assert.assertEquals(0, result.size());
}
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
List result = client.realm("test").users().search(null, "test", null, null, -1, 20);
@@ -963,7 +963,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
Assert.assertThat(result, Matchers.everyItem(Matchers.hasProperty("username", Matchers.startsWith("a"))));
}
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "customer-a-manager", "password", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
List result = client.realm("test").users().search(null, null, null, null, -1, 20);
@@ -1019,7 +1019,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
policy.addAssociatedPolicy(RepresentationToModel.toModel(userPolicyRepresentation, provider, userPolicy));
});
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1049,7 +1049,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
policy.addAssociatedPolicy(provider.getStoreFactory().getPolicyStore().findByName("Only regular-admin-user", realmAdminClient.getId()));
});
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1058,7 +1058,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
Assert.assertEquals(2, result.size());
}
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1067,7 +1067,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
Assert.assertEquals(2, result.size());
}
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1086,7 +1086,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
Assert.assertTrue(result.isEmpty());
}
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1118,7 +1118,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
}
});
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
@@ -1202,7 +1202,7 @@ public class FineGrainAdminUnitTest extends AbstractKeycloakTest {
}
});
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
"test", "regular-admin-user", "password", Constants.ADMIN_CLI_CLIENT_ID,
TLSUtils.initializeTLS())) {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java
index b82212c8321..27cfd8e4e9a 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/IdentityProviderTest.java
@@ -17,11 +17,8 @@
package org.keycloak.testsuite.admin;
-import org.hamcrest.Matchers;
import org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataOutput;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.keycloak.admin.client.resource.IdentityProviderResource;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.dom.saml.v2.metadata.EndpointType;
@@ -35,7 +32,6 @@ import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderMapperSyncMode;
import org.keycloak.models.IdentityProviderModel;
-import org.keycloak.models.IdentityProviderSyncMode;
import org.keycloak.models.utils.StripSecretsUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.representations.idm.AdminEventRepresentation;
@@ -44,7 +40,6 @@ import org.keycloak.representations.idm.ErrorRepresentation;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderMapperTypeRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
-import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.saml.common.exceptions.ParsingException;
import org.keycloak.saml.processing.core.parsers.saml.SAMLParser;
import org.keycloak.testsuite.Assert;
@@ -90,7 +85,7 @@ import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java
index f66382d6d96..117f4becf09 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ImpersonationTest.java
@@ -55,7 +55,6 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.auth.page.AuthRealm;
@@ -82,6 +81,7 @@ import java.util.Map;
import static org.hamcrest.Matchers.containsString;
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* Tests Undertow Adapter
@@ -318,7 +318,7 @@ public class ImpersonationTest extends AbstractKeycloakTest {
password = username.equals("admin") ? "admin" : "password";
}
- return KeycloakBuilder.builder().serverUrl(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth")
+ return KeycloakBuilder.builder().serverUrl(getAuthServerContextRoot() + "/auth")
.realm(realm)
.username(username)
.password(password)
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java
index f628175db70..8a49f3915aa 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java
@@ -58,7 +58,6 @@ import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.services.resources.admin.AdminAuth.Resource;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.CredentialBuilder;
@@ -83,6 +82,7 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.keycloak.services.resources.admin.AdminAuth.Resource.AUTHORIZATION;
import static org.keycloak.services.resources.admin.AdminAuth.Resource.CLIENT;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import org.keycloak.testsuite.utils.tls.TLSUtils;
@@ -196,31 +196,31 @@ public class PermissionsTest extends AbstractKeycloakTest {
super.beforeAbstractKeycloakTest();
clients.put(AdminRoles.REALM_ADMIN,
- Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM_NAME, AdminRoles.REALM_ADMIN, "password", "test-client",
+ Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM_NAME, AdminRoles.REALM_ADMIN, "password", "test-client",
"secret", TLSUtils.initializeTLS()));
clients.put("none",
- Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM_NAME, "none", "password", "test-client", "secret", TLSUtils.initializeTLS()));
+ Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM_NAME, "none", "password", "test-client", "secret", TLSUtils.initializeTLS()));
clients.put("multi",
- Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM_NAME, "multi", "password", "test-client", "secret", TLSUtils.initializeTLS()));
+ Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM_NAME, "multi", "password", "test-client", "secret", TLSUtils.initializeTLS()));
for (String role : AdminRoles.ALL_REALM_ROLES) {
- clients.put(role, Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", REALM_NAME, role, "password", "test-client", TLSUtils.initializeTLS()));
+ clients.put(role, Keycloak.getInstance(getAuthServerContextRoot() + "/auth", REALM_NAME, role, "password", "test-client", TLSUtils.initializeTLS()));
}
- clients.put("REALM2", Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", "realm2", "admin", "password", "test-client", TLSUtils.initializeTLS()));
+ clients.put("REALM2", Keycloak.getInstance(getAuthServerContextRoot() + "/auth", "realm2", "admin", "password", "test-client", TLSUtils.initializeTLS()));
clients.put("master-admin", adminClient);
clients.put("master-none",
- Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", "master", "permissions-test-master-none", "password",
+ Keycloak.getInstance(getAuthServerContextRoot() + "/auth", "master", "permissions-test-master-none", "password",
Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS()));
for (String role : AdminRoles.ALL_REALM_ROLES) {
clients.put("master-" + role,
- Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", "master", "permissions-test-master-" + role, "password",
+ Keycloak.getInstance(getAuthServerContextRoot() + "/auth", "master", "permissions-test-master-" + role, "password",
Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS()));
}
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java
index b84ca4d35d3..1bef985190a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java
@@ -35,7 +35,6 @@ import org.keycloak.protocol.saml.SamlProtocol;
import org.keycloak.protocol.saml.installation.SamlSPDescriptorClientInstallation;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.w3c.dom.Document;
@@ -47,6 +46,7 @@ import org.xml.sax.SAXException;
import javax.ws.rs.NotFoundException;
import static org.junit.Assert.assertThat;
import static org.hamcrest.Matchers.*;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* Test getting the installation/configuration files for OIDC and SAML.
@@ -89,7 +89,7 @@ public class InstallationTest extends AbstractClientTest {
}
private String authServerUrl() {
- return AuthServerTestEnricher.getAuthServerContextRoot() + "/auth";
+ return getAuthServerContextRoot() + "/auth";
}
private String samlUrl() {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/concurrency/ConcurrentLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/concurrency/ConcurrentLoginTest.java
index 07d4bdb786a..fd8461ad094 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/concurrency/ConcurrentLoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/concurrency/ConcurrentLoginTest.java
@@ -25,8 +25,6 @@ import java.util.ArrayList;
import java.util.List;
import java.util.Map;
-import javax.net.ssl.HostnameVerifier;
-import javax.net.ssl.SSLSession;
import javax.ws.rs.core.Response;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
@@ -36,13 +34,11 @@ import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.client.utils.URLEncodedUtils;
-import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.LaxRedirectStrategy;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
-import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Element;
import org.junit.Assert;
@@ -72,7 +68,7 @@ import org.hamcrest.Matchers;
import org.keycloak.util.JsonSerialization;
import static org.hamcrest.Matchers.containsString;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
/**
* @author Vlastislav Ramik
*/
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventAuthDetailsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventAuthDetailsTest.java
index 65bda88b1ef..78a80c774d5 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventAuthDetailsTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/event/AdminEventAuthDetailsTest.java
@@ -33,7 +33,6 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractAuthTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.AssertAdminEvents;
import org.keycloak.testsuite.util.ClientBuilder;
@@ -47,6 +46,7 @@ import org.junit.After;
import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN;
import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* Test authDetails in admin events
@@ -134,7 +134,7 @@ public class AdminEventAuthDetailsTest extends AbstractAuthTest {
}
private void testClient(String realmName, String username, String password, String clientId, String expectedRealmId, String expectedClientUuid, String expectedUserId) {
- try (Keycloak keycloak = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak keycloak = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
realmName, username, password, clientId, TLSUtils.initializeTLS())) {
UserRepresentation rep = UserBuilder.create().id(appUserId).username("app-user").email("foo@email.org").build();
keycloak.realm("test").users().get(appUserId).update(rep);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/AbstractGroupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/AbstractGroupTest.java
index 58ffc9e92c9..7dc1958f8db 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/AbstractGroupTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/AbstractGroupTest.java
@@ -23,14 +23,12 @@ import org.keycloak.RSATokenVerifier;
import org.keycloak.common.util.PemUtils;
import org.keycloak.events.Details;
import org.keycloak.jose.jws.JWSInput;
-import org.keycloak.jose.jws.crypto.RSAProvider;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.RefreshToken;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.util.AssertAdminEvents;
import org.keycloak.testsuite.util.OAuthClient.AccessTokenResponse;
@@ -38,6 +36,7 @@ import java.security.PublicKey;
import java.util.List;
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Marko Strukelj
@@ -58,7 +57,7 @@ public abstract class AbstractGroupTest extends AbstractKeycloakTest {
PublicKey publicKey = PemUtils.decodePublicKey(ApiUtil.findActiveKey(adminClient.realm("test")).getPublicKey());
- AccessToken accessTokenRepresentation = RSATokenVerifier.verifyToken(accessToken, publicKey, AuthServerTestEnricher.getAuthServerContextRoot() + "/auth/realms/test");
+ AccessToken accessTokenRepresentation = RSATokenVerifier.verifyToken(accessToken, publicKey, getAuthServerContextRoot() + "/auth/realms/test");
JWSInput jws = new JWSInput(refreshToken);
RefreshToken refreshTokenRepresentation = jws.readJsonContent(RefreshToken.class);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
index 4ae8dd5b61d..32b0a42a44d 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
@@ -74,8 +74,8 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import static org.keycloak.testsuite.Assert.assertNames;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.runonserver.RunOnServerException;
@@ -699,7 +699,7 @@ public class GroupTest extends AbstractGroupTest {
final String realmName = AuthRealm.MASTER;
createUser(realmName, userName, "pwd");
- try (Keycloak userClient = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
expectedException.expect(ClientErrorException.class);
@@ -728,7 +728,7 @@ public class GroupTest extends AbstractGroupTest {
RoleMappingResource mappings = realm.users().get(userId).roles();
mappings.realmLevel().add(Collections.singletonList(adminRole));
- try (Keycloak userClient = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
assertThat(userClient.realms().findAll(), // Any admin operation will do
@@ -761,7 +761,7 @@ public class GroupTest extends AbstractGroupTest {
realm.users().get(userId).joinGroup(groupId);
}
- try (Keycloak userClient = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
assertThat(userClient.realms().findAll(), // Any admin operation will do
@@ -796,7 +796,7 @@ public class GroupTest extends AbstractGroupTest {
mappings.realmLevel().add(Collections.singletonList(adminRole));
}
- try (Keycloak userClient = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
assertThat(userClient.realms().findAll(), // Any admin operation will do
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
index 38d8b030933..67e6672d2af 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java
@@ -47,7 +47,6 @@ import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.auth.page.AuthRealm;
@@ -79,6 +78,7 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Stian Thorgersen
@@ -298,7 +298,7 @@ public class RealmTest extends AbstractAdminTest {
public void loginAfterRemoveRealm() {
realm.remove();
- try (Keycloak client = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth", "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
+ try (Keycloak client = Keycloak.getInstance(getAuthServerContextRoot() + "/auth", "master", "admin", "admin", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
client.serverInfo().getInfo();
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/BrokerTestTools.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/BrokerTestTools.java
index 6d397f64090..fbd0a1d2cbb 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/BrokerTestTools.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/broker/BrokerTestTools.java
@@ -4,7 +4,6 @@ import org.apache.http.client.utils.URIBuilder;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.pages.PageUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
@@ -19,9 +18,10 @@ import java.util.Collections;
import java.util.List;
import java.util.Map;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_HOST;
import static org.keycloak.testsuite.broker.BrokerTestConstants.IDP_OIDC_PROVIDER_ID;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST2;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
*
@@ -36,14 +36,14 @@ public class BrokerTestTools {
if (providerRoot == null) {
// everything is identical to consumerRoot but the host (it's technically the same server instance)
providerRoot = new URIBuilder(URI.create(getConsumerRoot()))
- .setHost(System.getProperty("auth.server.host2", AUTH_SERVER_HOST)).toString();
+ .setHost(AUTH_SERVER_HOST2).toString();
}
return providerRoot;
}
public static String getConsumerRoot() {
if (consumerRoot == null) {
- consumerRoot = AuthServerTestEnricher.getAuthServerContextRoot();
+ consumerRoot = getAuthServerContextRoot();
}
return consumerRoot;
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
index 106a2ef97fd..bc82f8beb6c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/admin/KcAdmTruststoreTest.java
@@ -13,7 +13,7 @@ import java.io.IOException;
import static org.keycloak.client.admin.cli.util.ConfigUtil.DEFAULT_CONFIG_FILE_PATH;
import static org.keycloak.client.admin.cli.util.OsUtil.EOL;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.cli.KcAdmExec.CMD;
import static org.keycloak.testsuite.cli.KcAdmExec.execute;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegCreateTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegCreateTest.java
index 8662229f4de..b0cfadcf112 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegCreateTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegCreateTest.java
@@ -27,7 +27,7 @@ import java.io.IOException;
import java.util.Arrays;
import java.util.List;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.cli.KcRegExec.execute;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTest.java
index 82e918a807e..8203b0c7795 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTest.java
@@ -19,7 +19,7 @@ import java.util.UUID;
import static org.keycloak.client.registration.cli.util.OsUtil.CMD;
import static org.keycloak.client.registration.cli.util.OsUtil.EOL;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import static org.keycloak.testsuite.cli.KcRegExec.execute;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTruststoreTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTruststoreTest.java
index bcd79752f37..99f5eaf3d27 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTruststoreTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cli/registration/KcRegTruststoreTest.java
@@ -14,7 +14,7 @@ import java.io.IOException;
import static org.keycloak.client.registration.cli.util.ConfigUtil.DEFAULT_CONFIG_FILE_PATH;
import static org.keycloak.client.registration.cli.util.OsUtil.CMD;
import static org.keycloak.client.registration.cli.util.OsUtil.EOL;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.cli.KcRegExec.execute;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/AdapterInstallationConfigTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/AdapterInstallationConfigTest.java
index d67f726e5e8..e13c80c377c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/AdapterInstallationConfigTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/AdapterInstallationConfigTest.java
@@ -28,7 +28,7 @@ import org.keycloak.representations.idm.ClientRepresentation;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
/**
* @author Stian Thorgersen
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java
index 08fc801c220..b5a5d3d60fa 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/cookies/CookiesPathTest.java
@@ -42,7 +42,7 @@ import java.util.Set;
import java.util.stream.Collectors;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_HOST;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST;
import org.junit.After;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerClientTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerClientTest.java
index e31f1b4c2e8..fd824625f25 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerClientTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/docker/DockerClientTest.java
@@ -25,7 +25,7 @@ import java.util.Optional;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assume.assumeTrue;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import static org.keycloak.testsuite.util.WaitUtils.pause;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
index 9c4bf92bed2..57bdf8d9b2b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java
@@ -40,7 +40,6 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.console.page.AdminConsole;
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
import org.keycloak.testsuite.pages.AppPage;
@@ -83,6 +82,7 @@ import static org.keycloak.testsuite.admin.ApiUtil.findClientByClientId;
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
import static org.keycloak.testsuite.util.OAuthClient.SERVER_ROOT;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* @author Stian Thorgersen
@@ -460,7 +460,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
events.expectLogin().user(userId).detail(Details.USERNAME, "login-test").assertEvent();
- driver.navigate().to(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth/realms/test/");
+ driver.navigate().to(getAuthServerContextRoot() + "/auth/realms/test/");
String keycloakIdentity = driver.manage().getCookieNamed("KEYCLOAK_IDENTITY").getValue();
// Check identity cookie is signed with HS256
@@ -473,7 +473,7 @@ public class LoginTest extends AbstractTestRealmKeycloakTest {
oauth.openLoginForm();
Assert.assertEquals(RequestType.AUTH_RESPONSE, appPage.getRequestType());
- driver.navigate().to(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth/realms/test/");
+ driver.navigate().to(getAuthServerContextRoot() + "/auth/realms/test/");
keycloakIdentity = driver.manage().getCookieNamed("KEYCLOAK_IDENTITY").getValue();
// Check identity cookie is still signed with HS256
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java
index f8a427b9d18..aea19f774b7 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/MultipleTabsLoginTest.java
@@ -49,8 +49,8 @@ import org.keycloak.testsuite.util.UserBuilder;
import org.openqa.selenium.NoSuchElementException;
import static org.junit.Assert.fail;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
/**
* Tries to simulate testing with multiple browser tabs
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/hok/HoKTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/hok/HoKTest.java
index 345cc54d2d9..467f34d7707 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/hok/HoKTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/hok/HoKTest.java
@@ -9,7 +9,7 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import java.io.IOException;
import java.net.URI;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/jaas/LoginModulesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/jaas/LoginModulesTest.java
index 56681034122..0a473320b81 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/jaas/LoginModulesTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/jaas/LoginModulesTest.java
@@ -58,7 +58,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
import org.keycloak.testsuite.utils.io.IOUtil;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/AbstractJavascriptTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/AbstractJavascriptTest.java
index 7778a33b5ae..7c278279676 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/AbstractJavascriptTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/AbstractJavascriptTest.java
@@ -33,6 +33,8 @@ import java.util.List;
import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.collection.IsMapContaining.hasEntry;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST2;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
@@ -47,7 +49,7 @@ public abstract class AbstractJavascriptTest extends AbstractAuthTest {
void apply(T a, U b, V c, W d);
}
- public static final String NIP_IO_URL = "js-app-127-0-0-1.nip.io";
+ public static final String JS_APP_HOST = AUTH_SERVER_HOST2;
public static final String CLIENT_ID = "js-console";
public static final String REALM_NAME = "test";
public static final String SPACE_REALM_NAME = "Example realm";
@@ -120,8 +122,8 @@ public abstract class AbstractJavascriptTest extends AbstractAuthTest {
.client(
ClientBuilder.create()
.clientId(CLIENT_ID)
- .redirectUris(oauth.SERVER_ROOT.replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/*", oauth.SERVER_ROOT + JAVASCRIPT_ENCODED_SPACE_URL + "/*")
- .addWebOrigin(oauth.SERVER_ROOT.replace("localhost", NIP_IO_URL))
+ .redirectUris(oauth.SERVER_ROOT.replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/*", oauth.SERVER_ROOT + JAVASCRIPT_ENCODED_SPACE_URL + "/*")
+ .addWebOrigin(oauth.SERVER_ROOT.replace(AUTH_SERVER_HOST, JS_APP_HOST))
.publicClient()
)
.accessTokenLifespan(30 + TOKEN_LIFESPAN_LEEWAY)
@@ -151,7 +153,7 @@ public abstract class AbstractJavascriptTest extends AbstractAuthTest {
protected abstract RealmRepresentation updateRealm(RealmBuilder builder);
- protected void assertSuccessfullyLoggedIn(WebDriver driver1, Object output, WebElement events) {
+ protected void assertInitAuth(WebDriver driver1, Object output, WebElement events) {
buildFunction(this::assertOutputContains, "Init Success (Authenticated)").validate(driver1, output, events);
waitUntilElement(events).text().contains("Auth Success");
}
@@ -193,6 +195,10 @@ public abstract class AbstractJavascriptTest extends AbstractAuthTest {
waitUntilElement(events).text().contains(value);
}
+ public void assertEventsWebElementDoesntContain(String value, WebDriver driver1, Object output, WebElement events) {
+ waitUntilElement(events).text().not().contains(value);
+ }
+
public ResponseValidator assertResponseStatus(long status) {
return output -> Assert.assertThat(output, hasEntry("status", status));
}
@@ -204,4 +210,8 @@ public abstract class AbstractJavascriptTest extends AbstractAuthTest {
public JavascriptStateValidator assertEventsContains(String text) {
return buildFunction(this::assertEventsWebElementContains, text);
}
+
+ public JavascriptStateValidator assertEventsDoesntContain(String text) {
+ return buildFunction(this::assertEventsWebElementDoesntContain, text);
+ }
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
index 16c3f0e62ce..703afa2560e 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/javascript/JavascriptAdapterTest.java
@@ -16,7 +16,6 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
-import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.auth.page.account.Applications;
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
@@ -35,8 +34,6 @@ import org.openqa.selenium.WebElement;
import java.util.List;
import java.util.Map;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
import static java.lang.Math.toIntExact;
import static org.hamcrest.CoreMatchers.anyOf;
@@ -52,10 +49,13 @@ import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
+
+import static org.junit.Assume.assumeFalse;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlDoesntStartWith;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad;
import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_HOST;
/**
* @author mhajas
@@ -89,7 +89,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Before
public void setDefaultEnvironment() {
- testAppUrl = authServerContextRootPage.toString().replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/index.html";
+ testAppUrl = authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/index.html";
jsDriverTestRealmLoginPage.setAuthRealm(REALM_NAME);
oAuthGrantPage.setAuthRealm(REALM_NAME);
@@ -133,7 +133,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.loginForm(UserBuilder.create().username("invalid-user").password("password").build(),
(driver1, output, events) -> assertCurrentUrlDoesntStartWith(testAppUrl, driver1))
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn)
+ .init(defaultArguments(), this::assertInitAuth)
.logout(this::assertOnTestAppUrl)
.init(defaultArguments(), this::assertInitNotAuth);
}
@@ -144,61 +144,101 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
testExecutor.init(pkceS256, this::assertInitNotAuth)
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(pkceS256, this::assertSuccessfullyLoggedIn)
+ .init(pkceS256, this::assertInitAuth)
.logout(this::assertOnTestAppUrl)
.init(pkceS256, this::assertInitNotAuth);
}
@Test
public void testSilentCheckSso() {
- JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad();
- testExecutor.init(checkSSO, this::assertInitNotAuth)
+ JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad()
+ .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/silent-check-sso.html");
+
+ // when 3rd party cookies are disabled, the adapter has to do a full redirect to KC to check whether the user
+ // is logged in or not – it can't rely on silent check-sso iframe
+ testExecutor.init(checkSSO, this::assertInitNotAuth, suiteContext.hasBrowserStrictCookies())
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(checkSSO, this::assertSuccessfullyLoggedIn)
+ .init(checkSSO, this::assertInitAuth, false)
.refresh()
.init(checkSSO
- .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/silent-check-sso.html")
- , this::assertSuccessfullyLoggedIn);
+ , this::assertInitAuth, suiteContext.hasBrowserStrictCookies());
}
@Test
public void testSilentCheckSsoLoginWithLoginIframeDisabled() {
- JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad();
- testExecutor.init(checkSSO, this::assertInitNotAuth)
+ JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad()
+ .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/silent-check-sso.html");
+
+ testExecutor.init(checkSSO, this::assertInitNotAuth, suiteContext.hasBrowserStrictCookies())
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(checkSSO, this::assertSuccessfullyLoggedIn)
+ .init(checkSSO, this::assertInitAuth, false)
.refresh()
.init(checkSSO
.disableCheckLoginIframe()
- .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/silent-check-sso.html")
- , this::assertSuccessfullyLoggedIn);
+ , this::assertInitAuth, suiteContext.hasBrowserStrictCookies());
}
@Test
- public void testSilentCheckSsoWithoutRedirectUri() {
+ public void testSilentCheckSsoWithFallbackDisabled() {
+ JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad().disableSilentCheckSSOFallback()
+ .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/silent-check-sso.html");
+
+ testExecutor.init(checkSSO, this::assertInitNotAuth)
+ .login(this::assertOnLoginPage)
+ .loginForm(testUser, this::assertOnTestAppUrl)
+ .init(checkSSO, this::assertInitAuth)
+ .refresh()
+ .init(checkSSO
+ // with the fall back disabled, the adapter won't do full redirect to KC
+ , suiteContext.hasBrowserStrictCookies() ? this::assertInitNotAuth : this::assertInitAuth);
+ }
+
+ @Test
+ public void testCheckSso() {
JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad();
- try {
- testExecutor.init(checkSSO, this::assertInitNotAuth)
- .login(this::assertOnLoginPage)
- .loginForm(testUser, this::assertOnTestAppUrl)
- .init(checkSSO, this::assertSuccessfullyLoggedIn)
- .refresh()
- .init(checkSSO);
- fail();
- } catch (WebDriverException e) {
- // should happen
- }
+
+ // when 3rd party cookies are disabled, the adapter has to do a full redirect to KC to check whether the user
+ // is logged in or not – it can't rely on the login iframe
+ testExecutor.init(checkSSO, this::assertInitNotAuth, suiteContext.hasBrowserStrictCookies())
+ .login(this::assertOnLoginPage)
+ .loginForm(testUser, this::assertOnTestAppUrl)
+ .init(checkSSO, this::assertInitAuth, false)
+ .refresh()
+ .init(checkSSO, this::assertInitAuth, true);
}
@Test
public void testSilentCheckSsoNotAuthenticated() {
- JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad();
- testExecutor.init(checkSSO
+ JSObjectBuilder checkSSO = defaultArguments().checkSSOOnLoad()
.add("checkLoginIframe", false)
- .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/silent-check-sso.html")
- , this::assertInitNotAuth);
+ .add("silentCheckSsoRedirectUri", authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/silent-check-sso.html");
+
+ testExecutor.init(checkSSO
+ , this::assertInitNotAuth, suiteContext.hasBrowserStrictCookies());
+ }
+
+ @Test
+ // KEYCLOAK-13206
+ public void testIframeInit() {
+ JSObjectBuilder iframeInterval = defaultArguments().setCheckLoginIframeIntervalTo1(); // to speed up the test a bit
+ testExecutor.init(iframeInterval)
+ .login()
+ .loginForm(testUser)
+ .init(iframeInterval)
+ .wait(2000, (driver1, output, events) -> { // iframe is initialized after ~1 second, 2 seconds is just to be sure
+ assertAdapterIsLoggedIn(driver1, output, events);
+ final String logMsg = "3rd party cookies aren't supported by this browser.";
+ if (suiteContext.hasBrowserStrictCookies()) {
+ // this is here not really to test the log but also to make sure the browser is configured properly
+ // and cookies were blocked
+ assertEventsWebElementContains(logMsg, driver1, output, events);
+ }
+ else {
+ assertEventsWebElementDoesntContain(logMsg, driver1, output, events);
+ }
+ });
}
@Test
@@ -207,7 +247,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.refreshToken(9999, assertOutputContains("Failed to refresh token"))
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn)
+ .init(defaultArguments(), this::assertInitAuth)
.refreshToken(9999, assertEventsContains("Auth Refresh Success"));
}
@@ -216,7 +256,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
testExecutor.init(defaultArguments(), this::assertInitNotAuth)
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn)
+ .init(defaultArguments(), this::assertInitAuth)
.refreshToken(30, assertOutputContains("Token not refreshed, valid for"))
.addTimeSkew(-5) // instead of wait move in time
.refreshToken(30, assertEventsContains("Auth Refresh Success"));
@@ -228,7 +268,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.getProfile(assertOutputContains("Failed to load profile"))
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn)
+ .init(defaultArguments(), this::assertInitAuth)
.getProfile((driver1, output, events) -> Assert.assertThat((Map) output, hasEntry("username", testUser.getUsername())));
}
@@ -258,7 +298,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.assertEvent();
String codeId = loginEvent.getDetails().get(Details.CODE_ID);
- testExecutor.init(defaultArguments(), this::assertSuccessfullyLoggedIn);
+ testExecutor.init(defaultArguments(), this::assertInitAuth);
applicationsPage.navigateTo();
events.expectCodeToToken(codeId, loginEvent.getSessionId()).client(CLIENT_ID).assertEvent();
@@ -297,13 +337,13 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
testExecutor.init(defaultArguments().implicitFlow(), this::assertInitNotAuth)
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments().implicitFlow(), this::assertSuccessfullyLoggedIn);
+ .init(defaultArguments().implicitFlow(), this::assertInitAuth);
}
@Test
public void testCertEndpoint() {
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.sendXMLHttpRequest(XMLHttpRequest.create()
.url(authServerContextRootPage + "/auth/realms/" + REALM_NAME + "/protocol/openid-connect/certs")
.method("GET")
@@ -325,7 +365,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void implicitFlowRefreshTokenTest() {
setImplicitFlowForClient();
- testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertInitAuth)
.refreshToken(9999, assertOutputContains("Failed to refresh token"));
}
@@ -338,7 +378,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
adminClient.realms().realm(REALM_NAME).update(realm);
setImplicitFlowForClient();
- testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertInitAuth)
.addTimeSkew(-5); // Move in time instead of wait
waitUntilElement(eventsArea).text().contains("Access token expired");
@@ -352,7 +392,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void implicitFlowCertEndpoint() {
setImplicitFlowForClient();
- testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments().implicitFlow(), testUser, this::assertInitAuth)
.sendXMLHttpRequest(XMLHttpRequest.create()
.url(authServerContextRootPage + "/auth/realms/" + REALM_NAME + "/protocol/openid-connect/certs")
.method("GET")
@@ -375,12 +415,12 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.refresh();
if (!"phantomjs".equals(System.getProperty("js.browser"))) {
// I have no idea why, but this request doesn't work with phantomjs, it works in chrome
- testExecutor.logInAndInit(defaultArguments(), unauthorizedUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), unauthorizedUser, this::assertInitAuth)
.sendXMLHttpRequest(request, output -> Assert.assertThat(output, hasEntry("status", 403L)))
.logout(this::assertOnTestAppUrl)
.refresh();
}
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.sendXMLHttpRequest(request, assertResponseStatus(200));
}
@@ -397,7 +437,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
}
testExecutor.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn);
+ .init(defaultArguments(), this::assertInitAuth);
}
@Test
@@ -408,7 +448,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.addHeader("Accept", "application/json")
.addHeader("Authorization", "Bearer ' + keycloak.token + '");
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.addTimeSkew(-33);
setTimeOffset(33);
testExecutor.refreshToken(5, assertEventsContains("Auth Refresh Success"));
@@ -423,7 +463,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void timeSkewTest() {
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.checkTimeSkew((driver1, output, events) -> assertThat(toIntExact((long) output),
is(
both(greaterThan(0 - TIME_SKEW_TOLERANCE))
@@ -446,7 +486,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
public void testOneSecondTimeSkewTokenUpdate() {
setTimeOffset(1);
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.refreshToken(9999, assertEventsContains("Auth Refresh Success"));
try {
@@ -470,7 +510,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.addHeader("Authorization", "Bearer ' + keycloak.token + '")
.addHeader("Content-Type", "application/json; charset=UTF-8");
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.sendXMLHttpRequest(request, response -> {
List users = adminClient.realm(REALM_NAME).users().search("mhajas", 0, 1);
assertEquals("There should be created user mhajas", 1, users.size());
@@ -481,7 +521,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void equalsSignInRedirectUrl() {
- testAppUrl = authServerContextRootPage.toString().replace("localhost", NIP_IO_URL) + JAVASCRIPT_URL + "/index.html?test=bla=bla&super=man";
+ testAppUrl = authServerContextRootPage.toString().replace(AUTH_SERVER_HOST, JS_APP_HOST) + JAVASCRIPT_URL + "/index.html?test=bla=bla&super=man";
jsDriver.navigate().to(testAppUrl);
JSObjectBuilder arguments = defaultArguments();
@@ -491,7 +531,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.loginForm(testUser, this::assertOnTestAppUrl)
.init(arguments, (driver1, output1, events2) -> {
assertTrue(driver1.getCurrentUrl().contains("bla=bla"));
- assertSuccessfullyLoggedIn(driver1, output1, events2);
+ assertInitAuth(driver1, output1, events2);
});
}
@@ -518,7 +558,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
.configure(configuration)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn);
+ .init(defaultArguments(), this::assertInitAuth);
} finally {
adminClient.realm(SPACE_REALM_NAME).update(RealmBuilder.edit(adminClient.realm(SPACE_REALM_NAME).toRepresentation()).name(REALM_NAME).build());
jsDriverTestRealmLoginPage.setAuthRealm(REALM_NAME);
@@ -542,7 +582,16 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
testExecutor.init(JSObjectBuilder.create()
.add("token", token)
.add("refreshToken", refreshToken)
- , this::assertSuccessfullyLoggedIn)
+ , (driver1, output, events) -> {
+ assertInitAuth(driver1, output, events);
+ if (suiteContext.hasBrowserStrictCookies()) {
+ // iframe is unsupported so a token refresh had to be performed
+ assertEventsContains("Auth Refresh Success").validate(driver1, output, events);
+ }
+ else {
+ assertEventsDoesntContain("Auth Refresh Success").validate(driver1, output, events);
+ }
+ })
.refreshToken(9999, assertEventsContains("Auth Refresh Success"));
}
@@ -567,7 +616,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.add("token", token)
.add("refreshToken", refreshToken)
.add("timeSkew", -600)
- , this::assertSuccessfullyLoggedIn)
+ , this::assertInitAuth)
.checkTimeSkew((driver1, output, events) -> assertThat((Long) output, is(
both(greaterThan(-600L - TIME_SKEW_TOLERANCE))
.and(lessThan(-600L + TIME_SKEW_TOLERANCE))
@@ -605,7 +654,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
@Test
public void reentrancyCallbackTest() {
- testExecutor.logInAndInit(defaultArguments(), testUser, this::assertSuccessfullyLoggedIn)
+ testExecutor.logInAndInit(defaultArguments(), testUser, this::assertInitAuth)
.executeAsyncScript(
"var callback = arguments[arguments.length - 1];" +
"keycloak.updateToken(60).then(function () {" +
@@ -631,7 +680,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
.init(defaultArguments(), (driver1, output, events1) -> {
- assertSuccessfullyLoggedIn(driver1, output, events1);
+ assertInitAuth(driver1, output, events1);
assertThat(driver1.getCurrentUrl(), containsString("#fragmentPart"));
});
}
@@ -644,7 +693,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
.build(), this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
.init(defaultArguments(), (driver1, output, events1) -> {
- assertSuccessfullyLoggedIn(driver1, output, events1);
+ assertInitAuth(driver1, output, events1);
assertThat(driver1.getCurrentUrl(), containsString("#fragmentPart"));
});
}
@@ -654,15 +703,15 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
String refreshWithDeprecatedHandles = "var callback = arguments[arguments.length - 1];" +
" window.keycloak.updateToken(9999).success(function (refreshed) {" +
" callback('Success handle');" +
- " }).catch(function () {" +
- " callback('Catch handle');" +
+ " }).error(function () {" +
+ " callback('Error handle');" +
" });";
testExecutor.init(defaultArguments(), this::assertInitNotAuth)
- .executeAsyncScript(refreshWithDeprecatedHandles, assertOutputContains("Catch handle"))
+ .executeAsyncScript(refreshWithDeprecatedHandles, assertOutputContains("Error handle"))
.login(this::assertOnLoginPage)
.loginForm(testUser, this::assertOnTestAppUrl)
- .init(defaultArguments(), this::assertSuccessfullyLoggedIn)
+ .init(defaultArguments(), this::assertInitAuth)
.executeAsyncScript(refreshWithDeprecatedHandles, assertOutputContains("Success handle"));
}
@@ -677,7 +726,7 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
updatePasswordPage.updatePasswords(USER_PASSWORD, USER_PASSWORD);
testExecutor.init(defaultArguments(), (driver1, output, events1) -> {
- assertSuccessfullyLoggedIn(driver1, output, events1);
+ assertInitAuth(driver1, output, events1);
waitUntilElement(events1).text().contains("AIA status: success");
});
}
@@ -693,8 +742,12 @@ public class JavascriptAdapterTest extends AbstractJavascriptTest {
updatePasswordPage.cancel();
testExecutor.init(defaultArguments(), (driver1, output, events1) -> {
- assertSuccessfullyLoggedIn(driver1, output, events1);
+ assertInitAuth(driver1, output, events1);
waitUntilElement(events1).text().contains("AIA status: cancelled");
});
}
+
+ protected void assertAdapterIsLoggedIn(WebDriver driver1, Object output, WebElement events) {
+ assertTrue(testExecutor.isLoggedIn());
+ }
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenDuplicateEmailsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenDuplicateEmailsTest.java
index 0f56bcd3f79..a68254e4bae 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenDuplicateEmailsTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenDuplicateEmailsTest.java
@@ -30,7 +30,8 @@ import java.util.List;
import static org.junit.Assert.assertEquals;
import static org.keycloak.testsuite.admin.AbstractAdminTest.loadJson;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+
import org.openqa.selenium.By;
/**
@@ -62,7 +63,7 @@ public class AccessTokenDuplicateEmailsTest extends AbstractKeycloakTest {
@Test
public void loginFormUsernameLabel() throws Exception {
oauth.openLoginForm();
- oauth.redirectUri(AuthServerTestEnricher.getAuthServerContextRoot() + "/does/not/matter/");
+ oauth.redirectUri(getAuthServerContextRoot() + "/does/not/matter/");
assertEquals("Username", driver.findElement(By.xpath("//label[@for='username']")).getText());
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
index d373f9c9423..002845e86fc 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/AccessTokenTest.java
@@ -45,7 +45,6 @@ import org.keycloak.events.Errors;
import org.keycloak.jose.jws.JWSHeader;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.JWSInputException;
-import org.keycloak.models.Constants;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
@@ -66,7 +65,6 @@ import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ActionURIUtils;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
@@ -106,7 +104,7 @@ import static org.keycloak.testsuite.admin.AbstractAdminTest.loadJson;
import static org.keycloak.testsuite.admin.ApiUtil.findClientByClientId;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsernameId;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
import static org.keycloak.testsuite.util.ProtocolMapperUtil.createRoleNameMapper;
import static org.keycloak.testsuite.Assert.assertExpiration;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuth2OnlyTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuth2OnlyTest.java
index 3765b7b1fb2..e523f1b5b0a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuth2OnlyTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuth2OnlyTest.java
@@ -17,7 +17,6 @@
package org.keycloak.testsuite.oauth;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
@@ -47,7 +46,7 @@ import org.keycloak.testsuite.util.ClientManager;
import org.keycloak.testsuite.util.OAuthClient;
import static org.junit.Assert.assertEquals;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
/**
* Test for scenarios when 'scope=openid' is missing. Which means we have pure OAuth2 request (not OpenID Connect)
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
index 52ac4647d30..08f56949dd0 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OfflineTokenTest.java
@@ -51,7 +51,6 @@ import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.pages.AccountApplicationsPage;
import org.keycloak.testsuite.pages.LoginPage;
@@ -85,6 +84,7 @@ import static org.keycloak.testsuite.admin.ApiUtil.findRealmRoleByName;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsernameId;
import static org.keycloak.testsuite.util.OAuthClient.APP_ROOT;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
@@ -500,7 +500,7 @@ public class OfflineTokenTest extends AbstractKeycloakTest {
tokenResponse = oauth.doRefreshTokenRequest(tokenResponse.getRefreshToken(), "secret1");
// Use accessToken to admin REST request
- try (Keycloak offlineTokenAdmin = Keycloak.getInstance(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth",
+ try (Keycloak offlineTokenAdmin = Keycloak.getInstance(getAuthServerContextRoot() + "/auth",
AuthRealm.MASTER, Constants.ADMIN_CLI_CLIENT_ID, tokenResponse.getAccessToken(), TLSUtils.initializeTLS())) {
RealmRepresentation testRealm = offlineTokenAdmin.realm("test").toRepresentation();
Assert.assertNotNull(testRealm);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java
index 3c16598ad29..e8cadd06732 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/RefreshTokenTest.java
@@ -83,7 +83,7 @@ import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.Assert.assertExpiration;
import static org.keycloak.testsuite.admin.AbstractAdminTest.loadJson;
import static org.keycloak.testsuite.admin.ApiUtil.findUserByUsername;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
index 36d1009b0f6..a1047b389e8 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/openshift/OpenShiftTokenReviewEndpointTest.java
@@ -31,12 +31,9 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
-import org.keycloak.testsuite.arquillian.annotation.RestartContainer;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
-import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.util.JsonSerialization;
@@ -53,7 +50,8 @@ import java.util.Map;
import static org.hamcrest.collection.IsIterableContainingInAnyOrder.containsInAnyOrder;
import static org.junit.Assert.*;
import static org.keycloak.common.Profile.Feature.OPENSHIFT_INTEGRATION;
-import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
@AuthServerContainerExclude({AuthServer.REMOTE, AuthServer.QUARKUS})
@@ -377,7 +375,7 @@ public class OpenShiftTokenReviewEndpointTest extends AbstractTestRealmKeycloakT
}
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
- String url = AuthServerTestEnricher.getAuthServerContextRoot() + "/auth/realms/" + realm + "/protocol/openid-connect/ext/openshift-token-review/" + clientId;
+ String url = getAuthServerContextRoot() + "/auth/realms/" + realm + "/protocol/openid-connect/ext/openshift-token-review/" + clientId;
OpenShiftTokenReviewRequestRepresentation request = new OpenShiftTokenReviewRequestRepresentation();
OpenShiftTokenReviewRequestRepresentation.Spec spec = new OpenShiftTokenReviewRequestRepresentation.Spec();
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AbstractSamlTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AbstractSamlTest.java
index c32865e641e..cbb0696f324 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AbstractSamlTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AbstractSamlTest.java
@@ -18,7 +18,7 @@ import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.List;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getAuthServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
/**
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AudienceProtocolMappersTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AudienceProtocolMappersTest.java
index c6c250e59c8..e675a102e0b 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AudienceProtocolMappersTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/AudienceProtocolMappersTest.java
@@ -36,11 +36,9 @@ import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
import org.keycloak.testsuite.admin.ApiUtil;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SCHEME;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
-import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME;
-import static org.keycloak.testsuite.saml.AbstractSamlTest.SAML_CLIENT_ID_EMPLOYEE_2;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SCHEME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.saml.RoleMapperTest.createSamlProtocolMapper;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.updaters.ProtocolMappersUpdater;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/BasicSamlTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/BasicSamlTest.java
index 8373d0121ac..004864610c1 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/BasicSamlTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/BasicSamlTest.java
@@ -44,8 +44,7 @@ import org.w3c.dom.Document;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assert.assertThat;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
import static org.keycloak.testsuite.utils.io.IOUtil.documentToString;
import static org.keycloak.testsuite.utils.io.IOUtil.setDocElementAttributeValue;
import static org.keycloak.testsuite.util.Matchers.statusCodeIsHC;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/RoleMapperTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/RoleMapperTest.java
index 531c45879e2..919706ad0ff 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/RoleMapperTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/RoleMapperTest.java
@@ -47,10 +47,9 @@ import org.junit.Test;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.junit.Assert.assertThat;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SCHEME;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
-import static org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SCHEME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.util.SamlStreams.assertionsUnencrypted;
import static org.keycloak.testsuite.util.SamlStreams.attributesUnecrypted;
import static org.keycloak.testsuite.util.SamlStreams.attributeStatements;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/ssl/TLSTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/ssl/TLSTest.java
index 2d040f1ba58..b2cb743d1a3 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/ssl/TLSTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/ssl/TLSTest.java
@@ -1,6 +1,6 @@
package org.keycloak.testsuite.ssl;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import org.junit.Assume;
import org.junit.BeforeClass;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java
index 92774d4c6cd..00deb766723 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/DefaultHostnameTest.java
@@ -6,7 +6,6 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.jboss.arquillian.container.test.api.ContainerController;
import org.jboss.arquillian.test.api.ArquillianResource;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.RealmResource;
@@ -25,11 +24,9 @@ import org.keycloak.representations.idm.ClientInitialAccessCreatePresentation;
import org.keycloak.representations.idm.ClientInitialAccessPresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.util.AdminClientUtil;
import org.keycloak.testsuite.util.ClientBuilder;
-import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;
@@ -44,6 +41,7 @@ import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
import static org.keycloak.testsuite.util.OAuthClient.AUTH_SERVER_ROOT;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
@AuthServerContainerExclude({REMOTE, QUARKUS})
public class DefaultHostnameTest extends AbstractHostnameTest {
@@ -79,7 +77,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
oauth.clientId("direct-grant");
- try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), AuthServerTestEnricher.getAuthServerContextRoot())) {
+ try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), getAuthServerContextRoot())) {
assertWellKnown("test", expectedBackendUrl);
configureDefault(globalFrontEndUrl, false, null);
@@ -150,7 +148,7 @@ public class DefaultHostnameTest extends AbstractHostnameTest {
oauth.clientId("direct-grant");
- try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), AuthServerTestEnricher.getAuthServerContextRoot())) {
+ try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), getAuthServerContextRoot())) {
assertWellKnown("test", expectedBackendUrl);
configureDefault(globalFrontEndUrl, true, null);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/FixedHostnameTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/FixedHostnameTest.java
index 5534b239a80..252b9ac1fe9 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/FixedHostnameTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/url/FixedHostnameTest.java
@@ -30,7 +30,6 @@ import org.keycloak.saml.common.constants.GeneralConstants;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.saml.processing.core.parsers.saml.SAMLParser;
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
-import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.updaters.Creator;
import org.keycloak.testsuite.util.AdminClientUtil;
@@ -59,13 +58,12 @@ import static org.hamcrest.Matchers.notNullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import static org.junit.Assert.assertTrue;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SCHEME;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SCHEME;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.QUARKUS;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
-import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
-
@AuthServerContainerExclude({REMOTE, QUARKUS})
public class FixedHostnameTest extends AbstractHostnameTest {
@@ -96,7 +94,7 @@ public class FixedHostnameTest extends AbstractHostnameTest {
oauth.clientId("direct-grant");
- try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), AuthServerTestEnricher.getAuthServerContextRoot())) {
+ try (Keycloak testAdminClient = AdminClientUtil.createAdminClient(suiteContext.isAdapterCompatTesting(), getAuthServerContextRoot())) {
assertWellKnown("test", AUTH_SERVER_SCHEME + "://localhost:" + AUTH_SERVER_PORT);
assertSamlIdPDescriptor("test", AUTH_SERVER_SCHEME + "://localhost:" + AUTH_SERVER_PORT);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/ReverseProxy.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/ReverseProxy.java
index fd0d8779ff7..1b92e15ecad 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/ReverseProxy.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/ReverseProxy.java
@@ -1,8 +1,8 @@
package org.keycloak.testsuite.util;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.getHttpAuthServerContextRoot;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
import org.junit.rules.TestRule;
import org.junit.runner.Description;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/URLAssert.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/URLAssert.java
index 8f5f94c5fd1..ef660bfe30a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/URLAssert.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/util/URLAssert.java
@@ -41,7 +41,7 @@ import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.util.URLUtils.currentUrlDoesntStartWith;
import static org.keycloak.testsuite.util.URLUtils.currentUrlEquals;
import static org.keycloak.testsuite.util.URLUtils.currentUrlStartsWith;
-import static org.keycloak.testsuite.util.URLUtils.removeDefaultPorts;
+import static org.keycloak.testsuite.util.ServerURLs.removeDefaultPorts;
/**
*
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnFeatureTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnFeatureTest.java
index 08e78941dee..353d087ca5d 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnFeatureTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnFeatureTest.java
@@ -18,7 +18,6 @@
package org.keycloak.testsuite.webauthn;
-import java.util.List;
import java.util.Set;
import org.junit.Assert;
@@ -34,7 +33,7 @@ import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
@EnableFeature(value = Profile.Feature.WEB_AUTHN, skipRestart = true, onlyForProduct = true)
public class WebAuthnFeatureTest extends AbstractTestRealmKeycloakTest {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java
index d19e6becef7..70c3ff860c7 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/webauthn/WebAuthnRegisterAndLoginTest.java
@@ -22,8 +22,6 @@ import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.WebAuthnConstants;
-import org.keycloak.authentication.AuthenticatorSpi;
-import org.keycloak.authentication.authenticators.browser.WebAuthnAuthenticatorFactory;
import org.keycloak.authentication.requiredactions.WebAuthnRegisterFactory;
import org.keycloak.authentication.requiredactions.WebAuthnPasswordlessRegisterFactory;
import org.keycloak.common.Profile;
@@ -36,13 +34,10 @@ import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
-import org.keycloak.representations.info.ServerInfoRepresentation;
import org.keycloak.testsuite.AssertEvents;
-import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.admin.ApiUtil;
-import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.RegisterPage;
@@ -58,11 +53,10 @@ import static org.junit.Assert.assertEquals;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
-import java.util.Set;
import org.junit.Assume;
import org.junit.BeforeClass;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
@EnableFeature(value = Profile.Feature.WEB_AUTHN, skipRestart = true, onlyForProduct = true)
public class WebAuthnRegisterAndLoginTest extends AbstractTestRealmKeycloakTest {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
index 292dce6b492..eb6aa45e0f0 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/x509/AbstractX509AuthenticationTest.java
@@ -18,7 +18,6 @@
package org.keycloak.testsuite.x509;
-import org.hamcrest.CoreMatchers;
import org.hamcrest.Matchers;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.logging.Logger;
@@ -82,11 +81,9 @@ import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorC
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN;
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN_CN;
import static org.keycloak.authentication.authenticators.x509.X509AuthenticatorConfigModel.MappingSourceType.SUBJECTDN_EMAIL;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer.REMOTE;
-import org.keycloak.testsuite.util.ContainerAssume;
-
/**
* @author Peter Nalyvayko
* @version $Revision: 1 $
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
index b8d478a4353..5caa1f4074a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/arquillian.xml
@@ -134,7 +134,10 @@
-Djboss.as.management.blocking.timeout=${auth.server.jboss.startup.timeout}
-Djboss.socket.binding.port-offset=${auth.server.port.offset}
- -Djboss.bind.address=0.0.0.0
+ -Djboss.bind.address=0.0.0.0
+ -Dauth.server.host=${auth.server.host}
+ -Dauth.server.host2=${auth.server.host2}
+ -Dauth.server.ssl.required=${auth.server.ssl.required}
-Dauth.server.http.port=${auth.server.http.port}
-Dauth.server.https.port=${auth.server.https.port}
-Dkeycloak.password.blacklists.path=${keycloak.password.blacklists.path}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/resources/firefox-cookies-prefs.js b/testsuite/integration-arquillian/tests/base/src/test/resources/firefox-cookies-prefs.js
index d42e31af22f..b42cadfa40c 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/firefox-cookies-prefs.js
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/firefox-cookies-prefs.js
@@ -1,4 +1,5 @@
+// DO NOT USE ANY COMMENTS THAT ARE PLACED ON THE SAME LINE AS user_pref !!!
user_pref("network.cookie.sameSite.laxByDefault", true);
user_pref("network.cookie.sameSite.laxPlusPOST.timeout", 0);
user_pref("network.cookie.sameSite.noneRequiresSecure", true);
-user_pref("network.cookie.cookieBehavior", 1); // only accept from the originating site (block third party cookies)
\ No newline at end of file
+user_pref("network.cookie.cookieBehavior", 1);
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/LoginSettingsTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/LoginSettingsTest.java
index e3d34c82fa3..9a50132bc96 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/LoginSettingsTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/realm/LoginSettingsTest.java
@@ -41,8 +41,8 @@ import static org.junit.Assert.assertTrue;
import static org.keycloak.representations.idm.CredentialRepresentation.PASSWORD;
import static org.keycloak.testsuite.admin.ApiUtil.createUserAndResetPasswordWithAdminClient;
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_PORT;
-import static org.keycloak.testsuite.arquillian.AuthServerTestEnricher.AUTH_SERVER_SSL_REQUIRED;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT;
+import static org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED;
import static org.keycloak.testsuite.auth.page.AuthRealm.TEST;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith;
import static org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWithLoginUrlOf;
diff --git a/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AccountLinkSpringBootTest.java b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AccountLinkSpringBootTest.java
index 26b398dfd18..7ae0ec8c461 100644
--- a/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AccountLinkSpringBootTest.java
+++ b/testsuite/integration-arquillian/tests/other/springboot-tests/src/test/java/org/keycloak/testsuite/springboot/AccountLinkSpringBootTest.java
@@ -184,7 +184,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
UriBuilder redirectUri = UriBuilder.fromUri(LINKING_URL).queryParam("response", "true");
- UriBuilder directLinking = UriBuilder.fromUri(AuthServerTestEnricher.getAuthServerContextRoot() + "/auth")
+ UriBuilder directLinking = UriBuilder.fromUri(getAuthServerContextRoot() + "/auth")
.path("realms/{child-realm}/broker/{provider}/link")
.queryParam("client_id", CLIENT_ID)
.queryParam("redirect_uri", redirectUri.build())
@@ -470,7 +470,7 @@ public class AccountLinkSpringBootTest extends AbstractSpringBootTest {
String uri = "/auth/realms/" + REALM_NAME + "/broker/" + PARENT_REALM + "/login";
- uri = UriBuilder.fromUri(AuthServerTestEnricher.getAuthServerContextRoot())
+ uri = UriBuilder.fromUri(getAuthServerContextRoot())
.path(uri)
.queryParam(LoginActionsService.SESSION_CODE, queryParams.get(LoginActionsService.SESSION_CODE))
.queryParam(Constants.CLIENT_ID, queryParams.get(Constants.CLIENT_ID))
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 5cbb4b649e5..a0987f4c9e7 100755
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -172,6 +172,7 @@
false
htmlUnit
+ false
true
60
@@ -559,6 +560,7 @@
${dependency.keystore.password}
${browser}
+ ${browser.strict.cookies}
${js.browser}
${js.chromeArguments}
${htmlUnitBrowserVersion}
@@ -1976,8 +1978,10 @@
firefox-strict-cookies
firefox
+ firefox
${project.build.directory}/dependency/firefox-cookies-prefs.js
true
+ true
diff --git a/testsuite/integration-arquillian/util/pom.xml b/testsuite/integration-arquillian/util/pom.xml
index 0f3f7fc23a1..5f901c7763b 100644
--- a/testsuite/integration-arquillian/util/pom.xml
+++ b/testsuite/integration-arquillian/util/pom.xml
@@ -42,6 +42,11 @@
org.keycloak
keycloak-servlet-filter-adapter
+
+ org.keycloak.testsuite
+ integration-arquillian-testsuite-providers
+ ${project.version}
+
org.jboss.shrinkwrap.resolver
shrinkwrap-resolver-api-maven
diff --git a/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/arquillian/DeploymentArchiveProcessorUtils.java b/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/arquillian/DeploymentArchiveProcessorUtils.java
index 68f35656ad5..c52bb78c018 100644
--- a/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/arquillian/DeploymentArchiveProcessorUtils.java
+++ b/testsuite/integration-arquillian/util/src/main/java/org/keycloak/testsuite/utils/arquillian/DeploymentArchiveProcessorUtils.java
@@ -40,6 +40,10 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
+import static org.keycloak.testsuite.utils.io.IOUtil.modifyDocElementAttribute;
+import static org.keycloak.testsuite.util.ServerURLs.getAppServerContextRoot;
+import static org.keycloak.testsuite.util.ServerURLs.getAuthServerContextRoot;
+
/**
*
* @author Vlasta Ramik
@@ -51,6 +55,10 @@ public class DeploymentArchiveProcessorUtils {
private static final boolean AUTH_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required"));
private static final boolean APP_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("app.server.ssl.required"));
+ private static final String APP_SERVER_SCHEMA = APP_SERVER_SSL_REQUIRED ? "https" : "http";
+ private static final String APP_SERVER_PORT_PROPERTY = "auth.server." + APP_SERVER_SCHEMA + ".port";
+ private static final String AUTH_SERVER_REPLACED_URL = "http://localhost:8080";
+
public static final String WEBXML_PATH = "/WEB-INF/web.xml";
public static final String ADAPTER_CONFIG_PATH = "/WEB-INF/keycloak.json";
public static final String ADAPTER_CONFIG_PATH_TENANT1 = "/WEB-INF/classes/tenant1-keycloak.json";
@@ -223,28 +231,12 @@ public class DeploymentArchiveProcessorUtils {
public static void modifySAMLAdapterConfig(Archive archive, String adapterConfigPath) {
Document doc = IOUtil.loadXML(archive.get(adapterConfigPath).getAsset().openStream());
- if (AUTH_SERVER_SSL_REQUIRED) {
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "8080", System.getProperty("auth.server.https.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "http", "https");
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "8080", System.getProperty("auth.server.https.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "http", "https");
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "8080", System.getProperty("auth.server.https.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "http", "https");
- } else {
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "8080", System.getProperty("auth.server.http.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "8080", System.getProperty("auth.server.http.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", "8080", System.getProperty("auth.server.http.port"));
- }
+ modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", AUTH_SERVER_REPLACED_URL, getAuthServerContextRoot());
+ modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", AUTH_SERVER_REPLACED_URL, getAuthServerContextRoot());
+ modifyDocElementAttribute(doc, "SingleLogoutService", "redirectBindingUrl", AUTH_SERVER_REPLACED_URL, getAuthServerContextRoot());
- if (APP_SERVER_SSL_REQUIRED) {
- IOUtil.modifyDocElementAttribute(doc, "SP", "logoutPage", "8080", System.getProperty("app.server.https.port"));
- IOUtil.modifyDocElementAttribute(doc, "SP", "logoutPage", "http", "https");
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8080", System.getProperty("app.server.https.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "http", "https");
- } else {
- IOUtil.modifyDocElementAttribute(doc, "SP", "logoutPage", "8080", System.getProperty("app.server.http.port"));
- IOUtil.modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8080", System.getProperty("app.server.http.port"));
- }
+ modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", AUTH_SERVER_REPLACED_URL, getAppServerContextRoot());
+ modifyDocElementAttribute(doc, "SP", "logoutPage", AUTH_SERVER_REPLACED_URL, getAppServerContextRoot());
archive.add(new StringAsset(IOUtil.documentToString(doc)), adapterConfigPath);