8000 Revise Client Policies Codes - OAuth 2.1 tests by tnorimat · Pull Request #40051 · keycloak/keycloak · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Revise Client Policies Codes - OAuth 2.1 tests #40051

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 29, 2025
Merged

Revise Client Policies Codes - OAuth 2.1 tests #40051

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions ...n-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/AbstractFAPITest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ public abstract class AbstractFAPITest extends AbstractClientPoliciesTest {

@BeforeClass
public static void verifySSL() {
// FAPI requires SSL and does not makes sense to test it with disabled SSL
// FAPI requires SSL and does not make sense to test it with disabled SSL
Assume.assumeTrue("The FAPI test requires SSL to be enabled.", ServerURLs.AUTH_SERVER_SSL_REQUIRED);
}

Expand Down Expand Up @@ -131,7 +131,7 @@ public static void assertScopes(String expectedScope, String receivedScope) {
}

protected String loginUserAndGetCode(String clientId, String nonce, boolean fragmentResponseModeExpected) {
oauth.clientId(clientId);
oauth.client(clientId);
oauth.loginForm().nonce(nonce).codeChallenge(pkceGenerator).request(request).requestUri(requestUri).doLogin(TEST_USERNAME, TEST_USERSECRET);

grantPage.assertCurrent();
Expand All @@ -144,7 +144,7 @@ protected String loginUserAndGetCode(String clientId, String nonce, boolean frag
}

protected String loginUserAndGetCodeInJwtQueryResponseMode(String clientId, String nonce) {
oauth.clientId(clientId);
oauth.client(clientId);
oauth.loginForm().nonce(nonce).codeChallenge(pkceGenerator).request(request).requestUri(requestUri).doLogin(TEST_USERNAME, TEST_USERSECRET);

grantPage.assertCurrent();
Expand Down
16 changes: 7 additions & 9 deletions ...ests/base/src/test/java/org/keycloak/testsuite/client/OAuth2_1ConfidentialClientTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ public class OAuth2_1ConfidentialClientTest extends AbstractFAPITest {

private static final String OAUTH2_1_CONFIDENTIAL_CLIENT_PROFILE_NAME = "oauth-2-1-for-confidential-client";

private String validRedirectUri;;
private String validRedirectUri;

private PkceGenerator pkceGenerator;

Expand Down Expand Up @@ -113,7 +113,7 @@ public void testOAuth2_1NotAllowImplicitGrant() throws Exception {
@Test
public void testOAuth2_1NotAllowResourceOwnerPasswordCredentialsGrant() throws Exception {
String clientId = generateSuffixedName(CLIENT_NAME);
String cId = createClientByAdmin(clientId, (ClientRepresentation clientRep) -> {
createClientByAdmin(clientId, (ClientRepresentation clientRep) -> {
clientRep.setClientAuthenticatorType(X509ClientAuthenticator.PROVIDER_ID);
OIDCAdvancedConfigWrapper clientConfig = OIDCAdvancedConfigWrapper.fromClientRepresentation(clientRep);
clientConfig.setRequestUris(Collections.singletonList(TestApplicationResourceUrls.clientRequestUri()));
Expand Down Expand Up @@ -141,9 +141,7 @@ public void testOAuth2_1ClientAuthentication() throws Exception {

// register client with clientIdAndSecret - fail
try {
createClientByAdmin("invalid", (ClientRepresentation clientRep) -> {
clientRep.setClientAuthenticatorType(ClientIdAndSecretAuthenticator.PROVIDER_ID);
});
createClientByAdmin("invalid", (ClientRepresentation clientRep) -> clientRep.setClientAuthenticatorType(ClientIdAndSecretAuthenticator.PROVIDER_ID));
fail();
} catch (ClientPolicyException e) {
assertEquals(OAuthErrorException.INVALID_CLIENT_METADATA, e.getMessage());
Expand Down Expand Up @@ -190,7 +188,7 @@ public void testOAuth2_1RedirectUris() throws Exception {
// setup profiles and policies
setupPolicyOAuth2_1ConfidentialClientForAllClient();

faiilUpdateRedirectUrisDynamically(clientId, List.of("https://dev.example.com:8443/*"));
failUpdateRedirectUrisDynamically(clientId, List.of("https://dev.example.com:8443/*"));
successUpdateRedirectUrisByAdmin(cId,
List.of("https://dev.example.com:8443/callback", "https://[::1]/auth/admin",
"com.example.app:/oauth2redirect/example-provider", "https://127.0.0.1/auth/admin"));
Expand Down Expand Up @@ -252,7 +250,7 @@ private void setupValidClientExceptForRedirectUri(ClientRepresentation clientRep
clientConfig.setAllowRegexPatternComparison(false);
clientConfig.setPkceCodeChallengeMethod(OAuth2Constants.PKCE_METHOD_S256);
clientConfig.setUseMtlsHoKToken(true);
};
}

private String generateNonce() {
return SecretGenerator.getInstance().randomString(16);
Expand Down Expand Up @@ -281,7 +279,7 @@ private void successUpdateRedirectUrisByAdmin(String cId, List<String> redirectU
}
}

private void faiilUpdateRedirectUrisDynamically(String clientId, List<String> redirectUrisList) {
private void failUpdateRedirectUrisDynamically(String clientId, List<String> redirectUrisList) {
try {
updateClientDynamically(clientId, (OIDCClientRepresentation clientRep) ->
clientRep.setRedirectUris(redirectUrisList));
Expand All @@ -292,7 +290,7 @@ private void faiilUpdateRedirectUrisDynamically(String clientId, List<String> re
}

private void failAuthorizationRequest(String clientId, String redirectUri) {
oauth.clientId(clientId);
oauth.client(clientId);
oauth.redirectUri(redirectUri);
oauth.openLoginForm();
assertTrue(errorPage.isCurrent());
Expand Down
Loading
0